From 6d469611d86642bc0b74ce51af72cc36d2af962d Mon Sep 17 00:00:00 2001 From: Instrumental Date: Mon, 26 Mar 2018 12:04:27 -0700 Subject: Remove Code from cadi, it is now in authz Issue-ID: AAF-193 Change-Id: Ib7abdb15ba8a7445a3875cf8c6bb48b7d563f424 Signed-off-by: Instrumental --- .../java/org/onap/aaf/cadi/http/HBasicAuthSS.java | 76 ---- .../main/java/org/onap/aaf/cadi/http/HClient.java | 434 --------------------- .../main/java/org/onap/aaf/cadi/http/HMangr.java | 236 ----------- .../main/java/org/onap/aaf/cadi/http/HRcli.java | 134 ------- .../java/org/onap/aaf/cadi/http/HTransferSS.java | 65 --- .../main/java/org/onap/aaf/cadi/http/HX509SS.java | 168 -------- 6 files changed, 1113 deletions(-) delete mode 100644 client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java delete mode 100644 client/src/main/java/org/onap/aaf/cadi/http/HClient.java delete mode 100644 client/src/main/java/org/onap/aaf/cadi/http/HMangr.java delete mode 100644 client/src/main/java/org/onap/aaf/cadi/http/HRcli.java delete mode 100644 client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java delete mode 100644 client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java (limited to 'client/src/main/java/org/onap/aaf/cadi/http') diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java b/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java deleted file mode 100644 index f9212e8..0000000 --- a/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java +++ /dev/null @@ -1,76 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.http; - -import java.io.IOException; -import java.net.HttpURLConnection; - -import javax.net.ssl.HttpsURLConnection; - -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.client.AbsBasicAuth; -import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.config.SecurityInfoC; -import org.onap.aaf.cadi.principal.BasicPrincipal; - -public class HBasicAuthSS extends AbsBasicAuth { - public HBasicAuthSS(Access access, SecurityInfoC si) throws IOException { - super(access.getProperty(Config.AAF_MECHID, null), - access.decrypt(access.getProperty(Config.AAF_MECHPASS, null), false), - si); - } - - public HBasicAuthSS(String user, String pass, SecurityInfoC si) throws IOException { - super(user,pass,si); - } - - public HBasicAuthSS(String user, String pass, SecurityInfoC si, boolean asDefault) throws IOException { - super(user,pass,si); - if(asDefault) { - si.set(this); - } - } - - public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC si) throws IOException { - super(bp.getName(),new String(bp.getCred()),si); - } - - public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC si, boolean asDefault) throws IOException { - super(bp.getName(),new String(bp.getCred()),si); - if(asDefault) { - si.set(this); - } - } - - @Override - public void setSecurity(HttpURLConnection huc) throws CadiException { - if(isDenied()) { - throw new CadiException(REPEAT_OFFENDER); - } - huc.addRequestProperty("Authorization" , headValue); - if(securityInfo!=null && huc instanceof HttpsURLConnection) { - securityInfo.setSocketFactoryOn((HttpsURLConnection)huc); - } - } -} diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HClient.java b/client/src/main/java/org/onap/aaf/cadi/http/HClient.java deleted file mode 100644 index 70a703e..0000000 --- a/client/src/main/java/org/onap/aaf/cadi/http/HClient.java +++ /dev/null @@ -1,434 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.http; - -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.Reader; -import java.net.HttpURLConnection; -import java.net.URI; -import java.net.URL; -import java.util.ArrayList; - -import javax.servlet.http.HttpServletResponse; - -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.LocatorException; -import org.onap.aaf.cadi.SecuritySetter; -import org.onap.aaf.cadi.client.EClient; -import org.onap.aaf.cadi.client.Future; -import org.onap.aaf.cadi.client.Rcli; - -import org.onap.aaf.inno.env.APIException; -import org.onap.aaf.inno.env.Data; -import org.onap.aaf.inno.env.Data.TYPE; -import org.onap.aaf.inno.env.util.Pool.Pooled; -import org.onap.aaf.rosetta.env.RosettaDF; - -/** - * Low Level Http Client Mechanism. Chances are, you want the high level "HRcli" - * for Rosetta Object Translation - * - * - */ -public class HClient implements EClient { - private URI uri; - private ArrayList
headers; - private String meth; - private String pathinfo; - private String query; - private String fragment; - private Transfer transfer; - private SecuritySetter ss; - private HttpURLConnection huc; - private int connectTimeout; - - public HClient(SecuritySetter ss, URI uri,int connectTimeout) throws LocatorException { - if (uri == null) { - throw new LocatorException("No Service available to call"); - } - this.uri = uri; - this.ss = ss; - this.connectTimeout = connectTimeout; - pathinfo = query = fragment = ""; - } - - @Override - public void setMethod(String meth) { - this.meth = meth; - } - - @Override - public void setPathInfo(String pathinfo) { - this.pathinfo = pathinfo; - } - - @Override - public void setPayload(Transfer transfer) { - this.transfer = transfer; - } - - @Override - public void addHeader(String tag, String value) { - if (headers == null) - headers = new ArrayList
(); - headers.add(new Header(tag, value)); - } - - @Override - public void setQueryParams(String q) { - query = q; - } - - @Override - public void setFragment(String f) { - fragment = f; - } - - @Override - public void send() throws APIException { - try { - // Build URL from given URI plus current Settings - if(uri.getPath()==null) { - throw new APIException("Invalid URL entered for HClient"); - } - StringBuilder pi = new StringBuilder(uri.getPath()); - if(!pathinfo.startsWith("/")) { - pi.append('/'); - } - pi.append(pathinfo); - URL url = new URI( - uri.getScheme(), - uri.getUserInfo(), - uri.getHost(), - uri.getPort(), - pi.toString(), - query, - fragment).toURL(); - pathinfo=null; - query=null; - fragment=null; - huc = (HttpURLConnection) url.openConnection(); - if(ss!=null) { - ss.setSecurity(huc); - } - huc.setRequestMethod(meth); - if (headers != null) - for (Header d : headers) { - huc.addRequestProperty(d.tag, d.value); - } - huc.setDoInput(true); - huc.setDoOutput(true); - huc.setUseCaches(false); - huc.setConnectTimeout(connectTimeout); - huc.connect(); - if (transfer != null) { - transfer.transfer(huc.getOutputStream()); - } - // TODO other settings? There's a bunch here. - } catch (Exception e) { - throw new APIException(e); - } finally { // ensure all these are reset after sends - meth=pathinfo=null; - if(headers!=null) { - headers.clear(); - } - pathinfo = query = fragment = ""; - } - } - - public abstract class HFuture extends Future { - protected HttpURLConnection huc; - protected int respCode; - protected String respMessage; - protected IOException exception; - protected StringBuilder errContent; - - public HFuture(final HttpURLConnection huc) { - this.huc = huc; - } - - protected boolean evalInfo(HttpURLConnection huc) throws APIException, IOException{ - return respCode == 200; - }; - - @Override - public final boolean get(int timeout) throws CadiException { - try { - huc.setReadTimeout(timeout); - respCode = huc.getResponseCode(); - ss.setLastResponse(respCode); - if(evalInfo(huc)) { - return true; - } else { - extractError(); - return false; - } - } catch (IOException | APIException e) { - throw new CadiException(e); - } finally { - close(); - } - } - - private void extractError() { - InputStream is = huc.getErrorStream(); - try { - if(is==null) { - is = huc.getInputStream(); - } - if(is!=null) { - errContent = new StringBuilder(); - int c; - while((c=is.read())>=0) { - errContent.append((char)c); - } - } - } catch (IOException e) { - exception = e; - } - } - - // Typically only used by Read - public StringBuilder inputStreamToString(InputStream is) { - // Avoids Carriage returns, and is reasonably efficient, given - // the buffer reads. - try { - StringBuilder sb = new StringBuilder(); - Reader rdr = new InputStreamReader(is); - try { - char[] buf = new char[256]; - int read; - while ((read = rdr.read(buf)) >= 0) { - sb.append(buf, 0, read); - } - } finally { - rdr.close(); - } - return sb; - } catch (IOException e) { - exception = e; - return null; - } - } - - - @Override - public int code() { - return respCode; - } - - public HttpURLConnection huc() { - return huc; - } - - public IOException exception() { - return exception; - } - - public String respMessage() { - return respMessage; - } - - @Override - public String header(String tag) { - return huc.getHeaderField(tag); - } - - public void close() { - if(huc!=null) { - huc.disconnect(); - } - } - } - - @Override - public Future futureCreate(Class t) { - return new HFuture(huc) { - public boolean evalInfo(HttpURLConnection huc) { - return respCode==201; - } - - @Override - public String body() { - if (errContent != null) { - return errContent.toString(); - - } else if (respMessage != null) { - return respMessage; - } - return ""; - } - }; - } - - @Override - public Future futureReadString() { - return new HFuture(huc) { - public boolean evalInfo(HttpURLConnection huc) throws IOException { - if (respCode == 200) { - StringBuilder sb = inputStreamToString(huc.getInputStream()); - if (sb != null) { - value = sb.toString(); - } - return true; - } - return false; - } - - @Override - public String body() { - if (value != null) { - return value; - } else if (errContent != null) { - return errContent.toString(); - } else if (respMessage != null) { - return respMessage; - } - return ""; - } - - }; - } - - @Override - public Future futureRead(final RosettaDF df, final TYPE type) { - return new HFuture(huc) { - private Data data; - - public boolean evalInfo(HttpURLConnection huc) throws APIException, IOException { - if (respCode == 200) { - data = df.newData().in(type).load(huc.getInputStream()); - value = data.asObject(); - return true; - } - return false; - } - - @Override - public String body() { - if (data != null) { - try { - return data.asString(); - } catch (APIException e) { - } - } else if (errContent != null) { - return errContent.toString(); - } else if (respMessage != null) { - return respMessage; - } - return ""; - } - }; - } - - @Override - public Future future(final T t) { - return new HFuture(huc) { - public boolean evalInfo(HttpURLConnection huc) { - if (respCode == 200) { - value = t; - return true; - } - return false; - } - - @Override - public String body() { - if (errContent != null) { - return errContent.toString(); - } else if (respMessage != null) { - return respMessage; - } - return Integer.toString(respCode); - } - }; - } - - @Override - public Future future(final HttpServletResponse resp, final int expected) throws APIException { - return new HFuture(huc) { - public boolean evalInfo(HttpURLConnection huc) throws IOException, APIException { - resp.setStatus(respCode); - int read; - InputStream is; - OutputStream os = resp.getOutputStream(); - if(respCode==expected) { - is = huc.getInputStream(); - // reuse Buffers - Pooled pbuff = Rcli.buffPool.get(); - try { - while((read=is.read(pbuff.content))>=0) { - os.write(pbuff.content,0,read); - } - } finally { - pbuff.done(); - } - return true; - } else { - is = huc.getErrorStream(); - if(is==null) { - is = huc.getInputStream(); - } - if(is!=null) { - errContent = new StringBuilder(); - Pooled pbuff = Rcli.buffPool.get(); - try { - while((read=is.read(pbuff.content))>=0) { - os.write(pbuff.content,0,read); - } - } finally { - pbuff.done(); - } - } - } - return false; - } - - @Override - public String body() { - return errContent==null?respMessage:errContent.toString(); - } - }; - } - - private static class Header { - public final String tag; - public final String value; - - public Header(String t, String v) { - this.tag = t; - this.value = v; - } - - public String toString() { - return tag + '=' + value; - } - } - - public String toString() { - return "HttpURLConnection Client configured to " + uri.toString(); - } -} diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java b/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java deleted file mode 100644 index 833434f..0000000 --- a/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java +++ /dev/null @@ -1,236 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.http; - -import java.net.ConnectException; -import java.net.HttpURLConnection; -import java.net.SocketException; -import java.net.URI; -import java.net.URISyntaxException; - -import javax.net.ssl.SSLHandshakeException; - -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.Locator; -import org.onap.aaf.cadi.LocatorException; -import org.onap.aaf.cadi.SecuritySetter; -import org.onap.aaf.cadi.Access.Level; -import org.onap.aaf.cadi.Locator.Item; -import org.onap.aaf.cadi.client.Rcli; -import org.onap.aaf.cadi.client.Retryable; - -import org.onap.aaf.inno.env.APIException; - -public class HMangr { - private String apiVersion; - private int readTimeout, connectionTimeout; - public final Locator loc; - private Access access; - - public HMangr(Access access, Locator loc) { - readTimeout = 10000; - connectionTimeout=3000; - this.loc = loc; - this.access = access; - } - - /** - * Reuse the same service. This is helpful for multiple calls that change service side cached data so that - * there is not a speed issue. - * - * If the service goes down, another service will be substituted, if available. - * - * @param access - * @param loc - * @param ss - * @param item - * @param retryable - * @return - * @throws URISyntaxException - * @throws Exception - */ - public RET same(SecuritySetter ss, Retryable retryable) throws APIException, CadiException, LocatorException { - RET ret = null; - boolean retry = true; - int retries = 0; - Rcli client = retryable.lastClient(); - try { - do { - // if no previous state, get the best - if(retryable.item()==null) { - retryable.item(loc.best()); - retryable.lastClient = null; - } - if(client==null) { - Item item = retryable.item(); - URI uri=loc.get(item); - if(uri==null) { - loc.invalidate(retryable.item()); - if(loc.hasItems()) { - retryable.item(loc.next(retryable.item())); - continue; - } else { - throw new LocatorException("No clients available for " + loc.toString()); - } - } - client = new HRcli(this, uri,item,ss) - .connectionTimeout(connectionTimeout) - .readTimeout(readTimeout) - .apiVersion(apiVersion); - } else { - client.setSecuritySetter(ss); - } - - retry = false; - try { - ret = retryable.code(client); - } catch (APIException | CadiException e) { - Item item = retryable.item(); - loc.invalidate(item); - retryable.item(loc.next(item)); - try { - Throwable ec = e.getCause(); - if(ec instanceof java.net.ConnectException) { - if(client!=null && ++retries<2) { - access.log(Level.WARN,"Connection refused, trying next available service"); - retry = true; - } else { - throw new CadiException("Connection refused, no more available connections to try"); - } - } else if(ec instanceof SSLHandshakeException) { - retryable.item(null); - throw e; - } else if(ec instanceof SocketException) { - if("java.net.SocketException: Connection reset".equals(ec.getMessage())) { - access.log(Level.ERROR, ec.getMessage(), " can mean Certificate Expiration or TLS Protocol issues"); - } - retryable.item(null); - throw e; - } else { - retryable.item(null); - throw e; - } - } finally { - client = null; - } - } catch (ConnectException e) { - Item item = retryable.item(); - loc.invalidate(item); - retryable.item(loc.next(item)); - } - } while(retry); - } finally { - retryable.lastClient = client; - } - return ret; - } - - - public RET best(SecuritySetter ss, Retryable retryable) throws LocatorException, CadiException, APIException { - if(loc==null) { - throw new LocatorException("No Locator Configured"); - } - retryable.item(loc.best()); - return same(ss,retryable); - } - public RET all(SecuritySetter ss, Retryable retryable) throws LocatorException, CadiException, APIException { - return oneOf(ss,retryable,true,null); - } - - public RET all(SecuritySetter ss, Retryable retryable,boolean notify) throws LocatorException, CadiException, APIException { - return oneOf(ss,retryable,notify,null); - } - - public RET oneOf(SecuritySetter ss, Retryable retryable,boolean notify,String host) throws LocatorException, CadiException, APIException { - RET ret = null; - // make sure we have all current references: - loc.refresh(); - for(Item li=loc.first();li!=null;li=loc.next(li)) { - URI uri=loc.get(li); - if(host!=null && !host.equals(uri.getHost())) { - break; - } - try { - ret = retryable.code(new HRcli(this,uri,li,ss)); - access.log(Level.DEBUG,"Success calling",uri,"during call to all services"); - } catch (APIException | CadiException e) { - Throwable t = e.getCause(); - if(t!=null && t instanceof ConnectException) { - loc.invalidate(li); - access.log(Level.ERROR,"Connection to",uri,"refused during call to all services"); - } else if(t instanceof SSLHandshakeException) { - access.log(Level.ERROR,t.getMessage()); - loc.invalidate(li); - } else if(t instanceof SocketException) { - if("java.net.SocketException: Connection reset".equals(t.getMessage())) { - access.log(Level.ERROR, t.getMessage(), " can mean Certificate Expiration or TLS Protocol issues"); - } - retryable.item(null); - throw e; - } else { - throw e; - } - } catch (ConnectException e) { - loc.invalidate(li); - access.log(Level.ERROR,"Connection to",uri,"refused during call to all services"); - } - } - - if(ret == null && notify) - throw new LocatorException("No available clients to call"); - return ret; - } - - - public void close() { - // TODO Anything here? - } - - public HMangr readTimeout(int timeout) { - this.readTimeout = timeout; - return this; - } - - public int readTimeout() { - return readTimeout; - } - - public void connectionTimeout(int t) { - connectionTimeout = t; - } - - public int connectionTimout() { - return connectionTimeout; - } - - public HMangr apiVersion(String version) { - apiVersion = version; - return this; - } - - public String apiVersion() { - return apiVersion; - } - -} diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java b/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java deleted file mode 100644 index 1ad0fcc..0000000 --- a/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java +++ /dev/null @@ -1,134 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.http; - -import java.net.HttpURLConnection; -import java.net.URI; -import java.net.URISyntaxException; - -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.LocatorException; -import org.onap.aaf.cadi.SecuritySetter; -import org.onap.aaf.cadi.Locator.Item; -import org.onap.aaf.cadi.client.EClient; -import org.onap.aaf.cadi.client.Rcli; - -import com.att.aft.dme2.api.DME2Exception; -import org.onap.aaf.inno.env.APIException; -import org.onap.aaf.inno.env.Data.TYPE; - -/** - * DME2 Rosetta Client - * - * JAXB defined JSON or XML over DME2 middleware - * - * - * @param - */ -public class HRcli extends Rcli { - private HMangr hman; - private Item item; - private SecuritySetter ss; - - public HRcli(HMangr hman, Item locItem, SecuritySetter secSet) throws URISyntaxException, LocatorException { - item=locItem; - uri=hman.loc.get(locItem); - this.hman = hman; - ss=secSet; - type = TYPE.JSON; - apiVersion = hman.apiVersion(); - } - - public HRcli(HMangr hman, URI uri, Item locItem, SecuritySetter secSet) { - locItem=item; - this.uri = uri; - this.hman = hman; - ss=secSet; - type = TYPE.JSON; - apiVersion = hman.apiVersion(); - } - - @Override - protected HRcli clone(URI uri, SecuritySetter ss) { - return new HRcli(hman,uri,item,ss); - } - - - - /** - * Note from Thaniga on 11/5. DME2Client is not expected to be reused... need a fresh one - * on each transaction, which is expected to cover the Async aspects. - * - * @return - * @throws APIException - * @throws DME2Exception - */ - protected EClient client() throws CadiException { - try { - if(uri==null) { - Item item = hman.loc.best(); - if(item==null) { - throw new CadiException("No service available for " + hman.loc.toString()); - } - uri = hman.loc.get(item); - } - return new HClient(ss,uri,connectionTimeout); - } catch (Exception e) { - throw new CadiException(e); - } - } - - /* (non-Javadoc) - * @see com.att.cadi.client.Rcli#setSecuritySetter(com.att.cadi.SecuritySetter) - */ - @Override - public void setSecuritySetter(SecuritySetter ss) { - this.ss = ss; - } - - /* (non-Javadoc) - * @see com.att.cadi.client.Rcli#getSecuritySetter() - */ - @Override - public SecuritySetter getSecuritySetter() { - return ss; - } - - public void invalidate() throws CadiException { - try { - hman.loc.invalidate(item); - } catch (Exception e) { - throw new CadiException(e); - } - } - - public HRcli setManager(HMangr hman) { - this.hman = hman; - return this; - } - - public String toString() { - return uri.toString(); - } - -} diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java b/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java deleted file mode 100644 index db456f2..0000000 --- a/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java +++ /dev/null @@ -1,65 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.http; - -import java.io.IOException; -import java.net.HttpURLConnection; -import java.security.Principal; - -import javax.net.ssl.HttpsURLConnection; - -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.client.AbsTransferSS; -import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.config.SecurityInfoC; - - -public class HTransferSS extends AbsTransferSS { - public HTransferSS(Principal principal, String app) throws IOException { - super(principal, app); - } - - public HTransferSS(Principal principal, String app, SecurityInfoC si) { - super(principal, app, si); - } - - @Override - public void setSecurity(HttpURLConnection huc) throws CadiException { - if(value!=null) { - if(defSS==null) { - throw new CadiException("Need App Credentials to send message"); - } - defSS.setSecurity(huc); - huc.addRequestProperty(Config.CADI_USER_CHAIN, value); - } - if(securityInfo!=null) { - securityInfo.setSocketFactoryOn((HttpsURLConnection)huc); - } - } - - @Override - public int setLastResponse(int respCode) { - return 0; - } - -} diff --git a/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java b/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java deleted file mode 100644 index 0bdc843..0000000 --- a/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java +++ /dev/null @@ -1,168 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.http; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.net.HttpURLConnection; -import java.security.PrivateKey; -import java.security.SecureRandom; -import java.security.Signature; -import java.security.cert.CertificateEncodingException; -import java.security.cert.X509Certificate; - -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.X509KeyManager; - -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.SecuritySetter; -import org.onap.aaf.cadi.Symm; -import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.config.SecurityInfoC; - -import org.onap.aaf.inno.env.APIException; -import org.onap.aaf.inno.env.util.Chrono; - - -public class HX509SS implements SecuritySetter { - private static final byte[] X509 = "x509 ".getBytes(); - private PrivateKey priv; - private byte[] pub; - private String cert; - private SecurityInfoC securityInfo; - private String algo; - private String alias; - private static int count = new SecureRandom().nextInt(); - - public HX509SS(SecurityInfoC si) throws APIException, IOException, CertificateEncodingException { - this(null,si,false); - } - - public HX509SS(SecurityInfoC si, boolean asDefault) throws APIException, IOException, CertificateEncodingException { - this(null,si,asDefault); - } - - public HX509SS(final String sendAlias, SecurityInfoC si) throws APIException, IOException, CertificateEncodingException { - this(sendAlias, si, false); - } - - public HX509SS(final String sendAlias, SecurityInfoC si, boolean asDefault) throws APIException, IOException, CertificateEncodingException { - securityInfo = si; - if((alias=sendAlias) == null) { - if(si.default_alias == null) { - throw new APIException("JKS Alias is required to use X509SS Security. Use " + Config.CADI_ALIAS +" to set default alias"); - } else { - alias = si.default_alias; - } - } - - priv=null; - X509KeyManager[] xkms = si.getKeyManagers(); - if(xkms==null || xkms.length==0) { - throw new APIException("There are no valid keys available in given Keystores. Wrong Keypass? Expired?"); - } - for(int i=0;priv==null&&i0) { - algo = chain[0].getSigAlgName(); - pub = chain[0].getEncoded(); - ByteArrayOutputStream baos = new ByteArrayOutputStream(pub.length*2); - ByteArrayInputStream bais = new ByteArrayInputStream(pub); - Symm.base64noSplit.encode(bais,baos,X509); - cert = baos.toString(); - - /* - // Inner Test code, uncomment if fix needed - bais = new ByteArrayInputStream(baos.toByteArray()); - baos = new ByteArrayOutputStream(input.length*2); - Symm.base64noSplit().decode(bais,baos,5); - byte[] output = baos.toByteArray(); - String reconstitute = output.toString(); - System.out.println("ok"); - CertificateFactory certFactory; - try { - bais = new ByteArrayInputStream(output); - certFactory = CertificateFactory.getInstance("X.509"); - X509Certificate x509 = (X509Certificate)certFactory.generateCertificate(bais); - System.out.println(x509.toString()); - } catch (CertificateException e) { - e.printStackTrace(); - } - */ - } - } - if(algo==null) { - throw new APIException("X509 Security Setter not configured"); - } - } - - @Override - public void setSecurity(HttpURLConnection huc) throws CadiException { - if(huc instanceof HttpsURLConnection) { - securityInfo.setSocketFactoryOn((HttpsURLConnection)huc); - } - if(alias==null) { // must be a one-way - huc.setRequestProperty("Authorization", cert); - - // Test Signed content - try { - String data = "SignedContent["+ inc() + ']' + Chrono.dateTime(); - huc.setRequestProperty("Data", data); - - Signature sig = Signature.getInstance(algo); - sig.initSign(priv); - sig.update(data.getBytes()); - byte[] signature = sig.sign(); - - ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(signature.length*1.3)); - ByteArrayInputStream bais = new ByteArrayInputStream(signature); - Symm.base64noSplit.encode(bais, baos); - huc.setRequestProperty("Signature", new String(baos.toByteArray())); - - } catch (Exception e) { - throw new CadiException(e); - } - } - } - - private synchronized int inc() { - return ++count; - } - - /* (non-Javadoc) - * @see com.att.cadi.SecuritySetter#getID() - */ - @Override - public String getID() { - return alias; - } - - @Override - public int setLastResponse(int respCode) { - return 0; - } -} -- cgit 1.2.3-korg