2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.direct;
24 import java.nio.ByteBuffer;
25 import java.security.cert.CertificateException;
26 import java.security.cert.X509Certificate;
27 import java.util.List;
29 import javax.servlet.http.HttpServletRequest;
31 import org.onap.aaf.auth.dao.cached.CachedCertDAO;
32 import org.onap.aaf.auth.dao.cass.CertDAO.Data;
33 import org.onap.aaf.auth.env.AuthzTrans;
34 import org.onap.aaf.auth.layer.Result;
35 import org.onap.aaf.auth.rserv.TransFilter;
36 import org.onap.aaf.cadi.principal.TaggedPrincipal;
37 import org.onap.aaf.cadi.principal.X509Principal;
38 import org.onap.aaf.cadi.taf.cert.CertIdentity;
39 import org.onap.aaf.cadi.taf.cert.X509Taf;
42 * Direct view of CertIdentities
44 * Warning: this class is difficult to instantiate. The only service that can use it is AAF itself, and is thus
45 * entered in the "init" after the CachedCertDAO is created.
50 public class DirectCertIdentity implements CertIdentity {
51 private static CachedCertDAO certDAO;
54 public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] _certBytes) throws CertificateException {
55 byte[] certBytes = _certBytes;
56 if(cert==null && certBytes==null) {
60 certBytes = cert.getEncoded();
62 byte[] fingerprint = X509Taf.getFingerPrint(certBytes);
64 AuthzTrans trans = (AuthzTrans) req.getAttribute(TransFilter.TRANS_TAG);
66 Result<List<Data>> cresp = certDAO.read(trans, ByteBuffer.wrap(fingerprint));
67 if(cresp.isOKhasData()) {
68 Data cdata = cresp.value.get(0);
69 return new X509Principal(cdata.id,cert,certBytes,null);
74 public static void set(CachedCertDAO ccd) {