summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorpkaras <piotr.karas@nokia.com>2019-06-03 14:01:27 +0200
committerpkaras <piotr.karas@nokia.com>2019-06-03 14:05:27 +0200
commitbf91de122a24dbfc9a0158556e290df21472240b (patch)
tree5f1c14d4117c8fa69a8b2c3c27bb2238a757a5ca /src
parent675ec9e58d26fe0e73ba91004f77729c417364fd (diff)
AafService - interface was introduced
Change-Id: I1942d4ebe7c5c776df5e369f1f422f2e15d6ee99 Issue-ID: DMAAP-1211 Signed-off-by: piotr.karas <piotr.karas@nokia.com>
Diffstat (limited to 'src')
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java180
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java196
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java3
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java3
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java5
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java7
-rw-r--r--src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java3
7 files changed, 223 insertions, 174 deletions
diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java
index 9d8776a..30efbf2 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafService.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -20,179 +20,27 @@
package org.onap.dmaap.dbcapi.aaf;
-import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
-import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
-import org.onap.dmaap.dbcapi.util.DmaapConfig;
-
/*
* this service uses the AAF REST API endpoints to provision values in AAF
*/
-public class AafService extends BaseLoggingClass {
- public enum ServiceType {
- AAF_Admin,
- AAF_TopicMgr
- }
-
- private AafConnection aaf;
- private ServiceType ctype;
- private String aafURL ;
- private String identity;
- private boolean useAAF = false;
-
-
-
- public String getIdentity() {
- return identity;
- }
-
-
- public void setIdentity(String identity) {
- this.identity = identity;
- }
-
-
- private String getCred( boolean wPwd ) {
- String mechIdProperty = null;
- String pwdProperty = null;
- DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
- AafDecrypt decryptor = new AafDecrypt();
-
- if ( ctype == ServiceType.AAF_Admin ) {
- mechIdProperty = "aaf.AdminUser";
- pwdProperty = "aaf.AdminPassword";
- } else if ( ctype == ServiceType.AAF_TopicMgr ){
- mechIdProperty = "aaf.TopicMgrUser";
- pwdProperty = "aaf.TopicMgrPassword";
- } else {
- logger.error( "Unexpected case for AAF credential type: " + ctype );
- return null;
- }
- identity = p.getProperty( mechIdProperty, "noMechId@domain.netset.com" );
+public interface AafService {
+ enum ServiceType {
+ AAF_Admin,
+ AAF_TopicMgr
+ }
- String pwd = "";
- String encPwd = p.getProperty( pwdProperty, "notSet" );
+ String getIdentity();
-
- pwd = decryptor.decrypt(encPwd);
-
- if ( wPwd ) {
- return identity + ":" + pwd;
- } else {
- return identity;
- }
-
-
- }
-
-
- public AafService(ServiceType t ) {
- DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
- aafURL = p.getProperty( "aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
- initAafService( t );
- }
- public AafService( ServiceType t, String url ) {
- aafURL = url;
- initAafService( t );
- }
-
- private void initAafService( ServiceType t ) {
- DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
- useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
- logger.info( "AafService initAafService: useAAF=" + useAAF);
-
- ctype = t;
- aaf = new AafConnection( getCred( true ) );
- }
-
- public int addPerm(DmaapPerm perm) {
- logger.info( "entry: addPerm() " );
- return doPost( perm, "authz/perm", 201);
- }
- public int addGrant(DmaapGrant grant ) {
- logger.info( "entry: addGrant() " );
- return doPost( grant, "authz/role/perm", 201 );
- }
- public int addUserRole( AafUserRole ur ) {
- logger.info( "entry: addUserRole() " );
- return doPost( ur, "authz/userRole", 201 );
- }
+ int addPerm(DmaapPerm perm);
- public int delGrant( DmaapGrant grant ) {
- int rc = -1;
- logger.info( "entry: delGrant() " );
+ int addGrant(DmaapGrant grant);
- String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
-
- if ( useAAF ) {
- rc = aaf.delAaf( grant, pURL );
- } else {
- rc = 200;
- }
- switch( rc ) {
- case 401:
- case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred( false ) );
- System.exit(1);
- break;
-
- case 404:
- logger.warn( "Perm not found...ignore");
- break;
-
- case 200:
- logger.info( "expected response" );
- break;
- default :
- logger.error( "Unexpected response: " + rc );
- break;
- }
-
- return rc;
- }
+ int addUserRole(AafUserRole ur);
- public int addRole(AafRole role) {
- logger.info( "entry: addRole() " );
- return doPost( role, "authz/role", 201 );
- }
+ int delGrant(DmaapGrant grant);
-
-
- public int addNamespace(AafNamespace ns) {
- logger.info( "entry: addNamespace() " );
- return doPost( ns, "authz/ns", 201 );
- }
+ int addRole(AafRole role);
-
- private int doPost( AafObject obj, String uri, int expect ) {
- int rc = -1;
- logger.info( "entry: doPost() " );
- String pURL = aafURL + uri;
- logger.info( "doPost: useAAF=" + useAAF );
- if ( useAAF ) {
- logger.info( "doPost: " + obj.toJSON());
- rc = aaf.postAaf( obj, pURL );
- } else {
- rc = expect;
- }
- switch( rc ) {
- case 401:
- case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred( false ) );
- System.exit(1);
- case 409:
- logger.warn( "Object for " + uri + " already exists. Possible conflict.");
- break;
-
- default :
- if ( rc == expect ) {
- logger.info( "expected response: " + rc);
- } else {
- logger.error( "Unexpected response: " + rc );
- }
- break;
- }
-
- return rc;
- }
+ int addNamespace(AafNamespace ns);
}
diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java
new file mode 100644
index 0000000..4397a88
--- /dev/null
+++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java
@@ -0,0 +1,196 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dmaap
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.dbcapi.aaf;
+
+import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
+import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
+
+public class AafServiceImpl extends BaseLoggingClass implements AafService {
+ public enum ServiceType {
+ AAF_Admin,
+ AAF_TopicMgr
+ }
+
+ private AafConnection aaf;
+ private AafService.ServiceType ctype;
+ private String aafURL;
+ private String identity;
+ private boolean useAAF = false;
+
+
+ public String getIdentity() {
+ return identity;
+ }
+
+
+ public void setIdentity(String identity) {
+ this.identity = identity;
+ }
+
+
+ private String getCred(boolean wPwd) {
+ String mechIdProperty = null;
+ String pwdProperty = null;
+ DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
+ AafDecrypt decryptor = new AafDecrypt();
+
+ if (ctype == AafService.ServiceType.AAF_Admin) {
+ mechIdProperty = "aaf.AdminUser";
+ pwdProperty = "aaf.AdminPassword";
+ } else if (ctype == AafService.ServiceType.AAF_TopicMgr) {
+ mechIdProperty = "aaf.TopicMgrUser";
+ pwdProperty = "aaf.TopicMgrPassword";
+ } else {
+ logger.error("Unexpected case for AAF credential type: " + ctype);
+ return null;
+ }
+ identity = p.getProperty(mechIdProperty, "noMechId@domain.netset.com");
+
+ String pwd = "";
+ String encPwd = p.getProperty(pwdProperty, "notSet");
+
+
+ pwd = decryptor.decrypt(encPwd);
+
+ if (wPwd) {
+ return identity + ":" + pwd;
+ } else {
+ return identity;
+ }
+
+
+ }
+
+
+ public AafServiceImpl(AafService.ServiceType t) {
+ DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
+ aafURL = p.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
+ initAafService(t);
+ }
+
+ public AafServiceImpl(AafService.ServiceType t, String url) {
+ aafURL = url;
+ initAafService(t);
+ }
+
+ private void initAafService(AafService.ServiceType t) {
+ DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
+ useAAF = "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
+ logger.info("AafService initAafService: useAAF=" + useAAF);
+
+ ctype = t;
+ aaf = new AafConnection(getCred(true));
+ }
+
+ public int addPerm(DmaapPerm perm) {
+ logger.info("entry: addPerm() ");
+ return doPost(perm, "authz/perm", 201);
+ }
+
+ public int addGrant(DmaapGrant grant) {
+ logger.info("entry: addGrant() ");
+ return doPost(grant, "authz/role/perm", 201);
+ }
+
+ public int addUserRole(AafUserRole ur) {
+ logger.info("entry: addUserRole() ");
+ return doPost(ur, "authz/userRole", 201);
+ }
+
+ public int delGrant(DmaapGrant grant) {
+ int rc = -1;
+ logger.info("entry: delGrant() ");
+
+ String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
+
+ if (useAAF) {
+ rc = aaf.delAaf(grant, pURL);
+ } else {
+ rc = 200;
+ }
+ switch (rc) {
+ case 401:
+ case 403:
+ errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
+ System.exit(1);
+ break;
+
+ case 404:
+ logger.warn("Perm not found...ignore");
+ break;
+
+ case 200:
+ logger.info("expected response");
+ break;
+ default:
+ logger.error("Unexpected response: " + rc);
+ break;
+ }
+
+ return rc;
+ }
+
+ public int addRole(AafRole role) {
+ logger.info("entry: addRole() ");
+ return doPost(role, "authz/role", 201);
+ }
+
+
+ public int addNamespace(AafNamespace ns) {
+ logger.info("entry: addNamespace() ");
+ return doPost(ns, "authz/ns", 201);
+ }
+
+
+ private int doPost(AafObject obj, String uri, int expect) {
+ int rc = -1;
+ logger.info("entry: doPost() ");
+ String pURL = aafURL + uri;
+ logger.info("doPost: useAAF=" + useAAF);
+ if (useAAF) {
+ logger.info("doPost: " + obj.toJSON());
+ rc = aaf.postAaf(obj, pURL);
+ } else {
+ rc = expect;
+ }
+ switch (rc) {
+ case 401:
+ case 403:
+ errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
+ System.exit(1);
+ case 409:
+ logger.warn("Object for " + uri + " already exists. Possible conflict.");
+ break;
+
+
+ default:
+ if (rc == expect) {
+ logger.info("expected response: " + rc);
+ } else {
+ logger.error("Unexpected response: " + rc);
+ }
+ break;
+ }
+
+ return rc;
+ }
+} \ No newline at end of file
diff --git a/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java b/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java
index 33cc327..02bab63 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/authentication/ApiPerms.java
@@ -26,6 +26,7 @@ import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
import org.onap.dmaap.dbcapi.aaf.AafService;
+import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
@@ -89,7 +90,7 @@ public class ApiPerms extends BaseLoggingClass {
DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
String api = p.getProperty("ApiNamespace", "apiNamespace.not.set");
- AafService aaf = new AafService(ServiceType.AAF_Admin);
+ AafService aaf = new AafServiceImpl(ServiceType.AAF_Admin);
for ( int i = 0; i < pmap.length ; i++ ) {
String uri = new String( api + "." + pmap[i].getUri());
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java b/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java
index 00d6066..0be6c28 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/AafPermissionService.java
@@ -21,6 +21,7 @@
package org.onap.dmaap.dbcapi.service;
import org.onap.dmaap.dbcapi.aaf.AafService;
+import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
import org.onap.dmaap.dbcapi.aaf.AafUserRole;
import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
@@ -38,7 +39,7 @@ public class AafPermissionService extends BaseLoggingClass {
private final DmaapService dmaapService;
public AafPermissionService() {
- this(new AafService(AafService.ServiceType.AAF_TopicMgr), new DmaapService());
+ this(new AafServiceImpl(AafService.ServiceType.AAF_TopicMgr), new DmaapService());
}
AafPermissionService(AafService aafService, DmaapService dmaapService) {
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java b/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java
index 3ea44cc..92455cd 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/DmaapService.java
@@ -24,6 +24,7 @@ package org.onap.dmaap.dbcapi.service;
import java.util.ArrayList;
import org.onap.dmaap.dbcapi.aaf.AafService;
+import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
@@ -85,7 +86,7 @@ public class DmaapService extends BaseLoggingClass {
nd.setLastMod();
dmaapholder.update(nd);
- AafService aaf = new AafService( ServiceType.AAF_Admin);
+ AafService aaf = new AafServiceImpl( ServiceType.AAF_Admin);
ApiPolicy apiPolicy = new ApiPolicy();
if ( apiPolicy.isPermissionClassSet() ) {
ApiPerms p = new ApiPerms();
@@ -134,7 +135,7 @@ public class DmaapService extends BaseLoggingClass {
ApiPerms p = new ApiPerms();
p.setEnvMap();
}
- AafService aaf = new AafService( ServiceType.AAF_Admin);
+ AafService aaf = new AafServiceImpl( ServiceType.AAF_Admin);
if ( multiSite ) {
anythingWrong = setTopicMgtPerms( nd, aaf ) || createMmaTopic();
}
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java b/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
index 23627b5..81b0ccd 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
@@ -24,6 +24,7 @@ package org.onap.dmaap.dbcapi.service;
import org.onap.dmaap.dbcapi.aaf.AafService;
import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
+import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
import org.onap.dmaap.dbcapi.aaf.AafUserRole;
import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
@@ -180,7 +181,7 @@ public class MR_ClientService extends BaseLoggingClass {
}
private void grantClientRolePerms(MR_Client client, ApiError err) {
- AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
+ AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
String instance = ":topic." + client.getFqtn();
client.setStatus(DmaapObject_Status.VALID);
@@ -205,7 +206,7 @@ public class MR_ClientService extends BaseLoggingClass {
}
private void assignIdentityToRole(MR_Client client, String role, ApiError err) {
- AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
+ AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
AafUserRole ur = new AafUserRole(client.getClientIdentity(), role);
int rc = aaf.addUserRole(ur);
@@ -221,7 +222,7 @@ public class MR_ClientService extends BaseLoggingClass {
}
private void revokeClientPerms(MR_Client client, ApiError err) {
- AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
+ AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
String instance = ":topic." + client.getFqtn();
client.setStatus(DmaapObject_Status.VALID);
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
index 83591dd..72f04bd 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
@@ -26,6 +26,7 @@ import org.onap.dmaap.dbcapi.aaf.AafNamespace;
import org.onap.dmaap.dbcapi.aaf.AafRole;
import org.onap.dmaap.dbcapi.aaf.AafService;
import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
+import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
import org.onap.dmaap.dbcapi.database.DatabaseClass;
@@ -146,7 +147,7 @@ public class TopicService extends BaseLoggingClass {
}
// establish AAF Connection using TopicMgr identity
- AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
+ AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
AafRole pubRole = null;
AafRole subRole = null;