aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorInstrumental <jcgmisc@stl.gathman.org>2018-03-26 12:04:27 -0700
committerInstrumental <jcgmisc@stl.gathman.org>2018-03-26 12:04:38 -0700
commit6d469611d86642bc0b74ce51af72cc36d2af962d (patch)
tree8a3d4ad886228e770a7d0d2515ef1dd4f794bbb5
parent1b8ff51dcbeb503f2a641074f6ceebf65e73fd87 (diff)
Remove Code from cadi, it is now in authz
Issue-ID: AAF-193 Change-Id: Ib7abdb15ba8a7445a3875cf8c6bb48b7d563f424 Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
-rw-r--r--aaf/pom.xml298
-rw-r--r--aaf/src/assemble/cadi-aaf-test.xml109
-rw-r--r--aaf/src/assemble/cadi-aaf.xml52
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java105
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFTransmutate.java87
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/ConnectivityTest.java459
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java149
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java179
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java98
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java444
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java66
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java45
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java207
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java396
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConDME2.java224
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java187
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java221
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java167
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java116
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java269
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/ArtifactDir.java288
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/CertException.java46
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/CmAgent.java712
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java449
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifact.java34
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInFiles.java54
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInKeystore.java130
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactOnStream.java52
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactScripts.java139
-rw-r--r--aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java285
-rw-r--r--aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java211
-rw-r--r--aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java118
-rw-r--r--aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_CertExceptionTest.java237
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java131
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java54
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java155
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java144
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java574
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java145
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java107
-rw-r--r--aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java122
-rw-r--r--aaf/src/test/java/org/onap/aaf/content/JU_Content.java83
-rw-r--r--aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java58
-rw-r--r--aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java57
-rw-r--r--aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java113
-rw-r--r--aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java113
-rw-r--r--aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java89
-rw-r--r--aaf/src/test/resources/cadi.properties52
-rw-r--r--aaf/src/test/resources/log4j.properties57
-rw-r--r--aaf/src/test/resources/logging.props38
-rw-r--r--cass/etc/cadi.properties68
-rw-r--r--cass/pom.xml233
-rw-r--r--cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticatedUser.java110
-rw-r--r--cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticator.java174
-rw-r--r--cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthorizer.java226
-rw-r--r--cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFBase.java191
-rw-r--r--cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthenticatedUserTest.java90
-rw-r--r--cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthorizerTest.java378
-rw-r--r--cass/src/test/java/org/onap/aaf/cass/JU_AAFBaseTest.java399
-rw-r--r--cass/src/test/java/org/onap/aaf/cass/JU_CASS.java106
-rw-r--r--client/pom.xml213
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/AAFClient.java199
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/AbsBasicAuth.java93
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java73
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Delete.java71
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/EClient.java52
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/EnvAccess.java169
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Future.java34
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Get.java49
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Holder.java44
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Post.java50
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/PropertyLocator.java143
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Put.java65
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/RawClient.java159
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Rcli.java697
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Result.java57
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/client/Retryable.java72
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dme2/DEClient.java223
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dme2/DME2BasicAuth.java64
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dme2/DME2ClientSS.java65
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dme2/DME2Locator.java349
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dme2/DME2TransferSS.java56
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dme2/DME2x509SS.java68
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dme2/DRcli.java142
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/dnsloc/DNSLocator.java167
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java76
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/http/HClient.java434
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/http/HMangr.java236
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/http/HRcli.java134
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java65
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java168
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/locator/DME2Locator.java347
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java163
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/locator/HClientHotPeerLocator.java61
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java304
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java282
-rw-r--r--client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java189
-rw-r--r--client/src/test/java/org/onap/aaf/cadi/dme2/JU_DME2ClientSSTest.java114
-rw-r--r--client/src/test/java/org/onap/aaf/cadi/http/JU_HBasicAuthSSTest.java77
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_BasicDME2Client.java61
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_DNSLocator.java56
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_HolderTest.java80
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_PaulUzee.java146
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_PropertyLocator.java97
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_ResultTest.java109
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_TestAccess.java90
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_TestDME2Client.java98
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_TestDME2RcliClient.java79
-rw-r--r--client/src/test/java/org/onap/aaf/client/test/JU_TestHClient.java84
-rw-r--r--core/conf/cadi.properties59
-rw-r--r--core/conf/keyfile27
-rw-r--r--core/pom.xml235
-rw-r--r--core/src/assemble/cadi.xml46
-rw-r--r--core/src/assemble/poll.xml46
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/AES.java127
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/AbsCachedPrincipal.java33
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java408
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Access.java172
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/BasicCred.java36
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/BufferedCadiWrap.java80
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java214
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java47
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/CachingLur.java35
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/CadiException.java50
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/CadiWrap.java193
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Capacitor.java240
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/CmdLine.java356
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Connector.java27
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/CredVal.java42
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/GetCred.java27
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Hash.java202
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Locator.java36
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/LocatorException.java47
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Lur.java94
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Permission.java29
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/PropAccess.java321
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Revalidator.java35
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/SLF4JAccess.java100
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java44
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java69
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/StrLur.java56
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Symm.java811
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Taf.java57
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/Transmutate.java45
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/TrustChecker.java53
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/User.java144
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/UserChain.java43
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/config/Config.java815
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/config/Get.java97
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java63
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java43
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java243
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java44
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java158
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java37
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java100
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java37
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/CadiAccess.java243
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java305
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java227
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java77
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java55
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java43
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java183
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java32
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java55
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java55
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java70
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java167
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java201
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java51
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java88
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java117
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java36
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/CSPPrincipal_T.java33
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java65
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/TGuardPrincipal.java80
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/TGuardPrincipal_T.java33
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java67
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java92
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java116
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java84
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java185
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java60
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java87
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java64
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java73
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java71
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java32
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java94
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java77
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java79
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java159
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java63
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java46
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java52
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java257
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java370
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java48
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/localhost/LocalhostTaf.java130
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/taf/localhost/LocalhostTafResp.java81
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/Chmod.java63
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java90
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java32
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java29
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/NetMask.java100
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/Split.java91
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java63
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java48
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java78
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/util/Vars.java121
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/wsse/Action.java37
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/wsse/Match.java130
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java86
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java135
-rw-r--r--core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java416
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/JU_AES.java229
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/JU_CadiExceptionTest.java125
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/JU_CadiWrapTest.java197
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/JU_PropAccessTest.java75
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/JU_UserTest.java161
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/filter/JU_FCGetTest.java99
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/lur/JU_ConfigPrincipalTest.java171
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java104
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/lur/test/JU_TestAccess.java91
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/taf/JU_NullTafRespTest.java62
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_Base64.java368
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java190
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java143
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java115
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_Passcode.java106
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_Test.java70
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_UserChainManip.java47
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/test/JU_Vars.java125
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/util/JU_NetMask.java65
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/util/JU_Split.java64
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/util/JU_TheConsole.java37
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/util/JU_UserChainManip.java51
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/util/JU_Vars.java57
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSE_Read.java190
-rw-r--r--core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_XReader.java65
-rw-r--r--core/test/AESKeyFile27
-rw-r--r--core/test/CBUSevent.xml46
-rw-r--r--core/test/cadi.properties59
-rw-r--r--core/test/keyfile27
-rw-r--r--pom.xml8
246 files changed, 0 insertions, 33243 deletions
diff --git a/aaf/pom.xml b/aaf/pom.xml
deleted file mode 100644
index 7c433cd..0000000
--- a/aaf/pom.xml
+++ /dev/null
@@ -1,298 +0,0 @@
-<!--
- ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- *
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
- <relativePath>..</relativePath>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
- <name>CADI AAF (Application Authorization Framework) LUR</name>
- <packaging>jar</packaging>
- <url>https://github.com/att/AAF</url>
- <description>CADI</description>
- <artifactId>cadi-aaf</artifactId>
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.cadiVersion>1.0.0-SNAPSHOT</project.cadiVersion>
- <!-- SONAR -->
- <sonar.skip>true</sonar.skip>
- <jacoco.version>0.7.7.201606060606</jacoco.version>
- <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
- <sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
- <!-- Default Sonar configuration -->
- <sonar.jacoco.reportPath>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPath>
- <sonar.jacoco.itReportPath>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPath>
- <!-- Note: This list should match jacoco-maven-plugin's exclusion list below -->
- <sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions>
- <nexusproxy>https://nexus.onap.org</nexusproxy>
- <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath>
- <releaseNexusPath>/content/repositories/releases/</releaseNexusPath>
- <stagingNexusPath>/content/repositories/staging/</stagingNexusPath>
- <sitePath>/content/sites/site/org/onap/aaf/cadi/${project.artifactId}/${project.version}</sitePath>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-all</artifactId>
- <version>1.9.5</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.onap.aaf.authz</groupId>
- <artifactId>authz-client</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-client</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-client</artifactId>
- </dependency>
-
- <dependency>
- <groupId>com.att.aft</groupId>
- <artifactId>dme2</artifactId>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <version>3.0.1</version>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- <version>1.7.5</version>
- <scope>test</scope>
- </dependency>
-
- </dependencies>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <version>2.3.2</version>
- </plugin>
-
- <!-- We want to create a Jar with Rosetta built in (since I don't want
- a separate deployment at this time Use this one as the jar to put in SWM
- packages -->
- <plugin>
- <artifactId>maven-assembly-plugin</artifactId>
- <configuration>
- <classifier>tests</classifier>
- <archive>
- <manifest>
- <mainClass>org.onap.aaf.cadi.cm.CmAgent</mainClass>
- </manifest>
-
- <manifestEntries>
- <Sealed>true</Sealed>
- </manifestEntries>
- </archive>
- </configuration>
- <executions>
- <execution>
- <id>full</id>
- <phase>package</phase>
- <goals>
- <goal>single</goal>
- </goals>
- <configuration>
- <descriptors>
- <descriptor>src/assemble/cadi-aaf.xml</descriptor>
- </descriptors>
- </configuration>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-javadoc-plugin</artifactId>
- <version>2.10.4</version>
- <configuration>
- <failOnError>false</failOnError>
- </configuration>
- <executions>
- <execution>
- <id>attach-javadocs</id>
- <goals>
- <goal>jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-source-plugin</artifactId>
- <version>2.2.1</version>
- <executions>
- <execution>
- <id>attach-sources</id>
- <goals>
- <goal>jar-no-fork</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
-
-
- <plugin>
- <!-- Also sign "full" -->
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jarsigner-plugin</artifactId>
- <configuration>
- <skip>true</skip>
- </configuration>
- <executions>
- <execution>
- <id>sign-full</id>
- <goals>
- <goal>sign</goal>
- </goals>
- <configuration>
- <archive>target/${project.artifactId}-${project.version}-full.jar</archive>
- </configuration>
- </execution>
- <execution>
- <id>verify-full</id>
- <goals>
- <goal>verify</goal>
- </goals>
- <configuration>
- <archive>target/${project.artifactId}-${project.version}-full.jar</archive>
- </configuration>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.sonatype.plugins</groupId>
- <artifactId>nexus-staging-maven-plugin</artifactId>
- <version>1.6.7</version>
- <extensions>true</extensions>
- <configuration>
- <nexusUrl>${nexusproxy}</nexusUrl>
- <stagingProfileId>176c31dfe190a</stagingProfileId>
- <serverId>ecomp-staging</serverId>
- </configuration>
- </plugin>
-
- <plugin>
- <groupId>org.jacoco</groupId>
- <artifactId>jacoco-maven-plugin</artifactId>
- <version>${jacoco.version}</version>
- <configuration>
- <excludes>
- <exclude>**/gen/**</exclude>
- <exclude>**/generated-sources/**</exclude>
- <exclude>**/yang-gen/**</exclude>
- <exclude>**/pax/**</exclude>
- </excludes>
- </configuration>
- <executions>
-
- <execution>
- <id>pre-unit-test</id>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile>
- <propertyName>surefireArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-unit-test</id>
- <phase>test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
- </configuration>
- </execution>
- <execution>
- <id>pre-integration-test</id>
- <phase>pre-integration-test</phase>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile>
-
- <propertyName>failsafeArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-integration-test</id>
- <phase>post-integration-test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
- </plugins>
- </build>
- <distributionManagement>
- <repository>
- <id>ecomp-releases</id>
- <name>AAF Release Repository</name>
- <url>${nexusproxy}${releaseNexusPath}</url>
- </repository>
- <snapshotRepository>
- <id>ecomp-snapshots</id>
- <name>AAF Snapshot Repository</name>
- <url>${nexusproxy}${snapshotNexusPath}</url>
- </snapshotRepository>
- <site>
- <id>ecomp-site</id>
- <url>dav:${nexusproxy}${sitePath}</url>
- </site>
- </distributionManagement>
-
-</project>
diff --git a/aaf/src/assemble/cadi-aaf-test.xml b/aaf/src/assemble/cadi-aaf-test.xml
deleted file mode 100644
index 8f3fc43..0000000
--- a/aaf/src/assemble/cadi-aaf-test.xml
+++ /dev/null
@@ -1,109 +0,0 @@
-<!--
- ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- *
--->
-<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
-
- <id>test</id>
- <formats>
- <format>zip</format>
- </formats>
-
- <includeBaseDirectory>true</includeBaseDirectory>
- <dependencySets>
- <dependencySet>
- <unpack>false</unpack>
- <scope>test</scope>
- <includes>
- <include>org.onap.aaf.cadi:cadi-core</include>
- </includes>
- </dependencySet>
- <dependencySet>
- <unpack>false</unpack>
- <scope>test</scope>
- <includes>
- <include>org.onap.aaf.cadi:cadi-aaf</include>
- </includes>
- </dependencySet>
- <dependencySet>
- <unpack>false</unpack>
- <scope>test</scope>
- <includes>
- <include>org.eclipse.jetty.aggregate:jetty-all</include>
- </includes>
- </dependencySet>
-
- <dependencySet>
- <unpack>false</unpack>
- <scope>test</scope>
- <includes>
- <include>org.eclipse.jetty.orbit:javax.servlet</include>
- </includes>
- </dependencySet>
-
- <dependencySet>
- <unpack>false</unpack>
- <scope>test</scope>
- <includes>
- <include>javax:servlet</include>
- </includes>
- </dependencySet>
-
- <dependencySet>
- <unpack>false</unpack>
- <scope>test</scope>
- <includes>
- <include>com.att.aft:dme2</include>
- </includes>
- </dependencySet>
- <dependencySet>
- <unpack>false</unpack>
- <scope>test</scope>
- <includes>
- <include>com.att.aft.discovery:discovery-clt</include>
- </includes>
- </dependencySet>
- <dependencySet>
- <unpack>false</unpack>
- <scope>compile</scope>
- <includes>
- <include>org.onap.aaf.cssa:rosetta</include>
- </includes>
- </dependencySet>
- </dependencySets>
- <fileSets>
- <fileSet>
- <directory>run</directory>
- <includes>
- <include>cadi.properties</include>
- <include>keyfile</include>
- <include>start.sh</include>
- </includes>
- </fileSet>
- <fileSet>
- <includes>
- <include>../cadi/target/cadi-core*tests.jar</include>
- </includes>
- </fileSet>
- </fileSets>
-
-</assembly>
diff --git a/aaf/src/assemble/cadi-aaf.xml b/aaf/src/assemble/cadi-aaf.xml
deleted file mode 100644
index 0166367..0000000
--- a/aaf/src/assemble/cadi-aaf.xml
+++ /dev/null
@@ -1,52 +0,0 @@
-<!--
- ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- *
--->
-<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
-
- <id>full</id>
- <formats>
- <format>jar</format>
- </formats>
-
- <includeBaseDirectory>false</includeBaseDirectory>
- <dependencySets>
- <dependencySet>
- <unpack>true</unpack>
- <scope>compile</scope>
- <includes>
- <include>org.onap.aaf.authz:authz-client</include>
- <include>org.onap.aaf.cadi:cadi-aaf</include>
- <include>org.onap.aaf.cadi:cadi-core</include>
- <include>org.onap.aaf.cadi:cadi-client</include>
- <include>org.onap.aaf.inno:env</include>
- <include>org.onap.aaf.inno:rosetta</include>
- </includes>
- </dependencySet>
-
- </dependencySets>
- <fileSets>
- <fileSet>
- <directory>src/main/xsd</directory>
- </fileSet>
- </fileSets>
-</assembly>
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
deleted file mode 100644
index 7cefc26..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf;
-
-import org.onap.aaf.cadi.Permission;
-
-/**
- * A Class that understands the AAF format of Permission (name/type/action)
- * or String "name|type|action"
- *
- *
- */
-public class AAFPermission implements Permission {
- protected String type,instance,action,key;
-
- protected AAFPermission() {}
-
- public AAFPermission(String type, String instance, String action) {
- this.type = type;
- this.instance = instance;
- this.action = action;
- key = type + '|' + instance + '|' + action;
- }
-
- /**
- * Match a Permission
- * if Permission is Fielded type "Permission", we use the fields
- * otherwise, we split the Permission with '|'
- *
- * when the type or action starts with REGEX indicator character ( ! ),
- * then it is evaluated as a regular expression.
- *
- * If you want a simple field comparison, it is faster without REGEX
- */
- public boolean match(Permission p) {
- if(p instanceof AAFPermission) {
- AAFPermission ap = (AAFPermission)p;
- // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
- // Current solution is only allow direct match on Type.
- // 8/28/2014 - added REGEX ability
- if(type.equals(ap.getName()))
- if(PermEval.evalInstance(instance,ap.getInstance()))
- if(PermEval.evalAction(action,ap.getAction()))
- return true;
- } else {
- // Permission is concatenated together: separated by |
- String[] aaf = p.getKey().split("[\\s]*\\|[\\s]*",3);
- if(aaf.length>0 && type.equals(aaf[0]))
- if(PermEval.evalInstance(instance,aaf.length>1?aaf[1]:"*"))
- if(PermEval.evalAction(action,aaf.length>2?aaf[2]:"*"))
- return true;
- }
- return false;
- }
-
- public String getName() {
- return type;
- }
-
- public String getInstance() {
- return instance;
- }
-
- public String getAction() {
- return action;
- }
-
- public String getKey() {
- return key;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.Permission#permType()
- */
- public String permType() {
- return "AAF";
- }
-
- public String toString() {
- return "AAFPermission:\n\tType: " + type +
- "\n\tInstance: " + instance +
- "\n\tAction: " + action +
- "\n\tKey: " + key;
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFTransmutate.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFTransmutate.java
deleted file mode 100644
index 2d1b88f..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFTransmutate.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf;
-
-import java.security.Principal;
-import java.util.regex.Pattern;
-
-import org.onap.aaf.cadi.Transmutate;
-import org.onap.aaf.cadi.lur.ConfigPrincipal;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-import org.onap.aaf.cadi.principal.CSPPrincipal_T;
-
-/**
- * AAFTransmutate
- *
- * Each System determines the mechanisms for which one Principal is transmutated to another, such as whether it is created
- * independently, etc.
- *
- * For AAF, the only important thing is that these are valid ATTUID/mechIDs, to avoid unnecessary user hits
- *
- * attUIDs look like ab1234 or AB1234 or AZ123a
- * mechids look like m12345
- *
- *
- */
-public final class AAFTransmutate implements Transmutate<Principal> {
- private Pattern pattern = Pattern.compile("[a-zA-Z]\\w\\d\\d\\d\\w");
-
- public Principal mutate(Principal p) {
- // Accept these three internal kinds of Principals
- if(p instanceof CSPPrincipal_T
- || p instanceof BasicPrincipal
- || p instanceof ConfigPrincipal) {
- return p;
- } else {
-
- final String name = p.getName();
- final int idx = name.indexOf('@');
- String shortName;
- if(idx>0) { // strip off any domain
- shortName = name.substring(0,idx);
- } else {
- shortName = name;
- }
-
- // Check for ATTUID specs before creating CSP_T
- return pattern.matcher(shortName).matches()?
- new CSP_T(name): // Note: use REAL name, short name for CSP_T
- null;
- }
- }
-
- /**
- * Essential Principal reflecting CSP Principal
- *
- *
- */
- private final class CSP_T implements CSPPrincipal_T {
- private String name;
- public CSP_T(String name) {
- this.name = name;
- }
- public String getName() {
- return name;
- }
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/ConnectivityTest.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/ConnectivityTest.java
deleted file mode 100644
index daac0c3..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/ConnectivityTest.java
+++ /dev/null
@@ -1,459 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.lang.reflect.Field;
-import java.net.HttpURLConnection;
-import java.net.InetAddress;
-import java.net.InetSocketAddress;
-import java.net.Socket;
-import java.net.URI;
-import java.net.UnknownHostException;
-import java.util.Date;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.Lur;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.TrustChecker;
-import org.onap.aaf.cadi.Locator.Item;
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConDME2;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.http.HBasicAuthSS;
-import org.onap.aaf.cadi.http.HClient;
-import org.onap.aaf.cadi.http.HX509SS;
-import org.onap.aaf.cadi.locator.DME2Locator;
-import org.onap.aaf.cadi.locator.PropertyLocator;
-
-import com.att.aft.dme2.api.DME2Client;
-import com.att.aft.dme2.api.DME2Manager;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-import aaf.v2_0.Perms;
-
-public class ConnectivityTest {
- private static final String PROD = "PROD";
- private static final String SRV_RESOLVE = "https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=%s/routeOffer=%s";
- private static final String GW_RESOLVE = "https://DME2RESOLVE/service=com.att.authz.authz-gw/version=2.0/envContext=%s/routeOffer=%s";
-
- public static void main(String[] args) {
- if(args.length<2) {
- System.out.println("Usage: ConnectivityTester <TEST|IST|PROD> <cadi_prop_files>");
- } else {
- print(true,"START OF CONNECTIVITY TESTS",new Date().toString(),System.getProperty("user.name"),
- "Note: All API Calls are /authz/perms/user/<MechID/Alias of the caller>");
-
- final String aaf_env = args[0];
- args[1]=Config.CADI_PROP_FILES+'='+args[1];
-
- PropAccess pa = new PropAccess(args);
- String user = pa.getProperty(Config.AAF_MECHID);
- String pass = pa.getProperty(Config.AAF_MECHPASS);
- String alias = pa.getProperty(Config.CADI_ALIAS);
- if(user==null) {
- user=alias;
- }
- RosettaEnv env = new RosettaEnv(pa.getProperties());
-
- try {
- RosettaDF<Perms> permsDF = env.newDataFactory(Perms.class);
- SecurityInfoC<HttpURLConnection> si = new SecurityInfoC<HttpURLConnection>(pa);
- HBasicAuthSS hbass = new HBasicAuthSS(pa,si);
- if(hbass.getID()==null) {
- hbass=null; // not configured with ID.
- }
- HX509SS hxss=null;
- AAFCon<?> aafcon;
-
- try {
- hxss = new HX509SS(user,si);
- } catch(Exception e) {
- e.printStackTrace();
- print(false,"Continuing");
- }
- String aafurl;
- if(user==null || (pass==null && alias==null)) {
- System.out.printf("ERROR: DME2 Client cannot be tested with out %s and %s properties"
- , Config.AAF_MECHID, Config.AAF_MECHPASS );
- } else {
- if("TEST".equals(aaf_env) || "IST".equals(aaf_env) || "PROD".equals(aaf_env)) {
- DME2Manager dm = null;
- print(false,"Attempt DME2Manager Load");
- if(Class.forName("com.att.aft.dme2.api.DME2Manager")==null) {
- print(true,"DME2 jar is not available: Skipping DME2 Tests");
- } else { // DME2 Client Tests
- pass=pa.decrypt(pass,false);
- // Out of the box DME2
- aafurl = String.format(SRV_RESOLVE, aaf_env, PROD.equals(aaf_env)?"DEFAULT":"BAU_SE");
- print(true,"TEST CADI Config",aafurl);
- aafcon = testConfig(pa,aafurl);
- test(aafcon,permsDF,user);
-
- print(true,"Find and TEST Connections with DME2Locator",aafurl);
- DME2Locator dl = new DME2Locator(pa,dm,aafurl);
- connectTest(dl);
-
- dm = new DME2Manager("DME2Manager",pa.getProperties());
-
- dme2RawTest(dm, aafurl,user,pass);
-
- // URL specific Variant
- if((aafurl = specificDME2URL(dl, aafurl))!=null) {
- print(true,"TEST Specific DME2 CADI Config",aafurl);
- aafcon = testConfig(pa,aafurl);
- test(aafcon,permsDF,user);
-
- dme2RawTest(dm,aafurl,user,pass);
- }
-
- print(true,"CADI Direct AAFConDME2 Object Usage",aafurl);
- try {
- pa.setProperty(Config.AAF_URL,aafurl);
- aafcon = new AAFConDME2(pa);
- test(aafcon,permsDF,user);
- } catch(Throwable t) {
- t.printStackTrace();
- }
-
- // find a direct client to code a Direct HTTP with
- //
- if(hbass!=null) {
- print(true,"CADI Http DME2Locator Client Coding Methodology BasicAuth",aafurl);
- hClientTest(dl,hbass,user);
- }
- if(hxss!=null) {
- print(true,"CADI Http DME2Locator Client Coding Methodology X509",aafurl);
- hClientTest(dl,hxss,user);
- }
-
- // ##### PROXY CHECKS
- aafurl = String.format(GW_RESOLVE, aaf_env, PROD.equals(aaf_env)?"DEFAULT":"BAU_SE");
- print(true,"TEST PROXY DME2 CADI Config",aafurl);
- aafcon = testConfig(pa,aafurl);
- test(aafcon,permsDF,user);
-
-
- dme2RawTest(dm, aafurl,user,pass);
-
- // URL specific Variant
- dl = new DME2Locator(pa,dm,aafurl);
- if((aafurl = specificDME2URL(dl, aafurl))!=null) {
- print(true,"TEST PROXY Specific DME2 CADI Config",aafurl);
- aafcon = testConfig(pa,aafurl);
- test(aafcon,permsDF,user);
-
- dme2RawTest(dm,aafurl,user,pass);
- }
- }
- }
-
- // Prop Locator
- PropertyLocator pl = servicePropLocator(aaf_env);
- connectTest(pl);
- URI uri = pl.get(pl.best());
- if(uri!=null) {
- aafurl = uri.toString();
- print(true,"TEST Service PropertyLocator based Config",aafurl);
- aafcon = testConfig(pa,aafurl);
- test(aafcon,permsDF,user);
-
- if(hbass!=null) {
- print(true,"CADI Service Http PropLocator Client Coding Methodology Basic Auth",aafurl);
- hClientTest(pl,hbass, user);
- print(true,"CADI Service Http PropLocator Client Coding Methodology /authn/basicAuth",aafurl);
- basicAuthTest(pl,hbass);
- }
- if(hxss!=null) {
- print(true,"CADI Service Http PropLocator Client Coding Methodology X509",aafurl);
- hClientTest(pl,hxss, user);
- }
- }
- pl = proxyPropLocator(aaf_env);
- connectTest(pl);
- uri = pl.get(pl.best());
- if(uri!=null) {
- aafurl = uri.toString();
- print(true,"TEST PROXY PropertyLocator based Config",aafurl);
- aafcon = testConfig(pa,aafurl);
- test(aafcon,permsDF,user);
-
- if(hbass!=null) {
- print(true,"CADI PROXY Http PropLocator Client Coding Methodology Basic Auth",aafurl);
- hClientTest(pl,hbass, user);
- print(true,"CADI PROXY Http PropLocator Client Coding Methodology /proxy/authn/basicAuth",aafurl);
- basicAuthTest(pl,hbass);
- }
- if(hxss!=null) {
- print(true,"CADI PROXY Http PropLocator Client Coding Methodology X509",aafurl);
- hClientTest(pl,hxss, user);
- }
- }
- }
-
- } catch(Exception e) {
- e.printStackTrace(System.err);
- } finally {
- print(true,"END OF TESTS");
- }
- }
- }
-
- private static void print(Boolean strong, String ... args) {
- PrintStream out = System.out;
- out.println();
- if(strong) {
- for(int i=0;i<70;++i) {
- out.print('=');
- }
- out.println();
- }
- for(String s : args) {
- out.print(strong?"== ":"------ ");
- out.print(s);
- if(!strong) {
- out.print(" ------");
- }
- out.println();
- }
- if(strong) {
- for(int i=0;i<70;++i) {
- out.print('=');
- }
- }
- out.println();
- }
-
- private static void test(AAFCon<?> aafcon,RosettaDF<Perms> permsDF,String user) {
- if(aafcon==null) {
- print(false,"AAFCon is null");
- } else {
- try {
- print(false,"Calling with AAFCon");
- Future<Perms> fp = aafcon.client("2.0").read("/authz/perms/user/"+user, Perms.class, permsDF);
- if(fp.get(4000)) {
- System.out.printf("Found %d Permission(s)\n",fp.value.getPerm().size());
- } else {
- System.out.printf("Error: %d %s\n",fp.code(),fp.body());
- }
- } catch (Throwable t) {
- t.printStackTrace();
- }
- }
- }
-
- private static AAFCon<?> testConfig(PropAccess pa, String aafurl) {
- try {
- pa.setProperty(Config.AAF_URL, aafurl);
- Lur lur = Config.configLur(pa);
- Config.configHttpTaf(pa, TrustChecker.NOTRUST, null, lur);
- if(lur != null) {
- Field f = null;
- try {
- f = lur.getClass().getField("aaf");
- return (AAFCon<?>)f.get(lur);
- } catch (Exception nsfe) {
- }
- }
-
- } catch(Throwable t) {
- t.printStackTrace();
- }
- return null;
- }
-
- private static String specificDME2URL(Locator<URI> loc, String aafurl) throws LocatorException {
- Item item = loc.best();
- if(item!=null) {
- URI uri = loc.get(item);
- return aafurl.replace("DME2RESOLVE", String.format("%s:%d",uri.getHost(),uri.getPort()));
- }
- return null;
- }
-
- private static void connectTest(Locator<URI> dl) throws LocatorException {
- URI uri;
- Socket socket;
- print(false,"TCP/IP Connect test to all Located Services");
- for(Item li = dl.first();li!=null;li=dl.next(li)) {
- if((uri = dl.get(li)) == null) {
- System.out.println("Locator Item empty");
- } else {
- try {
- socket = new Socket();
- socket.connect(new InetSocketAddress(uri.getHost(), uri.getPort()),3000);
- System.out.printf("Can Connect a Socket to %s %d\n",uri.getHost(),uri.getPort());
- try {
- socket.close();
- } catch (IOException e1) {
- System.out.printf("Could not close Socket Connection: %s\n",e1.getMessage());
- }
- } catch (IOException e) {
- System.out.printf("Cannot Connect a Socket to %s %d: %s\n",uri.getHost(),uri.getPort(),e.getMessage());
- }
- }
- }
- }
-
- private static PropertyLocator servicePropLocator(String env) throws LocatorException {
- String purls;
- switch(env) {
- case "LOCAL":
- try {
- purls="https://"+InetAddress.getLocalHost().getHostName()+":8100";
- } catch (UnknownHostException e) {
- throw new LocatorException(e);
- }
- break;
- case "DEV":
- purls="https://aaf.dev.att.com:8100,https://aaf.dev.att.com:8101";
- break;
- case "TEST":
- purls="https://aaftest.test.att.com:8100,https://aaftest.test.att.com:8101";
- break;
- case "IST":
- purls="https://aafist.test.att.com:8100,https://aafist.test.att.com:8101";
- break;
- case PROD:
- purls="https://aaf.it.att.com:8100,https://aaf.it.att.com:8101";
- break;
- default:
- if(env.contains(".")) {
- purls="https://"+env+":8100";
- } else {
- throw new LocatorException(ConnectivityTest.class.getSimpleName() + ": unknown Env");
- }
- }
- System.out.printf("Creating a PropertyLocator for %s\n",purls);
- return new PropertyLocator(purls);
- }
-
- private static PropertyLocator proxyPropLocator(String env) throws LocatorException {
- String purls;
- switch(env) {
- case "LOCAL":
- try {
- purls="https://"+InetAddress.getLocalHost().getHostAddress()+":8100";
- } catch (UnknownHostException e) {
- throw new LocatorException(e);
- }
- break;
- case "DEV":
- purls="https://aaf.dev.att.com:8095/proxy";
- break;
- case "TEST":
- purls="https://aaftest.test.att.com:8095/proxy";
- break;
- case "IST":
- purls="https://aafist.test.att.com:8095/proxy";
- break;
- case PROD:
- purls="https://aaf.it.att.com:8095/proxy";
- break;
- default:
- if(env.contains(".")) {
- purls="https://"+env+":8095/proxy";
- } else {
- throw new LocatorException(ConnectivityTest.class.getSimpleName() + ": unknown Env");
- }
-
- }
- System.out.printf("Creating a PropertyLocator for %s\n",purls);
- return new PropertyLocator(purls);
- }
-
-
-
-
- private static void hClientTest(Locator<URI> dl, SecuritySetter<HttpURLConnection> ss, String user) {
- try {
- URI uri = dl.get(dl.best());
- System.out.println("Resolved to: " + uri);
- HClient client = new HClient(ss, uri, 3000);
- client.setMethod("GET");
- client.setPathInfo("/authz/perms/user/"+user);
- client.send();
- Future<String> future = client.futureReadString();
- if(future.get(7000)) {
- System.out.println(future.body());
- } else {
- System.out.println(future.code() + ":" + future.body());
- }
- } catch (CadiException | LocatorException | APIException e) {
- e.printStackTrace();
- }
- }
-
-
- private static void basicAuthTest(PropertyLocator dl, SecuritySetter<HttpURLConnection> ss) {
- try {
- URI uri = dl.get(dl.best());
- System.out.println("Resolved to: " + uri);
- HClient client = new HClient(ss, uri, 3000);
- client.setMethod("GET");
- client.setPathInfo("/authn/basicAuth");
- client.addHeader("Accept", "text/plain");
- client.send();
-
-
- Future<String> future = client.futureReadString();
- if(future.get(7000)) {
- System.out.println("BasicAuth Validated");
- } else {
- System.out.println("Failure " + future.code() + ":" + future.body());
- }
- } catch (CadiException | LocatorException | APIException e) {
- e.printStackTrace();
- }
- }
-
- // Regular DME2Client Coding Style
- private static void dme2RawTest(DME2Manager dm, String aafurl, String user, String pass) {
- try {
- if(dm==null) {
- return;
- }
- URI uri = new URI(aafurl);
- print(true,"DME2 Direct Client Coding Methodology",uri.toString());
- DME2Client client = dm.newClient( uri, 3000);
- client.setMethod("GET"); // FYI, DME2 defaults to "POST"
- client.setContext("/authz/perms/user/"+user); // DME2 direct requires separate setting of Context from URI
- if(pass!=null) { // rely on Cert if no pass
- client.setCredentials(user, pass);
- }
- client.setPayload(""); // DME2 will not send without something
- String resp = client.sendAndWait(7000);
- System.out.println(resp);
- } catch(Throwable e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java
deleted file mode 100644
index 896d153..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf;
-
-import org.onap.aaf.inno.env.util.Split;
-
-
-public class PermEval {
- public static final char START_REGEX_CHAR = '!';
- public static final char START_INST_KEY_CHAR=':';
- public static final char ALT_START_INST_KEY_CHAR='/';
-
- public static final char LIST_SEP = ',';
- public static final String INST_KEY_REGEX = new StringBuilder().append(START_INST_KEY_CHAR).toString();
- public static final String ASTERIX = "*";
-
- /**
- * Evaluate Instance
- *
- * Instance can be more complex. It can be a string, a Regular Expression, or a ":" separated Key
- * who's parts can also be a String, Regular Expression.
- *
- * sInst = Server's Instance
- * In order to prevent false matches, keys must be the same length to count as equal
- * Changing this will break existing users, like Cassandra. 9-4-2015
- */
- public static boolean evalInstance(String sInst, String pInst) {
- if(sInst==null || pInst == null) {
- return false;
- }
- if(ASTERIX.equals(sInst)) {
- return true; // If Server's String is "*", then it accepts every Instance
- }
- char firstChar = pInst.charAt(0);
- char startChar = firstChar==ALT_START_INST_KEY_CHAR?ALT_START_INST_KEY_CHAR:START_INST_KEY_CHAR;
- switch(pInst.charAt(0)) { // First char
- case START_REGEX_CHAR: // Evaluate as Regular Expression
- String pItem = pInst.substring(1);
- for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," definition in Action
- return sItem.matches(pItem);
- }
-
- case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.*
- case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.*
- if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys
- String[] skeys=Split.split(startChar,sInst);
- String[] pkeys=Split.split(startChar,pInst);
- if(skeys.length!=pkeys.length) return false;
-
- boolean pass = true;
- for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always ""
- if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot
- pass = false;
- for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action
- if(pkeys[i].length()==0) {
- if(pass=sItem.length()==0) {
- break; // Both Empty, keep checking
- }
-// } else if(pkeys[i].charAt(0)==START_REGEX_CHAR) {
-// if(pass=sItem.matches(pkeys[i].substring(1))) {
-// break; // Matches, keep checking
-// }
- } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like *
- if(pass=pkeys[i].matches(sItem.substring(1))) {
- break; // Matches, keep checking
- }
- } else if(skeys[i].endsWith(ASTERIX)) {
- if(pass=endAsterixCompare(skeys[i],pkeys[i])) {
- break;
- }
- } else {
- if(pass=sItem.equals(pkeys[i]))
- break; // Equal, keep checking
- }
- }
- }
- return pass; // return whether passed all key checks
- }
- return false; // if first chars aren't the same, further String compare not necessary
- default: // Evaluate as String Compare
- for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions?
- if(sItem.endsWith(ASTERIX)) {
- if(endAsterixCompare(sInst, pInst));
- } else if(sItem.equals(pInst)) {
- return true;
- }
- }
- return false;
- }
- }
-
- private static boolean endAsterixCompare(String sInst, String pInst) {
- final int len = sInst.length()-1;
- if(pInst.length()<len) {
- return false;
- }
- for(int j=0;j<len;++j) {
- if(pInst.charAt(j)!=sInst.charAt(j)) {
- return false;
- }
- }
- return true;
- }
-
- /**
- * Evaluate Action
- *
- * sAction = Stored Action...
- * pAction = Present Action... the Permission to validate against.
- * Action is not quite as complex. But we write it in this function so it can be consistent
- */
- public static boolean evalAction(String sAction,String pAction) {
- if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action
- for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action
- if (pAction.charAt(0)==START_REGEX_CHAR? // First char
- sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression
- sItem.equals(pAction)) // Evaluate as String Compare
- return true;
- }
- return false;
- }
-
- /**
- * Split.split by Char
- *
- * Note: I read the String Split.split and Pattern Split.split code, and we can do this more efficiently for a single Character
- */
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
deleted file mode 100644
index cf2b3a9..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
+++ /dev/null
@@ -1,179 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.cert;
-
-
-import java.security.Principal;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.Timer;
-import java.util.TimerTask;
-import java.util.TreeMap;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.xml.datatype.XMLGregorianCalendar;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Hash;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.principal.X509Principal;
-import org.onap.aaf.cadi.taf.cert.CertIdentity;
-import org.onap.aaf.cadi.taf.cert.X509Taf;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.util.Chrono;
-import org.onap.aaf.inno.env.util.Split;
-
-import aaf.v2_0.Certs;
-import aaf.v2_0.Certs.Cert;
-import aaf.v2_0.Users;
-import aaf.v2_0.Users.User;
-
-public class AAFListedCertIdentity implements CertIdentity {
- //TODO should 8 hours be configurable?
- private static final long EIGHT_HOURS = 1000*60*60*8;
- private static final String AAF_VERSION = "2.0";
-
- private static Map<ByteArrayHolder,String> certs = null;
-
- // Did this to add other Trust Mechanisms
- // Trust mechanism set by Property:
- private static final String[] authMechanisms = new String[] {"tguard","basicAuth","csp"};
- private static String[] certIDs;
-
- private static Map<String,Set<String>> trusted =null;
-
- public AAFListedCertIdentity(Access access, AAFCon<?> aafcon) throws APIException {
- synchronized(AAFListedCertIdentity.class) {
- if(certIDs==null) {
- String cip = access.getProperty(Config.AAF_CERT_IDS, null);
- if(cip!=null) {
- certIDs = Split.split(',',cip);
- }
- }
- if(certIDs!=null && certs==null) {
- TimerTask cu = new CertUpdate(aafcon);
- cu.run(); // want this to run in this thread first...
- new Timer("AAF Identity Refresh Timer",true).scheduleAtFixedRate(cu, EIGHT_HOURS,EIGHT_HOURS);
- }
- }
- }
-
- public static Set<String> trusted(String authMech) {
- return trusted.get(authMech);
- }
-
- public Principal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException {
- if(cert==null && certBytes==null)return null;
- if(certBytes==null)certBytes = cert.getEncoded();
- byte[] fingerprint = X509Taf.getFingerPrint(certBytes);
- String id = certs.get(new ByteArrayHolder(fingerprint));
- if(id!=null) { // Caller is Validated
- return new X509Principal(id,cert,certBytes);
- }
- return null;
- }
-
- private static class ByteArrayHolder implements Comparable<ByteArrayHolder> {
- private byte[] ba;
- public ByteArrayHolder(byte[] ba) {
- this.ba = ba;
- }
- public int compareTo(ByteArrayHolder b) {
- return Hash.compareTo(ba, b.ba);
- }
- }
-
- private class CertUpdate extends TimerTask {
-
- private AAFCon<?> aafcon;
- public CertUpdate(AAFCon<?> con) {
- aafcon = con;
- }
-
- @Override
- public void run() {
- try {
- TreeMap<ByteArrayHolder, String> newCertsMap = new TreeMap<ByteArrayHolder,String>();
- Map<String,Set<String>> newTrustMap = new TreeMap<String,Set<String>>();
- Set<String> userLookup = new HashSet<String>();
- for(String s : certIDs) {
- userLookup.add(s);
- }
- for(String authMech : authMechanisms) {
- Future<Users> fusr = aafcon.client(AAF_VERSION).read("/authz/users/perm/org.onap.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF);
- if(fusr.get(5000)) {
- List<User> users = fusr.value.getUser();
- if(users.isEmpty()) {
- aafcon.access.log(Level.WARN, "AAF Lookup-No IDs in Role com.att.aaf.trustForID <> "+authMech);
- } else {
- aafcon.access.log(Level.INFO,"Loading Trust Authentication Info for",authMech);
- Set<String> hsUser = new HashSet<String>();
- for(User u : users) {
- userLookup.add(u.getId());
- hsUser.add(u.getId());
- }
- newTrustMap.put(authMech,hsUser);
- }
- } else {
- aafcon.access.log(Level.WARN, "Could not get Users in Perm com.att.trust|tguard|authenticate",fusr.code(),fusr.body());
- }
-
- }
-
- for(String u : userLookup) {
- Future<Certs> fc = aafcon.client(AAF_VERSION).read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF);
- XMLGregorianCalendar now = Chrono.timeStamp();
- if(fc.get(5000)) {
- List<Cert> certs = fc.value.getCert();
- if(certs.isEmpty()) {
- aafcon.access.log(Level.WARN, "No Cert Associations for",u);
- } else {
- for(Cert c : fc.value.getCert()) {
- XMLGregorianCalendar then =c.getExpires();
- if(then !=null && then.compare(now)>0) {
- newCertsMap.put(new ByteArrayHolder(c.getFingerprint()), c.getId());
- aafcon.access.log(Level.INIT,"Associating "+ c.getId() + " expiring " + Chrono.dateOnlyStamp(c.getExpires()) + " with " + c.getX500());
- }
- }
- }
- } else {
- aafcon.access.log(Level.WARN, "Could not get Certificates for",u);
- }
- }
-
- certs = newCertsMap;
- trusted = newTrustMap;
- } catch(Exception e) {
- aafcon.access.log(e, "Failure to update Certificate Identities from AAF");
- }
- }
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java
deleted file mode 100644
index c49113d..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.client;
-
-import java.io.PrintStream;
-
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.util.Vars;
-
-import aaf.v2_0.Error;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data.TYPE;
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-public class ErrMessage {
- private RosettaDF<Error> errDF;
-
- public ErrMessage(RosettaEnv env) throws APIException {
- errDF = env.newDataFactory(Error.class);
- }
-
- /**
- * AT&T Requires a specific Error Format for RESTful Services, which AAF complies with.
- *
- * This code will create a meaningful string from this format.
- *
- * @param ps
- * @param df
- * @param r
- * @throws APIException
- */
- public void printErr(PrintStream ps, String attErrJson) throws APIException {
- StringBuilder sb = new StringBuilder();
- Error err = errDF.newData().in(TYPE.JSON).load(attErrJson).asObject();
- ps.println(toMsg(sb,err));
- }
-
- /**
- * AT&T Requires a specific Error Format for RESTful Services, which AAF complies with.
- *
- * This code will create a meaningful string from this format.
- *
- * @param sb
- * @param df
- * @param r
- * @throws APIException
- */
- public StringBuilder toMsg(StringBuilder sb, String attErrJson) throws APIException {
- return toMsg(sb,errDF.newData().in(TYPE.JSON).load(attErrJson).asObject());
- }
-
- public StringBuilder toMsg(Future<?> future) {
- return toMsg(new StringBuilder(),future);
- }
-
- public StringBuilder toMsg(StringBuilder sb, Future<?> future) {
- try {
- toMsg(sb,errDF.newData().in(TYPE.JSON).load(future.body()).asObject());
- } catch(Exception e) {
- //just print what we can
- sb.append(future.code());
- sb.append(": ");
- sb.append(future.body());
- }
- return sb;
- }
-
- public StringBuilder toMsg(StringBuilder sb, Error err) {
- sb.append(err.getMessageId());
- sb.append(' ');
- String[] vars = new String[err.getVariables().size()];
- err.getVariables().toArray(vars);
- Vars.convert(sb, err.getText(),vars);
- return sb;
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java
deleted file mode 100644
index 8867862..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java
+++ /dev/null
@@ -1,444 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.client;
-
-
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.GregorianCalendar;
-
-import aaf.v2_0.Approval;
-import aaf.v2_0.Approvals;
-import aaf.v2_0.CredRequest;
-import aaf.v2_0.Keys;
-import aaf.v2_0.NsRequest;
-import aaf.v2_0.Nss;
-import aaf.v2_0.Nss.Ns;
-import aaf.v2_0.Perm;
-import aaf.v2_0.PermKey;
-import aaf.v2_0.PermRequest;
-import aaf.v2_0.Perms;
-import aaf.v2_0.Pkey;
-import aaf.v2_0.Request;
-import aaf.v2_0.Role;
-import aaf.v2_0.RoleKey;
-import aaf.v2_0.RolePermRequest;
-import aaf.v2_0.RoleRequest;
-import aaf.v2_0.Roles;
-import aaf.v2_0.UserRole;
-import aaf.v2_0.UserRoleRequest;
-import aaf.v2_0.UserRoles;
-import aaf.v2_0.Users;
-import aaf.v2_0.Users.User;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data;
-import org.onap.aaf.inno.env.Data.TYPE;
-import org.onap.aaf.inno.env.util.Chrono;
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-public class Examples {
- public static <C> String print(RosettaEnv env, String nameOrContentType, boolean optional) throws APIException, SecurityException, NoSuchMethodException, IllegalArgumentException, IllegalAccessException, InvocationTargetException {
- // Discover ClassName
- String className = null;
- String version = null;
- TYPE type = TYPE.JSON; // default
- if(nameOrContentType.startsWith("application/")) {
- for(String ct : nameOrContentType.split("\\s*,\\s*")) {
- for(String elem : ct.split("\\s*;\\s*")) {
- if(elem.endsWith("+json")) {
- type = TYPE.JSON;
- className = elem.substring(elem.indexOf('/')+1, elem.length()-5);
- } else if(elem.endsWith("+xml")) {
- type = TYPE.XML;
- className = elem.substring(elem.indexOf('/')+1, elem.length()-4);
- } else if(elem.startsWith("version=")) {
- version = elem.substring(8);
- }
- }
- if(className!=null && version!=null)break;
- }
- if(className==null) {
- throw new APIException(nameOrContentType + " does not contain Class Information");
- }
- } else {
- className = nameOrContentType;
- }
-
- // No Void.class in aaf.v2_0 package causing errors when trying to use a newVoidv2_0
- // method similar to others in this class. This makes it work, but is it right?
- if ("Void".equals(className)) return "";
-
- if("1.1".equals(version)) {
- version = "v1_0";
- } else if(version!=null) {
- version = "v" + version.replace('.', '_');
- } else {
- version = "v2_0";
- }
-
- Class<?> cls;
- try {
- cls = Examples.class.getClassLoader().loadClass("aaf."+version+'.'+className);
- } catch (ClassNotFoundException e) {
- throw new APIException(e);
- }
-
- Method meth;
- try {
- meth = Examples.class.getDeclaredMethod("new"+cls.getSimpleName()+version,boolean.class);
- } catch (Exception e) {
- throw new APIException("ERROR: " + cls.getName() + " does not have an Example in Code. Request from AAF Developers");
- }
-
- RosettaDF<C> df = env.newDataFactory(cls);
- df.option(Data.PRETTY);
-
- Object data = meth.invoke(null,optional);
-
- @SuppressWarnings("unchecked")
- String rv = df.newData().load((C)data).out(type).asString();
-// Object obj = df.newData().in(type).load(rv).asObject();
- return rv;
- }
-
- /*
- * Set Base Class Request (easier than coding over and over)
- */
- private static void setOptional(Request req) {
- GregorianCalendar gc = new GregorianCalendar();
- req.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 6);
- req.setEnd(Chrono.timeStamp(gc));
-// req.setForce("false");
-
- }
-
- @SuppressWarnings("unused")
- private static Request newRequestv2_0(boolean optional) {
- Request r = new Request();
- setOptional(r);
- return r;
- }
- @SuppressWarnings("unused")
- private static RolePermRequest newRolePermRequestv2_0(boolean optional) {
- RolePermRequest rpr = new RolePermRequest();
- Pkey pkey = new Pkey();
- pkey.setType("com.att.myns.mytype");
- pkey.setInstance("myInstance");
- pkey.setAction("myAction");
- rpr.setPerm(pkey);
- rpr.setRole("com.att.myns.myrole");
- if(optional)setOptional(rpr);
- return rpr;
- }
-
- @SuppressWarnings("unused")
- private static Roles newRolesv2_0(boolean optional) {
- Role r;
- Pkey p;
- Roles rs = new Roles();
- rs.getRole().add(r = new Role());
- r.setName("com.att.myns.myRole");
- r.getPerms().add(p = new Pkey());
- p.setType("com.att.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myAction");
-
- r.getPerms().add(p = new Pkey());
- p.setType("com.att.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myOtherAction");
-
- rs.getRole().add(r = new Role());
- r.setName("com.att.myns.myOtherRole");
- r.getPerms().add(p = new Pkey());
- p.setType("com.att.myns.myOtherType");
- p.setInstance("myInstance");
- p.setAction("myAction");
-
- r.getPerms().add(p = new Pkey());
- p.setType("com.att.myns.myOthertype");
- p.setInstance("myInstance");
- p.setAction("myOtherAction");
-
- return rs;
- }
-
-
- @SuppressWarnings("unused")
- private static PermRequest newPermRequestv2_0(boolean optional) {
- PermRequest pr = new PermRequest();
- pr.setType("com.att.myns.myType");
- pr.setInstance("myInstance");
- pr.setAction("myAction");
- if(optional) {
- pr.setDescription("Short and meaningful verbiage about the Permission");
-
- setOptional(pr);
- }
- return pr;
- }
-
- @SuppressWarnings("unused")
- private static Perm newPermv2_0(boolean optional) {
- Perm pr = new Perm();
- pr.setType("com.att.myns.myType");
- pr.setInstance("myInstance");
- pr.setAction("myAction");
- pr.getRoles().add("com.att.myns.myRole");
- pr.getRoles().add("com.att.myns.myRole2");
- pr.setDescription("This is my description, and I'm sticking with it");
- if(optional) {
- pr.setDescription("Short and meaningful verbiage about the Permission");
- }
- return pr;
- }
-
-
- @SuppressWarnings("unused")
- private static PermKey newPermKeyv2_0(boolean optional) {
- PermKey pr = new PermKey();
- pr.setType("com.att.myns.myType");
- pr.setInstance("myInstance");
- pr.setAction("myAction");
- return pr;
- }
-
- @SuppressWarnings("unused")
- private static Perms newPermsv2_0(boolean optional) {
- Perms perms = new Perms();
- Perm p;
- perms.getPerm().add(p=new Perm());
- p.setType("com.att.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myAction");
- p.getRoles().add("com.att.myns.myRole");
- p.getRoles().add("com.att.myns.myRole2");
-
-
- perms.getPerm().add(p=new Perm());
- p.setType("com.att.myns.myOtherType");
- p.setInstance("myInstance");
- p.setAction("myOtherAction");
- p.getRoles().add("com.att.myns.myRole");
- p.getRoles().add("com.att.myns.myRole2");
-
- return perms;
-
- }
-
- @SuppressWarnings("unused")
- private static UserRoleRequest newUserRoleRequestv2_0(boolean optional) {
- UserRoleRequest urr = new UserRoleRequest();
- urr.setRole("com.att.myns.myRole");
- urr.setUser("ab1234@csp.att.com");
- if(optional) setOptional(urr);
- return urr;
- }
-
- @SuppressWarnings("unused")
- private static NsRequest newNsRequestv2_0(boolean optional) {
- NsRequest nr = new NsRequest();
- nr.setName("com.att.myns");
- nr.getResponsible().add("ab1234@csp.att.com");
- nr.getResponsible().add("cd5678@csp.att.com");
- nr.getAdmin().add("zy9876@csp.att.com");
- nr.getAdmin().add("xw5432@csp.att.com");
- if(optional) {
- nr.setDescription("This is my Namespace to set up");
- nr.setType("APP");
- setOptional(nr);
- }
- return nr;
- }
-
-
- @SuppressWarnings("unused")
- private static Nss newNssv2_0(boolean optional) {
- Ns ns;
-
- Nss nss = new Nss();
- nss.getNs().add(ns = new Nss.Ns());
- ns.setName("com.att.myns");
- ns.getResponsible().add("ab1234@csp.att.com");
- ns.getResponsible().add("cd5678@csp.att.com");
- ns.getAdmin().add("zy9876@csp.att.com");
- ns.getAdmin().add("xw5432@csp.att.com");
- ns.setDescription("This is my Namespace to set up");
-
- nss.getNs().add(ns = new Nss.Ns());
- ns.setName("com.att.myOtherNs");
- ns.getResponsible().add("ab1234@csp.att.com");
- ns.getResponsible().add("cd5678@csp.att.com");
- ns.getAdmin().add("zy9876@csp.att.com");
- ns.getAdmin().add("xw5432@csp.att.com");
-
- return nss;
- }
- @SuppressWarnings("unused")
- private static RoleRequest newRoleRequestv2_0(boolean optional) {
- RoleRequest rr = new RoleRequest();
- rr.setName("com.att.myns.myRole");
- if(optional) {
- rr.setDescription("This is my Role");
- setOptional(rr);
- }
- return rr;
- }
-
- @SuppressWarnings("unused")
- private static CredRequest newCredRequestv2_0(boolean optional) {
- CredRequest cr = new CredRequest();
- cr.setId("myID@fully.qualified.domain");
- if(optional) {
- cr.setType(2);
- cr.setEntry("0x125AB256344CE");
- } else {
- cr.setPassword("This is my provisioned password");
- }
-
- return cr;
- }
-
- @SuppressWarnings("unused")
- private static Users newUsersv2_0(boolean optional) {
- User user;
-
- Users users = new Users();
- users.getUser().add(user = new Users.User());
- user.setId("ab1234@csp.att.com");
- GregorianCalendar gc = new GregorianCalendar();
- user.setExpires(Chrono.timeStamp(gc));
-
- users.getUser().add(user = new Users.User());
- user.setId("zy9876@csp.att.com");
- user.setExpires(Chrono.timeStamp(gc));
-
- return users;
- }
-
- @SuppressWarnings("unused")
- private static Role newRolev2_0(boolean optional) {
- Role r = new Role();
- Pkey p;
- r.setName("com.att.myns.myRole");
- r.getPerms().add(p = new Pkey());
- p.setType("com.att.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myAction");
-
- return r;
- }
-
- @SuppressWarnings("unused")
- private static RoleKey newRoleKeyv2_0(boolean optional) {
- RoleKey r = new RoleKey();
- Pkey p;
- r.setName("com.att.myns.myRole");
- return r;
- }
-
- @SuppressWarnings("unused")
- private static Keys newKeysv2_0(boolean optional) {
- Keys ks = new Keys();
- ks.getKey().add("Reponse 1");
- ks.getKey().add("Response 2");
- return ks;
- }
-
- @SuppressWarnings("unused")
- private static UserRoles newUserRolesv2_0(boolean optional) {
- UserRoles urs = new UserRoles();
- UserRole ur = new UserRole();
- ur.setUser("xy1234");
- ur.setRole("com.test.myapp.myRole");
- ur.setExpires(Chrono.timeStamp());
- urs.getUserRole().add(ur);
-
- ur = new UserRole();
- ur.setUser("yx4321");
- ur.setRole("com.test.yourapp.yourRole");
- ur.setExpires(Chrono.timeStamp());
- urs.getUserRole().add(ur);
- return urs;
- }
-
-
- @SuppressWarnings("unused")
- private static Approvals newApprovalsv2_0(boolean optional) {
- Approvals as = new Approvals();
- Approval a = new Approval();
- a.setApprover("MyApprover");
- a.setId("MyID");
- a.setMemo("My memo (and then some)");
- a.setOperation("MyOperation");
- a.setStatus("MyStatus");
- a.setTicket("MyTicket");
- a.setType("MyType");
- a.setUpdated(Chrono.timeStamp());
- a.setUser("MyUser");
- as.getApprovals().add(a);
- a = new Approval();
- a.setApprover("MyApprover2");
- a.setId("MyID2");
- a.setMemo("My memo (and then some)2");
- a.setOperation("MyOperation2");
- a.setStatus("MyStatus2");
- a.setTicket("MyTicket2");
- a.setType("MyType2");
- a.setUpdated(Chrono.timeStamp());
- a.setUser("MyUser2");
- as.getApprovals().add(a);
- return as;
- }
-
- @SuppressWarnings("unused")
- private static Approval newApprovalv2_0(boolean optional) {
- Approval a = new Approval();
- a.setApprover("MyApprover");
- a.setId("MyID");
- a.setMemo("My memo (and then some)");
- a.setOperation("MyOperation");
- a.setStatus("MyStatus");
- a.setTicket("MyTicket");
- a.setType("MyType");
- a.setUpdated(Chrono.timeStamp());
- a.setUser("MyUser");
- return a;
- }
-
-
-
- @SuppressWarnings("unused")
- private static aaf.v2_0.Error newErrorv2_0(boolean optional) {
- aaf.v2_0.Error err = new aaf.v2_0.Error();
- err.setMessageId("SVC1403");
- err.setText("MyText %s, %s: The last three digits are usually the HTTP Code");
- err.getVariables().add("Variable 1");
- err.getVariables().add("Variable 2");
- return err;
- }
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java
deleted file mode 100644
index 8871969..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.marshal;
-
-import javax.xml.datatype.XMLGregorianCalendar;
-
-import aaf.v2_0.Certs.Cert;
-
-import org.onap.aaf.rosetta.marshal.FieldDateTime;
-import org.onap.aaf.rosetta.marshal.FieldHexBinary;
-import org.onap.aaf.rosetta.marshal.FieldString;
-import org.onap.aaf.rosetta.marshal.ObjMarshal;
-
-public class CertMarshal extends ObjMarshal<Cert> {
- public CertMarshal() {
- add(new FieldHexBinary<Cert>("fingerprint") {
- @Override
- protected byte[] data(Cert t) {
- return t.getFingerprint();
- }
- });
-
- add(new FieldString<Cert>("id") {
- @Override
- protected String data(Cert t) {
- return t.getId();
- }
- });
-
- add(new FieldString<Cert>("x500") {
- @Override
- protected String data(Cert t) {
- return t.getX500();
- }
- });
-
- add(new FieldDateTime<Cert>("expires") {
- @Override
- protected XMLGregorianCalendar data(Cert t) {
- return t.getExpires();
- }
- });
-
-
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java
deleted file mode 100644
index 70a1c96..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.marshal;
-
-import java.util.List;
-
-import aaf.v2_0.Certs;
-import aaf.v2_0.Certs.Cert;
-
-import org.onap.aaf.rosetta.marshal.ObjArray;
-import org.onap.aaf.rosetta.marshal.ObjMarshal;
-
-public class CertsMarshal extends ObjMarshal<Certs> {
-
- public CertsMarshal() {
- add(new ObjArray<Certs,Cert>("cert",new CertMarshal()) {
- @Override
- protected List<Cert> data(Certs t) {
- return t.getCert();
- }
- });
- }
-
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
deleted file mode 100644
index 6d6d947..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
+++ /dev/null
@@ -1,207 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import java.io.IOException;
-
-import org.onap.aaf.cadi.AbsUserCache;
-import org.onap.aaf.cadi.CachedPrincipal;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.GetCred;
-import org.onap.aaf.cadi.Hash;
-import org.onap.aaf.cadi.User;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.lur.ConfigPrincipal;
-
-import com.att.aft.dme2.api.DME2Exception;
-import org.onap.aaf.inno.env.APIException;
-
-public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> {
- private AAFCon<CLIENT> con;
- private String realm;
-
- /**
- * Configure with Standard AAF properties, Stand alone
- * @param con
- * @throws Exception
- */
- // Package on purpose
- AAFAuthn(AAFCon<CLIENT> con) throws Exception {
- super(con.access,con.cleanInterval,con.highCount,con.usageRefreshTriggerCount);
- this.con = con;
-
- try {
- setRealm();
- } catch (APIException e) {
- if(e.getCause() instanceof DME2Exception) {
- // Can't contact AAF, assume default
- realm=con.access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
- }
- }
- }
-
- /**
- * Configure with Standard AAF properties, but share the Cache (with AAF Lur)
- * @param con
- * @throws Exception
- */
- // Package on purpose
- AAFAuthn(AAFCon<CLIENT> con, AbsUserCache<AAFPermission> cache) throws Exception {
- super(cache);
- this.con = con;
- try {
- setRealm();
- } catch (Exception e) {
- if(e.getCause() instanceof DME2Exception) {
- access.log(e);
- // Can't contact AAF, assume default
- realm=con.access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
- }
- }
- }
-
- private void setRealm() throws Exception {
- // Make a call without security set to get the 401 response, which
- // includes the Realm of the server
- // This also checks on Connectivity early on.
- Future<String> fp = con.client(AAFCon.AAF_LATEST_VERSION).read("/authn/basicAuth", "text/plain");
- if(fp.get(con.timeout)) {
- throw new Exception("Do not preset Basic Auth Information for AAFAuthn");
- } else {
- if(fp.code()==401) {
- realm = fp.header("WWW-Authenticate");
- if(realm!=null && realm.startsWith("Basic realm=\"")) {
- realm = realm.substring(13, realm.length()-1);
- } else {
- realm = "unknown.com";
- }
- }
- }
- }
-
- /**
- * Return Native Realm of AAF Instance.
- *
- * @return
- */
- public String getRealm() {
- return realm;
- }
-
- /**
- * Returns null if ok, or an Error String;
- *
- * @param user
- * @param password
- * @return
- * @throws IOException
- * @throws CadiException
- * @throws Exception
- */
- public String validate(String user, String password) throws IOException, CadiException {
- User<AAFPermission> usr = getUser(user);
- if(password.startsWith("enc:???")) {
- password = access.decrypt(password, true);
- }
-
- byte[] bytes = password.getBytes();
- if(usr != null && usr.principal != null && usr.principal.getName().equals(user)
- && usr.principal instanceof GetCred) {
-
- if(Hash.isEqual(((GetCred)usr.principal).getCred(),bytes)) {
- return null;
- } else {
- remove(usr);
- usr = null;
- }
- }
-
- AAFCachedPrincipal cp = new AAFCachedPrincipal(this,con.app, user, bytes, con.cleanInterval);
- // Since I've relocated the Validation piece in the Principal, just revalidate, then do Switch
- // Statement
- switch(cp.revalidate()) {
- case REVALIDATED:
- if(usr!=null) {
- usr.principal = cp;
- } else {
- addUser(new User<AAFPermission>(cp,con.timeout));
- }
- return null;
- case INACCESSIBLE:
- return "AAF Inaccessible";
- case UNVALIDATED:
- return "User/Pass combo invalid for " + user;
- case DENIED:
- return "AAF denies API for " + user;
- default:
- return "AAFAuthn doesn't handle Principal " + user;
- }
- }
-
- private class AAFCachedPrincipal extends ConfigPrincipal implements CachedPrincipal {
- private long expires,timeToLive;
-
- public AAFCachedPrincipal(AAFAuthn<?> aaf, String app, String name, byte[] pass, int timeToLive) {
- super(name,pass);
- this.timeToLive = timeToLive;
- expires = timeToLive + System.currentTimeMillis();
- }
-
- public Resp revalidate() {
- if(con.isDisabled()) {
- return Resp.DENIED;
- }
- try {
- Miss missed = missed(getName());
- if(missed==null || missed.mayContinue(getCred())) {
- Rcli<CLIENT> client = con.client(AAFCon.AAF_LATEST_VERSION).forUser(con.basicAuth(getName(), new String(getCred())));
- Future<String> fp = client.read(
- "/authn/basicAuth",
- "text/plain"
- );
- if(fp.get(con.timeout)) {
- expires = System.currentTimeMillis() + timeToLive;
- addUser(new User<AAFPermission>(this, expires));
- return Resp.REVALIDATED;
- } else {
- addMiss(getName(), getCred());
- return Resp.UNVALIDATED;
- }
- } else {
- return Resp.UNVALIDATED;
- }
- } catch (Exception e) {
- con.access.log(e);
- return Resp.INACCESSIBLE;
- }
- }
-
- public long expires() {
- return expires;
- }
- };
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
deleted file mode 100644
index 3ec6fed..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
+++ /dev/null
@@ -1,396 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import java.net.URI;
-import java.security.Principal;
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-
-import org.onap.aaf.cadi.AbsUserCache;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.CadiWrap;
-import org.onap.aaf.cadi.Connector;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.Lur;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.aaf.marshal.CertsMarshal;
-import org.onap.aaf.cadi.client.AbsBasicAuth;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.client.Retryable;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.lur.EpiLur;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-import org.onap.aaf.cadi.util.Vars;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data.TYPE;
-import org.onap.aaf.inno.env.util.Split;
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-import aaf.v2_0.Certs;
-import aaf.v2_0.Error;
-import aaf.v2_0.Perms;
-import aaf.v2_0.Users;
-
-public abstract class AAFCon<CLIENT> implements Connector {
- public static final String AAF_LATEST_VERSION = "2.0";
-
- final public PropAccess access;
- // Package access
- final public int timeout, cleanInterval, connTimeout;
- final public int highCount, userExpires, usageRefreshTriggerCount;
- private Map<String,Rcli<CLIENT>> clients = new ConcurrentHashMap<String,Rcli<CLIENT>>();
- final public RosettaDF<Perms> permsDF;
- final public RosettaDF<Certs> certsDF;
- final public RosettaDF<Users> usersDF;
- final public RosettaDF<Error> errDF;
- private String realm;
- public final String app;
- protected SecuritySetter<CLIENT> ss;
- protected SecurityInfoC<CLIENT> si;
-
- private DisableCheck disableCheck;
-
- private AAFLurPerm lur;
-
- private RosettaEnv env;
- protected abstract URI initURI();
- protected abstract void setInitURI(String uriString) throws CadiException;
-
- /**
- * Use this call to get the appropriate client based on configuration (DME2, HTTP, future)
- *
- * @param apiVersion
- * @return
- * @throws CadiException
- */
- public Rcli<CLIENT> client(String apiVersion) throws CadiException {
- Rcli<CLIENT> client = clients.get(apiVersion);
- if(client==null) {
- client = rclient(initURI(),ss);
- client.apiVersion(apiVersion)
- .readTimeout(connTimeout);
- clients.put(apiVersion, client);
- }
- return client;
- }
-
- /**
- * Use this API when you have permission to have your call act as the end client's ID.
- *
- * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given.
- *
- * @param apiVersion
- * @param req
- * @return
- * @throws CadiException
- */
- public Rcli<CLIENT> clientAs(String apiVersion, ServletRequest req) throws CadiException {
- Rcli<CLIENT> cl = client(apiVersion);
- return cl.forUser(transferSS(((HttpServletRequest)req).getUserPrincipal()));
- }
-
- protected AAFCon(AAFCon<CLIENT> copy) {
- access = copy.access;
- timeout = copy.timeout;
- cleanInterval = copy.cleanInterval;
- connTimeout = copy.connTimeout;
- highCount = copy.highCount;
- userExpires = copy.userExpires;
- usageRefreshTriggerCount = copy.usageRefreshTriggerCount;
- permsDF = copy.permsDF;
- certsDF = copy.certsDF;
- usersDF = copy.usersDF;
- errDF = copy.errDF;
- app = copy.app;
- ss = copy.ss;
- si = copy.si;
- env = copy.env;
- disableCheck = copy.disableCheck;
- realm = copy.realm;
- }
-
- protected AAFCon(PropAccess access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{
- if(tag==null) {
- throw new CadiException("AAFCon cannot be constructed with a tag=null");
- }
- try {
- this.access = access;
- this.si = si;
- this.ss = si.defSS;
- if(ss==null) {
- String mechid = access.getProperty(Config.AAF_MECHID, null);
- String encpass = access.getProperty(Config.AAF_MECHPASS, null);
- if(encpass==null) {
- String alias = access.getProperty(Config.CADI_ALIAS, mechid);
- if(alias==null) {
- throw new CadiException(Config.CADI_ALIAS + " or " + Config.AAF_MECHID + " required.");
- }
- set(si.defSS=x509Alias(alias));
- } else {
- if(mechid!=null && encpass !=null) {
- set(si.defSS=basicAuth(mechid, encpass));
- } else {
- set(si.defSS=new SecuritySetter<CLIENT>() {
-
- @Override
- public String getID() {
- return "";
- }
-
- @Override
- public void setSecurity(CLIENT client) throws CadiException {
- throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
- }
-
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
- });
- }
- }
- }
-
- timeout = Integer.parseInt(access.getProperty(Config.AAF_READ_TIMEOUT, Config.AAF_READ_TIMEOUT_DEF));
- cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF));
- highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim());
- connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim());
- userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim());
- usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based
-
- String str = access.getProperty(tag,null);
- if(str==null) {
- throw new CadiException(tag + " property is required.");
- }
- setInitURI(str);
-
- app=reverseDomain(ss.getID());
- realm="openecomp.org";
-
- env = new RosettaEnv();
- permsDF = env.newDataFactory(Perms.class);
- usersDF = env.newDataFactory(Users.class);
- certsDF = env.newDataFactory(Certs.class);
- certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling
- errDF = env.newDataFactory(Error.class);
- } catch (APIException e) {
- throw new CadiException("AAFCon cannot be configured",e);
- }
- }
-
- public RosettaEnv env() {
- return env;
- }
-
- /**
- * Return the backing AAFCon, if there is a Lur Setup that is AAF.
- *
- * If there is no AAFLur setup, it will return "null"
- * @param servletRequest
- * @return
- */
- public static final AAFCon<?> obtain(Object servletRequest) {
- if(servletRequest instanceof CadiWrap) {
- Lur lur = ((CadiWrap)servletRequest).getLur();
- if(lur != null) {
- if(lur instanceof EpiLur) {
- AbsAAFLur<?> aal = (AbsAAFLur<?>) ((EpiLur)lur).subLur(AbsAAFLur.class);
- if(aal!=null) {
- return aal.aaf;
- }
- } else {
- if(lur instanceof AbsAAFLur) {
- return ((AbsAAFLur<?>)lur).aaf;
- }
- }
- }
- }
- return null;
- }
-
- public abstract AAFCon<CLIENT> clone(String url) throws CadiException;
-
- public AAFAuthn<CLIENT> newAuthn() throws APIException {
- try {
- return new AAFAuthn<CLIENT>(this);
- } catch (APIException e) {
- throw e;
- } catch (Exception e) {
- throw new APIException(e);
- }
- }
-
- public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> c) throws APIException {
- try {
- return new AAFAuthn<CLIENT>(this,c);
- } catch (APIException e) {
- throw e;
- } catch (Exception e) {
- throw new APIException(e);
- }
- }
-
- public AAFLurPerm newLur() throws CadiException {
- try {
- if(lur==null) {
- return new AAFLurPerm(this);
- } else {
- return new AAFLurPerm(this,lur);
- }
- } catch (CadiException e) {
- throw e;
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- public AAFLurPerm newLur(AbsUserCache<AAFPermission> c) throws APIException {
- try {
- return new AAFLurPerm(this,c);
- } catch (APIException e) {
- throw e;
- } catch (Exception e) {
- throw new APIException(e);
- }
- }
-
- /**
- * Take a Fully Qualified User, and get a Namespace from it.
- * @param user
- * @return
- */
- public static String reverseDomain(String user) {
- StringBuilder sb = null;
- String[] split = Split.split('.',user);
- int at;
- for(int i=split.length-1;i>=0;--i) {
- if(sb == null) {
- sb = new StringBuilder();
- } else {
- sb.append('.');
- }
-
- if((at = split[i].indexOf('@'))>0) {
- sb.append(split[i].subSequence(at+1, split[i].length()));
- } else {
- sb.append(split[i]);
- }
- }
-
- return sb==null?"":sb.toString();
- }
-
- protected abstract Rcli<CLIENT> rclient(URI uri, SecuritySetter<CLIENT> ss) throws CadiException;
-
- public abstract<RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException;
-
-
- public abstract SecuritySetter<CLIENT> basicAuth(String user, String password) throws CadiException;
-
- public abstract SecuritySetter<CLIENT> transferSS(Principal principal) throws CadiException;
-
- public abstract SecuritySetter<CLIENT> basicAuthSS(BasicPrincipal principal) throws CadiException;
-
- public abstract SecuritySetter<CLIENT> x509Alias(String alias) throws APIException, CadiException;
-
-
- public String getRealm() {
- return realm;
-
- }
-
- public SecuritySetter<CLIENT> set(final SecuritySetter<CLIENT> ss) {
- this.ss = ss;
- if(ss instanceof AbsBasicAuth) {
- disableCheck = (ss instanceof AbsBasicAuth)?
- new DisableCheck() {
- AbsBasicAuth<?> aba = (AbsBasicAuth<?>)ss;
- @Override
- public boolean isDisabled() {
- return aba.isDenied();
- }
- }:
- new DisableCheck() {
- @Override
- public boolean isDisabled() {
- return this.isDisabled();
- }
- };
- }
- for(Rcli<CLIENT> client : clients.values()) {
- client.setSecuritySetter(ss);
- }
- return ss;
- }
-
- public SecurityInfoC<CLIENT> securityInfo() {
- return si;
- }
-
- public String defID() {
- if(ss!=null) {
- return ss.getID();
- }
- return "unknown";
- }
-
- public void invalidate() throws CadiException {
- for(Rcli<CLIENT> client : clients.values()) {
- client.invalidate();
- clients.remove(client);
- }
- }
-
- public String readableErrMsg(Future<?> f) {
- String text = f.body();
- if(text==null || text.length()==0) {
- text = f.code() + ": **No Message**";
- } else if(text.contains("%")) {
- try {
- Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject();
- return Vars.convert(err.getText(),err.getVariables());
- } catch (APIException e){
- // just return the body below
- }
- }
- return text;
- }
-
- private interface DisableCheck {
- public boolean isDisabled();
- };
-
- public boolean isDisabled() {
- return disableCheck.isDisabled();
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConDME2.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConDME2.java
deleted file mode 100644
index 2757efc..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConDME2.java
+++ /dev/null
@@ -1,224 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import java.io.IOException;
-import java.net.ConnectException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.GeneralSecurityException;
-import java.security.Principal;
-import java.util.Properties;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.client.Retryable;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.dme2.DME2BasicAuth;
-import org.onap.aaf.cadi.dme2.DME2TransferSS;
-import org.onap.aaf.cadi.dme2.DME2x509SS;
-import org.onap.aaf.cadi.dme2.DRcli;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-
-import com.att.aft.dme2.api.DME2Client;
-import com.att.aft.dme2.api.DME2Exception;
-import com.att.aft.dme2.api.DME2Manager;
-import org.onap.aaf.inno.env.APIException;
-
-public class AAFConDME2 extends AAFCon<DME2Client>{
- private DME2Manager manager;
- private boolean isProxy;
- private URI initURI;
-
- public AAFConDME2(PropAccess access) throws CadiException, GeneralSecurityException, IOException{
- super(access,Config.AAF_URL,new SecurityInfoC<DME2Client> (access));
- manager = newManager(access);
- setIsProxy();
- }
-
- public AAFConDME2(PropAccess access, String url) throws CadiException, GeneralSecurityException, IOException{
- super(access,url,new SecurityInfoC<DME2Client> (access));
- manager = newManager(access);
- setIsProxy();
- }
-
- public AAFConDME2(PropAccess access, SecurityInfoC<DME2Client> si) throws CadiException {
- super(access,Config.AAF_URL,si);
- manager = newManager(access);
- setIsProxy();
- }
-
- public AAFConDME2(PropAccess access, String url, SecurityInfoC<DME2Client> si) throws CadiException {
- super(access,url,si);
- manager = newManager(access);
- setIsProxy();
- }
-
- /**
- * Construct a Connector based on the AAF one. This is for remote access to OTHER than AAF,
- * but using Credentials, etc
- */
- private AAFConDME2(AAFCon<DME2Client> aafcon, String url) throws CadiException {
- super(aafcon);
- try {
- initURI = new URI(url);
- } catch (URISyntaxException e) {
- throw new CadiException(e);
- }
- manager = newManager(access);
- }
-
- /**
- * Create a Connector based on the AAF one. This is for remote access to OTHER than AAF,
- * but using Credentials, etc
- */
- public AAFCon<DME2Client> clone(String url) throws CadiException {
- return new AAFConDME2(this,url);
- }
-
- private void setIsProxy() {
- String str;
- if((str=access.getProperty(Config.AAF_URL, null))!=null) {
- isProxy = str.contains("service=com.att.authz.authz-gw/version=");
- }
- }
-
- private DME2Manager newManager(PropAccess access) throws CadiException {
- Properties props = access.getDME2Properties();
- // Critical that TLS Settings not ignored
- try {
- return new DME2Manager("AAFCon",props);
- } catch (DME2Exception e) {
- throw new CadiException(e);
- }
- }
-
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#basicAuth(java.lang.String, java.lang.String)
- */
- @Override
- public SecuritySetter<DME2Client> basicAuth(String user, String password) throws CadiException {
- if(password.startsWith("enc:???")) {
- try {
- password = access.decrypt(password, true);
- } catch (IOException e) {
- throw new CadiException("Error Decrypting Password",e);
- }
- }
-
- try {
- return set(new DME2BasicAuth(user,password,si));
- } catch (IOException e) {
- throw new CadiException("Error setting up DME2BasicAuth",e);
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#rclient(java.net.URI, com.att.cadi.SecuritySetter)
- */
- @Override
- protected Rcli<DME2Client> rclient(URI uri, SecuritySetter<DME2Client> ss) {
- DRcli dc = new DRcli(uri, ss);
- dc.setProxy(isProxy);
- dc.setManager(manager);
- return dc;
- }
-
- @Override
- public SecuritySetter<DME2Client> transferSS(Principal principal) throws CadiException {
- try {
- return principal==null?ss:new DME2TransferSS(principal, app, si);
- } catch (IOException e) {
- throw new CadiException("Error creating DME2TransferSS",e);
- }
- }
-
- @Override
- public SecuritySetter<DME2Client> basicAuthSS(BasicPrincipal principal) throws CadiException {
- try {
- return new DME2BasicAuth(principal,si);
- } catch (IOException e) {
- throw new CadiException("Error creating DME2BasicAuth",e);
- }
-
- }
-
- @Override
- public SecuritySetter<DME2Client> x509Alias(String alias) throws CadiException {
- try {
- presetProps(access, alias);
- return new DME2x509SS(alias,si);
- } catch (Exception e) {
- throw new CadiException("Error creating DME2x509SS",e);
- }
- }
-
- @Override
- public <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- // NOTE: DME2 had Retry Logic embedded lower.
- try {
- return (retryable.code(rclient(initURI,ss)));
- } catch (ConnectException e) {
- // DME2 should catch
- try {
- manager.refresh();
- } catch (Exception e1) {
- throw new CadiException(e1);
- }
- throw new CadiException(e);
- }
- }
-
- public static void presetProps(PropAccess access, String alias) throws IOException {
- System.setProperty(Config.AFT_DME2_CLIENT_SSL_CERT_ALIAS, alias);
- if(System.getProperty(Config.AFT_DME2_CLIENT_IGNORE_SSL_CONFIG)==null) {
- access.getDME2Properties();
- }
-
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#initURI()
- */
- @Override
- protected URI initURI() {
- return initURI;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#setInitURI(java.lang.String)
- */
- @Override
- protected void setInitURI(String uriString) throws CadiException {
- try {
- initURI = new URI(uriString);
- } catch (URISyntaxException e) {
- throw new CadiException(e);
- }
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
deleted file mode 100644
index 5a38b0c..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
+++ /dev/null
@@ -1,187 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.net.URI;
-import java.security.GeneralSecurityException;
-import java.security.Principal;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.Locator.Item;
-import org.onap.aaf.cadi.client.AbsTransferSS;
-import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.client.Retryable;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.http.HBasicAuthSS;
-import org.onap.aaf.cadi.http.HMangr;
-import org.onap.aaf.cadi.http.HRcli;
-import org.onap.aaf.cadi.http.HTransferSS;
-import org.onap.aaf.cadi.http.HX509SS;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-
-import org.onap.aaf.inno.env.APIException;
-
-public class AAFConHttp extends AAFCon<HttpURLConnection> {
- private final HMangr hman;
-
- public AAFConHttp(PropAccess access) throws CadiException, GeneralSecurityException, IOException {
- super(access,Config.AAF_URL,new SecurityInfoC<HttpURLConnection>(access));
- hman = new HMangr(access,Config.loadLocator(access, access.getProperty(Config.AAF_URL,null)));
- }
-
- public AAFConHttp(PropAccess access, String tag) throws CadiException, GeneralSecurityException, IOException {
- super(access,tag,new SecurityInfoC<HttpURLConnection>(access));
- hman = new HMangr(access,Config.loadLocator(access, access.getProperty(tag,null)));
- }
-
- public AAFConHttp(PropAccess access, String urlTag, SecurityInfoC<HttpURLConnection> si) throws CadiException {
- super(access,urlTag,si);
- hman = new HMangr(access,Config.loadLocator(access, access.getProperty(urlTag,null)));
- }
-
- public AAFConHttp(PropAccess access, Locator<URI> locator) throws CadiException, GeneralSecurityException, IOException {
- super(access,Config.AAF_URL,new SecurityInfoC<HttpURLConnection>(access));
- hman = new HMangr(access,locator);
- }
-
- public AAFConHttp(PropAccess access, Locator<URI> locator, SecurityInfoC<HttpURLConnection> si) throws CadiException {
- super(access,Config.AAF_URL,si);
- hman = new HMangr(access,locator);
- }
-
- public AAFConHttp(PropAccess access, Locator<URI> locator, SecurityInfoC<HttpURLConnection> si, String tag) throws CadiException {
- super(access,tag,si);
- hman = new HMangr(access, locator);
- }
-
- private AAFConHttp(AAFCon<HttpURLConnection> aafcon, String url) {
- super(aafcon);
- hman = new HMangr(aafcon.access,Config.loadLocator(access, url));
- }
-
- @Override
- public AAFCon<HttpURLConnection> clone(String url) {
- return new AAFConHttp(this,url);
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#basicAuth(java.lang.String, java.lang.String)
- */
- @Override
- public SecuritySetter<HttpURLConnection> basicAuth(String user, String password) throws CadiException {
- if(password.startsWith("enc:???")) {
- try {
- password = access.decrypt(password, true);
- } catch (IOException e) {
- throw new CadiException("Error decrypting password",e);
- }
- }
- try {
- return new HBasicAuthSS(user,password,si);
- } catch (IOException e) {
- throw new CadiException("Error creating HBasicAuthSS",e);
- }
- }
-
- public SecuritySetter<HttpURLConnection> x509Alias(String alias) throws APIException, CadiException {
- try {
- return set(new HX509SS(alias,si));
- } catch (Exception e) {
- throw new CadiException("Error creating X509SS",e);
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#rclient(java.net.URI, com.att.cadi.SecuritySetter)
- */
- @Override
- protected Rcli<HttpURLConnection> rclient(URI ignoredURI, SecuritySetter<HttpURLConnection> ss) throws CadiException {
- if(hman.loc==null) {
- throw new CadiException("No Locator set in AAFConHttp");
- }
- try {
- return new HRcli(hman, hman.loc.best() ,ss);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- @Override
- public AbsTransferSS<HttpURLConnection> transferSS(Principal principal) throws CadiException {
- return new HTransferSS(principal, app,si);
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#basicAuthSS(java.security.Principal)
- */
- @Override
- public SecuritySetter<HttpURLConnection> basicAuthSS(BasicPrincipal principal) throws CadiException {
- try {
- return new HBasicAuthSS(principal,si);
- } catch (IOException e) {
- throw new CadiException("Error creating HBasicAuthSS",e);
- }
- }
-
- public HMangr hman() {
- return hman;
- }
-
- @Override
- public <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- return hman.best(ss, (Retryable<RET>)retryable);
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#initURI()
- */
- @Override
- protected URI initURI() {
- try {
- Item item = hman.loc.best();
- if(item!=null) {
- return hman.loc.get(item);
- }
- } catch (LocatorException e) {
- access.log(e, "Error in AAFConHttp obtaining initial URI");
- }
- return null;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.aaf.v2_0.AAFCon#setInitURI(java.lang.String)
- */
- @Override
- protected void setInitURI(String uriString) throws CadiException {
- // TODO Auto-generated method stub
-
- }
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
deleted file mode 100644
index 520d7ab..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
+++ /dev/null
@@ -1,221 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import java.net.ConnectException;
-import java.net.URISyntaxException;
-import java.security.Principal;
-import java.util.Map;
-
-import org.onap.aaf.cadi.AbsUserCache;
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Permission;
-import org.onap.aaf.cadi.User;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.CachedPrincipal.Resp;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.client.Retryable;
-import org.onap.aaf.cadi.lur.LocalPermission;
-
-import com.att.aft.dme2.api.DME2Exception;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.util.Split;
-
-import aaf.v2_0.Perm;
-import aaf.v2_0.Perms;
-
-/**
- * Use AAF Service as Permission Service.
- *
- * This Lur goes after AAF Permissions, which are elements of Roles, not the Roles themselves.
- *
- * If you want a simple Role Lur, use AAFRoleLur
- *
- *
- */
-public class AAFLurPerm extends AbsAAFLur<AAFPermission> {
- /**
- * Need to be able to transmutate a Principal into either ATTUID or MechID, which are the only ones accepted at this
- * point by AAF. There is no "domain", aka, no "@att.com" in "ab1234@att.com".
- *
- * The only thing that matters here for AAF is that we don't waste calls with IDs that obviously aren't valid.
- * Thus, we validate that the ID portion follows the rules before we waste time accessing AAF remotely
- * @throws APIException
- * @throws URISyntaxException
- * @throws DME2Exception
- */
- // Package on purpose
- AAFLurPerm(AAFCon<?> con) throws CadiException, DME2Exception, URISyntaxException, APIException {
- super(con);
- }
-
- // Package on purpose
- AAFLurPerm(AAFCon<?> con, AbsUserCache<AAFPermission> auc) throws DME2Exception, URISyntaxException, APIException {
- super(con,auc);
- }
-
- protected User<AAFPermission> loadUser(Principal p) {
- // Note: The rules for AAF is that it only stores permissions for ATTUID and MechIDs, which don't
- // have domains. We are going to make the Transitive Class (see this.transmutative) to convert
- Principal principal = transmutate.mutate(p);
- if(principal==null)return null; // if not a valid Transmutated credential, don't bother calling...
- return loadUser(p, p.getName());
- }
-
- protected User<AAFPermission> loadUser(String name) {
- return loadUser((Principal)null, name);
- }
-
- private User<AAFPermission> loadUser(final Principal prin, final String name) {
-
- //TODO Create a dynamic way to declare domains supported.
- final long start = System.nanoTime();
- final boolean[] success = new boolean[]{false};
-
-// new Exception("loadUser").printStackTrace();
- try {
- return aaf.best(new Retryable<User<AAFPermission>>() {
- @Override
- public User<AAFPermission> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Perms> fp = client.read("/authz/perms/user/"+name,aaf.permsDF);
-
- // In the meantime, lookup User, create if necessary
- User<AAFPermission> user = getUser(name);
- Principal p;
- if(prin == null) {
- p = new Principal() {// Create a holder for lookups
- private String n = name;
- public String getName() {
- return n;
- }
- };
- } else {
- p = prin;
- }
-
- if(user==null) {
- addUser(user = new User<AAFPermission>(p,aaf.userExpires)); // no password
- }
-
- // OK, done all we can, now get content
- if(fp.get(aaf.timeout)) {
- success[0]=true;
- Map<String, Permission> newMap = user.newMap();
- boolean willLog = aaf.access.willLog(Level.DEBUG);
- for(Perm perm : fp.value.getPerm()) {
- user.add(newMap,new AAFPermission(perm.getType(),perm.getInstance(),perm.getAction()));
- if(willLog) {
- aaf.access.log(Level.DEBUG, name,"has '",perm.getType(),'|',perm.getInstance(),'|',perm.getAction(),'\'');
- }
- }
- user.setMap(newMap);
- user.renewPerm();
- } else {
- int code;
- switch(code=fp.code()) {
- case 401:
- aaf.access.log(Access.Level.ERROR, code, "Unauthorized to make AAF calls");
- break;
- default:
- aaf.access.log(Access.Level.ERROR, code, fp.body());
- }
- }
-
- return user;
- }
- });
- } catch (Exception e) {
- aaf.access.log(e,"Calling","/authz/perms/user/"+name);
- success[0]=false;
- return null;
- } finally {
- float time = (System.nanoTime()-start)/1000000f;
- aaf.access.log(Level.INFO, success[0]?"Loaded":"Load Failure",name,"from AAF in",time,"ms");
- }
- }
-
- public Resp reload(User<AAFPermission> user) {
- final String name = user.principal.getName();
- long start = System.nanoTime();
- boolean success = false;
- try {
- Future<Perms> fp = aaf.client(AAFCon.AAF_LATEST_VERSION).read(
- "/authz/perms/user/"+name,
- aaf.permsDF
- );
-
- // OK, done all we can, now get content
- if(fp.get(aaf.timeout)) {
- success = true;
- Map<String,Permission> newMap = user.newMap();
- boolean willLog = aaf.access.willLog(Level.DEBUG);
- for(Perm perm : fp.value.getPerm()) {
- user.add(newMap, new AAFPermission(perm.getType(),perm.getInstance(),perm.getAction()));
- if(willLog) {
- aaf.access.log(Level.DEBUG, name,"has",perm.getType(),perm.getInstance(),perm.getAction());
- }
- }
- user.renewPerm();
- return Resp.REVALIDATED;
- } else {
- int code;
- switch(code=fp.code()) {
- case 401:
- aaf.access.log(Access.Level.ERROR, code, "Unauthorized to make AAF calls");
- break;
- default:
- aaf.access.log(Access.Level.ERROR, code, fp.body());
- }
- return Resp.UNVALIDATED;
- }
- } catch (Exception e) {
- aaf.access.log(e,"Calling","/authz/perms/user/"+name);
- return Resp.INACCESSIBLE;
- } finally {
- float time = (System.nanoTime()-start)/1000000f;
- aaf.access.log(Level.AUDIT, success?"Reloaded":"Reload Failure",name,"from AAF in",time,"ms");
- }
- }
-
- @Override
- protected boolean isCorrectPermType(Permission pond) {
- return pond instanceof AAFPermission;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.Lur#createPerm(java.lang.String)
- */
- @Override
- public Permission createPerm(String p) {
- String[] params = Split.split('|', p);
- if(params.length==3) {
- return new AAFPermission(params[0],params[1],params[2]);
- } else {
- return new LocalPermission(p);
- }
- }
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
deleted file mode 100644
index fb92108..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
+++ /dev/null
@@ -1,167 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import java.io.IOException;
-import java.security.Principal;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.onap.aaf.cadi.AbsUserCache;
-import org.onap.aaf.cadi.CachedPrincipal;
-import org.onap.aaf.cadi.GetCred;
-import org.onap.aaf.cadi.Hash;
-import org.onap.aaf.cadi.User;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.CachedPrincipal.Resp;
-import org.onap.aaf.cadi.Taf.LifeForm;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
-import org.onap.aaf.cadi.taf.HttpTaf;
-import org.onap.aaf.cadi.taf.TafResp;
-import org.onap.aaf.cadi.taf.TafResp.RESP;
-import org.onap.aaf.cadi.taf.basic.BasicHttpTafResp;
-
-public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpTaf {
-// private static final String INVALID_AUTH_TOKEN = "Invalid Auth Token";
-// private static final String AUTHENTICATING_SERVICE_UNAVAILABLE = "Authenticating Service unavailable";
- private AAFCon<CLIENT> aaf;
- private boolean warn;
-
- public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning) {
- super(con.access,con.cleanInterval,con.highCount, con.usageRefreshTriggerCount);
- aaf = con;
- warn = turnOnWarning;
- }
-
- public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
- super(other);
- aaf = con;
- warn = turnOnWarning;
- }
-
- public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- //TODO Do we allow just anybody to validate?
-
- // Note: Either Carbon or Silicon based LifeForms ok
- String authz = req.getHeader("Authorization");
- if(authz != null && authz.startsWith("Basic ")) {
- if(warn&&!req.isSecure())aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
- try {
- CachedBasicPrincipal bp;
- if(req.getUserPrincipal() instanceof CachedBasicPrincipal) {
- bp = (CachedBasicPrincipal)req.getUserPrincipal();
- } else {
- bp = new CachedBasicPrincipal(this,authz,aaf.getRealm(),aaf.userExpires);
- }
- // First try Cache
- User<AAFPermission> usr = getUser(bp);
- if(usr != null && usr.principal != null) {
- if(usr.principal instanceof GetCred) {
- if(Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) {
- return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
- }
- }
- }
-
- Miss miss = missed(bp.getName());
- if(miss!=null && !miss.mayContinue(bp.getCred())) {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
- "User/Pass Retry limit exceeded"),
- RESP.FAIL,resp,aaf.getRealm(),true);
- }
-
- Rcli<CLIENT> userAAF = aaf.client(AAFCon.AAF_LATEST_VERSION).forUser(aaf.basicAuthSS(bp));
- Future<String> fp = userAAF.read("/authn/basicAuth", "text/plain");
- if(fp.get(aaf.timeout)) {
- if(usr!=null) {
- usr.principal = bp;
- } else {
- addUser(new User<AAFPermission>(bp,aaf.userExpires));
- }
- return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
- } else {
- // Note: AddMiss checks for miss==null, and is part of logic
- boolean rv= addMiss(bp.getName(),bp.getCred());
- if(rv) {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
- "User/Pass combo invalid via AAF"),
- RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
- } else {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
- "User/Pass combo invalid via AAF - Retry limit exceeded"),
- RESP.FAIL,resp,aaf.getRealm(),true);
- }
- }
- } catch (IOException e) {
- String msg = buildMsg(null,req,"Invalid Auth Token");
- aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
- return new BasicHttpTafResp(aaf.access,null,msg, RESP.TRY_AUTHENTICATING, resp, aaf.getRealm(),true);
- } catch (Exception e) {
- String msg = buildMsg(null,req,"Authenticating Service unavailable");
- aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
- return new BasicHttpTafResp(aaf.access,null,msg, RESP.FAIL, resp, aaf.getRealm(),false);
- }
- }
- return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
- }
-
- private String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
- StringBuilder sb = new StringBuilder();
- for(Object s : msg) {
- sb.append(s.toString());
- }
- if(pr!=null) {
- sb.append(" for ");
- sb.append(pr.getName());
- }
- sb.append(" from ");
- sb.append(req.getRemoteAddr());
- sb.append(':');
- sb.append(req.getRemotePort());
- return sb.toString();
- }
-
-
-
- public Resp revalidate(CachedPrincipal prin) {
- // !!!! TEST THIS.. Things may not be revalidated, if not BasicPrincipal
- if(prin instanceof BasicPrincipal) {
- Future<String> fp;
- try {
- Rcli<CLIENT> userAAF = aaf.client(AAFCon.AAF_LATEST_VERSION).forUser(aaf.transferSS(prin));
- fp = userAAF.read("/authn/basicAuth", "text/plain");
- return fp.get(aaf.timeout)?Resp.REVALIDATED:Resp.UNVALIDATED;
- } catch (Exception e) {
- aaf.access.log(e, "Cannot Revalidate",prin.getName());
- return Resp.INACCESSIBLE;
- }
- }
- return Resp.NOT_MINE;
- }
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java
deleted file mode 100644
index c7644a5..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import javax.servlet.http.HttpServletRequest ;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Lur;
-import org.onap.aaf.cadi.TrustChecker;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.principal.TrustPrincipal;
-import org.onap.aaf.cadi.taf.TafResp;
-import org.onap.aaf.cadi.taf.TrustNotTafResp;
-import org.onap.aaf.cadi.taf.TrustTafResp;
-
-import org.onap.aaf.inno.env.Env;
-import org.onap.aaf.inno.env.util.Split;
-
-public class AAFTrustChecker implements TrustChecker {
- private final String tag, id;
- private final AAFPermission perm;
- private Lur lur;
-
- /**
- *
- * Instance will be replaced by Identity
- * @param lur
- *
- * @param tag
- * @param perm
- */
- public AAFTrustChecker(final Env env) {
- tag = env.getProperty(Config.CADI_USER_CHAIN_TAG, Config.CADI_USER_CHAIN);
- id = env.getProperty(Config.CADI_ALIAS,env.getProperty(Config.AAF_MECHID)); // share between components
- String str = env.getProperty(Config.CADI_TRUST_PERM);
- AAFPermission temp=null;
- if(str!=null) {
- String[] sp = Split.splitTrim('|', str);
- if(sp.length==3) {
- temp = new AAFPermission(sp[0],sp[1],sp[2]);
- }
- }
- perm=temp;
- }
-
- public AAFTrustChecker(final Access access) {
- tag = access.getProperty(Config.CADI_USER_CHAIN_TAG, Config.CADI_USER_CHAIN);
- id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_MECHID,null)); // share between components
- String str = access.getProperty(Config.CADI_TRUST_PERM,null);
- AAFPermission temp=null;
- if(str!=null) {
- String[] sp = Split.splitTrim('|', str);
- if(sp.length==3) {
- temp = new AAFPermission(sp[0],sp[1],sp[2]);
- }
- }
- perm=temp;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.TrustChecker#setLur(com.att.cadi.Lur)
- */
- @Override
- public void setLur(Lur lur) {
- this.lur = lur;
- }
-
- @Override
- public TafResp mayTrust(TafResp tresp, HttpServletRequest req) {
- String user_info = req.getHeader(tag);
- if(user_info !=null ) {
- String[] info = Split.split(',', user_info);
- if(info.length>0) {
- String[] flds = Split.splitTrim(':',info[0]);
- if(flds.length>3 && "AS".equals(flds[3])) { // is it set for "AS"
- String pn = tresp.getPrincipal().getName();
- if(pn.equals(id) // We do trust our own App Components: if a trust entry is made with self, always accept
- || lur.fish(tresp.getPrincipal(), perm)) { // Have Perm set by Config.CADI_TRUST_PERM
- return new TrustTafResp(tresp,
- new TrustPrincipal(tresp.getPrincipal(), flds[0]),
- " " + flds[0] + " validated using " + flds[2] + " by " + flds[1] + ','
- );
- } else if(pn.equals(flds[0])) { // Ignore if same identity
- return tresp;
- } else {
- return new TrustNotTafResp(tresp, tresp.getPrincipal().getName() + " requested trust as "
- + flds[0] + ", but does not have Authorization");
- }
- }
- }
- }
- return tresp;
- }
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java b/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java
deleted file mode 100644
index 5bcf527..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java
+++ /dev/null
@@ -1,269 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-
-import java.net.URISyntaxException;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import org.onap.aaf.cadi.AbsUserCache;
-import org.onap.aaf.cadi.CachingLur;
-import org.onap.aaf.cadi.Permission;
-import org.onap.aaf.cadi.StrLur;
-import org.onap.aaf.cadi.Transmutate;
-import org.onap.aaf.cadi.User;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.aaf.AAFTransmutate;
-import org.onap.aaf.cadi.config.Config;
-
-import com.att.aft.dme2.api.DME2Exception;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.util.Split;
-
-public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PERM> implements StrLur, CachingLur<PERM> {
- protected static final byte[] BLANK_PASSWORD = new byte[0];
- protected static final Transmutate<Principal> transmutate = new AAFTransmutate();
- private String[] debug = null;
- public AAFCon<?> aaf;
- private String[] supports;
-
- public AbsAAFLur(AAFCon<?> con) throws DME2Exception, URISyntaxException, APIException {
- super(con.access, con.cleanInterval, con.highCount, con.usageRefreshTriggerCount);
- aaf = con;
- setLur(this);
- supports = con.access.getProperty(Config.AAF_DOMAIN_SUPPORT, Config.AAF_DOMAIN_SUPPORT_DEF).split("\\s*:\\s*");
- }
-
- public AbsAAFLur(AAFCon<?> con, AbsUserCache<PERM> auc) throws DME2Exception, URISyntaxException, APIException {
- super(auc);
- aaf = con;
- setLur(this);
- supports = con.access.getProperty(Config.AAF_DOMAIN_SUPPORT, Config.AAF_DOMAIN_SUPPORT_DEF).split("\\s*:\\s*");
- }
-
- @Override
- public void setDebug(String ids) {
- this.debug = ids==null?null:Split.split(',', ids);
- }
-
- protected abstract User<PERM> loadUser(Principal bait);
- protected abstract User<PERM> loadUser(String name);
- public final boolean supports(String userName) {
- if(userName!=null) {
- for(String s : supports) {
- if(userName.endsWith(s))
- return true;
- }
- }
- return false;
- }
-
- protected abstract boolean isCorrectPermType(Permission pond);
-
- // This is where you build AAF CLient Code. Answer the question "Is principal "bait" in the "pond"
- public boolean fish(Principal bait, Permission pond) {
- return fish(bait.getName(), pond);
- }
-
- public void fishAll(Principal bait, List<Permission> perms) {
- fishAll(bait.getName(),perms);
- }
-
- // This is where you build AAF CLient Code. Answer the question "Is principal "bait" in the "pond"
- public boolean fish(String bait, Permission pond) {
- if(isDebug(bait)) {
- boolean rv = false;
- StringBuilder sb = new StringBuilder("Log for ");
- sb.append(bait);
- if(supports(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null) {
- sb.append("\n\tUser is not in Cache");
- } else {
- if(user.noPerms())sb.append("\n\tUser has no Perms");
- if(user.permExpired()) {
- sb.append("\n\tUser's perm expired [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- } else {
- sb.append("\n\tUser's perm expires [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- }
- }
- if(user==null || (user.noPerms() && user.permExpired())) {
- user = loadUser(bait);
- sb.append("\n\tloadUser called");
- }
- if(user==null) {
- sb.append("\n\tUser was not Loaded");
- } else if(user.contains(pond)) {
- sb.append("\n\tUser contains ");
- sb.append(pond.getKey());
- rv = true;
- } else {
- sb.append("\n\tUser does not contain ");
- sb.append(pond.getKey());
- List<Permission> perms = new ArrayList<Permission>();
- user.copyPermsTo(perms);
- for(Permission p : perms) {
- sb.append("\n\t\t");
- sb.append(p.getKey());
- }
- }
- } else {
- sb.append("AAF Lur does not support [");
- sb.append(bait);
- sb.append("]");
- }
- aaf.access.log(Level.INFO, sb);
- return rv;
- } else {
- if(supports(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null || (user.noPerms() && user.permExpired())) {
- user = loadUser(bait);
- }
- return user==null?false:user.contains(pond);
- }
- return false;
- }
- }
-
- public void fishAll(String bait, List<Permission> perms) {
- if(isDebug(bait)) {
- StringBuilder sb = new StringBuilder("Log for ");
- sb.append(bait);
- if(supports(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null) {
- sb.append("\n\tUser is not in Cache");
- } else {
- if(user.noPerms())sb.append("\n\tUser has no Perms");
- if(user.permExpired()) {
- sb.append("\n\tUser's perm expired [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- } else {
- sb.append("\n\tUser's perm expires [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- }
- }
- if(user==null || (user.noPerms() && user.permExpired())) {
- user = loadUser(bait);
- sb.append("\n\tloadUser called");
- }
- if(user==null) {
- sb.append("\n\tUser was not Loaded");
- } else {
- sb.append("\n\tCopying Perms ");
- user.copyPermsTo(perms);
- for(Permission p : perms) {
- sb.append("\n\t\t");
- sb.append(p.getKey());
- }
- }
- } else {
- sb.append("AAF Lur does not support [");
- sb.append(bait);
- sb.append("]");
- }
- aaf.access.log(Level.INFO, sb);
- } else {
- if(supports(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null || (user.noPerms() && user.permExpired())) user = loadUser(bait);
- if(user!=null) {
- user.copyPermsTo(perms);
- }
- }
- }
- }
-
- @Override
- public void remove(String user) {
- super.remove(user);
- }
-
- private boolean isDebug(String bait) {
- if(debug!=null) {
- if(debug.length==1 && "all".equals(debug[0]))return true;
- for(String s : debug) {
- if(s.equals(bait))return true;
- }
- }
- return false;
- }
- /**
- * This special case minimizes loops, avoids multiple Set hits, and calls all the appropriate Actions found.
- *
- * @param bait
- * @param obj
- * @param type
- * @param instance
- * @param actions
- */
- public<A> void fishOneOf(String bait, A obj, String type, String instance, List<Action<A>> actions) {
- User<PERM> user = getUser(bait);
- if(user==null || (user.noPerms() && user.permExpired()))user = loadUser(bait);
-// return user==null?false:user.contains(pond);
- if(user!=null) {
- ReuseAAFPermission perm = new ReuseAAFPermission(type,instance);
- for(Action<A> action : actions) {
- perm.setAction(action.getName());
- if(user.contains(perm)) {
- if(action.exec(obj))return;
- }
- }
- }
- }
-
- public static interface Action<A> {
- public String getName();
- /**
- * Return false to continue, True to end now
- * @return
- */
- public boolean exec(A a);
- }
-
- private class ReuseAAFPermission extends AAFPermission {
- public ReuseAAFPermission(String type, String instance) {
- super(type,instance,null);
- }
-
- public void setAction(String s) {
- action = s;
- }
-
- /**
- * This function understands that AAF Keys are hierarchical, :A:B:C,
- * Cassandra follows a similar method, so we'll short circuit and do it more efficiently when there isn't a first hit
- * @return
- */
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/ArtifactDir.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/ArtifactDir.java
deleted file mode 100644
index af50682..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/ArtifactDir.java
+++ /dev/null
@@ -1,288 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.security.KeyStore;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.util.Chmod;
-
-import org.onap.aaf.inno.env.Trans;
-import org.onap.aaf.inno.env.util.Chrono;
-
-import certman.v1_0.Artifacts.Artifact;
-import certman.v1_0.CertInfo;
-
-public abstract class ArtifactDir implements PlaceArtifact {
-
- protected static final String C_R = "\n";
- protected File dir;
- private List<String> encodeds = new ArrayList<String>();
-
- private Symm symm;
- // This checks for multiple passes of Dir on the same objects. Run clear after done.
- protected static Map<String,Object> processed = new HashMap<String,Object>();
-
-
- /**
- * Note: Derived Classes should ALWAYS call "super.place(cert,arti)" first, and
- * then "placeProperties(arti)" just after they implement
- */
- @Override
- public final boolean place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- validate(arti);
-
- try {
- // Obtain/setup directory as required
- dir = new File(arti.getDir());
- if(processed.get("dir")==null) {
- if(!dir.exists()) {
- Chmod.to755.chmod(dir);
- if(!dir.mkdirs()) {
- throw new CadiException("Could not create " + dir);
- }
- }
-
- // Also place cm_url and Host Name
- addProperty(Config.CM_URL,trans.getProperty(Config.CM_URL));
- addProperty(Config.HOSTNAME,arti.getMachine());
- //addProperty(Config.AAF_ENV,certInfo.getEnv());
- // Obtain Issuers
- boolean first = true;
- StringBuilder issuers = new StringBuilder();
-// for(String dn : certInfo.getCaIssuerDNs()) {
-// if(first) {
-// first=false;
-// } else {
-// issuers.append(':');
-// }
-// issuers.append(dn);
-// }
- addProperty(Config.CADI_X509_ISSUERS,issuers.toString());
- }
- symm = (Symm)processed.get("symm");
- if(symm==null) {
- // CADI Key Gen
- File f = new File(dir,arti.getAppName() + ".keyfile");
- if(!f.exists()) {
- write(f,Chmod.to400,Symm.baseCrypt().keygen());
- }
- symm = Symm.obtain(f);
-
- addEncProperty("ChallengePassword", certInfo.getChallenge());
-
- processed.put("symm",symm);
- }
-
- _place(trans, certInfo,arti);
-
- placeProperties(arti);
-
- processed.put("dir",dir);
-
- } catch (Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
-
- /**
- * Derived Classes implement this instead, so Dir can process first, and write any Properties last
- * @param cert
- * @param arti
- * @return
- * @throws CadiException
- */
- protected abstract boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException;
-
- protected void addProperty(String tag, String value) throws IOException {
- StringBuilder sb = new StringBuilder();
- sb.append(tag);
- sb.append('=');
- sb.append(value);
- encodeds.add(sb.toString());
- }
-
- protected void addEncProperty(String tag, String value) throws IOException {
- StringBuilder sb = new StringBuilder();
- sb.append(tag);
- sb.append('=');
- sb.append("enc:???");
- sb.append(symm.enpass(value));
- encodeds.add(sb.toString());
- }
-
- protected void write(File f, Chmod c, String ... data) throws IOException {
- f.setWritable(true,true);
-
- FileOutputStream fos = new FileOutputStream(f);
- PrintStream ps = new PrintStream(fos);
- try {
- for(String s : data) {
- ps.print(s);
- }
- } finally {
- ps.close();
- c.chmod(f);
- }
- }
-
- protected void write(File f, Chmod c, byte[] bytes) throws IOException {
- f.setWritable(true,true);
-
- FileOutputStream fos = new FileOutputStream(f);
- try {
- fos.write(bytes);
- } finally {
- fos.close();
- c.chmod(f);
- }
- }
-
- protected void write(File f, Chmod c, KeyStore ks, char[] pass ) throws IOException, CadiException {
- f.setWritable(true,true);
-
- FileOutputStream fos = new FileOutputStream(f);
- try {
- ks.store(fos, pass);
- } catch (Exception e) {
- throw new CadiException(e);
- } finally {
- fos.close();
- c.chmod(f);
- }
- }
-
-
- private void validate(Artifact a) throws CadiException {
- StringBuilder sb = new StringBuilder();
- if(a.getDir()==null) {
- sb.append("File Artifacts require a path");
- }
-
- if(a.getAppName()==null) {
- if(sb.length()>0) {
- sb.append('\n');
- }
- sb.append("File Artifacts require an AAF Namespace");
- }
-
- if(sb.length()>0) {
- throw new CadiException(sb.toString());
- }
- }
-
- private boolean placeProperties(Artifact arti) throws CadiException {
- if(encodeds.size()==0) {
- return true;
- }
- boolean first=processed.get("dir")==null;
- try {
- File f = new File(dir,arti.getAppName()+".props");
- if(f.exists()) {
- if(first) {
- f.delete();
- } else {
- f.setWritable(true);
- }
- }
- // Append if not first
- PrintWriter pw = new PrintWriter(new FileWriter(f,!first));
-
- // Write a Header
- if(first) {
- for(int i=0;i<60;++i) {
- pw.print('#');
- }
- pw.println();
- pw.println("# Properties Generated by AT&T Certificate Manager");
- pw.print("# by ");
- pw.println(System.getProperty("user.name"));
- pw.print("# on ");
- pw.println(Chrono.dateStamp());
- pw.println("# @copyright 2016, AT&T");
- for(int i=0;i<60;++i) {
- pw.print('#');
- }
- pw.println();
- for(String prop : encodeds) {
- if( prop.startsWith("cm_")
- || prop.startsWith(Config.HOSTNAME)
- || prop.startsWith(Config.AAF_ENV)) {
- pw.println(prop);
- }
- }
- }
-
- try {
- for(String prop : encodeds) {
- if(prop.startsWith("cadi")) {
- pw.println(prop);
- }
- }
- } finally {
- pw.close();
- }
- Chmod.to644.chmod(f);
-
- if(first) {
- // Challenge
- f = new File(dir,arti.getAppName()+".chal");
- if(f.exists()) {
- f.delete();
- }
- pw = new PrintWriter(new FileWriter(f));
- try {
- for(String prop : encodeds) {
- if(prop.startsWith("Challenge")) {
- pw.println(prop);
- }
- }
- } finally {
- pw.close();
- }
- Chmod.to400.chmod(f);
- }
- } catch(Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
-
- public static void clear() {
- processed.clear();
- }
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/CertException.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/CertException.java
deleted file mode 100644
index bac4a17..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/CertException.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-public class CertException extends Exception {
-
- /**
- *
- */
- private static final long serialVersionUID = 1373028409048516401L;
-
- public CertException() {
- }
-
- public CertException(String message) {
- super(message);
- }
-
- public CertException(Throwable cause) {
- super(cause);
- }
-
- public CertException(String message, Throwable cause) {
- super(message, cause);
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/CmAgent.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/CmAgent.java
deleted file mode 100644
index 15ed5d0..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/CmAgent.java
+++ /dev/null
@@ -1,712 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.net.InetAddress;
-import java.net.UnknownHostException;
-import java.security.KeyStore;
-import java.security.cert.X509Certificate;
-import java.util.ArrayDeque;
-import java.util.Deque;
-import java.util.GregorianCalendar;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Map.Entry;
-
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.aaf.client.ErrMessage;
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.http.HBasicAuthSS;
-import org.onap.aaf.cadi.sso.AAFSSO;
-
-import java.util.Properties;
-
-import org.onap.aaf.inno.env.Data.TYPE;
-import org.onap.aaf.inno.env.Env;
-import org.onap.aaf.inno.env.TimeTaken;
-import org.onap.aaf.inno.env.Trans;
-import org.onap.aaf.inno.env.util.Chrono;
-import org.onap.aaf.inno.env.util.Split;
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-import certman.v1_0.Artifacts;
-import certman.v1_0.Artifacts.Artifact;
-import certman.v1_0.CertInfo;
-import certman.v1_0.CertificateRequest;
-
-public class CmAgent {
- private static final String PRINT = "print";
- private static final String FILE = "file";
- private static final String PKCS12 = "pkcs12";
- private static final String JKS = "jks";
- private static final String SCRIPT="script";
-
- private static final String CM_VER = "1.0";
- public static final int PASS_SIZE = 24;
- private static int TIMEOUT;
-
- private static RosettaDF<CertificateRequest> reqDF;
- private static RosettaDF<CertInfo> certDF;
- private static RosettaDF<Artifacts> artifactsDF;
- private static ErrMessage errMsg;
- private static Map<String,PlaceArtifact> placeArtifact;
- private static RosettaEnv env;
-
- public static void main(String[] args) {
- int exitCode = 0;
- try {
- AAFSSO aafsso = new AAFSSO(args);
- if(aafsso.loginOnly()) {
- aafsso.setLogDefault();
- aafsso.writeFiles();
- System.out.println("AAF SSO information created in ~/.aaf");
- } else {
- PropAccess access = aafsso.access();
- env = new RosettaEnv(access.getProperties());
- Deque<String> cmds = new ArrayDeque<String>();
- for(String p : args) {
- if(p.indexOf('=')<0) {
- cmds.add(p);
- }
- }
-
- if(cmds.size()==0) {
- aafsso.setLogDefault();
- System.out.println("Usage: java -jar <cadi-aaf-*-full.jar> cmd [<tag=value>]*");
- System.out.println(" create <mechID> [<machine>]");
- System.out.println(" read <mechID> [<machine>]");
- System.out.println(" update <mechID> [<machine>]");
- System.out.println(" delete <mechID> [<machine>]");
- System.out.println(" copy <mechID> <machine> <newmachine>[,<newmachine>]*");
- System.out.println(" place <mechID> [<machine>]");
- System.out.println(" showpass <mechID> [<machine>]");
- System.out.println(" check <mechID> [<machine>]");
- System.exit(1);
- }
-
- TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, "5000"));
-
- reqDF = env.newDataFactory(CertificateRequest.class);
- artifactsDF = env.newDataFactory(Artifacts.class);
- certDF = env.newDataFactory(CertInfo.class);
- errMsg = new ErrMessage(env);
-
- placeArtifact = new HashMap<String,PlaceArtifact>();
- placeArtifact.put(JKS, new PlaceArtifactInKeystore(JKS));
- placeArtifact.put(PKCS12, new PlaceArtifactInKeystore(PKCS12));
- placeArtifact.put(FILE, new PlaceArtifactInFiles());
- placeArtifact.put(PRINT, new PlaceArtifactOnStream(System.out));
- placeArtifact.put(SCRIPT, new PlaceArtifactScripts());
-
- Trans trans = env.newTrans();
- try {
- // show Std out again
- aafsso.setLogDefault();
- aafsso.setStdErrDefault();
-
- // if CM_URL can be obtained, add to sso.props, if written
- String cm_url = getProperty(access,env,false, Config.CM_URL,Config.CM_URL+": ");
- if(cm_url!=null) {
- aafsso.addProp(Config.CM_URL, cm_url);
- }
- aafsso.writeFiles();
-
- AAFCon<?> aafcon = new AAFConHttp(access,Config.CM_URL);
-
- String cmd = cmds.removeFirst();
- if("place".equals(cmd)) {
- placeCerts(trans,aafcon,cmds);
- } else if("create".equals(cmd)) {
- createArtifact(trans, aafcon,cmds);
- } else if("read".equals(cmd)) {
- readArtifact(trans, aafcon, cmds);
- } else if("copy".equals(cmd)) {
- copyArtifact(trans, aafcon, cmds);
- } else if("update".equals(cmd)) {
- updateArtifact(trans, aafcon, cmds);
- } else if("delete".equals(cmd)) {
- deleteArtifact(trans, aafcon, cmds);
- } else if("showpass".equals(cmd)) {
- showPass(trans,aafcon,cmds);
- } else if("check".equals(cmd)) {
- try {
- exitCode = check(trans,aafcon,cmds);
- } catch (Exception e) {
- exitCode = 1;
- throw e;
- }
- } else {
- AAFSSO.cons.printf("Unknown command \"%s\"\n", cmd);
- }
- } finally {
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(4, sb, Trans.REMOTE);
- if(sb.length()>0) {
- trans.info().log("Trans Info\n",sb);
- }
- }
- aafsso.close();
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- if(exitCode!=0) {
- System.exit(exitCode);
- }
- }
-
- private static String getProperty(PropAccess pa, Env env, boolean secure, String tag, String prompt, Object ... def) {
- String value;
- if((value=pa.getProperty(tag))==null) {
- if(secure) {
- value = new String(AAFSSO.cons.readPassword(prompt, def));
- } else {
- value = AAFSSO.cons.readLine(prompt,def).trim();
- }
- if(value!=null) {
- if(value.length()>0) {
- pa.setProperty(tag,value);
- env.setProperty(tag,value);
- } else if(def.length==1) {
- value=def[0].toString();
- pa.setProperty(tag,value);
- env.setProperty(tag,value);
- }
- }
- }
- return value;
- }
-
- private static String mechID(Deque<String> cmds) {
- if(cmds.size()<1) {
- String alias = env.getProperty(Config.CADI_ALIAS);
- return alias!=null?alias:AAFSSO.cons.readLine("MechID: ");
- }
- return cmds.removeFirst();
- }
-
- private static String machine(Deque<String> cmds) throws UnknownHostException {
- if(cmds.size()>0) {
- return cmds.removeFirst();
- } else {
- String mach = env.getProperty(Config.HOSTNAME);
- return mach!=null?mach:InetAddress.getLocalHost().getHostName();
- }
- }
-
- private static String[] machines(Deque<String> cmds) {
- String machines;
- if(cmds.size()>0) {
- machines = cmds.removeFirst();
- } else {
- machines = AAFSSO.cons.readLine("Machines (sep by ','): ");
- }
- return Split.split(',', machines);
- }
-
- private static void createArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = mechID(cmds);
- String machine = machine(cmds);
-
- Artifacts artifacts = new Artifacts();
- Artifact arti = new Artifact();
- artifacts.getArtifact().add(arti);
- arti.setMechid(mechID!=null?mechID:AAFSSO.cons.readLine("MechID: "));
- arti.setMachine(machine!=null?machine:AAFSSO.cons.readLine("Machine (%s): ",InetAddress.getLocalHost().getHostName()));
- arti.setCa(AAFSSO.cons.readLine("CA: (%s): ","aaf"));
-
- String resp = AAFSSO.cons.readLine("Types [file,jks,script] (%s): ", "jks");
- for(String s : Split.splitTrim(',', resp)) {
- arti.getType().add(s);
- }
- // Always do Script
- if(!resp.contains(SCRIPT)) {
- arti.getType().add(SCRIPT);
- }
-
- // Note: Sponsor is set on Creation by CM
- String configRootName = AAFCon.reverseDomain(arti.getMechid());
- arti.setAppName(AAFSSO.cons.readLine("Namespace (%s): ",configRootName));
- arti.setDir(AAFSSO.cons.readLine("Directory (%s): ", System.getProperty("user.dir")));
- arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", System.getProperty("user.name")));
- arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renewal Days (%s):", "30")));
- arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (mailto owner):", "")));
-
- TimeTaken tt = trans.start("Create Artifact", Env.REMOTE);
- try {
- Future<Artifacts> future = aafcon.client(CM_VER).create("/cert/artifacts", artifactsDF, artifacts);
- if(future.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine());
- } else {
- trans.error().printf("Call to AAF Certman failed, %s",
- errMsg.toMsg(future));
- }
- } finally {
- tt.done();
- }
- }
-
- private static String toNotification(String notification) {
- if(notification==null) {
- notification="";
- } else if(notification.length()>0) {
- if(notification.indexOf(':')<0) {
- notification = "mailto:" + notification;
- }
- }
- return notification;
- }
-
-
- private static void readArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = mechID(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Read Artifact", Env.SUB);
- try {
- Future<Artifacts> future = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
-
- if(future.get(TIMEOUT)) {
- boolean printed = false;
- for(Artifact a : future.value.getArtifact()) {
- AAFSSO.cons.printf("MechID: %s\n",a.getMechid());
- AAFSSO.cons.printf(" Sponsor: %s\n",a.getSponsor());
- AAFSSO.cons.printf("Machine: %s\n",a.getMachine());
- AAFSSO.cons.printf("CA: %s\n",a.getCa());
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(String t : a.getType()) {
- if(first) {first=false;}
- else{sb.append(',');}
- sb.append(t);
- }
- AAFSSO.cons.printf("Types: %s\n",sb);
- AAFSSO.cons.printf("Namespace: %s\n",a.getAppName());
- AAFSSO.cons.printf("Directory: %s\n",a.getDir());
- AAFSSO.cons.printf("O/S User: %s\n",a.getOsUser());
- AAFSSO.cons.printf("Renew Days: %d\n",a.getRenewDays());
- AAFSSO.cons.printf("Notification %s\n",a.getNotification());
- printed = true;
- }
- if(!printed) {
- AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
- }
- } else {
- trans.error().log(errMsg.toMsg(future));
- }
- } finally {
- tt.done();
- }
- }
-
- private static void copyArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = mechID(cmds);
- String machine = machine(cmds);
- String[] newmachs = machines(cmds);
- if(newmachs==null || newmachs == null) {
- trans.error().log("No machines listed to copy to");
- } else {
- TimeTaken tt = trans.start("Copy Artifact", Env.REMOTE);
- try {
- Future<Artifacts> future = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
-
- if(future.get(TIMEOUT)) {
- boolean printed = false;
- for(Artifact a : future.value.getArtifact()) {
- for(String m : newmachs) {
- a.setMachine(m);
- Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, future.value);
- if(fup.get(TIMEOUT)) {
- trans.info().printf("Copy of %s %s successful to %s",mechID,machine,m);
- } else {
- trans.error().printf("Call to AAF Certman failed, %s",
- errMsg.toMsg(fup));
- }
-
- printed = true;
- }
- }
- if(!printed) {
- AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
- }
- } else {
- trans.error().log(errMsg.toMsg(future));
- }
- } finally {
- tt.done();
- }
- }
- }
-
- private static void updateArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = mechID(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Update Artifact", Env.REMOTE);
- try {
- Future<Artifacts> fread = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
-
- if(fread.get(TIMEOUT)) {
- Artifacts artifacts = new Artifacts();
- for(Artifact a : fread.value.getArtifact()) {
- Artifact arti = new Artifact();
- artifacts.getArtifact().add(arti);
-
- AAFSSO.cons.printf("For %s on %s\n", a.getMechid(),a.getMachine());
- arti.setMechid(a.getMechid());
- arti.setMachine(a.getMachine());
- arti.setCa(AAFSSO.cons.readLine("CA: (%s): ",a.getCa()));
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(String t : a.getType()) {
- if(first) {first=false;}
- else{sb.append(',');}
- sb.append(t);
- }
-
- String resp = AAFSSO.cons.readLine("Types [file,jks,pkcs12] (%s): ", sb);
- for(String s : Split.splitTrim(',', resp)) {
- arti.getType().add(s);
- }
- // Always do Script
- if(!resp.contains(SCRIPT)) {
- arti.getType().add(SCRIPT);
- }
-
- // Note: Sponsor is set on Creation by CM
- arti.setAppName(AAFSSO.cons.readLine("Namespace (%s): ",a.getAppName()));
- arti.setDir(AAFSSO.cons.readLine("Directory (%s): ", a.getDir()));
- arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", a.getOsUser()));
- arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renew Days (%s):", a.getRenewDays())));
- arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (%s):", a.getNotification())));
-
- }
- if(artifacts.getArtifact().size()==0) {
- AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
- } else {
- Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, artifacts);
- if(fup.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",mechID,machine);
- } else {
- trans.error().printf("Call to AAF Certman failed, %s",
- errMsg.toMsg(fup));
- }
- }
- } else {
- trans.error().printf("Call to AAF Certman failed, %s %s, %s",
- errMsg.toMsg(fread),mechID,machine);
- }
- } finally {
- tt.done();
- }
- }
-
- private static void deleteArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechid = mechID(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Delete Artifact", Env.REMOTE);
- try {
- Future<Void> future = aafcon.client(CM_VER)
- .delete("/cert/artifacts/"+mechid+"/"+machine,"application/json" );
-
- if(future.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",mechid,machine);
- } else {
- trans.error().printf("Call to AAF Certman failed, %s %s, %s",
- errMsg.toMsg(future),mechid,machine);
- }
- } finally {
- tt.done();
- }
- }
-
-
-
- private static boolean placeCerts(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- boolean rv = false;
- String mechID = mechID(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Place Artifact", Env.REMOTE);
- try {
- Future<Artifacts> acf = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
- if(acf.get(TIMEOUT)) {
- // Have to wait for JDK 1.7 source...
- //switch(artifact.getType()) {
- if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
- AAFSSO.cons.printf("===> There are no artifacts for %s %s", mechID, machine);
- } else {
- for(Artifact a : acf.value.getArtifact()) {
- String osID = System.getProperty("user.name");
- if(a.getOsUser().equals(osID)) {
- CertificateRequest cr = new CertificateRequest();
- cr.setMechid(a.getMechid());
- cr.setSponsor(a.getSponsor());
- cr.getFqdns().add(a.getMachine());
- Future<String> f = aafcon.client(CM_VER)
- .setQueryParams("withTrust")
- .updateRespondString("/cert/" + a.getCa(),reqDF, cr);
- if(f.get(TIMEOUT)) {
- CertInfo capi = certDF.newData().in(TYPE.JSON).load(f.body()).asObject();
- for(String type : a.getType()) {
- PlaceArtifact pa = placeArtifact.get(type);
- if(pa!=null) {
- if(rv = pa.place(trans, capi, a)) {
- notifyPlaced(a,rv);
- }
- }
- }
- // Cover for the above multiple pass possibilities with some static Data, then clear per Artifact
- } else {
- trans.error().log(errMsg.toMsg(f));
- }
- } else {
- trans.error().log("You must be OS User \"" + a.getOsUser() +"\" to place Certificates on this box");
- }
- }
- }
- } else {
- trans.error().log(errMsg.toMsg(acf));
- }
- } finally {
- tt.done();
- }
- return rv;
- }
-
- private static void notifyPlaced(Artifact a, boolean rv) {
-
-
- }
-
- private static void showPass(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = mechID(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Show Password", Env.REMOTE);
- try {
- Future<Artifacts> acf = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
- if(acf.get(TIMEOUT)) {
- // Have to wait for JDK 1.7 source...
- //switch(artifact.getType()) {
- if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
- AAFSSO.cons.printf("No Artifacts found for %s on %s", mechID, machine);
- } else {
- String id = aafcon.defID();
- boolean allowed;
- for(Artifact a : acf.value.getArtifact()) {
- allowed = id!=null && (id.equals(a.getSponsor()) ||
- (id.equals(a.getMechid())
- && aafcon.securityInfo().defSS.getClass().isAssignableFrom(HBasicAuthSS.class)));
- if(!allowed) {
- Future<String> pf = aafcon.client(CM_VER).read("/cert/may/" +
- a.getAppName() + ".certman|"+a.getCa()+"|showpass","*/*");
- if(pf.get(TIMEOUT)) {
- allowed = true;
- } else {
- trans.error().log(errMsg.toMsg(pf));
- }
- }
- if(allowed) {
- File dir = new File(a.getDir());
- Properties props = new Properties();
- FileInputStream fis = new FileInputStream(new File(dir,a.getAppName()+".props"));
- try {
- props.load(fis);
- fis.close();
- fis = new FileInputStream(new File(dir,a.getAppName()+".chal"));
- props.load(fis);
- } finally {
- fis.close();
- }
-
- File f = new File(dir,a.getAppName()+".keyfile");
- if(f.exists()) {
- Symm symm = Symm.obtain(f);
-
- for(Iterator<Entry<Object,Object>> iter = props.entrySet().iterator(); iter.hasNext();) {
- Entry<Object,Object> en = iter.next();
- if(en.getValue().toString().startsWith("enc:???")) {
- System.out.printf("%s=%s\n", en.getKey(), symm.depass(en.getValue().toString()));
- }
- }
- } else {
- trans.error().printf("%s.keyfile must exist to read passwords for %s on %s",
- f.getAbsolutePath(),a.getMechid(), a.getMachine());
- }
- }
- }
- }
- } else {
- trans.error().log(errMsg.toMsg(acf));
- }
- } finally {
- tt.done();
- }
-
- }
-
-
- /**
- * Check returns Error Codes, so that Scripts can know what to do
- *
- * 0 - Check Complete, nothing to do
- * 1 - General Error
- * 2 - Error for specific Artifact - read check.msg
- * 10 - Certificate Updated - check.msg is email content
- *
- * @param trans
- * @param aafcon
- * @param cmds
- * @return
- * @throws Exception
- */
- private static int check(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- int exitCode=1;
- String mechID = mechID(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Check Certificate", Env.REMOTE);
- try {
-
- Future<Artifacts> acf = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
- if(acf.get(TIMEOUT)) {
- // Have to wait for JDK 1.7 source...
- //switch(artifact.getType()) {
- if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
- AAFSSO.cons.printf("No Artifacts found for %s on %s", mechID, machine);
- } else {
- String id = aafcon.defID();
- GregorianCalendar now = new GregorianCalendar();
- for(Artifact a : acf.value.getArtifact()) {
- if(id.equals(a.getMechid())) {
- File dir = new File(a.getDir());
- Properties props = new Properties();
- FileInputStream fis = new FileInputStream(new File(dir,a.getAppName()+".props"));
- try {
- props.load(fis);
- } finally {
- fis.close();
- }
-
- String prop;
- File f;
-
- if((prop=props.getProperty(Config.CADI_KEYFILE))==null ||
- !(f=new File(prop)).exists()) {
- trans.error().printf("Keyfile must exist to check Certificates for %s on %s",
- a.getMechid(), a.getMachine());
- } else {
- String ksf = props.getProperty(Config.CADI_KEYSTORE);
- String ksps = props.getProperty(Config.CADI_KEYSTORE_PASSWORD);
- if(ksf==null || ksps == null) {
- trans.error().printf("Properties %s and %s must exist to check Certificates for %s on %s",
- Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD,a.getMechid(), a.getMachine());
- } else {
- KeyStore ks = KeyStore.getInstance("JKS");
- Symm symm = Symm.obtain(f);
-
- fis = new FileInputStream(ksf);
- try {
- ks.load(fis,symm.depass(ksps).toCharArray());
- } finally {
- fis.close();
- }
- X509Certificate cert = (X509Certificate)ks.getCertificate(mechID);
- String msg = null;
-
- if(cert==null) {
- msg = String.format("X509Certificate does not exist for %s on %s in %s",
- a.getMechid(), a.getMachine(), ksf);
- trans.error().log(msg);
- exitCode = 2;
- } else {
- GregorianCalendar renew = new GregorianCalendar();
- renew.setTime(cert.getNotAfter());
- renew.add(GregorianCalendar.DAY_OF_MONTH,-1*a.getRenewDays());
- if(renew.after(now)) {
- msg = String.format("X509Certificate for %s on %s has been checked on %s. It expires on %s; it will not be renewed until %s.\n",
- a.getMechid(), a.getMachine(),Chrono.dateOnlyStamp(now),cert.getNotAfter(),Chrono.dateOnlyStamp(renew));
- trans.info().log(msg);
- exitCode = 0; // OK
- } else {
- trans.info().printf("X509Certificate for %s on %s expiration, %s, needs Renewal.\n",
- a.getMechid(), a.getMachine(),cert.getNotAfter());
- cmds.offerLast(mechID);
- cmds.offerLast(machine);
- if(placeCerts(trans,aafcon,cmds)) {
- msg = String.format("X509Certificate for %s on %s has been renewed. Ensure services using are refreshed.\n",
- a.getMechid(), a.getMachine());
- exitCode = 10; // Refreshed
- } else {
- msg = String.format("X509Certificate for %s on %s attempted renewal, but failed. Immediate Investigation is required!\n",
- a.getMechid(), a.getMachine());
- exitCode = 1; // Error Renewing
- }
- }
- }
- if(msg!=null) {
- FileOutputStream fos = new FileOutputStream(a.getDir()+'/'+a.getAppName()+".msg");
- try {
- fos.write(msg.getBytes());
- } finally {
- fos.close();
- }
- }
- }
-
- }
- }
- }
- }
- } else {
- trans.error().log(errMsg.toMsg(acf));
- exitCode=1;
- }
- } finally {
- tt.done();
- }
- return exitCode;
- }
-
-}
-
-
-
-
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
deleted file mode 100644
index 1d488de..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
+++ /dev/null
@@ -1,449 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import java.io.BufferedReader;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.FileReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.io.StringReader;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Collection;
-import java.util.List;
-
-import javax.crypto.Cipher;
-import javax.crypto.NoSuchPaddingException;
-
-import org.onap.aaf.cadi.Symm;
-
-import org.onap.aaf.inno.env.Env;
-import org.onap.aaf.inno.env.TimeTaken;
-import org.onap.aaf.inno.env.Trans;
-
-public class Factory {
- private static final String PRIVATE_KEY_HEADER = "PRIVATE KEY";
- public static final String KEY_ALGO = "RSA";
- public static final String SIG_ALGO = "SHA256withRSA";
-
- public static final int KEY_LENGTH = 2048;
- private static final KeyPairGenerator keygen;
- private static final KeyFactory keyFactory;
- private static final CertificateFactory certificateFactory;
- private static final SecureRandom random;
-
-
- private static final Symm base64 = Symm.base64.copy(64);
-
- static {
- random = new SecureRandom();
- KeyPairGenerator tempKeygen;
- try {
- tempKeygen = KeyPairGenerator.getInstance(KEY_ALGO);//,"BC");
- tempKeygen.initialize(KEY_LENGTH, random);
- } catch (NoSuchAlgorithmException e) {
- tempKeygen = null;
- e.printStackTrace(System.err);
- }
- keygen = tempKeygen;
-
- KeyFactory tempKeyFactory;
- try {
- tempKeyFactory=KeyFactory.getInstance(KEY_ALGO);//,"BC"
- } catch (NoSuchAlgorithmException e) {
- tempKeyFactory = null;
- e.printStackTrace(System.err);
- };
- keyFactory = tempKeyFactory;
-
- CertificateFactory tempCertificateFactory;
- try {
- tempCertificateFactory = CertificateFactory.getInstance("X.509");
- } catch (CertificateException e) {
- tempCertificateFactory = null;
- e.printStackTrace(System.err);
- }
- certificateFactory = tempCertificateFactory;
-
-
- }
-
-
- public static KeyPair generateKeyPair(Trans trans) {
- TimeTaken tt;
- if(trans!=null) {
- tt = trans.start("Generate KeyPair", Env.SUB);
- } else {
- tt = null;
- }
- try {
- return keygen.generateKeyPair();
- } finally {
- if(tt!=null) {
- tt.done();
- }
- }
- }
-
- private static final String LINE_END = "-----\n";
-
- protected static String textBuilder(String kind, byte[] bytes) throws IOException {
- StringBuilder sb = new StringBuilder();
- sb.append("-----BEGIN ");
- sb.append(kind);
- sb.append(LINE_END);
-
- ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- base64.encode(bais, baos);
- sb.append(new String(baos.toByteArray()));
-
- if(sb.charAt(sb.length()-1)!='\n') {
- sb.append('\n');
- }
- sb.append("-----END ");
- sb.append(kind);
- sb.append(LINE_END);
- return sb.toString();
- }
-
- public static PrivateKey toPrivateKey(Trans trans, String pk) throws IOException, CertException {
- byte[] bytes = decode(new StringReader(pk));
- return toPrivateKey(trans, bytes);
- }
-
- public static PrivateKey toPrivateKey(Trans trans, byte[] bytes) throws IOException, CertException {
- TimeTaken tt=trans.start("Reconstitute Private Key", Env.SUB);
- try {
- return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes));
- } catch (InvalidKeySpecException e) {
- throw new CertException("Translating Private Key from PKCS8 KeySpec",e);
- } finally {
- tt.done();
- }
- }
-
- public static PrivateKey toPrivateKey(Trans trans, File file) throws IOException, CertException {
- TimeTaken tt = trans.start("Decode Private Key File", Env.SUB);
- try {
- return toPrivateKey(trans,decode(file));
- }finally {
- tt.done();
- }
- }
-
- public static String toString(Trans trans, PrivateKey pk) throws IOException {
-// PKCS8EncodedKeySpec pemContents = new PKCS8EncodedKeySpec(pk.getEncoded());
- trans.debug().log("Private Key to String");
- return textBuilder(PRIVATE_KEY_HEADER,pk.getEncoded());
- }
-
- public static PublicKey toPublicKey(Trans trans, String pk) throws IOException {
- TimeTaken tt = trans.start("Reconstitute Public Key", Env.SUB);
- try {
- ByteArrayInputStream bais = new ByteArrayInputStream(pk.getBytes());
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- Symm.base64noSplit.decode(bais, baos);
-
- return keyFactory.generatePublic(new X509EncodedKeySpec(baos.toByteArray()));
- } catch (InvalidKeySpecException e) {
- trans.error().log(e,"Translating Public Key from X509 KeySpec");
- return null;
- } finally {
- tt.done();
- }
- }
-
- public static String toString(Trans trans, PublicKey pk) throws IOException {
- trans.debug().log("Public Key to String");
- return textBuilder("PUBLIC KEY",pk.getEncoded());
- }
-
- public static Collection<? extends Certificate> toX509Certificate(String x509) throws CertificateException {
- return toX509Certificate(x509.getBytes());
- }
-
- public static Collection<? extends Certificate> toX509Certificate(List<String> x509s) throws CertificateException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- try {
- for(String x509 : x509s) {
- baos.write(x509.getBytes());
- }
- } catch (IOException e) {
- throw new CertificateException(e);
- }
- return toX509Certificate(new ByteArrayInputStream(baos.toByteArray()));
- }
-
- public static Collection<? extends Certificate> toX509Certificate(byte[] x509) throws CertificateException {
- return certificateFactory.generateCertificates(new ByteArrayInputStream(x509));
- }
-
- public static Collection<? extends Certificate> toX509Certificate(Trans trans, File file) throws CertificateException, FileNotFoundException {
- FileInputStream fis = new FileInputStream(file);
- try {
- return toX509Certificate(fis);
- } finally {
- try {
- fis.close();
- } catch (IOException e) {
- throw new CertificateException(e);
- }
- }
- }
-
- public static Collection<? extends Certificate> toX509Certificate(InputStream is) throws CertificateException {
- return certificateFactory.generateCertificates(is);
- }
-
- public static String toString(Trans trans, Certificate cert) throws IOException, CertException {
- if(trans.debug().isLoggable()) {
- StringBuilder sb = new StringBuilder("Certificate to String");
- if(cert instanceof X509Certificate) {
- sb.append(" - ");
- sb.append(((X509Certificate)cert).getSubjectDN());
- }
- trans.debug().log(sb);
- }
- try {
- if(cert==null) {
- throw new CertException("Certificate not built");
- }
- return textBuilder("CERTIFICATE",cert.getEncoded());
- } catch (CertificateEncodingException e) {
- throw new CertException(e);
- }
- }
-
- public static Cipher pkCipher() throws NoSuchAlgorithmException, NoSuchPaddingException {
- return Cipher.getInstance(KEY_ALGO);
- }
-
- public static Cipher pkCipher(Key key, boolean encrypt) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException {
- Cipher cipher = Cipher.getInstance(KEY_ALGO);
- cipher.init(encrypt?Cipher.ENCRYPT_MODE:Cipher.DECRYPT_MODE,key);
- return cipher;
- }
-
- public static byte[] strip(Reader rdr) throws IOException {
- BufferedReader br = new BufferedReader(rdr);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- String line;
- while((line=br.readLine())!=null) {
- if(line.length()>0 &&
- !line.startsWith("-----") &&
- line.indexOf(':')<0) { // Header elements
- baos.write(line.getBytes());
- }
- }
- return baos.toByteArray();
- }
-
- public static class StripperInputStream extends InputStream {
- private Reader created;
- private BufferedReader br;
- private int idx;
- private String line;
-
- public StripperInputStream(Reader rdr) {
- if(rdr instanceof BufferedReader) {
- br = (BufferedReader)rdr;
- } else {
- br = new BufferedReader(rdr);
- }
- created = null;
- }
-
- public StripperInputStream(File file) throws FileNotFoundException {
- this(new FileReader(file));
- created = br;
- }
-
- public StripperInputStream(InputStream is) throws FileNotFoundException {
- this(new InputStreamReader(is));
- created = br;
- }
-
- @Override
- public int read() throws IOException {
- if(line==null || idx>=line.length()) {
- while((line=br.readLine())!=null) {
- if(line.length()>0 &&
- !line.startsWith("-----") &&
- line.indexOf(':')<0) { // Header elements
- break;
- }
- }
-
- if(line==null) {
- return -1;
- }
- idx = 0;
- }
- return line.charAt(idx++);
- }
-
- /* (non-Javadoc)
- * @see java.io.InputStream#close()
- */
- @Override
- public void close() throws IOException {
- if(created!=null) {
- created.close();
- }
- }
- }
-
- public static class Base64InputStream extends InputStream {
- private InputStream created;
- private InputStream is;
- private byte trio[];
- private byte duo[];
- private int idx;
-
-
- public Base64InputStream(File file) throws FileNotFoundException {
- this(new FileInputStream(file));
- created = is;
- }
-
- public Base64InputStream(InputStream is) throws FileNotFoundException {
- this.is = is;
- trio = new byte[3];
- idx = 4;
- }
-
- @Override
- public int read() throws IOException {
- if(duo==null || idx>=duo.length) {
- int read = is.read(trio);
- if(read==-1) {
- return -1;
- }
- duo = Symm.base64.decode(trio);
- if(duo==null || duo.length==0) {
- return -1;
- }
- idx=0;
- }
-
- return duo[idx++];
- }
-
- /* (non-Javadoc)
- * @see java.io.InputStream#close()
- */
- @Override
- public void close() throws IOException {
- if(created!=null) {
- created.close();
- }
- }
- }
-
- public static byte[] decode(byte[] bytes) throws IOException {
- ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- Symm.base64.decode(bais, baos);
- return baos.toByteArray();
- }
-
- public static byte[] decode(File f) throws IOException {
- FileReader fr = new FileReader(f);
- try {
- return Factory.decode(fr);
- } finally {
- fr.close();
- }
-
- }
- public static byte[] decode(Reader rdr) throws IOException {
- return decode(strip(rdr));
- }
-
-
- public static byte[] binary(File file) throws IOException {
- DataInputStream dis = new DataInputStream(new FileInputStream(file));
- try {
- byte[] bytes = new byte[(int)file.length()];
- dis.readFully(bytes);
- return bytes;
- } finally {
- dis.close();
- }
- }
-
-
- public static byte[] sign(Trans trans, byte[] bytes, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
- TimeTaken tt = trans.start("Sign Data", Env.SUB);
- try {
- Signature sig = Signature.getInstance(SIG_ALGO);
- sig.initSign(pk, random);
- sig.update(bytes);
- return sig.sign();
- } finally {
- tt.done();
- }
- }
-
- public static String toSignatureString(byte[] signed) throws IOException {
- return textBuilder("SIGNATURE", signed);
- }
-
- public static boolean verify(Trans trans, byte[] bytes, byte[] signature, PublicKey pk) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
- TimeTaken tt = trans.start("Verify Data", Env.SUB);
- try {
- Signature sig = Signature.getInstance(SIG_ALGO);
- sig.initVerify(pk);
- sig.update(bytes);
- return sig.verify(signature);
- } finally {
- tt.done();
- }
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifact.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifact.java
deleted file mode 100644
index a89b901..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifact.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import certman.v1_0.Artifacts.Artifact;
-import certman.v1_0.CertInfo;
-
-import org.onap.aaf.cadi.CadiException;
-
-import org.onap.aaf.inno.env.Trans;
-
-public interface PlaceArtifact {
- public boolean place(Trans trans, CertInfo cert, Artifact arti) throws CadiException;
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInFiles.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInFiles.java
deleted file mode 100644
index eaefd58..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInFiles.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import java.io.File;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.util.Chmod;
-
-import certman.v1_0.Artifacts.Artifact;
-import certman.v1_0.CertInfo;
-
-import org.onap.aaf.inno.env.Trans;
-
-public class PlaceArtifactInFiles extends ArtifactDir {
- @Override
- public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- try {
- // Setup Public Cert
- File f = new File(dir,arti.getAppName()+".crt");
- write(f,Chmod.to644,certInfo.getCerts().get(0),C_R);
-
- // Setup Private Key
- f = new File(dir,arti.getAppName()+".key");
- write(f,Chmod.to400,certInfo.getPrivatekey(),C_R);
-
- } catch (Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
-}
-
-
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInKeystore.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInKeystore.java
deleted file mode 100644
index ddda1db..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInKeystore.java
+++ /dev/null
@@ -1,130 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import java.io.File;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.util.Chmod;
-
-import org.onap.aaf.inno.env.Trans;
-
-import certman.v1_0.Artifacts.Artifact;
-import certman.v1_0.CertInfo;
-
-public class PlaceArtifactInKeystore extends ArtifactDir {
- private String kst;
- //TODO get ROOT DNs or Trusted DNs from Certificate Manager.
-// private static String[] rootDNs = new String[]{
-// "CN=ATT CADI Root CA - Test, O=ATT, OU=CSO, C=US", // Lab. delete eventually
-// "CN=ATT AAF CADI TEST CA, OU=CSO, O=ATT, C=US",
-// "CN=ATT AAF CADI CA, OU=CSO, O=ATT, C=US"
-// };
-
- public PlaceArtifactInKeystore(String kst) {
- this.kst = kst;
- }
-
- @Override
- public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- File fks = new File(dir,arti.getAppName()+'.'+kst);
- try {
- KeyStore jks = KeyStore.getInstance(kst);
- if(fks.exists()) {
- fks.delete();
- }
-
- // Get the Cert(s)... Might include Trust store
- Collection<? extends Certificate> certColl = Factory.toX509Certificate(certInfo.getCerts());
- X509Certificate[] certs = new X509Certificate[certColl.size()];
- certColl.toArray(certs);
-
-
- // Add CADI Keyfile Entry to Properties
- addProperty(Config.CADI_KEYFILE,arti.getDir()+'/'+arti.getAppName() + ".keyfile");
- // Set Keystore Password
- addProperty(Config.CADI_KEYSTORE,fks.getAbsolutePath());
- String keystorePass = Symm.randomGen(CmAgent.PASS_SIZE);
- addEncProperty(Config.CADI_KEYSTORE_PASSWORD,keystorePass);
- char[] keystorePassArray = keystorePass.toCharArray();
- jks.load(null,keystorePassArray); // load in
-
- // Add Private Key/Cert Entry for App
- // Note: Java SSL security classes, while having a separate key from keystore,
- // is documented to not actually work.
- // java.security.UnrecoverableKeyException: Cannot recover key
- // You can create a custom Key Manager to make it work, but Practicality
- // dictates that you live with the default, meaning, they are the same
- String keyPass = keystorePass; //Symm.randomGen(CmAgent.PASS_SIZE);
- PrivateKey pk = Factory.toPrivateKey(trans, certInfo.getPrivatekey());
- addEncProperty(Config.CADI_KEY_PASSWORD, keyPass);
- addProperty(Config.CADI_ALIAS, arti.getMechid());
-// Set<Attribute> attribs = new HashSet<Attribute>();
-// if(kst.equals("pkcs12")) {
-// // Friendly Name
-// attribs.add(new PKCS12Attribute("1.2.840.113549.1.9.20", arti.getAppName()));
-// }
-//
- KeyStore.ProtectionParameter protParam =
- new KeyStore.PasswordProtection(keyPass.toCharArray());
-
- KeyStore.PrivateKeyEntry pkEntry =
- new KeyStore.PrivateKeyEntry(pk, new Certificate[] {certs[0]});
- jks.setEntry(arti.getMechid(),
- pkEntry, protParam);
-
- // Write out
- write(fks,Chmod.to400,jks,keystorePassArray);
-
- // Change out to TrustStore
- fks = new File(dir,arti.getAppName()+".trust."+kst);
- jks = KeyStore.getInstance(kst);
-
- // Set Truststore Password
- addProperty(Config.CADI_TRUSTSTORE,fks.getAbsolutePath());
- String trustStorePass = Symm.randomGen(CmAgent.PASS_SIZE);
- addEncProperty(Config.CADI_TRUSTSTORE_PASSWORD,trustStorePass);
- char[] truststorePassArray = trustStorePass.toCharArray();
- jks.load(null,truststorePassArray); // load in
-
- // Add Trusted Certificates
- for(int i=1; i<certs.length;++i) {
- jks.setCertificateEntry("cadi_root_" + arti.getCa() + '_' + i, certs[i]);
- }
- // Write out
- write(fks,Chmod.to644,jks,truststorePassArray);
-
- } catch (Exception e) {
- throw new CadiException(e);
- }
- return false;
- }
-
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactOnStream.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactOnStream.java
deleted file mode 100644
index 162d745..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactOnStream.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import java.io.PrintStream;
-
-import certman.v1_0.Artifacts.Artifact;
-import certman.v1_0.CertInfo;
-
-import org.onap.aaf.inno.env.Trans;
-
-public class PlaceArtifactOnStream implements PlaceArtifact {
- private PrintStream out;
-
- public PlaceArtifactOnStream(PrintStream printStream) {
- out = printStream;
- }
-
- @Override
- public boolean place(Trans trans, CertInfo capi, Artifact a) {
- if(capi.getNotes()!=null && capi.getNotes().length()>0) {
- trans.info().printf("Warning: %s\n",capi.getNotes());
- }
- out.printf("Challenge: %s\n",capi.getChallenge());
- out.printf("PrivateKey:\n%s\n",capi.getPrivatekey());
- out.println("Certificate Chain:");
- for(String c : capi.getCerts()) {
- out.println(c);
- }
- return true;
- }
-}
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactScripts.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactScripts.java
deleted file mode 100644
index d1b3141..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactScripts.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.cm;
-
-import java.io.File;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.util.Chmod;
-
-import org.onap.aaf.inno.env.Trans;
-import org.onap.aaf.inno.env.util.Chrono;
-import org.onap.aaf.inno.env.util.Split;
-
-import certman.v1_0.Artifacts.Artifact;
-import certman.v1_0.CertInfo;
-
-public class PlaceArtifactScripts extends ArtifactDir {
- @Override
- public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- try {
- // Setup check.sh script
- String filename = arti.getAppName()+".check.sh";
- File f1 = new File(dir,filename);
- String email = arti.getNotification() + '\n';
- if(email.startsWith("mailto:")) {
- email=email.substring(7);
- } else {
- email=arti.getOsUser() + '\n';
- }
-
- StringBuilder classpath = new StringBuilder();
- boolean first = true;
- for(String pth : Split.split(File.pathSeparatorChar, System.getProperty("java.class.path"))) {
- if(first) {
- first=false;
- } else {
- classpath.append(File.pathSeparatorChar);
- }
- File f = new File(pth);
- classpath.append(f.getCanonicalPath().replaceAll("[0-9]+\\.[0-9]+\\.[0-9]+","*"));
- }
-
- write(f1,Chmod.to644,
- "#!/bin/bash " + f1.getCanonicalPath()+'\n',
- "# Certificate Manager Check Script\n",
- "# Check on Certificate, and renew if needed.\n",
- "# Generated by Certificate Manager " + Chrono.timeStamp()+'\n',
- "DIR="+arti.getDir()+'\n',
- "APP="+arti.getAppName()+'\n',
- "EMAIL="+email,
- "CP=\""+classpath.toString()+"\"\n",
- checkScript
- );
-
- // Setup check.sh script
- File f2 = new File(dir,arti.getAppName()+".crontab.sh");
- write(f2,Chmod.to644,
- "#!/bin/bash " + f1.getCanonicalPath()+'\n',
- "# Certificate Manager Crontab Loading Script\n",
- "# Add/Update a Crontab entry, that adds a check on Certificate Manager generated Certificate nightly.\n",
- "# Generated by Certificate Manager " + Chrono.timeStamp()+'\n',
- "TFILE=\"/tmp/cmcron$$.temp\"\n",
- "DIR=\""+arti.getDir()+"\"\n",
- "CF=\""+arti.getAppName()+" Certificate Check Script\"\n",
- "SCRIPT=\""+f1.getCanonicalPath()+"\"\n",
- cronScript
- );
-
- } catch (Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
-
- private final static String checkScript =
- "> $DIR/$APP.msg\n\n" +
- "function mailit {\n" +
- " printf \"$*\" | /bin/mail -s \"AAF Certman Notification for `uname -n`\" $EMAIL\n"+
- "}\n\n" +
- System.getProperty("java.home") + "/bin/" +"java -cp $CP " +
- CmAgent.class.getName() +
- " cadi_prop_files=$DIR/$APP.props check 2> $DIR/$APP.STDERR > $DIR/$APP.STDOUT\n" +
- "case \"$?\" in\n" +
- " 0)\n" +
- " # Note: Validation will be mailed only the first day after any modification\n" +
- " if [ \"`find $DIR -mtime 0 -name $APP.check.sh`\" != \"\" ] ; then\n" +
- " mailit `echo \"Certficate Validated:\\n\\n\" | cat - $DIR/$APP.msg`\n" +
- " else\n" +
- " cat $DIR/$APP.msg\n" +
- " fi\n" +
- " ;;\n" +
- " 1) mailit \"Error with Certificate Check:\\\\n\\\\nCheck logs $DIR/$APP.STDOUT and $DIR/$APP.STDERR on `uname -n`\"\n" +
- " ;;\n" +
- " 2) mailit `echo \"Certificate Check Error\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
- " ;;\n" +
- " 10) mailit `echo \"Certificate Replaced\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
- " if [ -e $DIR/$APP.restart.sh ]; then\n" +
- " # Note: it is THIS SCRIPT'S RESPONSIBILITY to notify upon success or failure as necessary!!\n" +
- " /bin/sh $DIR/$APP.restart.sh\n" +
- " fi\n" +
- " ;;\n" +
- " *) mailit `echo \"Unknown Error code for CM Agent\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
- " ;;\n" +
- " esac\n\n" +
- " # Note: make sure to cover this sripts' exit Code\n";
-
- private final static String cronScript =
- "crontab -l | sed -n \"/#### BEGIN $CF/,/END $CF ####/!p\" > $TFILE\n" +
- "# Note: Randomize Minutes (0-60) and hours (1-4)\n" +
- "echo \"#### BEGIN $CF ####\" >> $TFILE\n" +
- "echo \"$(( $RANDOM % 60)) $(( $(( $RANDOM % 3 )) + 1 )) * * * /bin/bash $SCRIPT " +
- ">> $DIR/cronlog 2>&1 \" >> $TFILE\n" +
- "echo \"#### END $CF ####\" >> $TFILE\n" +
- "crontab $TFILE\n" +
- "rm $TFILE\n";
-}
-
-
-
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java b/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
deleted file mode 100644
index ed3254b..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
+++ /dev/null
@@ -1,285 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.sso;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.PrintStream;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Properties;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.util.MyConsole;
-import org.onap.aaf.cadi.util.SubStandardConsole;
-import org.onap.aaf.cadi.util.TheConsole;
-
-
-public class AAFSSO {
- public static final MyConsole cons = TheConsole.implemented()?new TheConsole():new SubStandardConsole();
-
- private Properties diskprops = null; // use for temp storing User/Password on disk
- private File dot_aaf = null, sso=null; // instantiated, if ever, with diskprops
-
- boolean removeSSO=false;
- boolean loginOnly = false;
- private PropAccess access;
- private StringBuilder err;
- private String user,encrypted_pass;
- private boolean use_X509;
-
- private PrintStream os, stdout=null,stderr=null;
-
- private Method close;
-
- public AAFSSO(String[] args) throws IOException, CadiException {
- List<String> larg = new ArrayList<String>(args.length);
-
- // Cover for bash's need to escape *... (\\*)
- // also, remove SSO if required
- for (int i = 0; i < args.length; ++i) {
- if ("\\*".equals(args[i])) {
- args[i] = "*";
- }
-
- if("-logout".equalsIgnoreCase(args[i])) {
- removeSSO=true;
- } else if("-login".equalsIgnoreCase(args[i])) {
- loginOnly = true;
- } else {
- larg.add(args[i]);
- }
- }
-
- String[] nargs = new String[larg.size()];
- larg.toArray(nargs);
-
- dot_aaf = new File(System.getProperty("user.home")+"/.aaf");
- if(!dot_aaf.exists()) {
- dot_aaf.mkdirs();
- }
- File f = new File(dot_aaf,"sso.out");
- os = new PrintStream(new FileOutputStream(f,true));
- stdout = System.out;
- stderr = System.err;
- System.setOut(os);
- System.setErr(os);
-
- access = new PropAccess(os,nargs);
- Config.setDefaultRealm(access);
-
- user = access.getProperty(Config.AAF_MECHID);
- encrypted_pass = access.getProperty(Config.AAF_MECHPASS);
-
- File dot_aaf_kf = new File(dot_aaf,"keyfile");
-
- sso = new File(dot_aaf,"sso.props");
- if(removeSSO) {
- if(dot_aaf_kf.exists()) {
- dot_aaf_kf.setWritable(true,true);
- dot_aaf_kf.delete();
- }
- if(sso.exists()) {
- sso.delete();
- }
- System.out.println("AAF SSO information removed");
- System.exit(0);
- }
-
- if(!dot_aaf_kf.exists()) {
- FileOutputStream fos = new FileOutputStream(dot_aaf_kf);
- try {
- fos.write(Symm.encrypt.keygen());
- dot_aaf_kf.setExecutable(false,false);
- dot_aaf_kf.setWritable(false,false);
- dot_aaf_kf.setReadable(false,false);
- dot_aaf_kf.setReadable(true, true);
- } finally {
- fos.close();
- }
- }
-
- String keyfile = access.getProperty(Config.CADI_KEYFILE); // in case it's CertificateMan props
- if(keyfile==null) {
- access.setProperty(Config.CADI_KEYFILE, dot_aaf_kf.getAbsolutePath());
- }
-
- String alias = access.getProperty(Config.CADI_ALIAS);
- if(user==null && alias!=null && access.getProperty(Config.CADI_KEYSTORE_PASSWORD)!=null) {
- user = alias;
- access.setProperty(Config.AAF_MECHID, user);
- use_X509 = true;
- } else {
- use_X509 = false;
- Symm decryptor = Symm.obtain(dot_aaf_kf);
- if (user==null) {
- if(sso.exists() && sso.lastModified()>System.currentTimeMillis()-(8*60*60*1000 /* 8 hours */)) {
- String cm_url = access.getProperty(Config.CM_URL); // SSO might overwrite...
- FileInputStream fos = new FileInputStream(sso);
- try {
- access.load(fos);
- user = access.getProperty(Config.AAF_MECHID);
- encrypted_pass = access.getProperty(Config.AAF_MECHPASS);
- // decrypt with .aaf, and re-encrypt with regular Keyfile
- access.setProperty(Config.AAF_MECHPASS,
- access.encrypt(decryptor.depass(encrypted_pass)));
- if(cm_url!=null) { //Command line CM_URL Overwrites ssofile.
- access.setProperty(Config.CM_URL, cm_url);
- }
- } finally {
- fos.close();
- }
- } else {
- diskprops = new Properties();
- String realm = Config.getDefaultRealm();
- // Turn on Console Sysout
- System.setOut(stdout);
- user=cons.readLine("aaf_id(%s@%s): ",System.getProperty("user.name"),realm);
- if(user==null) {
- user = System.getProperty("user.name")+'@'+realm;
- } else if(user.length()==0) { //
- user = System.getProperty("user.name")+'@' + realm;
- } else if(user.indexOf('@')<0 && realm!=null) {
- user = user+'@'+realm;
- }
- access.setProperty(Config.AAF_MECHID,user);
- diskprops.setProperty(Config.AAF_MECHID,user);
- encrypted_pass = new String(cons.readPassword("aaf_password: "));
- System.setOut(os);
- encrypted_pass = Symm.ENC+decryptor.enpass(encrypted_pass);
- access.setProperty(Config.AAF_MECHPASS,encrypted_pass);
- diskprops.setProperty(Config.AAF_MECHPASS,encrypted_pass);
- diskprops.setProperty(Config.CADI_KEYFILE, access.getProperty(Config.CADI_KEYFILE));
- }
- }
- }
- if (user == null) {
- err = new StringBuilder("Add -D" + Config.AAF_MECHID + "=<id> ");
- }
-
- if (encrypted_pass == null && alias==null) {
- if (err == null) {
- err = new StringBuilder();
- } else {
- err.append("and ");
- }
- err.append("-D" + Config.AAF_MECHPASS + "=<passwd> ");
- }
- }
-
- public void setLogDefault() {
- access.setLogLevel(PropAccess.DEFAULT);
- if(stdout!=null) {
- System.setOut(stdout);
- }
- }
-
- public void setStdErrDefault() {
- access.setLogLevel(PropAccess.DEFAULT);
- if(stderr!=null) {
- System.setErr(stderr);
- }
- }
-
- public void setLogDefault(Level level) {
- access.setLogLevel(level);
- if(stdout!=null) {
- System.setOut(stdout);
- }
- }
-
- public boolean loginOnly() {
- return loginOnly;
- }
-
- public void addProp(String key, String value) {
- if(diskprops!=null) {
- diskprops.setProperty(key, value);
- }
- }
-
- public void writeFiles() throws IOException {
- // Store Creds, if they work
- if(diskprops!=null) {
- if(!dot_aaf.exists()) {
- dot_aaf.mkdirs();
- }
- FileOutputStream fos = new FileOutputStream(sso);
- try {
- diskprops.store(fos, "AAF Single Signon");
- } finally {
- fos.close();
- sso.setWritable(false,false);
- sso.setExecutable(false,false);
- sso.setReadable(false,false);
- sso.setReadable(true,true);
- }
- }
- if(sso!=null) {
- sso.setReadable(false,false);
- sso.setWritable(false,false);
- sso.setExecutable(false,false);
- sso.setReadable(true,true);
- sso.setWritable(true,true);
- }
- }
-
- public PropAccess access() {
- return access;
- }
-
- public StringBuilder err() {
- return err;
- }
-
- public String user() {
- return user;
- }
-
- public String enc_pass() {
- return encrypted_pass;
- }
-
- public boolean useX509() {
- return use_X509;
- }
-
- public void close() {
- if(close!=null) {
- try {
- close.invoke(null);
- } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- // nothing to do here.
- }
- close = null;
- }
- }
-}
diff --git a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java b/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java
deleted file mode 100644
index a809a0d..0000000
--- a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java
+++ /dev/null
@@ -1,211 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package com.onap.aaf.cadi.aaf;
-import static org.junit.Assert.*;
-
-import org.junit.Test;
-
-
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.junit.Assert.*;
-import static org.mockito.Mockito.when;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.lur.LocalPermission;
-
-public class JU_AAFPermissionTest {
-
- private static final String INSTANCE = "*";
- private static final String ACTION = "*";
- private static final String TYPE = "Auth";
- private static final String KEY =TYPE + '|' + INSTANCE + '|' + ACTION;
-
- private String STRINGVALUE =
- "AAFPermission:\n\tType: " + TYPE +
- "\n\tInstance: " + INSTANCE +
- "\n\tAction: " + ACTION +
- "\n\tKey: " + KEY;
-
- @Mock
- private LocalPermission localPermission;
-
- @Mock
- private LocalPermission localPermission2;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- when(localPermission.getKey()).thenReturn(TYPE);
- when(localPermission2.getKey()).thenReturn(TYPE+" Default");
- }
-
- @Test
- public void test() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-
- @Test
- public void test4() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-
- @Test
- public void test1() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-
- @Test
- public void test2() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-
-
- @Test
- public void test3() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-
- @Test
- public void test5() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-
- @Test
- public void test6() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-
- @Test
- public void test7() {
- AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION);
-
- assertTrue("This should Match",permission.match(permission));
-
- assertTrue("This should Match", permission.match(localPermission));
-
- assertFalse("This should Not Match", permission.match(localPermission2));
-
- assertThat(permission.getKey(), is(KEY));
-
- assertThat(permission.permType(), is("AAF"));
-
- assertThat(permission.toString(), is(STRINGVALUE));
-
- }
-}
diff --git a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java b/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java
deleted file mode 100644
index 5b0df09..0000000
--- a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package com.onap.aaf.cadi.aaf;
-
-import static org.junit.Assert.*;
-
-import org.junit.Test;
-
-import static org.junit.Assert.*;
-import static org.mockito.Mockito.when;
-
-import java.io.IOException;
-import java.security.Principal;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-import org.onap.aaf.cadi.aaf.AAFTransmutate;
-import org.onap.aaf.cadi.lur.ConfigPrincipal;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-
-public class JU_AAFTransmutateTest {
-
- @Mock
- Principal principal ;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- when(principal.getName()).thenReturn("Value");
- }
-
- @Test
- public void testMutate() throws IOException {
- BasicPrincipal p = new BasicPrincipal("content", "domain");
- AAFTransmutate transmutate = new AAFTransmutate();
-// assertNotNull(transmutate.mutate(p));
-
- ConfigPrincipal cp = new ConfigPrincipal("content", "cred");
-// assertNotNull(transmutate.mutate(cp));
-
- assertNull(transmutate.mutate(principal));
- }
-
-
- @Test
- public void testMutate4() throws IOException {
- BasicPrincipal p = new BasicPrincipal("content", "domain");
- AAFTransmutate transmutate = new AAFTransmutate();
-// assertNotNull(transmutate.mutate(p));
-
- ConfigPrincipal cp = new ConfigPrincipal("content", "cred");
-// assertNotNull(transmutate.mutate(cp));
-
- assertNull(transmutate.mutate(principal));
- }
-
-
- @Test
- public void testMutate1() throws IOException {
- BasicPrincipal p = new BasicPrincipal("content", "domain");
- AAFTransmutate transmutate = new AAFTransmutate();
-// assertNotNull(transmutate.mutate(p));
-
- ConfigPrincipal cp = new ConfigPrincipal("content", "cred");
-// assertNotNull(transmutate.mutate(cp));
-
- assertNull(transmutate.mutate(principal));
- }
-
-
- @Test
- public void testMutate2() throws IOException {
- BasicPrincipal p = new BasicPrincipal("content", "domain");
- AAFTransmutate transmutate = new AAFTransmutate();
-// assertNotNull(transmutate.mutate(p));
-
- ConfigPrincipal cp = new ConfigPrincipal("content", "cred");
-// assertNotNull(transmutate.mutate(cp));
-
- assertNull(transmutate.mutate(principal));
- }
-
-
- @Test
- public void testMutate3() throws IOException {
- BasicPrincipal p = new BasicPrincipal("content", "domain");
- AAFTransmutate transmutate = new AAFTransmutate();
-// assertNotNull(transmutate.mutate(p));
-
- ConfigPrincipal cp = new ConfigPrincipal("content", "cred");
-// assertNotNull(transmutate.mutate(cp));
-
- assertNull(transmutate.mutate(principal));
- }
-
-}
diff --git a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_CertExceptionTest.java b/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_CertExceptionTest.java
deleted file mode 100644
index 5b61d59..0000000
--- a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_CertExceptionTest.java
+++ /dev/null
@@ -1,237 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package com.onap.aaf.cadi.aaf;
-
-import static org.junit.Assert.*;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.onap.aaf.cadi.cm.CertException;
-
-public class JU_CertExceptionTest {
-
- @Before
- public void setUp() throws Exception {
- }
-
- @Test
- public void test() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
- @Test
- public void test3() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
-
- @Test
- public void test1() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
-
- @Test
- public void test2() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
- @Test
- public void test4() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
- @Test
- public void test5() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
- @Test
- public void test6() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
- @Test
- public void test7() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
-
- @Test
- public void test8() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
- @Test
- public void test9() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
- @Test
- public void test10() {
- CertException ex = new CertException();
- assertNotNull(ex);
-
- ex = new CertException("Exception Message");
- assertNotNull(ex);
- assertEquals(ex.getMessage(),"Exception Message");
-
- ex = new CertException(new Throwable());
- assertNotNull(ex);
- assertNotNull(ex.getCause());
-
- ex = new CertException("Exception Message1", new Throwable());
- assertNotNull(ex.getCause());
- assertEquals(ex.getMessage(),"Exception Message1");
- }
-
-} \ No newline at end of file
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java b/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java
deleted file mode 100644
index 46fe3d4..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java
+++ /dev/null
@@ -1,131 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.client;
-
-import static org.junit.Assert.*;
-import static org.mockito.Mockito.when;
-
-import java.io.PrintStream;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Answers;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-import org.mockito.stubbing.Answer;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data.TYPE;
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-import aaf.v2_0.Error;
-
-public class JU_ErrMessageTest {
-
- @Mock
- private RosettaEnv env;
-
- @Mock(answer=Answers.RETURNS_DEEP_STUBS)
- private RosettaDF<Object> errDF;
-
- private ErrMessage errMessage;
-
- private String attErrJson = "key:value";
-
- private Error error;
-
- private Future<?> future;
-
- @Before
- public void setUp() throws Exception {
- MockitoAnnotations.initMocks(this);
-
- when(env.newDataFactory(Error.class)).thenReturn(errDF);
-
- future = new Future<Error>() {
-
- @Override
- public boolean get(int timeout) throws CadiException {
- return false;
- }
-
- @Override
- public int code() {
- return 0;
- }
-
- @Override
- public String body() {
- return "Body";
- }
-
- @Override
- public String header(String tag) {
- return "header";
- }
- };
-
- error = new Error();
- error.setMessageId("Error Message Id");
- error.setText("Error Text");
- errMessage = new ErrMessage(env);
-
-
- }
-
- @Test
- public void testPrintErrMessage() throws APIException {
- when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error);
-
- errMessage.printErr(System.out, attErrJson);
- }
-
- @Test
- public void testToMsgJsonErrAttribute() throws APIException {
- when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error);
-
- StringBuilder sb = new StringBuilder();
- errMessage.toMsg(sb,attErrJson);
-
- assertEquals(sb.toString(),"Error Message Id Error Text");
- }
-
- @Test
- public void testToMsgFuture() {
- StringBuilder sb = errMessage.toMsg(future);
-
- assertEquals(sb.toString(), "0: Body");
- }
-
-
- @Test
- public void testToMsgFutureWithoutException() throws APIException {
- when(errDF.newData().in(TYPE.JSON).load(future.body()).asObject()).thenReturn(error);
-
- StringBuilder sb = errMessage.toMsg(future);
-
- assertEquals(sb.toString(), "Error Message Id Error Text");
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java b/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java
deleted file mode 100644
index a3c12d3..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.marshal;
-import static org.junit.Assert.*;
-
-import org.junit.Test;
-
-
-
-import static org.junit.Assert.*;
-
-import org.junit.Test;
-import org.onap.aaf.rosetta.ParseException;
-
-public class JU_CertsMarshalTest {
-
- @Test
- public void test() throws ParseException {
- CertsMarshal marshal = new CertsMarshal();
- assertNotNull(marshal);
- }
-
- @Test
- public void test2() throws ParseException {
- CertsMarshal marshal = new CertsMarshal();
- assertNotNull(marshal);
- }
-
- @Test
- public void test3() throws ParseException {
- CertsMarshal marshal = new CertsMarshal();
- assertNotNull(marshal);
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java b/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java
deleted file mode 100644
index 9d95a6e..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.v2_0;
-import static org.junit.Assert.*;
-
-import org.junit.Test;
-
-
-
-import static org.junit.Assert.*;
-import static org.mockito.Matchers.anyInt;
-import static org.mockito.Mockito.when;
-
-
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Answers;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-import org.onap.aaf.cadi.AbsUserCache;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.inno.env.APIException;
-
-import com.att.aft.dme2.internal.jersey.api.client.Client;
-
-public class JU_AAFAuthnTest {
-
- @Mock(answer = Answers.RETURNS_DEEP_STUBS)
- private AAFCon<Client> con;
-
- @Mock(answer = Answers.RETURNS_DEEP_STUBS)
- private Future<String> fp;
-
- @Mock(answer = Answers.RETURNS_DEEP_STUBS)
- private AbsUserCache<AAFPermission> cache;
-
-
- @Before
- public void setup() throws APIException, CadiException {
- MockitoAnnotations.initMocks(this);
- when(con.client(AAFCon.AAF_LATEST_VERSION).read("/authn/basicAuth", "text/plain")).thenReturn(fp);
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENT() throws Exception {
- when(fp.get(anyInt())).thenReturn(false);
- when(fp.code()).thenReturn(401);
- when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\"");
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con);
-
- assertNotNull(auth.validate("NewUser", "New Password"));;
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission() throws Exception {
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con,cache);
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENT1() throws Exception {
- when(fp.get(anyInt())).thenReturn(false);
- when(fp.code()).thenReturn(401);
- when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\"");
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con);
-
- assertNotNull(auth.validate("NewUser1", "New Password1"));;
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission1() throws Exception {
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con,cache);
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENT2() throws Exception {
- when(fp.get(anyInt())).thenReturn(false);
- when(fp.code()).thenReturn(401);
- when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\"");
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con);
-
- assertNotNull(auth.validate("NewUser2", "New Password2"));;
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission2() throws Exception {
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con,cache);
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENT3() throws Exception {
- when(fp.get(anyInt())).thenReturn(false);
- when(fp.code()).thenReturn(401);
- when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\"");
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con);
-
- assertNotNull(auth.validate("NewUser3", "New Password3"));;
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission3() throws Exception {
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con,cache);
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENT4() throws Exception {
- when(fp.get(anyInt())).thenReturn(false);
- when(fp.code()).thenReturn(401);
- when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\"");
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con);
-
- assertNotNull(auth.validate("NewUser4", "New Password4"));;
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission4() throws Exception {
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con,cache);
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENT5() throws Exception {
- when(fp.get(anyInt())).thenReturn(false);
- when(fp.code()).thenReturn(401);
- when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\"");
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con);
-
- assertNotNull(auth.validate("NewUser5", "New Password5"));;
- }
-
- @Test
- public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission5() throws Exception {
- AAFAuthn<Client> auth = new AAFAuthn<Client>(con,cache);
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java
deleted file mode 100644
index 69c9688..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java
+++ /dev/null
@@ -1,144 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.lur.aaf.test;
-
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileReader;
-import java.io.PrintWriter;
-import java.io.StringWriter;
-import java.net.HttpURLConnection;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Properties;
-
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.onap.aaf.cadi.Permission;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
-import org.onap.aaf.cadi.aaf.v2_0.AAFTaf;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.locator.DNSLocator;
-import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
-
-import junit.framework.Assert;
-
-public class JU_JMeter {
- private static AAFConHttp aaf;
- private static AAFAuthn<HttpURLConnection> aafAuthn;
- private static AAFLurPerm aafLur;
- private static ArrayList<Principal> perfIDs;
-
- private static AAFTaf<HttpURLConnection> aafTaf;
- private static PropAccess access;
-
- @BeforeClass
- public static void before() throws Exception {
- if(aafLur==null) {
- Properties props = System.getProperties();
- props.setProperty("AFT_LATITUDE", "32.780140");
- props.setProperty("AFT_LONGITUDE", "-96.800451");
- props.setProperty("DME2_EP_REGISTRY_CLASS","DME2FS");
- props.setProperty("AFT_DME2_EP_REGISTRY_FS_DIR","/Volumes/Data/src/authz/dme2reg");
- props.setProperty("AFT_ENVIRONMENT", "AFTUAT");
- props.setProperty("SCLD_PLATFORM", "NON-PROD");
- props.setProperty(Config.AAF_URL,"https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE");
- props.setProperty(Config.AAF_READ_TIMEOUT, "2000");
- int timeToLive = 3000;
- props.setProperty(Config.AAF_CLEAN_INTERVAL, Integer.toString(timeToLive));
- props.setProperty(Config.AAF_HIGH_COUNT, "4");
-
- String aafPerfIDs = props.getProperty("AAF_PERF_IDS");
- perfIDs = new ArrayList<Principal>();
- File perfFile = null;
- if(aafPerfIDs!=null) {
- perfFile = new File(aafPerfIDs);
- }
-
- access = new PropAccess();
- aaf = new AAFConHttp(access, new DNSLocator(access,"https","localhost","8100"));
- aafTaf = new AAFTaf<HttpURLConnection>(aaf,false);
- aafLur = aaf.newLur(aafTaf);
- aafAuthn = aaf.newAuthn(aafTaf);
- aaf.basicAuth("testid@aaf.att.com", "whatever");
-
- if(perfFile==null||!perfFile.exists()) {
- perfIDs.add(new CachedBasicPrincipal(aafTaf,
- "Basic dGVzdGlkOndoYXRldmVy",
- "aaf.att.com",timeToLive));
- perfIDs.add(new Princ("ab1234@aaf.att.com")); // Example of Local ID, which isn't looked up
- } else {
- BufferedReader ir = new BufferedReader(new FileReader(perfFile));
- try {
- String line;
- while((line = ir.readLine())!=null) {
- if((line=line.trim()).length()>0)
- perfIDs.add(new Princ(line));
- }
- } finally {
- ir.close();
- }
- }
- Assert.assertNotNull(aafLur);
- }
- }
-
- private static class Princ implements Principal {
- private String name;
- public Princ(String name) {
- this.name = name;
- }
- public String getName() {
- return name;
- }
-
- };
-
- private static int index = -1;
-
- private synchronized Principal getIndex() {
- if(perfIDs.size()<=++index)index=0;
- return perfIDs.get(index);
- }
- @Test
- public void test() {
- try {
- aafAuthn.validate("testid@aaf.att.com", "whatever");
- List<Permission> perms = new ArrayList<Permission>();
- aafLur.fishAll(getIndex(), perms);
-// Assert.assertFalse(perms.isEmpty());
-// for(Permission p : perms) {
-// //access.log(Access.Level.AUDIT, p.permType());
-// }
- } catch (Exception e) {
- StringWriter sw = new StringWriter();
- e.printStackTrace(new PrintWriter(sw));
- Assert.assertFalse(sw.toString(),true);
- }
- }
-
-}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java
deleted file mode 100644
index 1beef2c..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java
+++ /dev/null
@@ -1,574 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.lur.aaf.test;
-
-import static org.junit.Assert.assertEquals;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.net.HttpURLConnection;
-import java.security.Principal;
-import java.util.Collection;
-import java.util.Enumeration;
-import java.util.Locale;
-import java.util.Map;
-
-import javax.servlet.AsyncContext;
-import javax.servlet.DispatcherType;
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletInputStream;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import javax.servlet.http.Part;
-
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Lur;
-import org.onap.aaf.cadi.Permission;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.Taf.LifeForm;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
-import org.onap.aaf.cadi.aaf.v2_0.AAFTaf;
-import org.onap.aaf.cadi.locator.DNSLocator;
-import org.onap.aaf.cadi.lur.ConfigPrincipal;
-import org.onap.aaf.cadi.lur.LocalPermission;
-import org.onap.aaf.cadi.taf.TafResp;
-
-public class JU_Lur2_0Call {
- private static AAFConHttp aaf;
- private static PropAccess access;
-
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
- access = new PropAccess();
- aaf = new AAFConHttp(access,new DNSLocator(access,"https","localhost","8100"));
- aaf.basicAuth("testid", "whatever");
- }
-
- @Test
- public void test() throws Exception {
-
- AAFLurPerm aafLur = aaf.newLur();
-
- Principal pri = new ConfigPrincipal("testid@aaf.att.com","whatever");
- for (int i = 0; i < 10; ++i) {
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|write"),false);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|read"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|read"),true);
-
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","write"),true);
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","write"),false);
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","read"),true);
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","read"),true);
-
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum.*|read"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true);
-
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum.*","read"),true);
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
-
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum[Qq]uat|read"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
-
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum[Qq]uat","read"),true);
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
-
-
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my.nstance|!wr*"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
-
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
-
- //Maitrayee, aren't we going to have issues if we do RegExp with "."?
- //Is it too expensive to only do Reg Ex in presence of special characters, []{}*, etc? Not sure this helps for GRID.
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kum.quat|read"),true);
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum..uat|read"),true);
-
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true); // ok if Stored Action is "*"
-
- // Key Evaluations
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:!my.*|write"),true); // ok if Stored Action is "*"
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*|write"),false); // not ok if key lengths don't match "*"
- print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:myCF|write"),true); // ok if Stored Action is "*"
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:!my.*","write"),true); // ok if Stored Action is "*"
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:myCF","write"),true); // ok if Stored Action is "*"
- print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*","write"),false); // not ok if key lengths don't match
-
- }
-
- print(aafLur, pri, new LocalPermission("bogus"),false);
-
-// try {
-// Thread.sleep(7000);
-// } catch (InterruptedException e) {
-// e.printStackTrace();
-// }
- for (int i = 0; i < 10; ++i)
- print(aafLur, pri, new LocalPermission("supergroup"),false);
-
- System.out.println("All Done");
- }
- @Test
- public void testTaf() throws Exception {
- AAFTaf<?> aaft = new AAFTaf<HttpURLConnection>(aaf,true);
-
- TafResp resp;
- // No Header
- resp = aaft.validate(LifeForm.CBLF, new Req(), null);
- assertEquals(TafResp.RESP.TRY_AUTHENTICATING, resp.isAuthenticated());
-
- String auth = "Basic " + Symm.base64.encode("testid:whatever");
- resp = aaft.validate(LifeForm.CBLF, new Req("Authorization",auth), null);
- assertEquals(TafResp.RESP.IS_AUTHENTICATED, resp.isAuthenticated());
-
- }
-// @Test
-// public void testRole() throws CadiException {
-// TestAccess ta = new TestAccess();
-// AAFLurRole1_0 aafLur = new AAFLurRole1_0(
-// ta,
-//// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=UAT/routeOffer=BAU_SE",
-// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=DEV/routeOffer=D1",
-// "m12345", "m12345pass", 50000, // dme Time
-// // 5*60000); // 5 minutes User Expiration
-// 50000, // 5 seconds after Expiration
-// 200); // High Count of items.. These do not take much memory
-//
-// Principal pri = new ConfigPrincipal("xy1234","whatever");
-// for (int i = 0; i < 10; ++i) {
-//// print(aafLur, pri, new LocalPermission("*|*|*|com.att.authz"));
-// print(aafLur, pri, new LocalPermission("service|myInstance|write"),false);
-// print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),false);
-// print(aafLur, pri, new LocalPermission("com.att.cadi"),true);
-// print(aafLur, pri, new LocalPermission("global"),true);
-// print(aafLur, pri, new LocalPermission("kumquat"),false);
-// }
-//
-// print(aafLur, pri, new LocalPermission("bogus"),false);
-//
-// for (int i = 0; i < 10; ++i)
-// print(aafLur, pri, new LocalPermission("supergroup"),false);
-//
-// System.out.println("All Done");
-// }
-
-
- private void print(Lur aafLur, Principal pri, Permission perm, boolean shouldBe)
- throws CadiException {
- long start = System.nanoTime();
-
- // The Call
- boolean ok = aafLur.fish(pri, perm);
-
- assertEquals(shouldBe,ok);
- float ms = (System.nanoTime() - start) / 1000000f;
- if (ok) {
- System.out.println("Yes, part of " + perm.getKey() + " (" + ms
- + "ms)");
- } else {
- System.out.println("No, not part of " + perm.getKey() + " (" + ms
- + "ms)");
- }
- }
-
- @SuppressWarnings("rawtypes")
- public class Req implements HttpServletRequest {
- private String[] headers;
-
- public Req(String ... headers) {
- this.headers = headers;
- }
-
- public Object getAttribute(String name) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public Enumeration getAttributeNames() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getCharacterEncoding() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public void setCharacterEncoding(String env)
- throws UnsupportedEncodingException {
- // TODO Auto-generated method stub
-
- }
-
- public int getContentLength() {
- // TODO Auto-generated method stub
- return 0;
- }
-
- public String getContentType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public ServletInputStream getInputStream() throws IOException {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getParameter(String name) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public Enumeration getParameterNames() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String[] getParameterValues(String name) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public Map getParameterMap() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getProtocol() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getScheme() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getServerName() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public int getServerPort() {
- // TODO Auto-generated method stub
- return 0;
- }
-
- public BufferedReader getReader() throws IOException {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getRemoteAddr() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getRemoteHost() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public void setAttribute(String name, Object o) {
- // TODO Auto-generated method stub
-
- }
-
- public void removeAttribute(String name) {
- // TODO Auto-generated method stub
-
- }
-
- public Locale getLocale() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public Enumeration getLocales() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public boolean isSecure() {
- // TODO Auto-generated method stub
- return false;
- }
-
- public RequestDispatcher getRequestDispatcher(String path) {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getRealPath(String path) {
- // TODO Auto-generated method stub
- return null;
- }
-
- public int getRemotePort() {
- // TODO Auto-generated method stub
- return 0;
- }
-
- public String getLocalName() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getLocalAddr() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public int getLocalPort() {
- // TODO Auto-generated method stub
- return 0;
- }
-
- public String getAuthType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public Cookie[] getCookies() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public long getDateHeader(String name) {
- // TODO Auto-generated method stub
- return 0;
- }
-
- public String getHeader(String name) {
- for(int i=1;i<headers.length;i=i+2) {
- if(headers[i-1].equals(name)) return headers[i];
- }
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public Enumeration getHeaders(String name) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public Enumeration getHeaderNames() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public int getIntHeader(String name) {
- // TODO Auto-generated method stub
- return 0;
- }
-
- public String getMethod() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getPathInfo() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getPathTranslated() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getContextPath() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getQueryString() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getRemoteUser() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public boolean isUserInRole(String role) {
- // TODO Auto-generated method stub
- return false;
- }
-
- public Principal getUserPrincipal() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getRequestedSessionId() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getRequestURI() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public StringBuffer getRequestURL() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getServletPath() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public HttpSession getSession(boolean create) {
- // TODO Auto-generated method stub
- return null;
- }
-
- public HttpSession getSession() {
- // TODO Auto-generated method stub
- return null;
- }
-
- public boolean isRequestedSessionIdValid() {
- // TODO Auto-generated method stub
- return false;
- }
-
- public boolean isRequestedSessionIdFromCookie() {
- // TODO Auto-generated method stub
- return false;
- }
-
- public boolean isRequestedSessionIdFromURL() {
- // TODO Auto-generated method stub
- return false;
- }
-
- public boolean isRequestedSessionIdFromUrl() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public ServletContext getServletContext() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public AsyncContext startAsync() throws IllegalStateException {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public AsyncContext startAsync(ServletRequest servletRequest,
- ServletResponse servletResponse) throws IllegalStateException {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public boolean isAsyncStarted() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public boolean isAsyncSupported() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public AsyncContext getAsyncContext() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public DispatcherType getDispatcherType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public boolean authenticate(HttpServletResponse response)
- throws IOException, ServletException {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public void login(String username, String password)
- throws ServletException {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public void logout() throws ServletException {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public Collection<Part> getParts() throws IOException, ServletException {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public Part getPart(String name) throws IOException, ServletException {
- // TODO Auto-generated method stub
- return null;
- }
-
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java
deleted file mode 100644
index 3779b4f..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java
+++ /dev/null
@@ -1,145 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.lur.aaf.test;
-
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Permission;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.locator.PropertyLocator;
-
-public class JU_MultiThreadPermHit {
- public static void main(String args[]) {
- // Link or reuse to your Logging mechanism
- PropAccess myAccess = new PropAccess(); //
-
- //
- try {
- AAFConHttp con = new AAFConHttp(myAccess,new PropertyLocator("https://mithrilcsp.sbc.com:8100"));
-
- // AAFLur has pool of DME clients as needed, and Caches Client lookups
- final AAFLurPerm aafLur = con.newLur();
- aafLur.setDebug("m12345@aaf.att.com");
-
- // Note: If you need both Authn and Authz construct the following:
- AAFAuthn<?> aafAuthn = con.newAuthn(aafLur);
-
- // Do not set Mech ID until after you construct AAFAuthn,
- // because we initiate "401" info to determine the Realm of
- // of the service we're after.
- final String id = myAccess.getProperty(Config.AAF_MECHID,null);
- final String pass = myAccess.decrypt(myAccess.getProperty(Config.AAF_MECHPASS,null),false);
- if(id!=null && pass!=null) {
- try {
-
- // Normally, you obtain Principal from Authentication System.
- // // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
- // // If you use CADI as Authenticator, it will get you these Principals from
- // // CSP or BasicAuth mechanisms.
- // String id = "cluster_admin@gridcore.att.com";
- //
- // // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
- String ok;
- ok = aafAuthn.validate(id, pass);
- if(ok!=null) {
- System.out.println(ok);
- }
-
- List<Permission> pond = new ArrayList<Permission>();
- for(int i=0;i<20;++i) {
- pond.clear();
- aafLur.fishAll(i+id, pond);
- if(ok!=null && i%1000==0) {
- System.out.println(i + " " + ok);
- }
- }
-
- for(int i=0;i<1000000;++i) {
- ok = aafAuthn.validate( i+ id, "wrongPass");
- if(ok!=null && i%1000==0) {
- System.out.println(i + " " + ok);
- }
- }
-
- final AAFPermission perm = new AAFPermission("com.att.aaf.access","*","*");
-
- // Now you can ask the LUR (Local Representative of the User Repository about Authorization
- // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object
- // instead of creating your own LUR
- for(int i=0;i<4;++i) {
- if(aafLur.fish(id, perm)) {
- System.out.println("Yes, " + id + " has permission for " + perm.getKey());
- } else {
- System.out.println("No, " + id + " does not have permission for " + perm.getKey());
- }
- }
-
-
- // Or you can all for all the Permissions available
- List<Permission> perms = new ArrayList<Permission>();
-
-
- aafLur.fishAll(id,perms);
- System.out.println("Perms for " + id);
- for(Permission prm : perms) {
- System.out.println(prm.getKey());
- }
-
- System.out.println("Press any key to continue");
- System.in.read();
-
- for(int j=0;j<5;++j) {
- new Thread(new Runnable() {
- @Override
- public void run() {
- for(int i=0;i<20;++i) {
- if(aafLur.fish(id, perm)) {
- System.out.println("Yes, " + id + " has permission for " + perm.getKey());
- } else {
- System.out.println("No, " + id + " does not have permission for " + perm.getKey());
- }
- }
- }
- }).start();
- }
-
-
- } finally {
- aafLur.destroy();
- }
- } else { // checked on IDs
- System.err.println(Config.AAF_MECHID + " and/or " + Config.AAF_MECHPASS + " are not set.");
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java
deleted file mode 100644
index d60eedb..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.lur.aaf.test;
-
-import static org.junit.Assert.*;
-
-import org.junit.AfterClass;
-import org.junit.Test;
-import org.onap.aaf.cadi.aaf.PermEval;
-
-public class JU_PermEval {
-
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- }
-
- @Test
- public void test() {
- assertTrue(PermEval.evalInstance(":com.att.temp:role:write",":!com.att.*:role:write"));
-
- // TRUE
- assertTrue(PermEval.evalAction("fred","fred"));
- assertTrue(PermEval.evalAction("fred,wilma","fred"));
- assertTrue(PermEval.evalAction("barney,betty,fred,wilma","fred"));
- assertTrue(PermEval.evalAction("*","fred"));
-
- assertTrue(PermEval.evalInstance("fred","fred"));
- assertTrue(PermEval.evalInstance("fred,wilma","fred"));
- assertTrue(PermEval.evalInstance("barney,betty,fred,wilma","fred"));
- assertTrue(PermEval.evalInstance("*","fred"));
-
- assertTrue(PermEval.evalInstance(":fred:fred",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:fred,wilma",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:barney,betty,fred,wilma",":fred:fred"));
- assertTrue(PermEval.evalInstance("*","fred"));
- assertTrue(PermEval.evalInstance(":*:fred",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:*",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:fred",":!f.*:fred"));
- assertTrue(PermEval.evalInstance(":fred:fred",":fred:!f.*"));
-
- /// FALSE
- assertFalse(PermEval.evalInstance("fred","wilma"));
- assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
- assertFalse(PermEval.evalInstance(":fred:fred",":fred:wilma"));
- assertFalse(PermEval.evalInstance(":fred:fred",":wilma:fred"));
- assertFalse(PermEval.evalInstance(":fred:fred",":wilma:!f.*"));
- assertFalse(PermEval.evalInstance(":fred:fred",":!f.*:wilma"));
- assertFalse(PermEval.evalInstance(":fred:fred",":!w.*:!f.*"));
- assertFalse(PermEval.evalInstance(":fred:fred",":!f.*:!w.*"));
-
- assertFalse(PermEval.evalInstance(":fred:fred",":fred:!x.*"));
-
- // MSO Tests 12/3/2015
- assertFalse(PermEval.evalInstance("/v1/services/features/*","/v1/services/features"));
- assertFalse(PermEval.evalInstance(":v1:services:features:*",":v1:services:features"));
- assertTrue(PermEval.evalInstance("/v1/services/features/*","/v1/services/features/api1"));
- assertTrue(PermEval.evalInstance(":v1:services:features:*",":v1:services:features:api2"));
- // MSO - Xue Gao
- assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service"));
-
-
-
- // Same tests, with Slashes
- assertTrue(PermEval.evalInstance("/fred/fred","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/fred,wilma","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/barney,betty,fred,wilma","/fred/fred"));
- assertTrue(PermEval.evalInstance("*","fred"));
- assertTrue(PermEval.evalInstance("/*/fred","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/*","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/fred","/!f.*/fred"));
- assertTrue(PermEval.evalInstance("/fred/fred","/fred/!f.*"));
-
- /// FALSE
- assertFalse(PermEval.evalInstance("fred","wilma"));
- assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
- assertFalse(PermEval.evalInstance("/fred/fred","/fred/wilma"));
- assertFalse(PermEval.evalInstance("/fred/fred","/wilma/fred"));
- assertFalse(PermEval.evalInstance("/fred/fred","/wilma/!f.*"));
- assertFalse(PermEval.evalInstance("/fred/fred","/!f.*/wilma"));
- assertFalse(PermEval.evalInstance("/fred/fred","/!w.*/!f.*"));
- assertFalse(PermEval.evalInstance("/fred/fred","/!f.*/!w.*"));
-
- assertFalse(PermEval.evalInstance("/fred/fred","/fred/!x.*"));
-
- }
-
-}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java
deleted file mode 100644
index f3d66a6..0000000
--- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.lur.aaf.test;
-
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.PrintStream;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.config.Config;
-
-public class JU_TestAccess implements Access {
- private Symm symm;
- private PrintStream out;
-
- public JU_TestAccess(PrintStream out) {
- this.out = out;
- InputStream is = ClassLoader.getSystemResourceAsStream("cadi.properties");
- try {
- System.getProperties().load(is);
- } catch (IOException e) {
- e.printStackTrace(out);
- } finally {
- try {
- is.close();
- } catch (IOException e) {
- e.printStackTrace(out);
- }
- }
-
- String keyfile = System.getProperty(Config.CADI_KEYFILE);
- if(keyfile==null) {
- System.err.println("No " + Config.CADI_KEYFILE + " in Classpath");
- } else {
- try {
- is = new FileInputStream(keyfile);
- try {
- symm = Symm.obtain(is);
- } finally {
- is.close();
- }
- } catch (IOException e) {
- e.printStackTrace(out);
- }
- }
-
-
-
- }
-
- public void log(Level level, Object... elements) {
- boolean first = true;
- for(int i=0;i<elements.length;++i) {
- if(first)first = false;
- else out.print(' ');
- out.print(elements[i].toString());
- }
- out.println();
- }
-
- public void log(Exception e, Object... elements) {
- e.printStackTrace(out);
- log(Level.ERROR,elements);
- }
-
- public void setLogLevel(Level level) {
-
- }
-
- @Override
- public boolean willLog(Level level) {
- return true;
- }
-
- public ClassLoader classLoader() {
- return ClassLoader.getSystemClassLoader();
- }
-
- public String getProperty(String string, String def) {
- String rv = System.getProperty(string);
- return rv==null?def:rv;
- }
-
- public void load(InputStream is) throws IOException {
-
- }
-
- public String decrypt(String encrypted, boolean anytext) throws IOException {
- return (encrypted!=null && (anytext==true || encrypted.startsWith(Symm.ENC)))
- ? symm.depass(encrypted)
- : encrypted;
- }
-
- @Override
- public void printf(Level level, String fmt, Object... elements) {
- // TODO Auto-generated method stub
-
- }
-
-}
diff --git a/aaf/src/test/java/org/onap/aaf/content/JU_Content.java b/aaf/src/test/java/org/onap/aaf/content/JU_Content.java
deleted file mode 100644
index 6691f84..0000000
--- a/aaf/src/test/java/org/onap/aaf/content/JU_Content.java
+++ /dev/null
@@ -1,83 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.content;
-
-import java.io.StringReader;
-
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import aaf.v2_0.Error;
-
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaData;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-public class JU_Content {
-
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
- }
-
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- }
-
-
- @Test
- public void parseErrorJSON() throws Exception {
- final String msg = "{\"messageId\":\"SVC2000\",\"text\":\"Select which cred to delete (or 0 to delete all):" +
- "1) %1" +
- "2) %2" +
- "3) %3" +
- "4) %4" +
- "Run same command again with chosen entry as last parameter\"," +
- "\"variables\":[" +
- "\"m55555@jr583u.cred.test.com 1 Wed Oct 08 11:48:08 CDT 2014\"," +
- "\"m55555@jr583u.cred.test.com 1 Thu Oct 09 12:54:46 CDT 2014\"," +
- "\"m55555@jr583u.cred.test.com 1 Tue Jan 06 05:00:00 CST 2015\"," +
- "\"m55555@jr583u.cred.test.com 1 Wed Jan 07 05:00:00 CST 2015\"]}";
-
- Error err = new Error();
- err.setText("Hello");
- err.getVariables().add("I'm a teapot");
- err.setMessageId("12");
-
-
-// System.out.println(msg);
- RosettaEnv env = new RosettaEnv();
- RosettaDF<aaf.v2_0.Error> errDF = env.newDataFactory(aaf.v2_0.Error.class);
- errDF.in(RosettaData.TYPE.JSON);
- errDF.out(RosettaData.TYPE.JSON);
- RosettaData<Error> data = errDF.newData();
- data.load(err);
- System.out.println(data.asString());
-
- data.load(new StringReader(msg));
- err = data.asObject();
- System.out.println(err.getText());
- }
-
-
-}
diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java b/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java
deleted file mode 100644
index 17fd827..0000000
--- a/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.example;
-
-import java.net.HttpURLConnection;
-import java.net.URI;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.http.HClient;
-import org.onap.aaf.cadi.http.HX509SS;
-
-public class JU_CadiTest {
- public static void main(String args[]) {
- Access access = new PropAccess();
- try {
- SecurityInfoC<HttpURLConnection> si = new SecurityInfoC<HttpURLConnection>(access);
- HClient hclient = new HClient(
- new HX509SS(si),
- new URI("https://mithrilcsp.sbc.com:8085"),3000);
- hclient.setMethod("OPTIONS");
- hclient.setPathInfo("/gui/cadi/log/toggle/INFO");
- hclient.send();
- Future<String> future = hclient.futureReadString();
- if(future.get(5000)) {
- System.out.println(future.value);
- } else {
- System.out.printf("Error: %d-%s", future.code(),future.body());
- }
-
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java
deleted file mode 100644
index cb4e48f..0000000
--- a/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.example;
-
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-import org.onap.aaf.cadi.locator.DNSLocator;
-
-public class JU_ExampleAuthCheck {
- public static void main(String args[]) {
- // Link or reuse to your Logging mechanism
- PropAccess myAccess = new PropAccess(); //
-
- try {
- AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator(
- myAccess,"https","localhost","8100"));
- AAFAuthn<?> authn = acon.newAuthn();
- long start;
- for (int i=0;i<10;++i) {
- start = System.nanoTime();
- String err = authn.validate("", "gritty");
- if(err!=null) System.err.println(err);
- else System.out.println("I'm ok");
-
- err = authn.validate("bogus", "gritty");
- if(err!=null) System.err.println(err + " (correct error)");
- else System.out.println("I'm ok");
-
- System.out.println((System.nanoTime()-start)/1000000f + " ms");
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java
deleted file mode 100644
index 652cadb..0000000
--- a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.example;
-
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.onap.aaf.cadi.Permission;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConDME2;
-import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
-
-public class JU_ExamplePerm2_0 {
- public static void main(String args[]) {
-
- // Link or reuse to your Logging mechanism
- PropAccess myAccess = new PropAccess();
-
- //
- try {
- AAFCon<?> acon = new AAFConDME2(myAccess);
-
- // AAFLur has pool of DME clients as needed, and Caches Client lookups
- AAFLurPerm aafLur = acon.newLur();
-
- // Note: If you need both Authn and Authz construct the following:
- AAFAuthn<?> aafAuthn = acon.newAuthn(aafLur);
-
- // Do not set Mech ID until after you construct AAFAuthn,
- // because we initiate "401" info to determine the Realm of
- // of the service we're after.
- acon.basicAuth("mc0897@aaf.att.com", "XXXXXX");
-
- try {
-
- // Normally, you obtain Principal from Authentication System.
- // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
- // If you use CADI as Authenticator, it will get you these Principals from
- // CSP or BasicAuth mechanisms.
- String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com";
-
- // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
- String ok = aafAuthn.validate(id, "XXXXXX");
- if(ok!=null)System.out.println(ok);
-
- ok = aafAuthn.validate(id, "wrongPass");
- if(ok!=null)System.out.println(ok);
-
-
- // AAF Style permissions are in the form
- // Type, Instance, Action
- AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE");
-
- // Now you can ask the LUR (Local Representative of the User Repository about Authorization
- // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object
- // instead of creating your own LUR
- System.out.println("Does " + id + " have " + perm);
- if(aafLur.fish(id, perm)) {
- System.out.println("Yes, you have permission");
- } else {
- System.out.println("No, you don't have permission");
- }
-
- System.out.println("Does Bogus have " + perm);
- if(aafLur.fish("Bogus", perm)) {
- System.out.println("Yes, you have permission");
- } else {
- System.out.println("No, you don't have permission");
- }
-
- // Or you can all for all the Permissions available
- List<Permission> perms = new ArrayList<Permission>();
-
- aafLur.fishAll(id,perms);
- for(Permission prm : perms) {
- System.out.println(prm.getKey());
- }
-
- // It might be helpful in some cases to clear the User's identity from the Cache
- aafLur.remove(id);
- } finally {
- aafLur.destroy();
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java
deleted file mode 100644
index 88e2936..0000000
--- a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.example;
-
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.onap.aaf.cadi.Permission;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
-import org.onap.aaf.cadi.locator.DNSLocator;
-
-public class JU_ExamplePerm2_0_DME2 {
- public static void main(String args[]) {
- // Link or reuse to your Logging mechanism
- PropAccess myAccess = new PropAccess();
-
- //
- try {
- AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator(
- myAccess,"https","localhost","8100"));
-
- // AAFLur has pool of DME clients as needed, and Caches Client lookups
- AAFLurPerm aafLur = acon.newLur();
-
- // Note: If you need both Authn and Authz construct the following:
- AAFAuthn<?> aafAuthn = acon.newAuthn(aafLur);
-
- // Do not set Mech ID until after you construct AAFAuthn,
- // because we initiate "401" info to determine the Realm of
- // of the service we're after.
- acon.basicAuth("mc0897@aaf.att.com", "XXXXXX");
-
- try {
-
- // Normally, you obtain Principal from Authentication System.
- // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
- // If you use CADI as Authenticator, it will get you these Principals from
- // CSP or BasicAuth mechanisms.
- String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com";
-
- // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
- String ok = aafAuthn.validate(id, "XXXXXX");
- if(ok!=null)System.out.println(ok);
-
- ok = aafAuthn.validate(id, "wrongPass");
- if(ok!=null)System.out.println(ok);
-
-
- // AAF Style permissions are in the form
- // Type, Instance, Action
- AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE");
-
- // Now you can ask the LUR (Local Representative of the User Repository about Authorization
- // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object
- // instead of creating your own LUR
- System.out.println("Does " + id + " have " + perm);
- if(aafLur.fish(id, perm)) {
- System.out.println("Yes, you have permission");
- } else {
- System.out.println("No, you don't have permission");
- }
-
- System.out.println("Does Bogus have " + perm);
- if(aafLur.fish("Bogus", perm)) {
- System.out.println("Yes, you have permission");
- } else {
- System.out.println("No, you don't have permission");
- }
-
- // Or you can all for all the Permissions available
- List<Permission> perms = new ArrayList<Permission>();
-
- aafLur.fishAll(id,perms);
- for(Permission prm : perms) {
- System.out.println(prm.getKey());
- }
-
- // It might be helpful in some cases to clear the User's identity from the Cache
- aafLur.remove(id);
- } finally {
- aafLur.destroy();
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- }
-}
diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java b/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java
deleted file mode 100644
index e756f6d..0000000
--- a/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.example;
-
-import java.security.Principal;
-
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.locator.DNSLocator;
-import org.onap.aaf.cadi.lur.LocalPermission;
-
-public class JU_X509Test {
- public static void main(String args[]) {
- // Link or reuse to your Logging mechanism
-
- PropAccess myAccess = new PropAccess();
-
- //
- try {
- AAFConHttp con = new AAFConHttp(myAccess,
- new DNSLocator(myAccess,"https","mithrilcsp.sbc.com","8100"));
-
- // AAFLur has pool of DME clients as needed, and Caches Client lookups
- AAFLurPerm aafLur = con.newLur();
-
- // Note: If you need both Authn and Authz construct the following:
-// AAFAuthn<?> aafAuthn = con.newAuthn(aafLur);
-
- // con.x509Alias("aaf.att"); // alias in keystore
-
- try {
-
- // Normally, you obtain Principal from Authentication System.
-// // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
-// // If you use CADI as Authenticator, it will get you these Principals from
-// // CSP or BasicAuth mechanisms.
-// String id = "cluster_admin@gridcore.att.com";
-//
-// // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
- Future<String> fs =
- con.client("2.0").read("/authz/perms/com.att.aaf.ca","application/Perms+json");
- if(fs.get(3000)) {
- System.out.println(fs.value);
- } else {
- System.out.println("Error: " + fs.code() + ':' + fs.body());
- }
-
- // Check on Perms with LUR
- if(aafLur.fish(new Principal() {
- @Override
- public String getName() {
- return "m12345@aaf.att.com";
- }
- }, new LocalPermission("com.att.aaf.ca|aaf|request"))) {
- System.out.println("Has Perm");
- } else {
- System.out.println("Does NOT Have Perm");
- }
- } finally {
- aafLur.destroy();
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- }
-}
diff --git a/aaf/src/test/resources/cadi.properties b/aaf/src/test/resources/cadi.properties
deleted file mode 100644
index 8f1209a..0000000
--- a/aaf/src/test/resources/cadi.properties
+++ /dev/null
@@ -1,52 +0,0 @@
-#-------------------------------------------------------------------------------
-# ============LICENSE_START====================================================
-# * org.onap.aaf
-# * ===========================================================================
-# * Copyright 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
-###############################################################################
-# Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
-###############################################################################
-##
-## AUTHZ API (authz-service) Properties
-##
-
-cadi_prop_file=com.att.aaf.props;com.att.aaf.common.props
-
-#cadi_trust_all_x509=true
-#cadi_alias=aaf.att
-https.protocols=TLSv1.1,TLSv1.2
-
-cm_url=https://XXX:8150
-
-basic_realm=localized
-basic_warn=false
-localhost_deny=false
-
-cass_group_name=com.att.aaf
-cass_cluster_name=mithrilcsp.sbc.com
-aaf_default_realm=com.att.csp
-
-aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE
-aaf_id=???
-aaf_password=enc:XXX
-
-aaf_user_expires=3000
-aaf_clean_interval=4000
-
diff --git a/aaf/src/test/resources/log4j.properties b/aaf/src/test/resources/log4j.properties
deleted file mode 100644
index c4686fd..0000000
--- a/aaf/src/test/resources/log4j.properties
+++ /dev/null
@@ -1,57 +0,0 @@
-#-------------------------------------------------------------------------------
-# ============LICENSE_START====================================================
-# * org.onap.aaf
-# * ===========================================================================
-# * Copyright 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
-###############################################################################
-# Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
-###############################################################################
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
-
-# General Apache libraries
-log4j.rootLogger=WARN,stdout
-log4j.logger.org.apache=WARN,stdout
-log4j.logger.dme2=WARN,stdout
-log4j.logger.init=INFO,stdout
-log4j.logger.authz=INFO,stdout
-log4j.logger.audit=WARN,stdout
-
-
-
diff --git a/aaf/src/test/resources/logging.props b/aaf/src/test/resources/logging.props
deleted file mode 100644
index 9a30a2a..0000000
--- a/aaf/src/test/resources/logging.props
+++ /dev/null
@@ -1,38 +0,0 @@
-| ############################################################
-# Default Logging Configuration File
-#
-# You can use a different file by specifying a filename
-# with the java.util.logging.config.file system property.
-# For example java -Djava.util.logging.config.file=myfile
-############################################################
-
-############################################################
-# Global properties
-############################################################
-
-# "handlers" specifies a comma separated list of log Handler
-# classes. These handlers will be installed during VM startup.
-# Note that these classes must be on the system classpath.
-# By default we only configure a ConsoleHandler, which will only
-# show messages at the INFO and above levels.
-handlers=java.util.logging.FileHandler
-
-# Default global logging level.
-# This specifies which kinds of events are logged across
-# all loggers. For any given facility this global level
-# can be overriden by a facility specific level
-# Note that the ConsoleHandler also has a separate level
-# setting to limit messages printed to the console.
-.level=INFO
-
-############################################################
-# Handler specific properties.
-# Describes specific configuration info for Handlers.
-############################################################
-java.util.logging.FileHandler.properties=autoFlush,fileName,dataPattern,name
-java.util.logging.FileHandler.fileName=%h/.aaf/dme2.log
-java.util.logging.FileHandlerFileHandler.autoFlush=true
-java.util.logging.FileHandlerFileHandler.name=DailyRollingFileHandler
-java.util.logging.FileHandlerFileHandler.datePattern='.'yyyy-MM-dd
-com.att.aft.dme2.events.server.summary=INFO
-
diff --git a/cass/etc/cadi.properties b/cass/etc/cadi.properties
deleted file mode 100644
index c5f9c2c..0000000
--- a/cass/etc/cadi.properties
+++ /dev/null
@@ -1,68 +0,0 @@
-#-------------------------------------------------------------------------------
-# ============LICENSE_START====================================================
-# * org.onap.aaf
-# * ===========================================================================
-# * Copyright 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
-###############################################################################
-# Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
-###############################################################################
-##
-## AUTHZ API (authz-service) Properties
-##
-
-## DISCOVERY (DME2) Parameters on the Command Line
-AFT_LATITUDE=38.627345
-AFT_LONGITUDE=-90.193774
-AFT_ENVIRONMENT=AFTUAT
-
-# CADI
-cadi_keyfile=/opt/app/aaf/common/com.att.aaf.keyfile
-cadi_loglevel=WARN
-
-# CASSANDRA Required for APP
-cass_group_name=com.att.aaf
-
-# CASSANDRA Optional
-cass_cluster_name=mithril
-
-# AAF Required for APP
-aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE
-DME2_EP_REGISTRY_CLASS=DME2FS
-AFT_DME2_EP_REGISTRY_FS_DIR=/Volumes/Data/src/authz/dme2reg
-
-aaf_default_realm=aaf.localized
-aaf_id=XX@NS
-aaf_password=enc:
-cadi_loglevel=DEBUG
-
-# AAF Optional
-# Connection Time Out (milliseconds)
-aaf_conn_timeout=10000
-# User Cache Expiration (milliseconds)
-aaf_user_expires=600000
-# High count... Rough top number of objects held in Cache per cycle. If high is reached, more are
-# recycled next time.
-aaf_high_count=1000
-
-##
-## Localized Passwords
-##
-basic_realm=aaf.localized
-local_users=root@aaf.localized%<PASS>:/dbname
diff --git a/cass/pom.xml b/cass/pom.xml
deleted file mode 100644
index eae576b..0000000
--- a/cass/pom.xml
+++ /dev/null
@@ -1,233 +0,0 @@
-<!-- ============LICENSE_START====================================================
- * org.onap.aaf * ===========================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved. * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License"); * you may
- not use this file except in compliance with the License. * You may obtain
- a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 *
- * Unless required by applicable law or agreed to in writing, software * distributed
- under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES
- OR CONDITIONS OF ANY KIND, either express or implied. * See the License for
- the specific language governing permissions and * limitations under the License.
- * ============LICENSE_END====================================================
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
- <relativePath>..</relativePath>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
- <name>CADI Cassandra Plugin</name>
- <packaging>jar</packaging>
- <url>https://github.com/att/AAF</url>
- <description>CADI</description>
- <artifactId>cadi-cass</artifactId>
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.cadiVersion>1.0.0-SNAPSHOT</project.cadiVersion>
- <!-- SONAR -->
- <sonar.skip>true</sonar.skip>
- <jacoco.version>0.7.7.201606060606</jacoco.version>
- <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
- <sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
- <!-- Default Sonar configuration -->
- <sonar.jacoco.reportPath>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPath>
- <sonar.jacoco.itReportPath>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPath>
- <!-- Note: This list should match jacoco-maven-plugin's exclusion list
- below -->
- <sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions>
- <nexusproxy>https://nexus.onap.org</nexusproxy>
- <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath>
- <releaseNexusPath>/content/repositories/releases/</releaseNexusPath>
- <stagingNexusPath>/content/repositories/staging/</stagingNexusPath>
- <sitePath>/content/sites/site/org/onap/aaf/cadi/${project.artifactId}/${project.version}</sitePath>
- </properties>
- <dependencies>
- <dependency>
- <groupId>ch.qos.logback</groupId>
- <artifactId>logback-classic</artifactId>
- <version>1.2.0</version>
- </dependency>
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- <version>4.5.3</version>
- </dependency>
- <dependency>
- <groupId>io.netty</groupId>
- <artifactId>netty-all</artifactId>
- <version>4.0.37.Final</version>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-all</artifactId>
- <version>1.9.5</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-aaf</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.apache.cassandra</groupId>
- <artifactId>cassandra-all</artifactId>
- <version>2.1.14</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- </exclusion>
- <exclusion>
- <groupId>log4j</groupId>
- <artifactId>log4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.codehaus.jackson</groupId>
- <artifactId>jackson-mapper-asl</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
- </dependencies>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jarsigner-plugin</artifactId>
- </plugin>
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-javadoc-plugin</artifactId>
- <version>2.10.4</version>
- <configuration>
- <failOnError>false</failOnError>
- </configuration>
- <executions>
- <execution>
- <id>attach-javadocs</id>
- <goals>
- <goal>jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-source-plugin</artifactId>
- <version>2.2.1</version>
- <executions>
- <execution>
- <id>attach-sources</id>
- <goals>
- <goal>jar-no-fork</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.sonatype.plugins</groupId>
- <artifactId>nexus-staging-maven-plugin</artifactId>
- <version>1.6.7</version>
- <extensions>true</extensions>
- <configuration>
- <nexusUrl>${nexusproxy}</nexusUrl>
- <stagingProfileId>176c31dfe190a</stagingProfileId>
- <serverId>ecomp-staging</serverId>
- </configuration>
- </plugin>
-
- <plugin>
- <groupId>org.jacoco</groupId>
- <artifactId>jacoco-maven-plugin</artifactId>
- <version>${jacoco.version}</version>
- <configuration>
- <excludes>
- <exclude>**/gen/**</exclude>
- <exclude>**/generated-sources/**</exclude>
- <exclude>**/yang-gen/**</exclude>
- <exclude>**/pax/**</exclude>
- </excludes>
- </configuration>
- <executions>
-
- <execution>
- <id>pre-unit-test</id>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile>
- <propertyName>surefireArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-unit-test</id>
- <phase>test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
- </configuration>
- </execution>
- <execution>
- <id>pre-integration-test</id>
- <phase>pre-integration-test</phase>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile>
-
- <propertyName>failsafeArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-integration-test</id>
- <phase>post-integration-test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
-
- </plugins>
- </build>
- <distributionManagement>
- <repository>
- <id>ecomp-releases</id>
- <name>AAF Release Repository</name>
- <url>${nexusproxy}${releaseNexusPath}</url>
- </repository>
- <snapshotRepository>
- <id>ecomp-snapshots</id>
- <name>AAF Snapshot Repository</name>
- <url>${nexusproxy}${snapshotNexusPath}</url>
- </snapshotRepository>
- <site>
- <id>ecomp-site</id>
- <url>dav:${nexusproxy}${sitePath}</url>
- </site>
- </distributionManagement>
-
-</project>
diff --git a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticatedUser.java b/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticatedUser.java
deleted file mode 100644
index 30d979a..0000000
--- a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticatedUser.java
+++ /dev/null
@@ -1,110 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.cass;
-
-import java.security.Principal;
-
-import org.apache.cassandra.auth.AuthenticatedUser;
-import org.onap.aaf.cadi.Access;
-
-public class AAFAuthenticatedUser extends AuthenticatedUser implements Principal {
- private boolean anonymous = false, supr=false, local=false;
- private String fullName;
-// private Access access;
-
- public AAFAuthenticatedUser(Access access, String name) {
- super(name);
-// this.access = access;
- int endIndex = name.indexOf("@");
- if(endIndex >= 0) {
- fullName = name;
- } else {
- fullName = name + '@' + AAFBase.default_realm;
- }
- }
-
- public String getFullName() {
- return fullName;
- }
-
- public String getName() {
- return fullName;
- }
-
- /* (non-Javadoc)
- * @see org.apache.cassandra.auth.AuthenticatedUser#isAnonymous()
- */
- @Override
- public boolean isAnonymous() {
- return anonymous;
- }
-
- public void setAnonymous(boolean anon) {
- anonymous = anon;
- }
-
- public boolean getAnonymous() {
- return anonymous;
- }
-
- /* (non-Javadoc)
- * @see org.apache.cassandra.auth.AuthenticatedUser#isSuper()
- */
- @Override
- public boolean isSuper() {
- return supr;
- }
-
- public void setSuper(boolean supr) {
- this.supr = supr;
- }
-
- public boolean getSuper() {
- return supr;
- }
-
- /**
- * We check Local so we can compare with the right Lur. This is AAF Plugin only.
- * @return
- */
- public boolean isLocal() {
- return local;
- }
-
- public void setLocal(boolean val) {
- local = val;
- }
-
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (!(o instanceof AAFAuthenticatedUser)) return false;
- return ((AuthenticatedUser)o).getName().equals(this.getName());
- }
-
- @Override
- public int hashCode() {
- //access.log(Level.DEBUG, "AAFAuthentication hashcode ",getName().hashCode());
- return getName().hashCode();
- }
-}
diff --git a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticator.java b/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticator.java
deleted file mode 100644
index 6b8b29d..0000000
--- a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthenticator.java
+++ /dev/null
@@ -1,174 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.cass;
-
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.cassandra.auth.AuthenticatedUser;
-import org.apache.cassandra.auth.IAuthenticator;
-import org.apache.cassandra.auth.ISaslAwareAuthenticator;
-import org.apache.cassandra.exceptions.AuthenticationException;
-import org.apache.cassandra.exceptions.InvalidRequestException;
-import org.apache.cassandra.exceptions.RequestExecutionException;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.CredVal.Type;
-import org.onap.aaf.cadi.config.Config;
-
-public class AAFAuthenticator extends AAFBase implements ISaslAwareAuthenticator {
-
- public boolean requireAuthentication() {
- return true;
- }
-
- /**
- * Invoked to authenticate an user
- */
- public AuthenticatedUser authenticate(Map<String, String> credentials) throws AuthenticationException {
- String username = (String)credentials.get("username");
- if (username == null) {
- throw new AuthenticationException("'username' is missing");
- }
-
- AAFAuthenticatedUser aau = new AAFAuthenticatedUser(access,username);
- String fullName=aau.getFullName();
- access.log(Level.DEBUG, "Authenticating", aau.getName(),"(", fullName,")");
-
- String password = (String)credentials.get("password");
- if (password == null) {
- throw new AuthenticationException("'password' is missing");
- } else if(password.startsWith("bsf:")) {
- try {
- password = Symm.base64noSplit.depass(password);
- } catch (IOException e) {
- throw new AuthenticationException("AAF bnf: Password cannot be decoded");
- }
- } else if(password.startsWith("enc:???")) {
- try {
- password = access.decrypt(password, true);
- } catch (IOException e) {
- throw new AuthenticationException("AAF Encrypted Password cannot be decrypted");
- }
- }
-
- if(localLur!=null) {
- access.log(Level.DEBUG, "Validating",fullName, "with LocalTaf", password);
- if(localLur.validate(fullName, Type.PASSWORD, password.getBytes())) {
- aau.setAnonymous(true);
- aau.setLocal(true);
- access.log(Level.DEBUG, fullName, "is authenticated locally");
- return aau;
- }
- }
-
- String aafResponse;
- try {
- access.log(Level.DEBUG, "Validating",fullName, "with AAF");//, password);
- aafResponse = aafAuthn.validate(fullName, password);
- if(aafResponse != null) { // Reason for failing.
- access.log(Level.AUDIT, "AAF reports ",fullName,":",aafResponse);
- throw new AuthenticationException(aafResponse);
- }
- access.log(Level.AUDIT, fullName, "is authenticated"); //,password);
- // This tells Cassandra to skip checking it's own tables for User Entries.
- aau.setAnonymous(true);
- } catch (AuthenticationException ex) {
- throw ex;
- } catch(Exception ex) {
- access.log(ex,"Exception validating user");
- throw new AuthenticationException("Exception validating user");
- }
-
- return aau;
- }
-
- public void create(String username, Map<IAuthenticator.Option, Object> options) throws InvalidRequestException, RequestExecutionException {
- access.log(Level.INFO,"Use AAF CLI to create user");
- }
-
- public void alter(String username, Map<IAuthenticator.Option, Object> options) throws RequestExecutionException {
- access.log(Level.INFO,"Use AAF CLI to alter user");
- }
-
- public void drop(String username) throws RequestExecutionException {
- access.log(Level.INFO,"Use AAF CLI to delete user");
- }
-
- public SaslAuthenticator newAuthenticator() {
- return new ISaslAwareAuthenticator.SaslAuthenticator() {
- private boolean complete = false;
- private Map<String, String> credentials;
-
- public byte[] evaluateResponse(byte[] clientResponse) throws AuthenticationException {
- this.credentials = decodeCredentials(clientResponse);
- this.complete = true;
- return null;
- }
-
- public boolean isComplete() {
- return this.complete;
- }
-
- public AuthenticatedUser getAuthenticatedUser() throws AuthenticationException {
- return AAFAuthenticator.this.authenticate(this.credentials);
- }
-
- private Map<String, String> decodeCredentials(byte[] bytes) throws AuthenticationException {
- access.log(Level.DEBUG,"Decoding credentials from client token");
- byte[] user = null;
- byte[] pass = null;
- int end = bytes.length;
- for (int i = bytes.length - 1; i >= 0; i--)
- {
- if (bytes[i] != 0)
- continue;
- if (pass == null)
- pass = Arrays.copyOfRange(bytes, i + 1, end);
- else if (user == null)
- user = Arrays.copyOfRange(bytes, i + 1, end);
- end = i;
- }
-
- if (user == null)
- throw new AuthenticationException("Authentication ID must not be null");
- if (pass == null) {
- throw new AuthenticationException("Password must not be null");
- }
- Map<String,String> credentials = new HashMap<String,String>();
- try {
- credentials.put(IAuthenticator.USERNAME_KEY, new String(user, Config.UTF_8));
- credentials.put(IAuthenticator.PASSWORD_KEY, new String(pass, Config.UTF_8));
- } catch (UnsupportedEncodingException e) {
- throw new AuthenticationException(e.getMessage());
- }
- return credentials;
- }
- };
- }
-
-}
-
diff --git a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthorizer.java b/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthorizer.java
deleted file mode 100644
index bea0e86..0000000
--- a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFAuthorizer.java
+++ /dev/null
@@ -1,226 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.cass;
-
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.apache.cassandra.auth.AuthenticatedUser;
-import org.apache.cassandra.auth.IAuthorizer;
-import org.apache.cassandra.auth.IResource;
-import org.apache.cassandra.auth.Permission;
-import org.apache.cassandra.auth.PermissionDetails;
-import org.apache.cassandra.exceptions.RequestExecutionException;
-import org.apache.cassandra.exceptions.RequestValidationException;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLur;
-import org.onap.aaf.cadi.lur.LocalPermission;
-
-public class AAFAuthorizer extends AAFBase implements IAuthorizer {
- // Returns every permission on the resource granted to the user.
- public Set<Permission> authorize(AuthenticatedUser user, IResource resource) {
- String uname, rname;
- access.log(Level.DEBUG,"Authorizing",uname=user.getName(),"for",rname=resource.getName());
-
- Set<Permission> permissions;
-
- if(user instanceof AAFAuthenticatedUser) {
- AAFAuthenticatedUser aafUser = (AAFAuthenticatedUser) user;
- aafUser.setAnonymous(false);
-
- if(aafUser.isLocal()) {
- permissions = checkPermissions(aafUser, new LocalPermission(
- rname.replaceFirst("data", cluster_name)
- ));
- } else {
- permissions = checkPermissions(
- aafUser,
- perm_type,
- ':'+rname.replaceFirst("data", cluster_name).replace('/', ':'));
- }
- } else {
- permissions = Permission.NONE;
- }
-
- access.log(Level.INFO,"Permissions on",rname,"for",uname,':', permissions);
-
- return permissions;
- }
-
- /**
- * Check only for Localized IDs (see cadi.properties)
- * @param aau
- * @param perm
- * @return
- */
- private Set<Permission> checkPermissions(AAFAuthenticatedUser aau, LocalPermission perm) {
- if(localLur.fish(aau.getFullName(), perm)) {
-// aau.setSuper(true);
- return Permission.ALL;
- } else {
- return Permission.NONE;
- }
- }
-
- /**
- * Check remoted AAF Permissions
- * @param aau
- * @param type
- * @param instance
- * @return
- */
- private Set<Permission> checkPermissions(AAFAuthenticatedUser aau, String type, String instance) {
- // Can perform ALL actions
- String fullName = aau.getFullName();
- PermHolder ph = new PermHolder(aau);
- aafLur.fishOneOf(fullName, ph,type,instance,actions);
- return ph.permissions;
- }
-
- private class PermHolder {
- private AAFAuthenticatedUser aau;
- public PermHolder(AAFAuthenticatedUser aau) {
- this.aau = aau;
- }
- public Set<Permission> permissions = Permission.NONE;
- public void mutable() {
- if(permissions==Permission.NONE) {
- permissions = new HashSet<Permission>();
- }
- }
- };
-
- /**
- * This specialty List avoid extra Object Creation, and allows the Lur to do a Vistor on all appropriate Perms
- */
- private static final ArrayList<AbsAAFLur.Action<PermHolder>> actions = new ArrayList<AbsAAFLur.Action<PermHolder>>();
- static {
- actions.add(new AbsAAFLur.Action<PermHolder>() {
- public String getName() {
- return "*";
- }
-
- public boolean exec(PermHolder a) {
- a.aau.setSuper(true);
- a.permissions = Permission.ALL;
- return true;
- }
- });
-
- actions.add(new AbsAAFLur.Action<PermHolder>() {
- public String getName() {
- return "SELECT";
- }
-
- public boolean exec(PermHolder ph) {
- ph.mutable();
- ph.permissions.add(Permission.SELECT);
- return false;
- }
- });
- actions.add(new AbsAAFLur.Action<PermHolder>() {
- public String getName() {
- return "MODIFY";
- }
-
- public boolean exec(PermHolder ph) {
- ph.mutable();
- ph.permissions.add(Permission.MODIFY);
- return false;
- }
- });
- actions.add(new AbsAAFLur.Action<PermHolder>() {
- public String getName() {
- return "CREATE";
- }
-
- public boolean exec(PermHolder ph) {
- ph.mutable();
- ph.permissions.add(Permission.CREATE);
- return false;
- }
- });
-
- actions.add(new AbsAAFLur.Action<PermHolder>() {
- public String getName() {
- return "ALTER";
- }
-
- public boolean exec(PermHolder ph) {
- ph.mutable();
- ph.permissions.add(Permission.ALTER);
- return false;
- }
- });
- actions.add(new AbsAAFLur.Action<PermHolder>() {
- public String getName() {
- return "DROP";
- }
-
- public boolean exec(PermHolder ph) {
- ph.mutable();
- ph.permissions.add(Permission.DROP);
- return false;
- }
- });
- actions.add(new AbsAAFLur.Action<PermHolder>() {
- public String getName() {
- return "AUTHORIZE";
- }
-
- public boolean exec(PermHolder ph) {
- ph.mutable();
- ph.permissions.add(Permission.AUTHORIZE);
- return false;
- }
- });
-
-
- };
-
-
- public void grant(AuthenticatedUser performer, Set<Permission> permissions, IResource resource, String to) throws RequestExecutionException {
- access.log(Level.INFO, "Use AAF CLI to grant permission(s) to user/role");
- }
-
- public void revoke(AuthenticatedUser performer, Set<Permission> permissions, IResource resource, String from) throws RequestExecutionException {
- access.log(Level.INFO,"Use AAF CLI to revoke permission(s) for user/role");
- }
-
- public Set<PermissionDetails> list(AuthenticatedUser performer, Set<Permission> permissions, IResource resource, String of) throws RequestValidationException, RequestExecutionException {
- access.log(Level.INFO,"Use AAF CLI to find the list of permissions");
- return null;
- }
-
- // Called prior to deleting the user with DROP USER query. Internal hook, so no permission checks are needed here.
- public void revokeAll(String droppedUser) {
- access.log(Level.INFO,"Use AAF CLI to revoke permission(s) for user/role");
- }
-
- // Called after a resource is removed (DROP KEYSPACE, DROP TABLE, etc.).
- public void revokeAll(IResource droppedResource) {
- access.log(Level.INFO,"Use AAF CLI to delete the unused permission", droppedResource.getName());
- }
-
-}
diff --git a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFBase.java b/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFBase.java
deleted file mode 100644
index e422234..0000000
--- a/cass/src/main/java/org/onap/aaf/cadi/aaf/cass/AAFBase.java
+++ /dev/null
@@ -1,191 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.aaf.cass;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.InputStream;
-import java.net.URL;
-import java.util.HashSet;
-import java.util.Properties;
-import java.util.Set;
-
-import org.apache.cassandra.auth.DataResource;
-import org.apache.cassandra.auth.IAuthenticator;
-import org.apache.cassandra.config.DatabaseDescriptor;
-import org.apache.cassandra.exceptions.ConfigurationException;
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Lur;
-import org.onap.aaf.cadi.SLF4JAccess;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
-import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLur;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.lur.EpiLur;
-import org.onap.aaf.cadi.lur.LocalLur;
-
-public abstract class AAFBase {
- protected static final Set<IAuthenticator.Option> options;
- protected static final Set<DataResource> dataResource;
-
- static {
- options = new HashSet<IAuthenticator.Option>();
- options.add(IAuthenticator.Option.PASSWORD);
-
- dataResource = new HashSet<DataResource>();
- dataResource.add(DataResource.columnFamily("system_auth", "credentials"));
- }
-
- protected static Access access;
- protected static LocalLur localLur;
- protected static AAFCon<?> aafcon;
- protected static AAFAuthn<?> aafAuthn;
- protected static AbsAAFLur<AAFPermission> aafLur;
- protected static String default_realm;
- protected static String cluster_name;
- protected static String perm_type;
- private static boolean props_ok = false;
-
- /**
- * If you use your own Access Class, this must be called before
- * "setup()" is invoked by Cassandra.
- *
- * Otherwise, it will default to reading Properties CADI style.
- *
- * @param access
- */
- public static void setAccess(Access access) {
- AAFBase.access = access;
- }
-
-
- public void validateConfiguration() throws ConfigurationException {
- setup();
- if(!props_ok) {
- throw new ConfigurationException("AAF not initialized");
- }
- }
-
- @SuppressWarnings("unchecked")
- public synchronized void setup() {
- if(aafAuthn == null) {
- try {
- if(access==null) {
- String value = System.getProperty(Config.CADI_PROP_FILES, "cadi.properties");
- Properties initial = new Properties();
- URL cadi_props = ClassLoader.getSystemResource(value);
- if(cadi_props == null) {
- File cp = new File(value);
- if(cp.exists()) {
- InputStream is = new FileInputStream(cp);
- try {
- initial.load(is);
- } finally {
- is.close();
- }
- } else {
- System.out.printf("%s does not exist as File or in Classpath\n",value);
- initial.setProperty(Config.CADI_PROP_FILES, value);
- }
- } else {
- InputStream is = cadi_props.openStream();
- try {
- initial.load(is);
- } finally {
- is.close();
- }
- }
- access = new SLF4JAccess(initial);
- }
- props_ok = true;
- if((perm_type = Config.logProp(access, "cass_group_name",null))==null) {
- props_ok=false;
- } else {
- perm_type = perm_type + ".cass";
- }
-
- if((cluster_name = Config.logProp(access,"cass_cluster_name",null))==null) {
- if((cluster_name = DatabaseDescriptor.getClusterName())==null) {
- props_ok=false;
- }
- }
-
- if((default_realm = Config.logProp(access, Config.AAF_DEFAULT_REALM, null))==null) {
- props_ok=false;
- }
-
- if(props_ok==false) {
- return;
- }
-
- // AAFLur has pool of DME clients as needed, and Caches Client lookups
- Lur lur = Config.configLur(access);
- // Loop through to find AAFLur out of possible Lurs, to reuse AAFCon
- if(lur instanceof EpiLur) {
- EpiLur elur = (EpiLur)lur;
- for(int i=0; (lur = elur.get(i))!=null;++i) {
- if(lur instanceof AbsAAFLur) {
- aafLur=(AbsAAFLur<AAFPermission>)lur;
- aafcon = aafLur.aaf;
- aafAuthn = aafLur.aaf.newAuthn(aafLur);
- break;
- } else if(lur instanceof LocalLur) {
- localLur = (LocalLur)lur;
- }
- }
- } else if(lur instanceof AbsAAFLur) {
- aafLur=(AbsAAFLur<AAFPermission>)lur;
- aafcon = aafLur.aaf;
- aafAuthn = aafLur.aaf.newAuthn(aafLur);
- }
- if(aafAuthn==null) {
- access.log(Level.INIT,"Failed to instantiate full AAF access");
- props_ok = false;
- }
- } catch (Exception e) {
- aafAuthn=null;
- if(access!=null)access.log(e, "Failed to initialize AAF");
- props_ok = false;
- }
- }
- }
-
- public Set<DataResource> protectedResources() {
- access.log(Level.DEBUG, "Data Resource asked for: it's",dataResource.isEmpty()?"":"not","empty");
- return dataResource;
- }
-
- public Set<IAuthenticator.Option> supportedOptions() {
- access.log(Level.DEBUG, "supportedOptions() called");
- return options;
- }
-
- public Set<IAuthenticator.Option> alterableOptions() {
- access.log(Level.DEBUG, "alterableOptions() called");
- return options;
- }
-
-
-}
diff --git a/cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthenticatedUserTest.java b/cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthenticatedUserTest.java
deleted file mode 100644
index 03d38c7..0000000
--- a/cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthenticatedUserTest.java
+++ /dev/null
@@ -1,90 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cass;
-
-import static org.junit.Assert.*;
-
-import org.apache.cassandra.auth.AuthenticatedUser;
-import org.junit.Before;
-import org.junit.Test;
-import org.onap.aaf.cadi.aaf.cass.AAFAuthenticatedUser;
-
-public class JU_AAFAuthenticatedUserTest {
-
- @Before
- public void setUp() throws Exception {
- }
-
- @Test
- public void test() {
- AAFAuthenticatedUser user = new AAFAuthenticatedUser(null, "User1@aaf");
- assertEquals(user.getFullName(),"User1@aaf");
- assertEquals(user.getName(),"User1@aaf");
- assertFalse(user.isAnonymous());
- assertFalse(user.isSuper());
- assertFalse(user.isLocal());
-
-
-
- }
-
- @Test
- public void testone() {
- AAFAuthenticatedUser user = new AAFAuthenticatedUser(null, "User2@aaf");
- assertEquals(user.getFullName(),"User2@aaf");
- assertEquals(user.getName(),"User2@aaf");
- assertFalse(user.isAnonymous());
- assertFalse(user.isSuper());
- assertFalse(user.isLocal());
-
-
-
- }
-
- @Test
- public void testtwo() {
- AAFAuthenticatedUser user = new AAFAuthenticatedUser(null, "onap@aaf");
- assertEquals(user.getFullName(),"onap@aaf");
- assertEquals(user.getName(),"onap@aaf");
- assertFalse(user.isAnonymous());
- assertFalse(user.isSuper());
- assertFalse(user.isLocal());
-
-
-
- }
-
- @Test
- public void testthree() {
- AAFAuthenticatedUser user = new AAFAuthenticatedUser(null, "openecomp@aaf");
- assertEquals(user.getFullName(),"openecomp@aaf");
- assertEquals(user.getName(),"openecomp@aaf");
- assertFalse(user.isAnonymous());
- assertFalse(user.isSuper());
- assertFalse(user.isLocal());
-
-
-
- }
-
-}
diff --git a/cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthorizerTest.java b/cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthorizerTest.java
deleted file mode 100644
index 4e2f0a3..0000000
--- a/cass/src/test/java/org/onap/aaf/cass/JU_AAFAuthorizerTest.java
+++ /dev/null
@@ -1,378 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cass;
-
-import static org.junit.Assert.*;
-
-import org.junit.Test;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import static org.junit.Assert.*;
-
-public class JU_AAFAuthorizerTest
-{
-
-
- @Before
- public void setUp()
- {
-
- }
-
- @After
- public void tearDown()
- {
-
- }
-
- /*
- * Testing Conditon(s): if: (user instanceof AAFAuthenticatedUser), if: (aafUser.isLocal())
- */
- @Test
- public void test_method_authorize_0_branch_0()
- {
- System.out.println("Now Testing Method:authorize Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (user instanceof AAFAuthenticatedUser), else: Not (aafUser.isLocal())
- */
- @Test
- public void test_method_authorize_0_branch_1()
- {
- System.out.println("Now Testing Method:authorize Branch:1");
-
-
- }
-
- /*
- * Testing Conditon(s): else: Not (user instanceof AAFAuthenticatedUser)
- */
- @Test
- public void test_method_authorize_0_branch_2()
- {
- System.out.println("Now Testing Method:authorize Branch:2");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_PermHolder_1_branch_0()
- {
- System.out.println("Now Testing Method:PermHolder Branch:0");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_PermHolder_2_branch_0()
- {
- System.out.println("Now Testing Method:PermHolder Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (permissions==Permission.NONE)
- */
- @Test
- public void test_method_mutable_3_branch_0()
- {
- System.out.println("Now Testing Method:mutable Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): else: Not (permissions==Permission.NONE)
- */
- @Test
- public void test_method_mutable_3_branch_1()
- {
- System.out.println("Now Testing Method:mutable Branch:1");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_mutable_4_branch_0()
- {
- System.out.println("Now Testing Method:mutable Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_mutable_5_branch_0()
- {
- System.out.println("Now Testing Method:mutable Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_getName_6_branch_0()
- {
- System.out.println("Now Testing Method:getName Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_exec_7_branch_0()
- {
- System.out.println("Now Testing Method:exec Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_getName_8_branch_0()
- {
- System.out.println("Now Testing Method:getName Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_exec_9_branch_0()
- {
- System.out.println("Now Testing Method:exec Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_getName_10_branch_0()
- {
- System.out.println("Now Testing Method:getName Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_exec_11_branch_0()
- {
- System.out.println("Now Testing Method:exec Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_getName_12_branch_0()
- {
- System.out.println("Now Testing Method:getName Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_exec_13_branch_0()
- {
- System.out.println("Now Testing Method:exec Branch:0");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_getName_14_branch_0()
- {
- System.out.println("Now Testing Method:getName Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_exec_15_branch_0()
- {
- System.out.println("Now Testing Method:exec Branch:0");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_getName_16_branch_0()
- {
- System.out.println("Now Testing Method:getName Branch:0");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_exec_17_branch_0()
- {
- System.out.println("Now Testing Method:exec Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_getName_18_branch_0()
- {
- System.out.println("Now Testing Method:getName Branch:0");
-
- //Constructor
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_exec_19_branch_0()
- {
- System.out.println("Now Testing Method:exec Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_grant_20_branch_0()
- {
- System.out.println("Now Testing Method:grant Branch:0");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_revoke_21_branch_0()
- {
- System.out.println("Now Testing Method:revoke Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_list_22_branch_0()
- {
- System.out.println("Now Testing Method:list Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_revokeAll_23_branch_0()
- {
- System.out.println("Now Testing Method:revokeAll Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_revokeAll_24_branch_0()
- {
- System.out.println("Now Testing Method:revokeAll Branch:0");
-
-
-
- }
-
-}
diff --git a/cass/src/test/java/org/onap/aaf/cass/JU_AAFBaseTest.java b/cass/src/test/java/org/onap/aaf/cass/JU_AAFBaseTest.java
deleted file mode 100644
index 172a3dc..0000000
--- a/cass/src/test/java/org/onap/aaf/cass/JU_AAFBaseTest.java
+++ /dev/null
@@ -1,399 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cass;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.onap.aaf.cadi.aaf.cass.AAFBase;
-
-import static org.junit.Assert.*;
-
-public class JU_AAFBaseTest
-{
-
-
- @Before
- public void setUp()
- {
-
- }
-
- @After
- public void tearDown()
- {
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_setAccess_0_branch_0()
- {
- System.out.println("Now Testing Method:setAccess Branch:0");
-
- //Call Method
- AAFBase.setAccess(null);
-
- }
-
- /*
- * Testing Conditon(s): if: (!props_ok)
- */
- @Test
- public void test_method_validateConfiguration_1_branch_0()
- {
- System.out.println("Now Testing Method:validateConfiguration Branch:0");
-
-
-
- }
-
- /*
- * Testing Conditon(s): else: Not (!props_ok)
- */
- @Test
- public void test_method_validateConfiguration_1_branch_1()
- {
- System.out.println("Now Testing Method:validateConfiguration Branch:1");
-
-
-
- //Call Method
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (access==null), if: (cadi_props == null), if: (cp.exists())
- */
- @Test
- public void test_method_setup_2_branch_0()
- {
- System.out.println("Now Testing Method:setup Branch:0");
-
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (access==null), if: (cadi_props == null), else: Not (cp.exists())
- */
- @Test
- public void test_method_setup_2_branch_1()
- {
- System.out.println("Now Testing Method:setup Branch:1");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (access==null), else: Not (cadi_props == null)
- */
- @Test
- public void test_method_setup_2_branch_2()
- {
- System.out.println("Now Testing Method:setup Branch:2");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not (access==null)
- */
- @Test
- public void test_method_setup_2_branch_3()
- {
- System.out.println("Now Testing Method:setup Branch:3");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: ((perm_type = Config.logProp(access, "cass_group_name",null))==null)
- */
- @Test
- public void test_method_setup_2_branch_4()
- {
- System.out.println("Now Testing Method:setup Branch:4");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not ((perm_type = Config.logProp(access, "cass_group_name",null))==null)
- */
- @Test
- public void test_method_setup_2_branch_5()
- {
- System.out.println("Now Testing Method:setup Branch:5");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: ((cluster_name = Config.logProp(access,"cass_cluster_name",null))==null), if: ((cluster_name = DatabaseDescriptor.getClusterName())==null)
- */
- @Test
- public void test_method_setup_2_branch_6()
- {
- System.out.println("Now Testing Method:setup Branch:6");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: ((cluster_name = Config.logProp(access,"cass_cluster_name",null))==null), else: Not ((cluster_name = DatabaseDescriptor.getClusterName())==null)
- */
- @Test
- public void test_method_setup_2_branch_7()
- {
- System.out.println("Now Testing Method:setup Branch:7");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not ((cluster_name = Config.logProp(access,"cass_cluster_name",null))==null)
- */
- @Test
- public void test_method_setup_2_branch_8()
- {
- System.out.println("Now Testing Method:setup Branch:8");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: ((default_realm = Config.logProp(access, Config.AAF_DEFAULT_REALM, null))==null)
- */
- @Test
- public void test_method_setup_2_branch_9()
- {
- System.out.println("Now Testing Method:setup Branch:9");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not ((default_realm = Config.logProp(access, Config.AAF_DEFAULT_REALM, null))==null)
- */
- @Test
- public void test_method_setup_2_branch_10()
- {
- System.out.println("Now Testing Method:setup Branch:10");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (props_ok==false)
- */
- @Test
- public void test_method_setup_2_branch_11()
- {
- System.out.println("Now Testing Method:setup Branch:11");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not (props_ok==false)
- */
- @Test
- public void test_method_setup_2_branch_12()
- {
- System.out.println("Now Testing Method:setup Branch:12");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (lur instanceof EpiLur), for: (int i=0; (lur = elur.get(i))!=null;++i), if: (lur instanceof AbsAAFLur)
- */
- @Test
- public void test_method_setup_2_branch_13()
- {
- System.out.println("Now Testing Method:setup Branch:13");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (lur instanceof EpiLur), for: (int i=0; (lur = elur.get(i))!=null;++i), else: Not (lur instanceof AbsAAFLur), if: (lur instanceof LocalLur)
- */
- @Test
- public void test_method_setup_2_branch_14()
- {
- System.out.println("Now Testing Method:setup Branch:14");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (lur instanceof EpiLur), for: (int i=0; (lur = elur.get(i))!=null;++i), else: Not (lur instanceof AbsAAFLur), else: Not (lur instanceof LocalLur)
- */
- @Test
- public void test_method_setup_2_branch_15()
- {
- System.out.println("Now Testing Method:setup Branch:15");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (lur instanceof EpiLur), for: Not (int i=0; (lur = elur.get(i))!=null;++i)
- */
- @Test
- public void test_method_setup_2_branch_16()
- {
- System.out.println("Now Testing Method:setup Branch:16");
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not (lur instanceof EpiLur), if: (lur instanceof AbsAAFLur)
- */
- @Test
- public void test_method_setup_2_branch_17()
- {
- System.out.println("Now Testing Method:setup Branch:17");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not (lur instanceof EpiLur), else: Not (lur instanceof AbsAAFLur)
- */
- @Test
- public void test_method_setup_2_branch_18()
- {
- System.out.println("Now Testing Method:setup Branch:18");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (aafAuthn==null)
- */
- @Test
- public void test_method_setup_2_branch_19()
- {
- System.out.println("Now Testing Method:setup Branch:19");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not (aafAuthn==null)
- */
- @Test
- public void test_method_setup_2_branch_20()
- {
- System.out.println("Now Testing Method:setup Branch:20");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), if: (access!=null)
- */
- @Test
- public void test_method_setup_2_branch_21()
- {
- System.out.println("Now Testing Method:setup Branch:21");
-
-
-
- }
-
- /*
- * Testing Conditon(s): if: (aafAuthn == null), else: Not (access!=null)
- */
- @Test
- public void test_method_setup_2_branch_22()
- {
- System.out.println("Now Testing Method:setup Branch:22");
-
-
- }
-
- /*
- * Testing Conditon(s): else: Not (aafAuthn == null)
- */
- @Test
- public void test_method_setup_2_branch_23()
- {
- System.out.println("Now Testing Method:setup Branch:23");
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_protectedResources_3_branch_0()
- {
- System.out.println("Now Testing Method:protectedResources Branch:0");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_supportedOptions_4_branch_0()
- {
- System.out.println("Now Testing Method:supportedOptions Branch:0");
-
-
- }
-
- /*
- * Testing Conditon(s): Default
- */
- @Test
- public void test_method_alterableOptions_5_branch_0()
- {
- System.out.println("Now Testing Method:alterableOptions Branch:0");
-
-
-
- }
-
-}
diff --git a/cass/src/test/java/org/onap/aaf/cass/JU_CASS.java b/cass/src/test/java/org/onap/aaf/cass/JU_CASS.java
deleted file mode 100644
index f5ee310..0000000
--- a/cass/src/test/java/org/onap/aaf/cass/JU_CASS.java
+++ /dev/null
@@ -1,106 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cass;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.cassandra.auth.AuthenticatedUser;
-import org.apache.cassandra.auth.IResource;
-import org.apache.cassandra.auth.Permission;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.onap.aaf.cadi.aaf.cass.AAFAuthenticator;
-import org.onap.aaf.cadi.aaf.cass.AAFAuthorizer;
-
-public class JU_CASS {
-
- private static AAFAuthenticator aa;
- private static AAFAuthorizer an;
-
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
- System.setProperty("cadi_prop_files", "etc/cadi.properties");
-
- aa = new AAFAuthenticator();
- an = new AAFAuthorizer();
-
- aa.setup();
- an.setup(); // does nothing after aa.
-
- aa.validateConfiguration();
-
- }
-
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- }
-
- @Test
- public void test() throws Exception {
- Map<String,String> creds = new HashMap<String,String>();
- creds.put("username", "XXX@NS");
- creds.put("password", "enc:???");
- AuthenticatedUser aaf = aa.authenticate(creds);
-
- // Test out "aaf_default_domain
- creds.put("username", "XX");
- aaf = aa.authenticate(creds);
-
- IResource resource = new IResource() {
- public String getName() {
- return "data/authz";
- }
-
- public IResource getParent() {
- return null;
- }
-
- public boolean hasParent() {
- return false;
- }
-
- public boolean exists() {
- return true;
- }
-
- };
-
- Set<Permission> perms = an.authorize(aaf, resource);
-
- // Test out "AAF" access
- creds.put("username", "XXX@NS");
- creds.put("password", "enc:???");
- aaf = aa.authenticate(creds);
- perms = an.authorize(aaf, resource);
- Assert.assertFalse(perms.isEmpty());
-
- perms = an.authorize(aaf, resource);
- Assert.assertFalse(perms.isEmpty());
-
- }
-
-}
diff --git a/client/pom.xml b/client/pom.xml
deleted file mode 100644
index 632ce46..0000000
--- a/client/pom.xml
+++ /dev/null
@@ -1,213 +0,0 @@
-<!--
- ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- *
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-<parent>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>parent</artifactId>
- <version>1.0.0-SNAPSHOT</version>
- <relativePath>..</relativePath>
- </parent>
-
- <name>CADI Client</name>
- <artifactId>cadi-client</artifactId>
- <packaging>jar</packaging>
- <url>https://github.com/att/AAF</url>
- <description>CADI</description>
- <modelVersion>4.0.0</modelVersion>
-<properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.cadiVersion>1.0.0-SNAPSHOT</project.cadiVersion>
- <!-- SONAR -->
- <sonar.skip>true</sonar.skip>
- <jacoco.version>0.7.7.201606060606</jacoco.version>
- <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
- <sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
- <!-- Default Sonar configuration -->
- <sonar.jacoco.reportPath>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPath>
- <sonar.jacoco.itReportPath>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPath>
- <!-- Note: This list should match jacoco-maven-plugin's exclusion list below -->
- <sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions>
- <nexusproxy>https://nexus.onap.org</nexusproxy>
- <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath>
- <releaseNexusPath>/content/repositories/releases/</releaseNexusPath>
- <stagingNexusPath>/content/repositories/staging/</stagingNexusPath>
- <sitePath>/content/sites/site/org/onap/aaf/cadi/${project.artifactId}/${project.version}</sitePath>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.onap.aaf.inno</groupId>
- <artifactId>rosetta</artifactId>
- </dependency>
- <dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-core</artifactId>
- </dependency>
- <dependency>
- <groupId>com.att.aft</groupId>
- <artifactId>dme2</artifactId>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-all</artifactId>
- <version>1.9.5</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jarsigner-plugin</artifactId>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-javadoc-plugin</artifactId>
- <version>2.10.4</version>
- <configuration>
- <failOnError>false</failOnError>
- </configuration>
- <executions>
- <execution>
- <id>attach-javadocs</id>
- <goals>
- <goal>jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-source-plugin</artifactId>
- <version>2.2.1</version>
- <executions>
- <execution>
- <id>attach-sources</id>
- <goals>
- <goal>jar-no-fork</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
- <plugin>
- <groupId>org.sonatype.plugins</groupId>
- <artifactId>nexus-staging-maven-plugin</artifactId>
- <version>1.6.7</version>
- <extensions>true</extensions>
- <configuration>
- <nexusUrl>${nexusproxy}</nexusUrl>
- <stagingProfileId>176c31dfe190a</stagingProfileId>
- <serverId>ecomp-staging</serverId>
- </configuration>
- </plugin>
-
-<plugin>
- <groupId>org.jacoco</groupId>
- <artifactId>jacoco-maven-plugin</artifactId>
- <version>${jacoco.version}</version>
- <configuration>
- <excludes>
- <exclude>**/gen/**</exclude>
- <exclude>**/generated-sources/**</exclude>
- <exclude>**/yang-gen/**</exclude>
- <exclude>**/pax/**</exclude>
- </excludes>
- </configuration>
- <executions>
-
- <execution>
- <id>pre-unit-test</id>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile>
- <propertyName>surefireArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-unit-test</id>
- <phase>test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
- </configuration>
- </execution>
- <execution>
- <id>pre-integration-test</id>
- <phase>pre-integration-test</phase>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile>
-
- <propertyName>failsafeArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-integration-test</id>
- <phase>post-integration-test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
-
- </plugins>
- </build>
- <distributionManagement>
- <repository>
- <id>ecomp-releases</id>
- <name>AAF Release Repository</name>
- <url>${nexusproxy}${releaseNexusPath}</url>
- </repository>
- <snapshotRepository>
- <id>ecomp-snapshots</id>
- <name>AAF Snapshot Repository</name>
- <url>${nexusproxy}${snapshotNexusPath}</url>
- </snapshotRepository>
- <site>
- <id>ecomp-site</id>
- <url>dav:${nexusproxy}${sitePath}</url>
- </site>
- </distributionManagement>
-
-</project>
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/AAFClient.java b/client/src/main/java/org/onap/aaf/cadi/client/AAFClient.java
deleted file mode 100644
index cb6299b..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/AAFClient.java
+++ /dev/null
@@ -1,199 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.net.HttpURLConnection;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.http.HBasicAuthSS;
-import org.onap.aaf.cadi.http.HMangr;
-import org.onap.aaf.cadi.locator.DME2Locator;
-
-import com.att.aft.dme2.api.DME2Manager;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.rosetta.env.RosettaDF;
-import org.onap.aaf.rosetta.env.RosettaEnv;
-
-public class AAFClient {
- private RosettaEnv env;
- private Map<Class<?>,RosettaDF<?>> map = new HashMap<Class<?>,RosettaDF<?>>();
- HMangr hman;
- HBasicAuthSS ss;
-
- public AAFClient(RosettaEnv env) throws Exception {
- this.env = env;
- Access access = new EnvAccess(env);
- String user = access.getProperty(Config.AAF_MECHID,null);
- String password = access.decrypt(access.getProperty(Config.AAF_MECHPASS,null), true);
-
- SecurityInfoC<HttpURLConnection> si = new SecurityInfoC<HttpURLConnection>(access);
- DME2Manager dm = new DME2Manager("APIclient DME2Manager", System.getProperties());
- DME2Locator loc = new DME2Locator(access, dm, access.getProperty(Config.AAF_URL,null));
-
- int TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, "30000"));
-
- hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion("2.0");
- ss = new HBasicAuthSS(user, password, si);
- }
-
- public AAFClient(RosettaEnv env, DME2Manager dm) throws Exception {
- this.env = env;
- Access access = new EnvAccess(env);
- String user = access.getProperty(Config.AAF_MECHID,null);
- String password = access.decrypt(access.getProperty(Config.AAF_MECHPASS,null), true);
-
- SecurityInfoC<HttpURLConnection> si = new SecurityInfoC<HttpURLConnection>(access);
- DME2Locator loc = new DME2Locator(access, dm, access.getProperty(Config.AAF_URL,null));
-
- int TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, "30000"));
-
- hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion("2.0");
- ss = new HBasicAuthSS(user, password, si);
- }
-
- @SuppressWarnings("unchecked")
- private synchronized<T> RosettaDF<T> getDF(Class<T> cls) throws APIException {
- RosettaDF<?> rdf;
- synchronized (env) {
- rdf = map.get(cls);
- if(rdf==null) {
- rdf = env.newDataFactory(cls);
- map.put(cls, rdf);
- }
- }
- return (RosettaDF<T>)rdf;
- }
-
- // Package on purpose
- static class Call<T> {
- protected final static String VOID_CONTENT_TYPE="application/Void+json;version=2.0";
-
- protected RosettaDF<T> df;
- protected AAFClient client;
-
- public Call(AAFClient ac, RosettaDF<T> df) {
- this.client = ac;
- this.df = df;
- }
- }
-
-
- /////////// Calls /////////////////
- /**
- * Returns a Get Object... same as "get"
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public<T> Get<T> read(Class<T> cls) throws APIException {
- return new Get<T>(this,getDF(cls));
- }
-
- /**
- * Returns a Get Object... same as "read"
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public<T> Get<T> get(Class<T> cls) throws APIException {
- return new Get<T>(this,getDF(cls));
- }
-
- /**
- * Returns a Post Object... same as "create"
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public<T> Post<T> post(Class<T> cls) throws APIException {
- return new Post<T>(this,getDF(cls));
- }
-
- /**
- * Returns a Post Object... same as "post"
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public<T> Post<T> create(Class<T> cls) throws APIException {
- return new Post<T>(this,getDF(cls));
- }
-
- /**
- * Returns a Put Object... same as "update"
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public<T> Put<T> put(Class<T> cls) throws APIException {
- return new Put<T>(this,getDF(cls));
- }
-
- /**
- * Returns a Put Object... same as "put"
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public<T> Put<T> update(Class<T> cls) throws APIException {
- return new Put<T>(this,getDF(cls));
- }
-
- /**
- * Returns a Delete Object
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public<T> Delete<T> delete(Class<T> cls) throws APIException {
- return new Delete<T>(this,getDF(cls));
- }
-
- /**
- * Returns a Delete Object
- *
- * @param cls
- * @return
- * @throws APIException
- */
- public Delete<Void> delete() throws APIException {
- return new Delete<Void>(this,null);
- }
-
- public Put<Void> put() {
- return new Put<Void>(this,null);
- }
-
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/AbsBasicAuth.java b/client/src/main/java/org/onap/aaf/cadi/client/AbsBasicAuth.java
deleted file mode 100644
index e714e3a..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/AbsBasicAuth.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.io.IOException;
-
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-
-public abstract class AbsBasicAuth<CLIENT> implements SecuritySetter<CLIENT> {
- protected static final String REPEAT_OFFENDER="This call is aborted because of repeated usage of invalid Passwords";
- private static final int MAX_TEMP_COUNT = 10;
- private static final int MAX_SPAM_COUNT = 10000;
- private static final long WAIT_TIME = 1000*60*4;
-
- protected final String headValue;
- protected SecurityInfoC<CLIENT> securityInfo;
- protected String user;
- private long lastMiss;
- private int count;
-
- public AbsBasicAuth(String user, String pass, SecurityInfoC<CLIENT> si) throws IOException {
- this.user = user;
- headValue = "Basic " + Symm.base64.encode(user + ':' + pass);
- securityInfo = si;
- lastMiss=0L;
- count=0;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.SecuritySetter#getID()
- */
- @Override
- public String getID() {
- return user;
- }
-
- public boolean isDenied() {
- if(lastMiss>0 && lastMiss>System.currentTimeMillis()) {
- return true;
- } else {
- lastMiss=0L;
- return false;
- }
- }
-
- public synchronized int setLastResponse(int httpcode) {
- if(httpcode == 401) {
- ++count;
- if(lastMiss==0L && count>MAX_TEMP_COUNT) {
- lastMiss=System.currentTimeMillis()+WAIT_TIME;
- }
-// if(count>MAX_SPAM_COUNT) {
-// System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n",
-// count);
-// System.exit(401);
-// }
- if(count%1000==0) {
- System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n",
- count,MAX_SPAM_COUNT);
- }
-
- } else {
- lastMiss=0;
- }
- return count;
- }
-
- public int count() {
- return count;
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java b/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java
deleted file mode 100644
index e731f09..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.security.Principal;
-
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-import org.onap.aaf.cadi.principal.TGuardPrincipal;
-import org.onap.aaf.cadi.principal.TrustPrincipal;
-
-public abstract class AbsTransferSS<CLIENT> implements SecuritySetter<CLIENT> {
- protected String value;
- protected SecurityInfoC<CLIENT> securityInfo;
- protected SecuritySetter<CLIENT> defSS;
- private Principal principal;
-
- //Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]*
- public AbsTransferSS(Principal principal, String app) {
- init(principal, app);
- }
-
- public AbsTransferSS(Principal principal, String app, SecurityInfoC<CLIENT> si) {
- init(principal,app);
- securityInfo = si;
- this.defSS = si.defSS;
- }
-
- private void init(Principal principal, String app) {
- this.principal=principal;
- if(principal==null) {
- return;
- } else if(principal instanceof BasicPrincipal) {
- value = principal.getName() + ':' + app + ":BasicAuth:AS";
- } else if(principal instanceof TrustPrincipal) {
- TrustPrincipal tp = (TrustPrincipal)principal;
- // recursive
- init(tp.original(),app);
- value += principal.getName() + ':' + app + ":Trust:AS" + ',' + tp.userChain();
- } else if(principal instanceof TGuardPrincipal) {
- value = principal.getName() + ':' + app + ":TGUARD:AS";
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.SecuritySetter#getID()
- */
- @Override
- public String getID() {
- return principal==null?"":principal.getName();
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Delete.java b/client/src/main/java/org/onap/aaf/cadi/client/Delete.java
deleted file mode 100644
index 9f03aab..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Delete.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import org.onap.aaf.cadi.CadiException;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-public class Delete<T> extends AAFClient.Call<T> {
- public Delete(AAFClient ac, RosettaDF<T> df) {
- super(ac,df);
- }
-
- @SuppressWarnings("unchecked")
- public Result<T> delete(final String pathInfo, final T t) throws Exception {
- if(t==null) {
- return (Result<T>)delete(pathInfo);
- }
- return client.hman.best(client.ss,
- new Retryable<Result<T>>() {
- @Override
- public Result<T> code(Rcli<?> client) throws APIException, CadiException {
- Future<T> ft = client.delete(pathInfo,df,t);
- if(ft.get(client.readTimeout)) {
- return Result.ok(ft.code(),ft.value);
- } else {
- return Result.err(ft.code(),ft.body());
- }
- }
- });
- }
-
- public Result<Void> delete(final String pathInfo) throws Exception {
- return client.hman.best(client.ss,
- new Retryable<Result<Void>>() {
- @Override
- public Result<Void> code(Rcli<?> client) throws APIException, CadiException {
- Future<Void> ft = client.delete(pathInfo,VOID_CONTENT_TYPE);
- if(ft.get(client.readTimeout)) {
- return Result.ok(ft.code(),ft.value);
- } else {
- return Result.err(ft.code(),ft.body());
- }
- }
- });
- }
-
-
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/EClient.java b/client/src/main/java/org/onap/aaf/cadi/client/EClient.java
deleted file mode 100644
index a880331..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/EClient.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-
-public interface EClient<CT> {
- public void setMethod(String meth);
- public void setPathInfo(String pathinfo);
- public void setPayload(Transfer transfer);
- public void addHeader(String tag, String value);
- public void setQueryParams(String q);
- public void setFragment(String f);
- public void send() throws APIException;
- public<T> Future<T> futureCreate(Class<T> t);
- public Future<String> futureReadString();
- public<T> Future<T> futureRead(RosettaDF<T> df,Data.TYPE type);
- public<T> Future<T> future(T t);
- public Future<Void> future(HttpServletResponse resp, int expected) throws APIException;
-
- public interface Transfer {
- public void transfer(OutputStream os) throws IOException, APIException;
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/EnvAccess.java b/client/src/main/java/org/onap/aaf/cadi/client/EnvAccess.java
deleted file mode 100644
index bcf41f8..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/EnvAccess.java
+++ /dev/null
@@ -1,169 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Map.Entry;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Symm;
-
-import java.util.Properties;
-
-import org.onap.aaf.inno.env.Decryptor;
-import org.onap.aaf.inno.env.Env;
-import org.onap.aaf.inno.env.impl.BasicEnv;
-
-public class EnvAccess implements Access {
- private Env env;
-
- /**
- * String Property tag for files/resources that may contain properties. Can be null.
- * Resources of ClassLoader will be checked first, if exist. Can be null.
- * @param env
- * @param tag
- * @param cl
- * @throws IOException
- */
- public EnvAccess(BasicEnv env, ClassLoader cl) throws IOException {
- this.env = env;
- final Symm s = Symm.obtain(this);
- env.set(new Decryptor() {
- private Symm symm = s;
- @Override
- public String decrypt(String encrypted) {
- try {
- return (encrypted!=null && (encrypted.startsWith(Symm.ENC)))
- ? symm.depass(encrypted)
- : encrypted;
- } catch (IOException e) {
- return "";
- }
- }
- }
- );
- }
-
-
- /**
- * Construct with the Classloader of Env and CADI_PROP_FILES, if possible
- *
- * @param env
- * @throws IOException
- */
- public EnvAccess(BasicEnv env) throws IOException {
- this(env, env.getClass().getClassLoader());
- }
-
- @Override
- public void log(Level level, Object... elements) {
- switch(level) {
- case AUDIT:
- env.audit().log(elements);
- break;
- case DEBUG:
- env.debug().log(elements);
- break;
- case ERROR:
- env.error().log(elements);
- break;
- case INFO:
- env.info().log(elements);
- break;
- case INIT:
- env.init().log(elements);
- break;
- case WARN:
- env.warn().log(elements);
- break;
- default:
- break;
- }
-
- }
-
- @Override
- public void log(Exception e, Object... elements) {
- env.error().log(e,elements);
- }
-
- @Override
- public void printf(Level level, String fmt, Object... elements) {
- if(willLog(level)) {
- log(level,String.format(fmt, elements));
- }
- }
-
-
- @Override
- public boolean willLog(Level level) {
- switch(level) {
- case AUDIT:
- return env.audit().isLoggable();
- case DEBUG:
- return env.debug().isLoggable();
- case ERROR:
- return env.error().isLoggable();
- case INFO:
- return env.info().isLoggable();
- case INIT:
- return env.init().isLoggable();
- case WARN:
- return env.warn().isLoggable();
- default:
- return false;
- }
- }
-
-
- @Override
- public void setLogLevel(Level level) {
- // unused
- }
-
- @Override
- public ClassLoader classLoader() {
- return env.getClass().getClassLoader();
- }
-
- @Override
- public String getProperty(String string, String def) {
- return env.getProperty(string, def);
- }
-
- @Override
- public void load(InputStream is) throws IOException {
- Properties props = new Properties();
- props.load(is);
- for(Entry<Object, Object> es :props.entrySet()) {
- env.setProperty(es.getKey().toString(), es.getValue().toString());
- }
- }
-
- @Override
- public String decrypt(String encrypted, boolean anytext) throws IOException {
- return env.decryptor().decrypt(encrypted);
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Future.java b/client/src/main/java/org/onap/aaf/cadi/client/Future.java
deleted file mode 100644
index 01a85b8..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Future.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import org.onap.aaf.cadi.CadiException;
-
-public abstract class Future<T> {
- public T value;
- public abstract boolean get(int timeout) throws CadiException;
-
- public abstract int code();
- public abstract String body();
- public abstract String header(String tag);
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Get.java b/client/src/main/java/org/onap/aaf/cadi/client/Get.java
deleted file mode 100644
index 920b476..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Get.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import org.onap.aaf.cadi.CadiException;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-public class Get<T> extends AAFClient.Call<T> {
- public Get(AAFClient ac, RosettaDF<T> df) {
- super(ac,df);
- }
-
- public Result<T> read(final String pathInfo) throws Exception {
- return client.hman.best(client.ss,
- new Retryable<Result<T>>() {
- @Override
- public Result<T> code(Rcli<?> client) throws APIException, CadiException {
- Future<T> ft = client.read(pathInfo,df);
- if(ft.get(client.readTimeout)) {
- return Result.ok(ft.code(),ft.value);
- } else {
- return Result.err(ft.code(),ft.body());
- }
- }
- });
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Holder.java b/client/src/main/java/org/onap/aaf/cadi/client/Holder.java
deleted file mode 100644
index 577fa5f..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Holder.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-/**
- * Use to set Variables outside of Anonymous classes.
- *
- *
- * @param <T>
- */
-public class Holder<T> {
- private T value;
- public Holder(T t) {
- value = t;
- }
- public void set(T t) {
- value = t;
- }
-
- public T get() {
- return value;
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Post.java b/client/src/main/java/org/onap/aaf/cadi/client/Post.java
deleted file mode 100644
index 5c9bde2..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Post.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.LocatorException;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-public class Post<T> extends AAFClient.Call<T> {
- public Post(AAFClient ac, RosettaDF<T> df) {
- super(ac,df);
- }
-
- public Result<T> create(final String pathInfo, final T t) throws APIException, CadiException, LocatorException {
- return client.hman.best(client.ss,
- new Retryable<Result<T>>() {
- @Override
- public Result<T> code(Rcli<?> client) throws APIException, CadiException {
- Future<T> ft = client.create(pathInfo,df,t);
- if(ft.get(client.readTimeout)) {
- return Result.ok(ft.code(),ft.value);
- } else {
- return Result.err(ft.code(),ft.body());
- }
- }
- });
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/PropertyLocator.java b/client/src/main/java/org/onap/aaf/cadi/client/PropertyLocator.java
deleted file mode 100644
index 15705ab..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/PropertyLocator.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.Random;
-
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-
-public class PropertyLocator implements Locator {
- private final URI [] orig;
- private PLItem[] current;
- private int end;
- private final Random random;
-
- /**
- * comma delimited root url list
- *
- * @param locList
- * @throws LocatorException
- */
- public PropertyLocator(String locList) throws LocatorException {
- if(locList==null)throw new LocatorException("No Location List given for PropertyLocator");
- String[] locarray = locList.split("\\s*,\\s*");
- orig = new URI[locarray.length];
-
- random = new Random();
-
- for(int i=0;i<locarray.length;++i) {
- try {
- orig[i] = new URI(locarray[i]);
- } catch (URISyntaxException e) {
- throw new LocatorException(e);
- }
- }
-
- current = new PLItem[orig.length];
- refresh();
- }
-
- @Override
- public URI get(Item item) throws LocatorException {
- return orig[((PLItem)item).idx];
- }
-
- @Override
- public Item first() throws LocatorException {
- return end>0?current[0]:null;
- }
-
- @Override
- public boolean hasItems() {
- return end>0;
- }
-
- @Override
- public Item next(Item item) throws LocatorException {
- int spot;
- if((spot=(((PLItem)item).order+1))>=end)return null;
- return current[spot];
- }
-
- @Override
- public synchronized void invalidate(Item item) throws LocatorException {
- if(--end<=0)return;
- PLItem pli = (PLItem)item;
- int i,order;
- for(i=0;i<end;++i) {
- if(pli==current[i])break;
- }
- order = current[i].order;
- for(;i<end;++i) {
- current[i]=current[i+1];
- current[i].order=order++;
- }
- current[end]=pli;
- }
-
- @Override
- public Item best() throws LocatorException {
- switch(current.length) {
- case 0:
- return null;
- case 1:
- return current[0];
- default:
- return current[Math.abs(random.nextInt())%end];
- }
- }
-
- @Override
- public synchronized boolean refresh() {
- end = orig.length;
-
- // Build up list
- for(int i = 0; i < end ; ++i) {
- if(current[i]==null)current[i]=new PLItem(i);
- else current[i].idx=current[i].order=i;
- }
- return true;
- }
-
- private class PLItem implements Item {
- public int idx,order;
-
- public PLItem(int i) {
- idx = order =i;
- }
-
- public String toString() {
- return "Item: " + idx + " order: " + order;
- }
- }
-
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
-
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Put.java b/client/src/main/java/org/onap/aaf/cadi/client/Put.java
deleted file mode 100644
index ebd6e0d..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Put.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import org.onap.aaf.cadi.CadiException;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-public class Put<T> extends AAFClient.Call<T> {
- public Put(AAFClient ac, RosettaDF<T> df) {
- super(ac,df);
- }
-
- public Result<T> update(final String pathInfo, final T t) throws Exception {
- return client.hman.best(client.ss,
- new Retryable<Result<T>>() {
- @Override
- public Result<T> code(Rcli<?> client) throws APIException, CadiException {
- Future<T> ft = client.update(pathInfo,df,t);
- if(ft.get(client.readTimeout)) {
- return Result.ok(ft.code(),ft.value);
- } else {
- return Result.err(ft.code(),ft.body());
- }
- }
- });
- }
-
- public Result<Void> update(final String pathInfo) throws Exception {
- return client.hman.best(client.ss,
- new Retryable<Result<Void>>() {
- @Override
- public Result<Void> code(Rcli<?> client) throws APIException, CadiException {
- Future<Void> ft = client.update(pathInfo);
- if(ft.get(client.readTimeout)) {
- return Result.ok(ft.code(),ft.value);
- } else {
- return Result.err(ft.code(),ft.body());
- }
- }
- });
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/RawClient.java b/client/src/main/java/org/onap/aaf/cadi/client/RawClient.java
deleted file mode 100644
index 0386383..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/RawClient.java
+++ /dev/null
@@ -1,159 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.PrintStream;
-import java.net.URI;
-
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.config.Config;
-
-import com.att.aft.dme2.api.DME2Client;
-
-public abstract class RawClient {
- protected static String aafid, aafpass, aafurl;
- protected static Symm symm;
-
- protected static boolean init(PrintStream out) {
- try {
- String propfile = System.getProperty(Config.CADI_PROP_FILES);
- if(propfile==null) {
- propfile = "raw.props";
- }
- File pfile = new File(propfile);
- if(!pfile.exists()) {
- if(propfile.equals("raw.props")) {
- out.println("Creating 'raw.props'. Edit for proper values, then run again. Alternatively, set "
- + Config.CADI_PROP_FILES+" to a cadi properties file");
- FileOutputStream fos = new FileOutputStream(pfile);
- PrintStream ps = new PrintStream(fos);
- try {
- ps.println("# Use http://www.bing.com/maps to figure out LAT/LONG of an Address");
- ps.println("AFT_LATITUDE=38.432930");
- ps.println("AFT_LONGITUDE=-90.432480");
- ps.println("AFT_ENVIRONMENT=AFTUAT");
- ps.print(Config.AAF_URL);
- ps.println("=aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE");
- ps.print(Config.CADI_KEYFILE);
- ps.println("=<keyfile. use java -jar cadi-core*.jar in lib dir>");
- ps.println(Config.AAF_MECHID);
- ps.print("=<your id>");
- ps.println(Config.AAF_MECHPASS);
- ps.print("=<your encrypted password. use java -jar cadi-core*.jar in lib dir>");
- } finally {
- ps.close();
- }
- }
- } else {
- FileInputStream fis = new FileInputStream(propfile);
- try {
- System.getProperties().load(fis);
- } finally {
- fis.close();
- }
-
- String cadiKeyFile = System.getProperty(Config.CADI_KEYFILE);
- aafid = System.getProperty(Config.AAF_MECHID);
- aafpass = System.getProperty(Config.AAF_MECHPASS);
- aafurl = System.getProperty(Config.AAF_URL);
- out.println("Contacting: " + aafurl);
-
- if(cadiKeyFile==null || aafid==null || aafpass==null || aafurl==null ) {
- out.print(Config.CADI_KEYFILE);
- out.print(", ");
- out.print(Config.CADI_KEYFILE);
- out.print(", ");
- out.print(Config.CADI_KEYFILE);
- out.print(", ");
- out.print(Config.CADI_KEYFILE);
- out.print(" need to be set in ");
- out.println(propfile);
- } else {
- fis = new FileInputStream(cadiKeyFile);
- try {
- symm = Symm.obtain(fis);
- } finally {
- fis.close();
- }
- }
- return true;
- }
- } catch (Exception e) {
- e.printStackTrace(out);
- }
- return false;
-
- }
-
- public abstract String call(final PrintStream out, final String meth, final String path) throws Exception;
-
- public static void main(String[] args) {
- // Sonar idiocy
- PrintStream out = System.out;
-
- try {
- if(init(out)) {
- if(args.length<2) {
- System.out.println("Parameters: <Method> <path>");
- } else {
- RawClient client = new DME2();
- out.println(client.call(out,args[0],args[1]));
- }
- }
- } catch (Exception e) {
- e.printStackTrace(out);
- }
- }
-
- protected static class DME2 extends RawClient {
-
- public String call(final PrintStream out, final String meth, final String path) {
- try {
- DME2Client client = new DME2Client(new URI(aafurl),10000);
- client.setCredentials(aafid, symm.depass(aafpass));
- client.setMethod(meth);
- client.setContext(path);
-
- if("GET".equalsIgnoreCase(meth) ||
- "DELETE".equalsIgnoreCase(meth)) {
- client.setPayload("");
- } else if("POST".equalsIgnoreCase(meth) ||
- "PUT".equalsIgnoreCase(meth)) {
- int c;
- StringBuilder sb = new StringBuilder();
- while((c=System.in.read()) >=0) {
- sb.append((char)c);
- }
- client.setPayload(sb.toString());
- }
- return client.sendAndWait(10000);
- } catch (Exception e) {
- e.printStackTrace(out);
- return "";
- }
- }
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java b/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java
deleted file mode 100644
index 23158ef..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java
+++ /dev/null
@@ -1,697 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.net.URI;
-import java.util.Enumeration;
-
-import javax.servlet.ServletInputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.SecuritySetter;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data.TYPE;
-import org.onap.aaf.inno.env.util.Pool;
-import org.onap.aaf.inno.env.util.Pool.Pooled;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-public abstract class Rcli<CT> {
- public static final String BLANK = "";
- public static final String CONTENT_TYPE = "Content-Type";
- public static final String ACCEPT = "Accept";
-
- protected static final String POST = "POST";
- protected static final String GET = "GET";
- protected static final String PUT = "PUT";
- protected static final String DELETE = "DELETE";
- protected TYPE type;
- protected String apiVersion;
- protected int readTimeout = 5000;
- protected int connectionTimeout = 3000;
- protected URI uri;
- private String queryParams, fragment;
- public static Pool<byte[]> buffPool = new Pool<byte[]>(new Pool.Creator<byte[]>() {
- @Override
- public byte[] create() throws APIException {
- return new byte[1024];
- }
-
- @Override
- public void destroy(byte[] t) {
- }
-
- @Override
- public boolean isValid(byte[] t) {
- return true;
- }
-
- @Override
- public void reuse(byte[] t) {
- }
- });
-
-
- public Rcli() {
- super();
- }
-
- public abstract void setSecuritySetter(SecuritySetter<CT> ss);
- public abstract SecuritySetter<CT> getSecuritySetter();
-
-
- public Rcli<CT> forUser(SecuritySetter<CT> ss) {
- Rcli<CT> rv = clone(uri==null?this.uri:uri,ss);
- setSecuritySetter(ss);
- rv.type = type;
- rv.apiVersion = apiVersion;
- return rv;
- }
-
- protected abstract Rcli<CT> clone(URI uri, SecuritySetter<CT> ss);
-
- public abstract void invalidate() throws CadiException;
-
- public Rcli<CT> readTimeout(int millis) {
- readTimeout = millis;
- return this;
- }
-
- public Rcli<CT> connectionTimeout(int millis) {
- connectionTimeout = millis;
- return this;
- }
-
- public Rcli<CT> type(TYPE type) {
- this.type=type;
- return this;
- }
-
- public Rcli<CT> apiVersion(String apiVersion) {
- this.apiVersion = apiVersion;
- return this;
- }
-
- public boolean isApiVersion(String prospective) {
- return apiVersion.equals(prospective);
- }
-
-
- public String typeString(Class<?> cls) {
- return "application/"+cls.getSimpleName()+"+"+type.name().toLowerCase()+
- (apiVersion==null?BLANK:";version="+apiVersion);
- }
-
- protected abstract EClient<CT> client() throws CadiException;
-
-
- public<T> Future<T> create(String pathinfo, String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pathinfo);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.futureCreate(df.getTypeClass());
- }
-
- public<T> Future<T> create(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(df.getTypeClass()));
- client.setPathInfo(pathinfo);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.futureCreate(df.getTypeClass());
- }
-
- public<T> Future<T> create(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(cls));
- client.setPathInfo(pathinfo);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.futureCreate(df.getTypeClass());
- }
-
- public<T> Future<T> create(String pathinfo, Class<T> cls) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(cls));
- client.setPathInfo(pathinfo);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.futureCreate(cls);
- }
-
- public Future<Void> create(String pathinfo, String contentType) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pathinfo);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.futureCreate(Void.class);
- }
-
-
- public Future<String> read(String pathinfo, String accept, String ... headers) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, accept);
-
- for(int i=1;i<headers.length;i=i+2) {
- client.addHeader(headers[i-1],headers[i]);
- }
- client.setQueryParams(qp);
- client.setFragment(fragment);
-
- client.setPathInfo(pathinfo);
-
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.futureReadString();
- }
-
- public<T> Future<T> read(String pathinfo, String accept, RosettaDF<T> df, String ... headers) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, accept);
- for(int i=1;i<headers.length;i=i+2) {
- client.addHeader(headers[i-1],headers[i]);
- }
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
-
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.futureRead(df,type);
- }
-
- public<T> Future<T> read(String pathinfo, RosettaDF<T> df,String ... headers) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, typeString(df.getTypeClass()));
- for(int i=1;i<headers.length;i=i+2) {
- client.addHeader(headers[i-1],headers[i]);
- }
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
-
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.futureRead(df,type);
- }
-
- public<T> Future<T> read(String pathinfo, Class<?> cls, RosettaDF<T> df) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, typeString(cls));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
-
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.futureRead(df,type);
- }
-
- public<T> Future<T> update(String pathinfo, String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.future(t);
- }
-
- public<T> Future<String> updateRespondString(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.futureReadString();
- }
-
-
- public<T> Future<T> update(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.future(t);
- }
-
- public<T> Future<T> update(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(cls));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.future(t);
- }
-
- /**
- * A method to update with a VOID
- * @param pathinfo
- * @param resp
- * @param expected
- * @return
- * @throws APIException
- * @throws CadiException
- */
- public<T> Future<Void> update(String pathinfo) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(Void.class));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
-// client.setPayload(new EClient.Transfer() {
-// @Override
-// public void transfer(OutputStream os) throws IOException, APIException {
-// }
-// });
- client.send();
- queryParams = fragment = null;
- return client.future(null);
- }
-
- public<T> Future<T> delete(String pathinfo, String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, contentType);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.future(t);
- }
-
- public<T> Future<T> delete(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, typeString(cls));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- queryParams = fragment = null;
- return client.future(t);
- }
-
- public<T> Future<T> delete(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
-
- client.send();
- queryParams = fragment = null;
- return client.future(t);
- }
-
-
- public<T> Future<T> delete(String pathinfo, Class<T> cls) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, typeString(cls));
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.future((T)null);
- }
-
- public Future<Void> delete(String pathinfo, String contentType) throws APIException, CadiException {
- final int idx = pathinfo.indexOf('?');
- final String qp;
- if(idx>=0) {
- qp=pathinfo.substring(idx+1);
- pathinfo=pathinfo.substring(0,idx);
- } else {
- qp=queryParams;
- }
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, contentType);
- client.setQueryParams(qp);
- client.setFragment(fragment);
- client.setPathInfo(pathinfo);
- client.setPayload(null);
- client.send();
- queryParams = fragment = null;
- return client.future(null);
- }
-
- public Future<Void> transfer(final HttpServletRequest req, final HttpServletResponse resp, final String pathParam, final int expected) throws CadiException, APIException {
- EClient<CT> client = client();
- URI uri;
- try {
- uri = new URI(req.getRequestURI());
- } catch (Exception e) {
- throw new CadiException("Invalid incoming URI",e);
- }
- String name;
- for(Enumeration<String> en = req.getHeaderNames();en.hasMoreElements();) {
- name = en.nextElement();
- client.addHeader(name,req.getHeader(name));
- }
- client.setQueryParams(req.getQueryString());
- client.setFragment(uri.getFragment());
- client.setPathInfo(pathParam);
- String meth = req.getMethod();
- client.setMethod(meth);
- if(!"GET".equals(meth)) {
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- final ServletInputStream is = req.getInputStream();
- int read;
- // reuse Buffers
- Pooled<byte[]> pbuff = buffPool.get();
- try {
- while((read=is.read(pbuff.content))>=0) {
- os.write(pbuff.content,0,read);
- }
- } finally {
- pbuff.done();
- }
- }
- });
- }
- client.send();
- return client.future(resp, expected);
- }
-
- public String toString() {
- return uri.toString();
- }
-
- /**
- * @param queryParams the queryParams to set
- * @return
- */
- public Rcli<CT> setQueryParams(String queryParams) {
- this.queryParams = queryParams;
- return this;
- }
-
-
- /**
- * @param fragment the fragment to set
- * @return
- */
- public Rcli<CT> setFragment(String fragment) {
- this.fragment = fragment;
- return this;
- }
-
- public URI getURI() {
- return uri;
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Result.java b/client/src/main/java/org/onap/aaf/cadi/client/Result.java
deleted file mode 100644
index 5b3d8fd..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Result.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-public class Result<T> {
- public final int code;
- public final T value;
- public final String error;
-
- private Result(int code, T value, String error) {
- this.code = code;
- this.value = value;
- this.error = error;
- }
-
- public static<T> Result<T> ok(int code,T t) {
- return new Result<T>(code,t,null);
- }
-
- public static<T> Result<T> err(int code,String body) {
- return new Result<T>(code,null,body);
- }
-
- public boolean isOK() {
- return error==null;
- }
-
- public String toString() {
- StringBuilder sb = new StringBuilder("Code: ");
- sb.append(code);
- if(error!=null) {
- sb.append(" = ");
- sb.append(error);
- }
- return sb.toString();
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java b/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java
deleted file mode 100644
index 9c701ef..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.client;
-
-import java.net.ConnectException;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Locator;
-
-import org.onap.aaf.inno.env.APIException;
-
-/**
- *
- *
- * @param <RT>
- * @param <RET>
- */
-public abstract class Retryable<RET> {
- // be able to hold state for consistent Connections. Not required for all connection types.
- public Rcli<?> lastClient;
- private Locator.Item item;
-
- public Retryable() {
- lastClient = null;
- item = null;
- }
-
- public Retryable(Retryable<?> ret) {
- lastClient = ret.lastClient;
- item = ret.item;
- }
-
- public Locator.Item item(Locator.Item item) {
- lastClient = null;
- this.item = item;
- return item;
- }
- public Locator.Item item() {
- return item;
- }
-
- public abstract RET code(Rcli<?> client) throws CadiException, ConnectException, APIException;
-
- /**
- * Note, Retryable is tightly coupled to the Client Utilizing. It will not be the wrong type.
- * @return
- */
- @SuppressWarnings("unchecked")
- public <CLIENT> Rcli<CLIENT> lastClient() {
- return (Rcli<CLIENT>)lastClient;
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dme2/DEClient.java b/client/src/main/java/org/onap/aaf/cadi/dme2/DEClient.java
deleted file mode 100644
index 7bbdc25..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dme2/DEClient.java
+++ /dev/null
@@ -1,223 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dme2;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.net.URI;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.client.EClient;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.client.Rcli;
-
-import com.att.aft.dme2.api.DME2Client;
-import com.att.aft.dme2.api.DME2Exception;
-import com.att.aft.dme2.api.DME2Manager;
-import com.att.aft.dme2.handler.DME2RestfulHandler;
-import com.att.aft.dme2.handler.DME2RestfulHandler.ResponseInfo;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-public class DEClient implements EClient<DME2Client> {
- private DME2Client client;
- private DME2RestfulHandler replyHandler;
- private EClient.Transfer payload;
- private boolean isProxy;
- private SecuritySetter<DME2Client> ss;
-
- public DEClient(DME2Manager manager, SecuritySetter<DME2Client> ss, URI uri, long timeout) throws DME2Exception, CadiException {
- client = new DME2Client(manager,uri,timeout);
- client.setAllowAllHttpReturnCodes(true);
- this.ss = ss;
- ss.setSecurity(client);
- replyHandler = new DME2RestfulHandler(Rcli.BLANK);
- client.setReplyHandler(replyHandler);
- }
-
- @Override
- public void setMethod(String meth) {
- client.setMethod(meth);
- }
-
- /**
- * DME2 can't handle having QueryParams on the URL line, but it is the most natural way, so...
- *
- * Also, DME2 can't handle "/proxy" as part of Context in the main URI line, so we add it when we see authz-gw to "isProxy"
- */
- public void setPathInfo(String pathinfo) {
- int qp = pathinfo.indexOf('?');
- if(qp<0) {
- client.setContext(isProxy?("/proxy"+pathinfo):pathinfo);
- } else {
- client.setContext(isProxy?("/proxy"+pathinfo.substring(0,qp)):pathinfo.substring(0,qp));
- client.setQueryParams(pathinfo.substring(qp+1));
- }
- }
-
- @Override
- public void setPayload(EClient.Transfer transfer) {
- payload = transfer;
- }
-
- @Override
- public void addHeader(String tag, String value) {
- client.addHeader(tag, value);
- }
-
-
- @Override
- public void setQueryParams(String q) {
- client.setQueryParams(q);
- }
-
- @Override
- public void setFragment(String f) {
- // DME2 does not implement this
- }
-
- @Override
- public void send() throws APIException {
- try {
- if(payload!=null) {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- payload.transfer(baos);
- client.setPayload(new String(baos.toByteArray()));
- } else {
- client.setPayload("");
- }
- client.send();
- } catch (DME2Exception e) {
- throw new APIException(e);
- } catch (IOException e) {
- throw new APIException(e);
- }
- }
-
-
- public class DFuture<T> extends Future<T> {
- protected final DME2RestfulHandler reply;
- protected ResponseInfo info;
-
- public DFuture(DME2RestfulHandler reply) {
- this.reply = reply;
- }
-
- protected boolean evalInfo() throws APIException{
- //return info.getCode()==200;
- return true;
- };
-
- public final boolean get(int timeout) throws CadiException {
- try {
- info = reply.getResponse(timeout);
- ss.setLastResponse(info.getCode());
- return evalInfo();
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- @Override
- public int code() {
- return info.getCode();
- }
-
- @Override
- public String body() {
- return info.getBody();
- }
-
- @Override
- public String header(String tag) {
- return info.header(tag);
- }
-
- }
-
- @Override
- public <T> Future<T> futureCreate(Class<T> t) {
- return new DFuture<T>(replyHandler) {
- public boolean evalInfo() throws APIException {
-
- return info.getCode()==201;
- }
- };
- }
-
-
- @Override
- public Future<String> futureReadString() {
- return new DFuture<String>(replyHandler) {
- public boolean evalInfo() throws APIException {
- if(info.getCode()==200) {
- value = info.getBody();
- return true;
- }
- return false;
- }
- };
- }
-
- @Override
- public<T> Future<T> futureRead(final RosettaDF<T> df, final Data.TYPE type) {
- return new DFuture<T>(replyHandler) {
- public boolean evalInfo() throws APIException {
- if(info.getCode()==200) {
- value = df.newData().in(type).load(info.getBody()).asObject();
- return true;
- }
- return false;
- }
- };
- }
-
- @Override
- public <T> Future<T> future(final T t) {
- return new DFuture<T>(replyHandler) {
- public boolean evalInfo() {
- if(info.getCode()==200) {
- value = t;
- return true;
- }
- return false;
- }
- };
- }
-
- @Override
- public Future<Void> future(HttpServletResponse resp,int expected) throws APIException {
- // TODO Auto-generated method stub
- return null;
- }
-
- public void setProxy(boolean isProxy) {
- this.isProxy=isProxy;
- }
-
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2BasicAuth.java b/client/src/main/java/org/onap/aaf/cadi/dme2/DME2BasicAuth.java
deleted file mode 100644
index b29074f..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2BasicAuth.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dme2;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.client.AbsBasicAuth;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-
-import com.att.aft.dme2.api.DME2Client;
-
-public class DME2BasicAuth extends AbsBasicAuth<DME2Client> {
- public DME2BasicAuth(String user, String pass, SecurityInfoC<DME2Client> si) throws IOException {
- super(user,pass,si);
- }
-
- public DME2BasicAuth(Access access, SecurityInfoC<DME2Client> si) throws IOException {
- super(access.getProperty(Config.AAF_MECHID, null),
- access.decrypt(access.getProperty(Config.AAF_MECHPASS, null), false),
- si);
- }
-
- public DME2BasicAuth(BasicPrincipal bp,SecurityInfoC<DME2Client> si) throws IOException {
- super(bp.getName(),new String(bp.getCred()),si);
- }
-
- public DME2BasicAuth(Access access) throws IOException, GeneralSecurityException {
- super(access.getProperty(Config.AAF_MECHID, null),
- access.decrypt(access.getProperty(Config.AAF_MECHPASS, null), false),
- new SecurityInfoC<DME2Client>(access));
- }
-
- public void setSecurity(DME2Client client) throws CadiException {
- if(isDenied()) {
- throw new CadiException(REPEAT_OFFENDER);
- }
- client.addHeader("Authorization", headValue);
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2ClientSS.java b/client/src/main/java/org/onap/aaf/cadi/dme2/DME2ClientSS.java
deleted file mode 100644
index 167fe3b..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2ClientSS.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dme2;
-
-import java.io.IOException;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.Access.Level;
-
-import com.att.aft.dme2.api.DME2Client;
-
-public class DME2ClientSS implements SecuritySetter<DME2Client> {
- private Access access;
- private String user,crd;
-
- public DME2ClientSS(Access access, String user, String pass) throws IOException {
- this.access = access;
- this.user = user;
- this.crd = pass;
- }
-
- @Override
- public void setSecurity(DME2Client client) {
- try {
- client.setCredentials(user, access.decrypt(crd, false));
- } catch (IOException e) {
- access.log(Level.ERROR,e,"Error decrypting DME2 Password");
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.SecuritySetter#getID()
- */
- @Override
- public String getID() {
- return user;
- }
-
- @Override
- public int setLastResponse(int respCode) {
- // TODO Auto-generated method stub
- return 0;
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2Locator.java b/client/src/main/java/org/onap/aaf/cadi/dme2/DME2Locator.java
deleted file mode 100644
index 47af9ea..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2Locator.java
+++ /dev/null
@@ -1,349 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dme2;
-
-
-import java.net.InetAddress;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.UnknownHostException;
-import java.util.Arrays;
-import java.util.Comparator;
-import java.util.Random;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.Access.Level;
-
-//
-import com.att.aft.dme2.api.DME2Exception;
-import com.att.aft.dme2.api.DME2Manager;
-import com.att.aft.dme2.api.DME2Server;
-import com.att.aft.dme2.manager.registry.DME2Endpoint;
-
-public class DME2Locator implements Locator {
- private DME2Manager dm;
- private DME2Endpoint[] endpoints;
- private Access access;
- private String service;
- private String version;
- private String routeOffer;
- private String envContext;
- private String thisMachine;
- private String pathInfo;
- private int thisPort;
- private boolean removeSelf;
- private final static Random random = new Random();
-
- // Default is to not bother trying to remove self
- public DME2Locator(Access access, DME2Manager dm, String service, String version, String envContext, String routeOffer) throws DME2Exception, UnknownHostException, LocatorException {
- this(access,dm,service,version,envContext,routeOffer,false);
- }
-
- public DME2Locator(Access access, DME2Manager dm, String service, String version, String envContext, String routeOffer, boolean removeSelf) throws DME2Exception, UnknownHostException, LocatorException {
- this.access = access;
- if(dm==null) {
- this.dm = new DME2Manager("DME2Locator created DME2Manager",System.getProperties());
- } else {
- this.dm = dm;
- }
- this.service = service;
- this.version = version;
- this.envContext = envContext;
- this.routeOffer = routeOffer;
- refresh();
- DME2Server server = dm.getServer();
- if(server == null) {
- thisMachine = InetAddress.getLocalHost().getHostName();
- thisPort = 0;
- } else {
- try {
- thisMachine = server.getServerProperties().getHostname();
- //thisPort = server.getPort();
- thisPort = server.getServerProperties().getPort();
- } catch(NullPointerException np) { // BAD BOY, DME2...
- access.log(Level.ERROR, "WARNING: DME2 threw a NullPointer Exception getting Server Machine and Port");
- thisMachine = InetAddress.getLocalHost().getHostName();
- thisPort = 0;
- }
- }
- this.removeSelf = removeSelf;
- }
-
- // Default is to not bother trying to remove self
- public DME2Locator(Access access, DME2Manager dm, String aafurl) throws DME2Exception, UnknownHostException, LocatorException {
- this(access,dm,aafurl,false);
- }
-
- public DME2Locator(Access access, DME2Manager dm, String aafurl, boolean removeSelf) throws DME2Exception, UnknownHostException, LocatorException {
- if(aafurl==null) throw new LocatorException("URL is null");
- this.access = access;
- if(dm==null) {
- dm = this.dm = new DME2Manager("DME2Locator created DME2Manager",System.getProperties());
- } else {
- this.dm = dm;
- }
- String[] split = aafurl.split("/");
- StringBuilder sb = new StringBuilder();
- boolean dme2Entered = false;
- for(String s : split) {
- if(s.startsWith( "service=")) this.service = s.substring(8);
- else if(s.startsWith("version=")) this.version = s.substring(8);
- else if(s.startsWith("envContext=")) this.envContext = s.substring(11);
- else if(s.startsWith("routeOffer=")) {
- this.routeOffer = s.substring(11);
- dme2Entered = true;
- }
- else if(dme2Entered) {
- sb.append('/');
- sb.append(s);
- }
- pathInfo = sb.toString();
- }
- DME2Server server = dm.getServer();
- if(server == null) {
- thisMachine = InetAddress.getLocalHost().getHostName();
- thisPort = 0;
- } else {
- thisMachine = server.getServerProperties().getHostname();
- if(thisMachine==null) { // even if server !=null, apparently, it can be uninitialized
- thisMachine = InetAddress.getLocalHost().getHostName();
- thisPort = 0;
- } else {
- try {
- thisPort = server.getServerProperties().getPort();
- } catch (Exception e) {
- thisPort = 0;
- }
- }
- }
- this.removeSelf=removeSelf;
- refresh();
- }
-
- @Override
- public boolean refresh() {
- try {
- dm.refresh();
- endpoints = dm.findEndpoints(service, version, envContext, routeOffer, true);
- if(removeSelf) {
- for(int i=0;i<endpoints.length;++i) {
- if(endpoints[i].getPort()==thisPort && endpoints[i].getHost().equals(thisMachine))
- endpoints[i]=null;
- }
- }
- return endpoints.length!=0;
- } catch (Exception e) {
- access.log(Level.ERROR, e.getMessage());
- }
- return false;
- }
-
- private String noEndpointsString() {
- StringBuilder sb = new StringBuilder("No DME2 Endpoints found for ");
- sb.append(service);
- sb.append('/');
- sb.append(version);
- sb.append('/');
- sb.append(envContext);
- sb.append('/');
- sb.append(routeOffer);
- return sb.toString();
- }
-
- @Override
- public URI get(Locator.Item item) throws LocatorException {
- if(!hasItems())
- throw new LocatorException(noEndpointsString());
- if(item == null)
- return null;
-
- Item li = ((Item)item);
- // if URI has been created, use it
- if(li.uri!=null)return li.uri;
-
- // URI not created, create it
- if(li.idx<endpoints.length) {
- DME2Endpoint de = endpoints[li.idx];
- if(de!=null) {
- try {
- return li.uri=new URI(de.getProtocol(),null,de.getHost(),de.getPort(),pathInfo,null,null);
- } catch (URISyntaxException e) {
- throw new LocatorException(e);
- }
- }
- }
- return null;
- }
-
- @Override
- public boolean hasItems() {
- return endpoints!=null && endpoints.length>0;
- }
-
- @Override
- public void invalidate(Locator.Item item) throws LocatorException {
- if(item instanceof Item) {
- int idx = ((Item)item).idx;
- if(idx<endpoints.length) {
- DME2Endpoint uhoh = endpoints[idx]; // Sometimes, DME2Endpoint, at least on File system, returns bogus entries.
- endpoints[idx]=null;
- boolean noneLeft=true;
- for(int i=0;i<endpoints.length && noneLeft;++i) {
- noneLeft = endpoints[i]==null;
- }
- if(noneLeft && refresh()) { // make sure DME2 isn't giving us the same invalidated entry...
- for(int i=0;i<endpoints.length && noneLeft;++i) {
- DME2Endpoint ep = endpoints[i];
- if(ep != null &&
- ep.getHost().equals(uhoh.getHost()) &&
- ep.getPort()==uhoh.getPort()) {
- endpoints[i]=null;
- }
- }
- }
-
- }
- }
- }
-
- public class Item implements Locator.Item {
- private final int idx;
- private URI uri;
- private Item(int i) {
- idx = i;
- uri = null;
- }
- }
-
- @Override
- public Item best() throws LocatorException {
- if(!hasItems()) // checks endpoints
- if(!refresh()) throw new LocatorException("No DME2 Endpoints Available");
-
- // Some endpoints in Array are null. Need sub array of usable endpoints
- int usable[] = new int[endpoints.length];
- int count=0;
- for(int i=0;i<endpoints.length;++i) {
- if(endpoints[i]!=null) {
- usable[count++] = i;
- }
- }
- switch(count) {
- case 0: refresh(); return null;
- case 1: return new Item(usable[0]);
- default:
- int samemach[] = new int[count];
- int samecount = 0,closecount=0;
- // has to be sortable
- Integer closemach[] = new Integer[count];
-
- // Analyze for Same Machine or Remote machines
- for(int i=0;i<count;++i) {
- DME2Endpoint ep = endpoints[usable[i]];
- String host = ep.getHost();
- if(thisMachine.equalsIgnoreCase(host)) {
- samemach[samecount++] = usable[i];
- } else {
- closemach[closecount++] = usable[i];
- }
- }
-
- switch(samecount) {
- case 0: break;
- case 1: return new Item(samemach[0]);
- default: // return randomized is multiple Endpoints on local machine.
- int i = random.nextInt();
- return new Item(usable[Math.abs(i%samecount)]);
- }
-
- // Analyze for closest remote
- switch(closecount) {
- case 0: return null;
- case 1: return new Item(closemach[0]);
- default: // return closest machine
- DoubIndex remote[] = new DoubIndex[closecount];
- int remotecount = 0;
- for(int i=0;i<closecount;++i) {
- DME2Endpoint de = endpoints[usable[i]];
- remote[remotecount++] = new DoubIndex(de.getDistance(),i);
- }
- Arrays.sort(remote,new Comparator<DoubIndex> () {
- @Override
- public int compare(DoubIndex a, DoubIndex b) {
- if(a.d<b.d) return -1;
- if(a.d>b.d) return 1;
- return (random.nextInt()%1)==0?1:0;// randomize if the same
- }
-
- });
- return new Item(remote[0].idx);
- }
- }
- }
-
- private class DoubIndex {
- public final double d;
- public final int idx;
-
- public DoubIndex(double doub, int i) {
- d = doub;
- idx = i;
- }
- }
- @Override
- public Item first() {
- if(endpoints==null)return null;
- for(int i=0;i<endpoints.length;++i) {
- if(endpoints[i]!=null)
- return new Item(i);
- }
- return null;
- }
-
- @Override
- public Item next(Locator.Item item) throws LocatorException {
- if(endpoints==null || endpoints.length==0 || !(item instanceof Item))return null;
- int idx = ((Item)item).idx +1;
- for(int i=idx;i<endpoints.length;++i) {
- if(endpoints[i]!=null)
- return new Item(i);
- }
-// This is a mistake.. will start infinite loops
-// // Did not have any at end... try beginning
-// for(int i=0;i<idx-1;++i) {
-// if(endpoints[i]!=null)
-// return new Item(i);
-// }
-// // If still nothing, refresh
-// refresh();
- return null;
- }
-
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
-
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2TransferSS.java b/client/src/main/java/org/onap/aaf/cadi/dme2/DME2TransferSS.java
deleted file mode 100644
index f71d19c..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2TransferSS.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dme2;
-
-import java.io.IOException;
-import java.security.Principal;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.client.AbsTransferSS;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-
-import com.att.aft.dme2.api.DME2Client;
-
-public class DME2TransferSS extends AbsTransferSS<DME2Client> {
-
- public DME2TransferSS(Principal principal, String app, SecurityInfoC<DME2Client> si) throws IOException {
- super(principal, app, si);
- }
-
- @Override
- public void setSecurity(DME2Client client) throws CadiException {
- if(value!=null) {
- if(defSS==null) {
- throw new CadiException("Need App Credentials to send message");
- }
- defSS.setSecurity(client);
- client.addHeader(Config.CADI_USER_CHAIN, value);
- }
- }
-
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2x509SS.java b/client/src/main/java/org/onap/aaf/cadi/dme2/DME2x509SS.java
deleted file mode 100644
index af803c1..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dme2/DME2x509SS.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dme2;
-
-import java.io.IOException;
-import java.security.cert.CertificateEncodingException;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-
-import com.att.aft.dme2.api.DME2Client;
-import org.onap.aaf.inno.env.APIException;
-
-
-public class DME2x509SS implements SecuritySetter<DME2Client> {
- private String alias;
-
- public DME2x509SS(final String sendAlias, SecurityInfoC<DME2Client> si) throws APIException, IOException, CertificateEncodingException {
- if((alias=sendAlias) == null) {
- if(si.default_alias == null) {
- throw new APIException("JKS Alias is required to use X509SS Security. Use " + Config.CADI_ALIAS +" to set default alias");
- } else {
- alias = si.default_alias;
- }
- }
- }
-
- @Override
- public void setSecurity(DME2Client dme2) throws CadiException {
- // DME2Client has to have properties set before creation to work.
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.SecuritySetter#getID()
- */
- @Override
- public String getID() {
- return alias;
- }
-
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dme2/DRcli.java b/client/src/main/java/org/onap/aaf/cadi/dme2/DRcli.java
deleted file mode 100644
index cd95bcc..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dme2/DRcli.java
+++ /dev/null
@@ -1,142 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dme2;
-
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.client.EClient;
-import org.onap.aaf.cadi.client.Rcli;
-
-import com.att.aft.dme2.api.DME2Client;
-import com.att.aft.dme2.api.DME2Exception;
-import com.att.aft.dme2.api.DME2Manager;
-import com.att.aft.dme2.manager.registry.DME2Endpoint;
-import com.att.aft.dme2.request.DmeUniformResource;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data.TYPE;
-
-/**
- * DME2 Rosetta Client
- *
- * JAXB defined JSON or XML over DME2 middleware
- *
- *
- * @param <T>
- */
-public class DRcli extends Rcli<DME2Client> {
- // Can be more efficient if tied to manager, apparently. Can pass in null.
- DME2Manager manager=null;
- private SecuritySetter<DME2Client> ss;
- private boolean isProxy;
-
- public DRcli(URI uri, SecuritySetter<DME2Client> secSet) {
- this.uri = uri;
- type = TYPE.JSON;
- apiVersion = null;
- ss=secSet;
- }
-
- @Override
- protected DRcli clone(URI uri, SecuritySetter<DME2Client> ss) {
- return new DRcli(uri,ss);
- }
-
-
-
- /**
- * Note from Thaniga on 11/5. DME2Client is not expected to be reused... need a fresh one
- * on each transaction, which is expected to cover the Async aspects.
- *
- * @return
- * @throws APIException
- * @throws DME2Exception
- */
- protected EClient<DME2Client> client() throws CadiException {
- try {
- DEClient dc = new DEClient(manager,getSecuritySetter(),uri,readTimeout);
- dc.setProxy(isProxy);
- return dc;
- } catch (DME2Exception e) {
- throw new CadiException(e);
- }
- }
-
- public DRcli setManager(DME2Manager dme2Manager) {
- manager = dme2Manager;
- return this;
- }
-
- public List<DRcli> all() throws DME2Exception, APIException {
- ArrayList<DRcli> al = new ArrayList<DRcli>();
-
- if(manager == null) {
- manager = DME2Manager.getDefaultInstance();
- }
- try {
- DME2Endpoint[] endp = manager.getEndpoints(new DmeUniformResource(manager.getConfig(),uri));
- // Convert Searchable Endpoints to Direct Endpoints
- for(DME2Endpoint de : endp) {
- al.add(new DRcli(
- new URI(uri.getScheme(),null,de.getHost(),de.getPort(),null,null,null),ss)
-// new URI(uri.getScheme(),null,de.getHost(),de.getPort(),uri.getPath(),null,null),ss)
- .setManager(manager)
- );
- }
- } catch (MalformedURLException e) {
- throw new APIException("Invalid URL",e);
- } catch (URISyntaxException e) {
- throw new APIException("Invalid URI",e);
- }
- return al;
- }
-
- @Override
- public void invalidate() throws CadiException {
- try {
- manager.refresh();
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- @Override
- public void setSecuritySetter(SecuritySetter<DME2Client> ss) {
- this.ss = ss;
- }
-
- @Override
- public SecuritySetter<DME2Client> getSecuritySetter() {
- return ss;
- }
-
- public void setProxy(boolean isProxy) {
- this.isProxy = isProxy;
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/dnsloc/DNSLocator.java b/client/src/main/java/org/onap/aaf/cadi/dnsloc/DNSLocator.java
deleted file mode 100644
index 105ccf1..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/dnsloc/DNSLocator.java
+++ /dev/null
@@ -1,167 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.dnsloc;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.Access.Level;
-
-public class DNSLocator implements Locator {
- private static enum Status {UNTRIED, OK, INVALID, SLOW};
- private static final int CHECK_TIME = 3000;
-
- private String host, protocol;
- private Access access;
- private Host[] hosts;
- private int startPort, endPort;
- private String suffix;
-
- public DNSLocator(Access access, String protocol, String host, String range) {
- this.host = host;
- this.protocol = protocol;
- this.access = access;
- int dash = range.indexOf('-');
- if(dash<0) {
- startPort = endPort = Integer.parseInt(range);
- } else {
- startPort = Integer.parseInt(range.substring(0,dash));
- endPort = Integer.parseInt(range.substring(dash + 1));
- }
- refresh();
- }
-
- @Override
- public URI get(Item item) throws LocatorException {
- return hosts[((DLItem)item).cnt].uri;
- }
-
- @Override
- public boolean hasItems() {
- for(Host h : hosts) {
- if(h.status==Status.OK) {
- return true;
- }
- }
- return false;
- }
-
- @Override
- public void invalidate(Item item) {
- DLItem di = (DLItem)item;
- hosts[di.cnt].status = Status.INVALID;
- }
-
- @Override
- public Item best() throws LocatorException {
- // not a good "best"
- for(int i=0;i<hosts.length;++i) {
- switch(hosts[i].status) {
- case OK:
- return new DLItem(i);
- case INVALID:
- break;
- case SLOW:
- break;
- case UNTRIED:
- try {
- if(hosts[i].ia.isReachable(CHECK_TIME)) {
- hosts[i].status = Status.OK;
- return new DLItem(i);
- }
- } catch (IOException e) {
- throw new LocatorException(e);
- }
- break;
- default:
- break;
- }
- }
- throw new LocatorException("No Available URIs for " + host);
- }
-
- @Override
- public Item first() throws LocatorException {
- return new DLItem(0);
- }
-
- @Override
- public Item next(Item item) throws LocatorException {
- DLItem di = (DLItem)item;
- if(++di.cnt<hosts.length) {
- return di;
- } else {
- return null;
- }
- }
-
- @Override
- public boolean refresh() {
- try {
- InetAddress[] ias = InetAddress.getAllByName(host);
- Host[] temp = new Host[ias.length * (1 + endPort - startPort)];
- int cnt = -1;
- for(int j=startPort; j<=endPort; ++j) {
- for(int i=0;i<ias.length;++i) {
- temp[++cnt] = new Host(ias[i], j, suffix);
- }
- }
- hosts = temp;
- return true;
- } catch (Exception e) {
- access.log(Level.ERROR, e);
- }
- return false;
- }
-
- private class Host {
- private URI uri;
- private InetAddress ia;
- private Status status;
-
- public Host(InetAddress inetAddress, int port, String suffix) throws URISyntaxException {
- ia = inetAddress;
- uri = new URI(protocol,null,inetAddress.getHostAddress(),port,suffix,null,null);
- status = Status.UNTRIED;
- }
- }
-
- private class DLItem implements Item {
- public DLItem(int i) {
- cnt = i;
- }
-
- private int cnt;
- }
-
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
-
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java b/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java
deleted file mode 100644
index f9212e8..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.http;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-
-import javax.net.ssl.HttpsURLConnection;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.client.AbsBasicAuth;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-import org.onap.aaf.cadi.principal.BasicPrincipal;
-
-public class HBasicAuthSS extends AbsBasicAuth<HttpURLConnection> {
- public HBasicAuthSS(Access access, SecurityInfoC<HttpURLConnection> si) throws IOException {
- super(access.getProperty(Config.AAF_MECHID, null),
- access.decrypt(access.getProperty(Config.AAF_MECHPASS, null), false),
- si);
- }
-
- public HBasicAuthSS(String user, String pass, SecurityInfoC<HttpURLConnection> si) throws IOException {
- super(user,pass,si);
- }
-
- public HBasicAuthSS(String user, String pass, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws IOException {
- super(user,pass,si);
- if(asDefault) {
- si.set(this);
- }
- }
-
- public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC<HttpURLConnection> si) throws IOException {
- super(bp.getName(),new String(bp.getCred()),si);
- }
-
- public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws IOException {
- super(bp.getName(),new String(bp.getCred()),si);
- if(asDefault) {
- si.set(this);
- }
- }
-
- @Override
- public void setSecurity(HttpURLConnection huc) throws CadiException {
- if(isDenied()) {
- throw new CadiException(REPEAT_OFFENDER);
- }
- huc.addRequestProperty("Authorization" , headValue);
- if(securityInfo!=null && huc instanceof HttpsURLConnection) {
- securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
- }
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HClient.java b/client/src/main/java/org/onap/aaf/cadi/http/HClient.java
deleted file mode 100644
index 70a703e..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/http/HClient.java
+++ /dev/null
@@ -1,434 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.http;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.io.Reader;
-import java.net.HttpURLConnection;
-import java.net.URI;
-import java.net.URL;
-import java.util.ArrayList;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.client.EClient;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.client.Rcli;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data;
-import org.onap.aaf.inno.env.Data.TYPE;
-import org.onap.aaf.inno.env.util.Pool.Pooled;
-import org.onap.aaf.rosetta.env.RosettaDF;
-
-/**
- * Low Level Http Client Mechanism. Chances are, you want the high level "HRcli"
- * for Rosetta Object Translation
- *
- *
- */
-public class HClient implements EClient<HttpURLConnection> {
- private URI uri;
- private ArrayList<Header> headers;
- private String meth;
- private String pathinfo;
- private String query;
- private String fragment;
- private Transfer transfer;
- private SecuritySetter<HttpURLConnection> ss;
- private HttpURLConnection huc;
- private int connectTimeout;
-
- public HClient(SecuritySetter<HttpURLConnection> ss, URI uri,int connectTimeout) throws LocatorException {
- if (uri == null) {
- throw new LocatorException("No Service available to call");
- }
- this.uri = uri;
- this.ss = ss;
- this.connectTimeout = connectTimeout;
- pathinfo = query = fragment = "";
- }
-
- @Override
- public void setMethod(String meth) {
- this.meth = meth;
- }
-
- @Override
- public void setPathInfo(String pathinfo) {
- this.pathinfo = pathinfo;
- }
-
- @Override
- public void setPayload(Transfer transfer) {
- this.transfer = transfer;
- }
-
- @Override
- public void addHeader(String tag, String value) {
- if (headers == null)
- headers = new ArrayList<Header>();
- headers.add(new Header(tag, value));
- }
-
- @Override
- public void setQueryParams(String q) {
- query = q;
- }
-
- @Override
- public void setFragment(String f) {
- fragment = f;
- }
-
- @Override
- public void send() throws APIException {
- try {
- // Build URL from given URI plus current Settings
- if(uri.getPath()==null) {
- throw new APIException("Invalid URL entered for HClient");
- }
- StringBuilder pi = new StringBuilder(uri.getPath());
- if(!pathinfo.startsWith("/")) {
- pi.append('/');
- }
- pi.append(pathinfo);
- URL url = new URI(
- uri.getScheme(),
- uri.getUserInfo(),
- uri.getHost(),
- uri.getPort(),
- pi.toString(),
- query,
- fragment).toURL();
- pathinfo=null;
- query=null;
- fragment=null;
- huc = (HttpURLConnection) url.openConnection();
- if(ss!=null) {
- ss.setSecurity(huc);
- }
- huc.setRequestMethod(meth);
- if (headers != null)
- for (Header d : headers) {
- huc.addRequestProperty(d.tag, d.value);
- }
- huc.setDoInput(true);
- huc.setDoOutput(true);
- huc.setUseCaches(false);
- huc.setConnectTimeout(connectTimeout);
- huc.connect();
- if (transfer != null) {
- transfer.transfer(huc.getOutputStream());
- }
- // TODO other settings? There's a bunch here.
- } catch (Exception e) {
- throw new APIException(e);
- } finally { // ensure all these are reset after sends
- meth=pathinfo=null;
- if(headers!=null) {
- headers.clear();
- }
- pathinfo = query = fragment = "";
- }
- }
-
- public abstract class HFuture<T> extends Future<T> {
- protected HttpURLConnection huc;
- protected int respCode;
- protected String respMessage;
- protected IOException exception;
- protected StringBuilder errContent;
-
- public HFuture(final HttpURLConnection huc) {
- this.huc = huc;
- }
-
- protected boolean evalInfo(HttpURLConnection huc) throws APIException, IOException{
- return respCode == 200;
- };
-
- @Override
- public final boolean get(int timeout) throws CadiException {
- try {
- huc.setReadTimeout(timeout);
- respCode = huc.getResponseCode();
- ss.setLastResponse(respCode);
- if(evalInfo(huc)) {
- return true;
- } else {
- extractError();
- return false;
- }
- } catch (IOException | APIException e) {
- throw new CadiException(e);
- } finally {
- close();
- }
- }
-
- private void extractError() {
- InputStream is = huc.getErrorStream();
- try {
- if(is==null) {
- is = huc.getInputStream();
- }
- if(is!=null) {
- errContent = new StringBuilder();
- int c;
- while((c=is.read())>=0) {
- errContent.append((char)c);
- }
- }
- } catch (IOException e) {
- exception = e;
- }
- }
-
- // Typically only used by Read
- public StringBuilder inputStreamToString(InputStream is) {
- // Avoids Carriage returns, and is reasonably efficient, given
- // the buffer reads.
- try {
- StringBuilder sb = new StringBuilder();
- Reader rdr = new InputStreamReader(is);
- try {
- char[] buf = new char[256];
- int read;
- while ((read = rdr.read(buf)) >= 0) {
- sb.append(buf, 0, read);
- }
- } finally {
- rdr.close();
- }
- return sb;
- } catch (IOException e) {
- exception = e;
- return null;
- }
- }
-
-
- @Override
- public int code() {
- return respCode;
- }
-
- public HttpURLConnection huc() {
- return huc;
- }
-
- public IOException exception() {
- return exception;
- }
-
- public String respMessage() {
- return respMessage;
- }
-
- @Override
- public String header(String tag) {
- return huc.getHeaderField(tag);
- }
-
- public void close() {
- if(huc!=null) {
- huc.disconnect();
- }
- }
- }
-
- @Override
- public <T> Future<T> futureCreate(Class<T> t) {
- return new HFuture<T>(huc) {
- public boolean evalInfo(HttpURLConnection huc) {
- return respCode==201;
- }
-
- @Override
- public String body() {
- if (errContent != null) {
- return errContent.toString();
-
- } else if (respMessage != null) {
- return respMessage;
- }
- return "";
- }
- };
- }
-
- @Override
- public Future<String> futureReadString() {
- return new HFuture<String>(huc) {
- public boolean evalInfo(HttpURLConnection huc) throws IOException {
- if (respCode == 200) {
- StringBuilder sb = inputStreamToString(huc.getInputStream());
- if (sb != null) {
- value = sb.toString();
- }
- return true;
- }
- return false;
- }
-
- @Override
- public String body() {
- if (value != null) {
- return value;
- } else if (errContent != null) {
- return errContent.toString();
- } else if (respMessage != null) {
- return respMessage;
- }
- return "";
- }
-
- };
- }
-
- @Override
- public <T> Future<T> futureRead(final RosettaDF<T> df, final TYPE type) {
- return new HFuture<T>(huc) {
- private Data<T> data;
-
- public boolean evalInfo(HttpURLConnection huc) throws APIException, IOException {
- if (respCode == 200) {
- data = df.newData().in(type).load(huc.getInputStream());
- value = data.asObject();
- return true;
- }
- return false;
- }
-
- @Override
- public String body() {
- if (data != null) {
- try {
- return data.asString();
- } catch (APIException e) {
- }
- } else if (errContent != null) {
- return errContent.toString();
- } else if (respMessage != null) {
- return respMessage;
- }
- return "";
- }
- };
- }
-
- @Override
- public <T> Future<T> future(final T t) {
- return new HFuture<T>(huc) {
- public boolean evalInfo(HttpURLConnection huc) {
- if (respCode == 200) {
- value = t;
- return true;
- }
- return false;
- }
-
- @Override
- public String body() {
- if (errContent != null) {
- return errContent.toString();
- } else if (respMessage != null) {
- return respMessage;
- }
- return Integer.toString(respCode);
- }
- };
- }
-
- @Override
- public Future<Void> future(final HttpServletResponse resp, final int expected) throws APIException {
- return new HFuture<Void>(huc) {
- public boolean evalInfo(HttpURLConnection huc) throws IOException, APIException {
- resp.setStatus(respCode);
- int read;
- InputStream is;
- OutputStream os = resp.getOutputStream();
- if(respCode==expected) {
- is = huc.getInputStream();
- // reuse Buffers
- Pooled<byte[]> pbuff = Rcli.buffPool.get();
- try {
- while((read=is.read(pbuff.content))>=0) {
- os.write(pbuff.content,0,read);
- }
- } finally {
- pbuff.done();
- }
- return true;
- } else {
- is = huc.getErrorStream();
- if(is==null) {
- is = huc.getInputStream();
- }
- if(is!=null) {
- errContent = new StringBuilder();
- Pooled<byte[]> pbuff = Rcli.buffPool.get();
- try {
- while((read=is.read(pbuff.content))>=0) {
- os.write(pbuff.content,0,read);
- }
- } finally {
- pbuff.done();
- }
- }
- }
- return false;
- }
-
- @Override
- public String body() {
- return errContent==null?respMessage:errContent.toString();
- }
- };
- }
-
- private static class Header {
- public final String tag;
- public final String value;
-
- public Header(String t, String v) {
- this.tag = t;
- this.value = v;
- }
-
- public String toString() {
- return tag + '=' + value;
- }
- }
-
- public String toString() {
- return "HttpURLConnection Client configured to " + uri.toString();
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java b/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java
deleted file mode 100644
index 833434f..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java
+++ /dev/null
@@ -1,236 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.http;
-
-import java.net.ConnectException;
-import java.net.HttpURLConnection;
-import java.net.SocketException;
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import javax.net.ssl.SSLHandshakeException;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.Locator.Item;
-import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.client.Retryable;
-
-import org.onap.aaf.inno.env.APIException;
-
-public class HMangr {
- private String apiVersion;
- private int readTimeout, connectionTimeout;
- public final Locator<URI> loc;
- private Access access;
-
- public HMangr(Access access, Locator<URI> loc) {
- readTimeout = 10000;
- connectionTimeout=3000;
- this.loc = loc;
- this.access = access;
- }
-
- /**
- * Reuse the same service. This is helpful for multiple calls that change service side cached data so that
- * there is not a speed issue.
- *
- * If the service goes down, another service will be substituted, if available.
- *
- * @param access
- * @param loc
- * @param ss
- * @param item
- * @param retryable
- * @return
- * @throws URISyntaxException
- * @throws Exception
- */
- public<RET> RET same(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
- RET ret = null;
- boolean retry = true;
- int retries = 0;
- Rcli<HttpURLConnection> client = retryable.lastClient();
- try {
- do {
- // if no previous state, get the best
- if(retryable.item()==null) {
- retryable.item(loc.best());
- retryable.lastClient = null;
- }
- if(client==null) {
- Item item = retryable.item();
- URI uri=loc.get(item);
- if(uri==null) {
- loc.invalidate(retryable.item());
- if(loc.hasItems()) {
- retryable.item(loc.next(retryable.item()));
- continue;
- } else {
- throw new LocatorException("No clients available for " + loc.toString());
- }
- }
- client = new HRcli(this, uri,item,ss)
- .connectionTimeout(connectionTimeout)
- .readTimeout(readTimeout)
- .apiVersion(apiVersion);
- } else {
- client.setSecuritySetter(ss);
- }
-
- retry = false;
- try {
- ret = retryable.code(client);
- } catch (APIException | CadiException e) {
- Item item = retryable.item();
- loc.invalidate(item);
- retryable.item(loc.next(item));
- try {
- Throwable ec = e.getCause();
- if(ec instanceof java.net.ConnectException) {
- if(client!=null && ++retries<2) {
- access.log(Level.WARN,"Connection refused, trying next available service");
- retry = true;
- } else {
- throw new CadiException("Connection refused, no more available connections to try");
- }
- } else if(ec instanceof SSLHandshakeException) {
- retryable.item(null);
- throw e;
- } else if(ec instanceof SocketException) {
- if("java.net.SocketException: Connection reset".equals(ec.getMessage())) {
- access.log(Level.ERROR, ec.getMessage(), " can mean Certificate Expiration or TLS Protocol issues");
- }
- retryable.item(null);
- throw e;
- } else {
- retryable.item(null);
- throw e;
- }
- } finally {
- client = null;
- }
- } catch (ConnectException e) {
- Item item = retryable.item();
- loc.invalidate(item);
- retryable.item(loc.next(item));
- }
- } while(retry);
- } finally {
- retryable.lastClient = client;
- }
- return ret;
- }
-
-
- public<RET> RET best(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- if(loc==null) {
- throw new LocatorException("No Locator Configured");
- }
- retryable.item(loc.best());
- return same(ss,retryable);
- }
- public<RET> RET all(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- return oneOf(ss,retryable,true,null);
- }
-
- public<RET> RET all(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable,boolean notify) throws LocatorException, CadiException, APIException {
- return oneOf(ss,retryable,notify,null);
- }
-
- public<RET> RET oneOf(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable,boolean notify,String host) throws LocatorException, CadiException, APIException {
- RET ret = null;
- // make sure we have all current references:
- loc.refresh();
- for(Item li=loc.first();li!=null;li=loc.next(li)) {
- URI uri=loc.get(li);
- if(host!=null && !host.equals(uri.getHost())) {
- break;
- }
- try {
- ret = retryable.code(new HRcli(this,uri,li,ss));
- access.log(Level.DEBUG,"Success calling",uri,"during call to all services");
- } catch (APIException | CadiException e) {
- Throwable t = e.getCause();
- if(t!=null && t instanceof ConnectException) {
- loc.invalidate(li);
- access.log(Level.ERROR,"Connection to",uri,"refused during call to all services");
- } else if(t instanceof SSLHandshakeException) {
- access.log(Level.ERROR,t.getMessage());
- loc.invalidate(li);
- } else if(t instanceof SocketException) {
- if("java.net.SocketException: Connection reset".equals(t.getMessage())) {
- access.log(Level.ERROR, t.getMessage(), " can mean Certificate Expiration or TLS Protocol issues");
- }
- retryable.item(null);
- throw e;
- } else {
- throw e;
- }
- } catch (ConnectException e) {
- loc.invalidate(li);
- access.log(Level.ERROR,"Connection to",uri,"refused during call to all services");
- }
- }
-
- if(ret == null && notify)
- throw new LocatorException("No available clients to call");
- return ret;
- }
-
-
- public void close() {
- // TODO Anything here?
- }
-
- public HMangr readTimeout(int timeout) {
- this.readTimeout = timeout;
- return this;
- }
-
- public int readTimeout() {
- return readTimeout;
- }
-
- public void connectionTimeout(int t) {
- connectionTimeout = t;
- }
-
- public int connectionTimout() {
- return connectionTimeout;
- }
-
- public HMangr apiVersion(String version) {
- apiVersion = version;
- return this;
- }
-
- public String apiVersion() {
- return apiVersion;
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java b/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java
deleted file mode 100644
index 1ad0fcc..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java
+++ /dev/null
@@ -1,134 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.http;
-
-import java.net.HttpURLConnection;
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.Locator.Item;
-import org.onap.aaf.cadi.client.EClient;
-import org.onap.aaf.cadi.client.Rcli;
-
-import com.att.aft.dme2.api.DME2Exception;
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.Data.TYPE;
-
-/**
- * DME2 Rosetta Client
- *
- * JAXB defined JSON or XML over DME2 middleware
- *
- *
- * @param <T>
- */
-public class HRcli extends Rcli<HttpURLConnection> {
- private HMangr hman;
- private Item item;
- private SecuritySetter<HttpURLConnection> ss;
-
- public HRcli(HMangr hman, Item locItem, SecuritySetter<HttpURLConnection> secSet) throws URISyntaxException, LocatorException {
- item=locItem;
- uri=hman.loc.get(locItem);
- this.hman = hman;
- ss=secSet;
- type = TYPE.JSON;
- apiVersion = hman.apiVersion();
- }
-
- public HRcli(HMangr hman, URI uri, Item locItem, SecuritySetter<HttpURLConnection> secSet) {
- locItem=item;
- this.uri = uri;
- this.hman = hman;
- ss=secSet;
- type = TYPE.JSON;
- apiVersion = hman.apiVersion();
- }
-
- @Override
- protected HRcli clone(URI uri, SecuritySetter<HttpURLConnection> ss) {
- return new HRcli(hman,uri,item,ss);
- }
-
-
-
- /**
- * Note from Thaniga on 11/5. DME2Client is not expected to be reused... need a fresh one
- * on each transaction, which is expected to cover the Async aspects.
- *
- * @return
- * @throws APIException
- * @throws DME2Exception
- */
- protected EClient<HttpURLConnection> client() throws CadiException {
- try {
- if(uri==null) {
- Item item = hman.loc.best();
- if(item==null) {
- throw new CadiException("No service available for " + hman.loc.toString());
- }
- uri = hman.loc.get(item);
- }
- return new HClient(ss,uri,connectionTimeout);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.client.Rcli#setSecuritySetter(com.att.cadi.SecuritySetter)
- */
- @Override
- public void setSecuritySetter(SecuritySetter<HttpURLConnection> ss) {
- this.ss = ss;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.client.Rcli#getSecuritySetter()
- */
- @Override
- public SecuritySetter<HttpURLConnection> getSecuritySetter() {
- return ss;
- }
-
- public void invalidate() throws CadiException {
- try {
- hman.loc.invalidate(item);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- public HRcli setManager(HMangr hman) {
- this.hman = hman;
- return this;
- }
-
- public String toString() {
- return uri.toString();
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java b/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java
deleted file mode 100644
index db456f2..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.http;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.security.Principal;
-
-import javax.net.ssl.HttpsURLConnection;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.client.AbsTransferSS;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-
-
-public class HTransferSS extends AbsTransferSS<HttpURLConnection> {
- public HTransferSS(Principal principal, String app) throws IOException {
- super(principal, app);
- }
-
- public HTransferSS(Principal principal, String app, SecurityInfoC<HttpURLConnection> si) {
- super(principal, app, si);
- }
-
- @Override
- public void setSecurity(HttpURLConnection huc) throws CadiException {
- if(value!=null) {
- if(defSS==null) {
- throw new CadiException("Need App Credentials to send message");
- }
- defSS.setSecurity(huc);
- huc.addRequestProperty(Config.CADI_USER_CHAIN, value);
- }
- if(securityInfo!=null) {
- securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
- }
- }
-
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
-
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java b/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java
deleted file mode 100644
index 0bdc843..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java
+++ /dev/null
@@ -1,168 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.http;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.security.PrivateKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.X509KeyManager;
-
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfoC;
-
-import org.onap.aaf.inno.env.APIException;
-import org.onap.aaf.inno.env.util.Chrono;
-
-
-public class HX509SS implements SecuritySetter<HttpURLConnection> {
- private static final byte[] X509 = "x509 ".getBytes();
- private PrivateKey priv;
- private byte[] pub;
- private String cert;
- private SecurityInfoC<HttpURLConnection> securityInfo;
- private String algo;
- private String alias;
- private static int count = new SecureRandom().nextInt();
-
- public HX509SS(SecurityInfoC<HttpURLConnection> si) throws APIException, IOException, CertificateEncodingException {
- this(null,si,false);
- }
-
- public HX509SS(SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws APIException, IOException, CertificateEncodingException {
- this(null,si,asDefault);
- }
-
- public HX509SS(final String sendAlias, SecurityInfoC<HttpURLConnection> si) throws APIException, IOException, CertificateEncodingException {
- this(sendAlias, si, false);
- }
-
- public HX509SS(final String sendAlias, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws APIException, IOException, CertificateEncodingException {
- securityInfo = si;
- if((alias=sendAlias) == null) {
- if(si.default_alias == null) {
- throw new APIException("JKS Alias is required to use X509SS Security. Use " + Config.CADI_ALIAS +" to set default alias");
- } else {
- alias = si.default_alias;
- }
- }
-
- priv=null;
- X509KeyManager[] xkms = si.getKeyManagers();
- if(xkms==null || xkms.length==0) {
- throw new APIException("There are no valid keys available in given Keystores. Wrong Keypass? Expired?");
- }
- for(int i=0;priv==null&&i<xkms.length;++i) {
- priv = xkms[i].getPrivateKey(alias);
- }
- for(int i=0;cert==null&&i<xkms.length;++i) {
- X509Certificate[] chain = xkms[i].getCertificateChain(alias);
- if(chain!=null&&chain.length>0) {
- algo = chain[0].getSigAlgName();
- pub = chain[0].getEncoded();
- ByteArrayOutputStream baos = new ByteArrayOutputStream(pub.length*2);
- ByteArrayInputStream bais = new ByteArrayInputStream(pub);
- Symm.base64noSplit.encode(bais,baos,X509);
- cert = baos.toString();
-
- /*
- // Inner Test code, uncomment if fix needed
- bais = new ByteArrayInputStream(baos.toByteArray());
- baos = new ByteArrayOutputStream(input.length*2);
- Symm.base64noSplit().decode(bais,baos,5);
- byte[] output = baos.toByteArray();
- String reconstitute = output.toString();
- System.out.println("ok");
- CertificateFactory certFactory;
- try {
- bais = new ByteArrayInputStream(output);
- certFactory = CertificateFactory.getInstance("X.509");
- X509Certificate x509 = (X509Certificate)certFactory.generateCertificate(bais);
- System.out.println(x509.toString());
- } catch (CertificateException e) {
- e.printStackTrace();
- }
- */
- }
- }
- if(algo==null) {
- throw new APIException("X509 Security Setter not configured");
- }
- }
-
- @Override
- public void setSecurity(HttpURLConnection huc) throws CadiException {
- if(huc instanceof HttpsURLConnection) {
- securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
- }
- if(alias==null) { // must be a one-way
- huc.setRequestProperty("Authorization", cert);
-
- // Test Signed content
- try {
- String data = "SignedContent["+ inc() + ']' + Chrono.dateTime();
- huc.setRequestProperty("Data", data);
-
- Signature sig = Signature.getInstance(algo);
- sig.initSign(priv);
- sig.update(data.getBytes());
- byte[] signature = sig.sign();
-
- ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(signature.length*1.3));
- ByteArrayInputStream bais = new ByteArrayInputStream(signature);
- Symm.base64noSplit.encode(bais, baos);
- huc.setRequestProperty("Signature", new String(baos.toByteArray()));
-
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
- }
-
- private synchronized int inc() {
- return ++count;
- }
-
- /* (non-Javadoc)
- * @see com.att.cadi.SecuritySetter#getID()
- */
- @Override
- public String getID() {
- return alias;
- }
-
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/locator/DME2Locator.java b/client/src/main/java/org/onap/aaf/cadi/locator/DME2Locator.java
deleted file mode 100644
index 656fd19..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/locator/DME2Locator.java
+++ /dev/null
@@ -1,347 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.locator;
-
-
-import java.net.InetAddress;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.UnknownHostException;
-import java.util.Arrays;
-import java.util.Comparator;
-import java.util.Properties;
-import java.util.Random;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.Access.Level;
-
-import java.security.SecureRandom;
-
-//import com.att.aft.dme2.api.DME2Endpoint;
-import com.att.aft.dme2.api.DME2Exception;
-import com.att.aft.dme2.api.DME2Manager;
-import com.att.aft.dme2.api.DME2Server;
-import com.att.aft.dme2.manager.registry.DME2Endpoint;
-
-public class DME2Locator implements Locator<URI> {
- private DME2Manager dm;
- private DME2Endpoint[] endpoints;
- private Access access;
- private String service;
- private String version;
- private String routeOffer;
- private String envContext;
- private String thisMachine;
- private String pathInfo;
- private int thisPort;
- private boolean removeSelf;
- private final static SecureRandom random = new SecureRandom();
-
- // Default is to not bother trying to remove self
- public DME2Locator(Access access, DME2Manager dm, String service, String version, String envContext, String routeOffer) throws DME2Exception, UnknownHostException, LocatorException {
- this(access,dm,service,version,envContext,routeOffer,false);
- }
-
- public DME2Locator(Access access, DME2Manager dm, String service, String version, String envContext, String routeOffer, boolean removeSelf) throws DME2Exception, UnknownHostException, LocatorException {
- this.access = access;
- if(dm==null) {
- this.dm = new DME2Manager("DME2Locator created DME2Manager",System.getProperties());
- } else {
- this.dm = dm;
- }
- this.service = service;
- this.version = version;
- this.envContext = envContext;
- this.routeOffer = routeOffer;
- refresh();
- if(thisMachine==null) {
- // Can't get from dm...
- thisMachine = InetAddress.getLocalHost().getHostName();
- thisPort = 0;
- } else {
- thisPort = dm.getPort();
- }
-
- this.removeSelf = removeSelf;
- }
-
- // Default is to not bother trying to remove self
- public DME2Locator(Access access, DME2Manager dm, String aafurl) throws DME2Exception, UnknownHostException, LocatorException {
- this(access,dm,aafurl,false);
- }
-
- public DME2Locator(Access access, DME2Manager dm, String aafurl, boolean removeSelf) throws DME2Exception, UnknownHostException, LocatorException {
- if(aafurl==null) {
- throw new LocatorException("URL is null");
- }
- this.access = access;
- if(dm==null) {
- Properties dprops;
- if(access instanceof PropAccess) {
- dprops = ((PropAccess)access).getDME2Properties();
- } else {
- dprops = System.getProperties();
- }
- dm = this.dm = new DME2Manager("DME2Locator created DME2Manager",dprops);
- } else {
- this.dm = dm;
- }
- String[] split = aafurl.split("/");
- StringBuilder sb = new StringBuilder();
- boolean dme2Entered = false;
- for(String s : split) {
- if(s.startsWith("service=")) {
- this.service = s.substring(8);
- } else if(s.startsWith("version=")) {
- this.version = s.substring(8);
- } else if(s.startsWith("envContext=")) {
- this.envContext = s.substring(11);
- } else if(s.startsWith("routeOffer=")) {
- this.routeOffer = s.substring(11);
- dme2Entered = true;
- } else if(dme2Entered) {
- sb.append('/');
- sb.append(s);
- }
- }
- pathInfo = sb.toString();
- thisMachine = dm.getHostname();
- if(thisMachine==null) {
- // Can't get from dm...
- thisMachine = InetAddress.getLocalHost().getHostName();
- thisPort = 0;
- } else {
- thisPort = dm.getPort();
- }
- this.removeSelf=removeSelf;
- refresh();
- }
-
- @Override
- public boolean refresh() {
- try {
- dm.refresh();
- //endpoints = dm.findEndpoints(service, version, envContext, routeOffer, true);
- if(removeSelf) {
-// for(int i=0;i<endpoints.length;++i) {
-// if(endpoints[i].getPort()==thisPort && endpoints[i].getHost().equals(thisMachine))
-// endpoints[i]=null;
- }
- //}
- //return endpoints.length!=0;
- } catch (Exception e) {
- access.log(Level.ERROR, e.getMessage());
- }
- return false;
- }
-
- private String noEndpointsString() {
- StringBuilder sb = new StringBuilder("No DME2 Endpoints found for ");
- sb.append(service);
- sb.append('/');
- sb.append(version);
- sb.append('/');
- sb.append(envContext);
- sb.append('/');
- sb.append(routeOffer);
- return sb.toString();
- }
-
- @Override
- public URI get(Locator.Item item) throws LocatorException {
- if(!hasItems())
- throw new LocatorException(noEndpointsString());
- if(item == null)
- return null;
-
- DME2Item li = ((DME2Item)item);
- // if URI has been created, use it
- if(li.uri!=null)return li.uri;
-
- // URI not created, create it
-// if(li.idx<endpoints.length) {
-// DME2Endpoint de = endpoints[li.idx];
-// if(de!=null) {
-// try {
-// return li.uri=new URI(de.getProtocol().toLowerCase(),null,de.getHost(),de.getPort(),pathInfo,null,null);
-// } catch (URISyntaxException e) {
-// throw new LocatorException(e);
-// }
-// }
-// }
- return null;
- }
-
- @Override
- public boolean hasItems() {
- //return endpoints!=null && endpoints.length>0;
- return true;
- }
-
- @Override
- public void invalidate(Locator.Item item) throws LocatorException {
- if(item instanceof DME2Item) {
- int idx = ((DME2Item)item).idx;
-// if(idx<endpoints.length) {
-// DME2Endpoint uhoh = endpoints[idx]; // Sometimes, DME2Endpoint, at least on File system, returns bogus entries.
-// endpoints[idx]=null;
-// boolean noneLeft=true;
-// for(int i=0;i<endpoints.length && noneLeft;++i) {
-// noneLeft = endpoints[i]==null;
-// }
-// if(noneLeft && refresh()) { // make sure DME2 isn't giving us the same invalidated entry...
-// for(int i=0;i<endpoints.length && noneLeft;++i) {
-// DME2Endpoint ep = endpoints[i];
-// if(ep != null &&
-// ep.getHost().equals(uhoh.getHost()) &&
-// ep.getPort()==uhoh.getPort()) {
-// endpoints[i]=null;
-// }
-// }
-// }
-//
-// }
- }
- }
-
- public class DME2Item implements Locator.Item {
- private final int idx;
- private URI uri;
- private DME2Item(int i) {
- idx = i;
- uri = null;
- }
- }
-
- @Override
- public DME2Item best() throws LocatorException {
- if(!hasItems()) // checks endpoints
- if(!refresh()) throw new LocatorException("No DME2 Endpoints Available");
-
- // Some endpoints in Array are null. Need sub array of usable endpoints
- //int usable[] = new int[endpoints.length];
- int count=0;
-int[] usable = null;
- // for(int i=0;i<endpoints.length;++i) {
-// if(endpoints[i]!=null) {
-// usable[count++] = i;
-// }
-// }
- switch(count) {
- case 0: refresh(); return null;
- case 1: return new DME2Item(usable[0]);
- default:
- int samemach[] = new int[count];
- int samecount = 0,closecount=0;
- // has to be sortable
- Integer closemach[] = new Integer[count];
-
- // Analyze for Same Machine or Remote machines
-// for(int i=0;i<count;++i) {
-// DME2Endpoint ep = endpoints[usable[i]];
-// String host = ep.getHost();
-// if(thisMachine.equalsIgnoreCase(host)) {
-// samemach[samecount++] = usable[i];
-// } else {
-// closemach[closecount++] = usable[i];
-// }
-// }
-
- switch(samecount) {
- case 0: break;
- case 1: return new DME2Item(samemach[0]);
- default: // return randomized is multiple Endpoints on local machine.
- int i = random.nextInt();
- return new DME2Item(usable[Math.abs(i%samecount)]);
- }
-
- // Analyze for closest remote
- switch(closecount) {
- case 0: return null;
- case 1: return new DME2Item(closemach[0]);
- default: // return closest machine
- DoubIndex remote[] = new DoubIndex[closecount];
- int remotecount = 0;
- for(int i=0;i<closecount;++i) {
- //DME2Endpoint de = endpoints[usable[i]];
- // remote[remotecount++] = new DoubIndex(de.getDistance(),i);
- }
- Arrays.sort(remote,new Comparator<DoubIndex> () {
- @Override
- public int compare(DoubIndex a, DoubIndex b) {
- if(a.d<b.d) return -1;
- if(a.d>b.d) return 1;
- return (random.nextInt()%1)==0?1:0;// randomize if the same
- }
-
- });
- return new DME2Item(remote[0].idx);
- }
- }
- }
-
- private static class DoubIndex {
- public final double d;
- public final int idx;
-
- public DoubIndex(double doub, int i) {
- d = doub;
- idx = i;
- }
- }
- @Override
- public DME2Item first() {
-// if(endpoints==null)return null;
-// for(int i=0;i<endpoints.length;++i) {
-// if(endpoints[i]!=null)
-// return new DME2Item(i);
-// }
- return null;
- }
-
- @Override
- public DME2Item next(Locator.Item item) throws LocatorException {
- //if(endpoints==null || endpoints.length==0 || !(item instanceof DME2Item))return null;
- int idx = ((DME2Item)item).idx +1;
-// for(int i=idx;i<endpoints.length;++i) {
-// if(endpoints[i]!=null)
-// return new DME2Item(i);
-// }
-// This is a mistake.. will start infinite loops
-// // Did not have any at end... try beginning
-// for(int i=0;i<idx-1;++i) {
-// if(endpoints[i]!=null)
-// return new Item(i);
-// }
-// // If still nothing, refresh
-// refresh();
- return null;
- }
-
- @Override
- public void destroy() {
- }
-}
diff --git a/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java b/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java
deleted file mode 100644
index 9d420d2..0000000
--- a/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.locator;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Locator;
-import org.onap.aaf.cadi.LocatorException;
-import org.onap.aaf.cadi.Access.Level;
-
-public class DNSLocator implements Locator<URI> {
- private static enum Status {UNTRIED, OK, INVALID, SLOW};
- private static final int CHECK_TIME = 3000;
-
- private String host, protocol;
- private Access access;
- private Host[] hosts;
- private int startPort, endPort;
- private String suffix;
-
- public DNSLocator(Access access, String protocol, String host, String range) {
- this.host = host;
- this.protocol = protocol;
- this.access = access;
- int dash = range.indexOf('-');
- if(dash<0) {
- startPort = endPort = Integer.parseInt(range);
- } else {
- startPort = Integer.parseInt(range.substring(0,dash));
- endPort = Integer.parseInt(range.substring(dash + 1));
- }
- refresh();