2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2019 IBM.
7 * ===========================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END====================================================
23 package org.onap.aaf.auth.batch.helpers;
25 import java.util.ArrayList;
26 import java.util.Date;
27 import java.util.GregorianCalendar;
28 import java.util.HashSet;
29 import java.util.Iterator;
30 import java.util.List;
32 import java.util.TreeMap;
34 import org.onap.aaf.auth.dao.cass.CredDAO;
35 import org.onap.aaf.auth.dao.hl.Question;
36 import org.onap.aaf.cadi.util.CSV;
37 import org.onap.aaf.misc.env.Env;
38 import org.onap.aaf.misc.env.TimeTaken;
39 import org.onap.aaf.misc.env.Trans;
40 import org.onap.aaf.misc.env.util.Chrono;
42 import com.datastax.driver.core.ResultSet;
43 import com.datastax.driver.core.Row;
44 import com.datastax.driver.core.Session;
45 import com.datastax.driver.core.SimpleStatement;
46 import com.datastax.driver.core.Statement;
49 public static final TreeMap<String,Cred> data = new TreeMap<>();
50 public static final TreeMap<String,List<Cred>> byNS = new TreeMap<>();
52 public final String id;
53 public final List<Instance> instances;
54 public final String ns;
56 public Cred(String id) {
58 instances = new ArrayList<>();
59 ns=Question.domain2ns(id);
62 public static class Instance {
63 public final int type;
64 public final Date expires,written;
65 public final Integer other;
66 public final String tag;
67 public List<Note> notes;
70 public Instance(int type, Date expires, Integer other, long written, String tag) {
72 this.expires = expires;
74 this.written = new Date(written);
79 * Usually returns Null...
82 public List<Note> notes() {
86 public void addNote(int level, String note) {
88 notes=new ArrayList<>();
90 notes.add(new Note(level,note));
93 public String toString() {
94 return expires.toString() + ": " + type + ' ' + tag;
98 public static class Note {
99 public final int level;
100 public final String note;
102 public Note(int level, String note) {
107 public Date last(final int ... types) {
109 for (Instance i : instances) {
110 if (types.length>0) { // filter by types, if requested
112 for (int t : types) {
122 if (last==null || i.expires.after(last)) {
130 public Set<Integer> types() {
131 Set<Integer> types = new HashSet<>();
132 for (Instance i : instances) {
138 public static void load(Trans trans, Session session, int ... types ) {
139 load(trans, session,"select id, type, expires, other, writetime(cred), tag from authz.cred;",types);
142 public static void loadOneNS(Trans trans, Session session, String ns,int ... types ) {
143 load(trans, session,"select id, type, expires, other, writetime(cred), tag from authz.cred WHERE ns='" + ns + "';", types);
146 private static void load(Trans trans, Session session, String query, int ...types) {
148 trans.info().log( "query: " + query );
149 TimeTaken tt = trans.start("Read Creds", Env.REMOTE);
153 Statement stmt = new SimpleStatement( query );
154 results = session.execute(stmt);
160 Iterator<Row> iter = results.iterator();
162 tt = trans.start("Load Credentials", Env.SUB);
164 while (iter.hasNext()) {
167 int type = row.getInt(1);
168 if (types.length>0) { // filter by types, if requested
169 boolean hastype = false;
170 for (int t : types) {
180 add(row.getString(0), row.getInt(1),row.getTimestamp(2),row.getInt(3),row.getLong(4),
187 trans.info().log("Found",count,"creds");
191 public static void add(
194 final Date timestamp,
199 Cred cred = data.get(id);
204 cred.instances.add(new Instance(type, timestamp, other, written/1000,tag));
206 List<Cred> lscd = byNS.get(cred.ns);
208 lscd=new ArrayList<>();
209 byNS.put(cred.ns,lscd);
211 boolean found = false;
212 for (Cred c : lscd) {
213 if (c.id.equals(cred.id)) {
225 * Count entries in Cred data.
226 * Note, as opposed to other methods, need to load the whole cred table for the Types.
230 public static CredCount count(int numbuckets) {
231 CredCount cc = new CredCount(numbuckets);
232 for (Cred c : data.values()) {
233 for (Instance ci : c.instances) {
234 cc.inc(ci.type,ci.written, ci.expires);
240 public static class CredCount {
242 public int basic_auth[];
243 public int basic_auth_256[];
245 public int x509Added[];
246 public int x509Expired[];
249 public CredCount(int numbuckets) {
250 raw = new int[numbuckets];
251 basic_auth = new int[numbuckets];
252 basic_auth_256 = new int[numbuckets];
253 cert = new int[numbuckets];
254 x509Added = new int[numbuckets];
255 x509Expired = new int[numbuckets];
256 dates = new Date[numbuckets];
257 GregorianCalendar gc = new GregorianCalendar();
258 dates[0]=gc.getTime(); // now
259 gc.set(GregorianCalendar.DAY_OF_MONTH, 1);
260 gc.set(GregorianCalendar.HOUR, 0);
261 gc.set(GregorianCalendar.MINUTE, 0);
262 gc.set(GregorianCalendar.SECOND,0);
263 gc.set(GregorianCalendar.MILLISECOND,0);
264 gc.add(GregorianCalendar.MILLISECOND, -1); // last milli of month
265 for (int i = 1; i < numbuckets; ++i) {
266 dates[i] = gc.getTime();
267 gc.add(GregorianCalendar.MONTH, -1);
272 public void inc(int type, Date start, Date expires) {
273 for (int i = 0; i < dates.length - 1; ++i) {
274 if (start.before(dates[i])) {
275 if ((type == CredDAO.CERT_SHA256_RSA)&&(start.after(dates[i + 1]))) {
278 if (expires.after(dates[i])) {
283 case CredDAO.BASIC_AUTH:
286 case CredDAO.BASIC_AUTH_SHA256:
289 case CredDAO.CERT_SHA256_RSA:
298 public long authCount(int idx) {
299 return (long)basic_auth[idx] + basic_auth_256[idx];
302 public long x509Count(int idx) {
308 public void row(final CSV.Writer csvw, final Instance inst) {
309 csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires),
310 inst.expires.getTime(),inst.tag);
313 public void row(final CSV.Writer csvw, final Instance inst, final String reason) {
314 csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires),
315 inst.expires.getTime(),inst.tag,reason);
318 public static void batchDelete(StringBuilder sb, List<String> row) {
319 Long l = Long.parseLong(row.get(5));
320 String date = Chrono.batchFmt.format(new Date(l));
321 sb.append("DELETE from authz.cred WHERE id='");
322 sb.append(row.get(1));
323 sb.append("' AND type=");
324 sb.append(Integer.parseInt(row.get(3)));
325 // Note: We have to work with long, because Expires is part of Key... can't easily do date.
326 sb.append(" AND expires='");
329 // sb.append(" AND expires=dateof(maxtimeuuid(");
330 // sb.append(row.get(5));
331 // sb.append("));\n");
335 public String toString() {
336 StringBuilder sb = new StringBuilder(id);
338 for (Instance i : instances) {
342 sb.append(i.expires);
346 return sb.toString();
350 * @see java.lang.Object#hashCode()
353 public int hashCode() {
354 return id.hashCode();
358 * @see java.lang.Object#equals(java.lang.Object)
361 public boolean equals(Object obj) {
362 return id.equals(obj);
366 public static String histSubject(List<String> row) {
371 public static String histMemo(String fmt, String orgName, List<String> row) {
373 if(row.size()>5) { // Reason included
376 reason = String.format(fmt, row.get(1),orgName,row.get(4));
382 public static void clear() {