2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2019 IBM.
7 * ===========================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END====================================================
23 package org.onap.aaf.auth.batch.helpers;
25 import java.text.SimpleDateFormat;
26 import java.util.ArrayList;
27 import java.util.Date;
28 import java.util.GregorianCalendar;
29 import java.util.HashSet;
30 import java.util.Iterator;
31 import java.util.List;
33 import java.util.TreeMap;
35 import org.onap.aaf.auth.dao.cass.CredDAO;
36 import org.onap.aaf.auth.dao.hl.Question;
37 import org.onap.aaf.cadi.util.CSV;
38 import org.onap.aaf.misc.env.Env;
39 import org.onap.aaf.misc.env.TimeTaken;
40 import org.onap.aaf.misc.env.Trans;
41 import org.onap.aaf.misc.env.util.Chrono;
43 import com.datastax.driver.core.ResultSet;
44 import com.datastax.driver.core.Row;
45 import com.datastax.driver.core.Session;
46 import com.datastax.driver.core.SimpleStatement;
47 import com.datastax.driver.core.Statement;
50 public static final TreeMap<String,Cred> data = new TreeMap<>();
51 public static final TreeMap<String,List<Cred>> byNS = new TreeMap<>();
53 public final String id;
54 public final List<Instance> instances;
55 public final String ns;
57 public Cred(String id) {
59 instances = new ArrayList<>();
60 ns=Question.domain2ns(id);
63 public static class Instance {
64 public final int type;
65 public final Date expires,written;
66 public final Integer other;
67 public final String tag;
68 public List<Note> notes;
71 public Instance(int type, Date expires, Integer other, long written, String tag) {
73 this.expires = expires;
75 this.written = new Date(written);
80 * Usually returns Null...
83 public List<Note> notes() {
87 public void addNote(int level, String note) {
89 notes=new ArrayList<>();
91 notes.add(new Note(level,note));
94 public String toString() {
95 return expires.toString() + ": " + type + ' ' + tag;
99 public static class Note {
100 public final int level;
101 public final String note;
103 public Note(int level, String note) {
108 public Date last(final int ... types) {
110 for (Instance i : instances) {
111 if (types.length>0) { // filter by types, if requested
113 for (int t : types) {
123 if (last==null || i.expires.after(last)) {
131 public Set<Integer> types() {
132 Set<Integer> types = new HashSet<>();
133 for (Instance i : instances) {
139 public static void load(Trans trans, Session session, int ... types ) {
140 load(trans, session,"select id, type, expires, other, writetime(cred), tag from authz.cred;",types);
143 public static void loadOneNS(Trans trans, Session session, String ns,int ... types ) {
144 load(trans, session,"select id, type, expires, other, writetime(cred), tag from authz.cred WHERE ns='" + ns + "';", types);
147 private static void load(Trans trans, Session session, String query, int ...types) {
149 trans.info().log( "query: " + query );
150 TimeTaken tt = trans.start("Read Creds", Env.REMOTE);
154 Statement stmt = new SimpleStatement( query );
155 results = session.execute(stmt);
161 Iterator<Row> iter = results.iterator();
163 tt = trans.start("Load Credentials", Env.SUB);
165 while (iter.hasNext()) {
168 int type = row.getInt(1);
169 if (types.length>0) { // filter by types, if requested
170 boolean hastype = false;
171 for (int t : types) {
181 add(row.getString(0), row.getInt(1),row.getTimestamp(2),row.getInt(3),row.getLong(4),
188 trans.info().log("Found",count,"creds");
192 public static void add(
195 final Date timestamp,
200 Cred cred = data.get(id);
205 cred.instances.add(new Instance(type, timestamp, other, written/1000,tag));
207 List<Cred> lscd = byNS.get(cred.ns);
209 lscd=new ArrayList<>();
210 byNS.put(cred.ns,lscd);
212 boolean found = false;
213 for (Cred c : lscd) {
214 if (c.id.equals(cred.id)) {
226 * Count entries in Cred data.
227 * Note, as opposed to other methods, need to load the whole cred table for the Types.
231 public static CredCount count(int numbuckets) {
232 CredCount cc = new CredCount(numbuckets);
233 for (Cred c : data.values()) {
234 for (Instance ci : c.instances) {
235 cc.inc(ci.type,ci.written, ci.expires);
241 public static class CredCount {
243 public int basic_auth[];
244 public int basic_auth_256[];
246 public int x509Added[];
247 public int x509Expired[];
250 public CredCount(int numbuckets) {
251 raw = new int[numbuckets];
252 basic_auth = new int[numbuckets];
253 basic_auth_256 = new int[numbuckets];
254 cert = new int[numbuckets];
255 x509Added = new int[numbuckets];
256 x509Expired = new int[numbuckets];
257 dates = new Date[numbuckets];
258 GregorianCalendar gc = new GregorianCalendar();
259 dates[0]=gc.getTime(); // now
260 gc.set(GregorianCalendar.DAY_OF_MONTH, 1);
261 gc.set(GregorianCalendar.HOUR, 0);
262 gc.set(GregorianCalendar.MINUTE, 0);
263 gc.set(GregorianCalendar.SECOND,0);
264 gc.set(GregorianCalendar.MILLISECOND,0);
265 gc.add(GregorianCalendar.MILLISECOND, -1); // last milli of month
266 for (int i=1;i<numbuckets;++i) {
267 dates[i] = gc.getTime();
268 gc.add(GregorianCalendar.MONTH, -1);
273 public void inc(int type, Date start, Date expires) {
274 for (int i=0;i<dates.length-1;++i) {
275 if (start.before(dates[i])) {
276 if ((type==CredDAO.CERT_SHA256_RSA)&&(start.after(dates[i+1]))) {
279 if (expires.after(dates[i])) {
284 case CredDAO.BASIC_AUTH:
287 case CredDAO.BASIC_AUTH_SHA256:
290 case CredDAO.CERT_SHA256_RSA:
299 public long authCount(int idx) {
300 return (long)basic_auth[idx]+basic_auth_256[idx];
303 public long x509Count(int idx) {
309 public void row(final CSV.Writer csvw, final Instance inst) {
310 csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires),
311 inst.expires.getTime(),inst.tag);
314 public void row(final CSV.Writer csvw, final Instance inst, final String reason) {
315 csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires),
316 inst.expires.getTime(),inst.tag,reason);
319 static SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss+SSSS");
320 public static void batchDelete(StringBuilder sb, List<String> row) {
321 Long l = Long.parseLong(row.get(5));
322 String date = sdf.format(new Date(l));
323 sb.append("DELETE from authz.cred WHERE id='");
324 sb.append(row.get(1));
325 sb.append("' AND type=");
326 sb.append(Integer.parseInt(row.get(3)));
327 // Note: We have to work with long, because Expires is part of Key... can't easily do date.
328 sb.append(" AND expires='");
331 // sb.append(" AND expires=dateof(maxtimeuuid(");
332 // sb.append(row.get(5));
333 // sb.append("));\n");
337 public String toString() {
338 StringBuilder sb = new StringBuilder(id);
340 for (Instance i : instances) {
344 sb.append(i.expires);
348 return sb.toString();
352 * @see java.lang.Object#hashCode()
355 public int hashCode() {
356 return id.hashCode();
360 * @see java.lang.Object#equals(java.lang.Object)
363 public boolean equals(Object obj) {
364 return id.equals(obj);
368 public static String histSubject(List<String> row) {
373 public static String histMemo(String fmt, String orgName, List<String> row) {
375 if(row.size()>5) { // Reason included
378 reason = String.format(fmt, row.get(1),orgName,row.get(4));
384 public static void clear() {