2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.cm.mapper;
24 import java.io.IOException;
25 import java.util.ArrayList;
26 import java.util.List;
29 import org.onap.aaf.auth.cm.data.CertDrop;
30 import org.onap.aaf.auth.cm.data.CertRenew;
31 import org.onap.aaf.auth.cm.data.CertReq;
32 import org.onap.aaf.auth.cm.data.CertResp;
33 import org.onap.aaf.auth.cm.validation.CertmanValidator;
34 import org.onap.aaf.auth.dao.cass.ArtiDAO;
35 import org.onap.aaf.auth.dao.cass.ArtiDAO.Data;
36 import org.onap.aaf.auth.dao.cass.CertDAO;
37 import org.onap.aaf.auth.env.AuthzTrans;
38 import org.onap.aaf.auth.layer.Result;
39 import org.onap.aaf.cadi.util.FQI;
40 import org.onap.aaf.cadi.util.Vars;
42 import aaf.v2_0.Error;
43 import certman.v1_0.Artifacts;
44 import certman.v1_0.Artifacts.Artifact;
45 import certman.v1_0.BaseRequest;
46 import certman.v1_0.CertInfo;
47 import certman.v1_0.CertificateDrop;
48 import certman.v1_0.CertificateRenew;
49 import certman.v1_0.CertificateRequest;
52 public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
55 public Class<?> getClass(API api) {
57 case CERT_REQ: return CertificateRequest.class;
58 case CERT_RENEW: return CertificateRenew.class;
59 case CERT_DROP: return CertificateDrop.class;
60 case CERT: return CertInfo.class;
61 case ARTIFACTS: return Artifacts.class;
62 case ERROR: return Error.class;
63 case VOID: return Void.class;
68 @SuppressWarnings("unchecked")
70 public <A> A newInstance(API api) {
72 case CERT_REQ: return (A) new CertificateRequest();
73 case CERT_RENEW: return (A) new CertificateRenew();
74 case CERT_DROP: return (A) new CertificateDrop();
75 case CERT: return (A) new CertInfo();
76 case ARTIFACTS: return (A) new Artifacts();
77 case ERROR: return (A)new Error();
78 case VOID: return null;
83 ////////////// Mapping Functions /////////////
85 public Error errorFromMessage(StringBuilder holder, String msgID, String text, Object ... var) {
86 Error err = new Error();
87 err.setMessageId(msgID);
88 // AT&T Restful Error Format requires numbers "%" placements
89 err.setText(Vars.convert(holder, text, var));
90 for (Object s : var) {
91 err.getVariables().add(s.toString());
97 * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
100 public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
102 return Result.err(in);
105 CertResp cin = in.value;
106 CertInfo cout = newInstance(API.CERT);
107 cout.setPrivatekey(cin.privateString());
109 if ((value=cin.challenge())!=null) {
110 cout.setChallenge(value);
112 // In Version 1, Cert is always first
113 cout.getCerts().add(cin.asCertString());
114 // Follow with Trust Chain
115 if (cin.trustChain()!=null) {
116 for (String c : cin.trustChain()) {
118 cout.getCerts().add(c);
123 // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
124 // Certs in keystore versus Truststore. Separate in Version 2_0
125 if (cin.trustCAs()!=null) {
126 for (String c : cin.trustCAs()) {
128 if (!cout.getCerts().contains(c)) {
129 cout.getCerts().add(c);
134 if (cin.notes()!=null) {
135 boolean first = true;
136 StringBuilder sb = new StringBuilder();
137 for (String n : cin.notes()) {
145 cout.setNotes(sb.toString());
147 List<String> caIssuerDNs = cout.getCaIssuerDNs();
148 for (String s : cin.caIssuerDNs()) {
151 cout.setEnv(cin.env());
152 return Result.ok(cout);
157 public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
159 CertInfo cout = newInstance(API.CERT);
160 List<String> certs = cout.getCerts();
161 for (CertDAO.Data cdd : in.value) {
164 return Result.ok(cout);
166 return Result.err(in);
171 * @see com.att.authz.certman.mapper.Mapper#toReq(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
174 public Result<CertReq> toReq(AuthzTrans trans, BaseRequest req) {
175 CertificateRequest in;
177 in = (CertificateRequest)req;
178 } catch (ClassCastException e) {
179 return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
182 CertReq out = new CertReq();
183 CertmanValidator v = new CertmanValidator();
184 out.mechid=in.getMechid();
185 out.fqdns=in.getFqdns();
186 v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid);
187 v.nullBlankMin("FQDNs", out.fqdns,1);
189 return Result.err(Result.ERR_BadData, v.errs());
191 out.emails = in.getEmail();
192 out.sponsor=in.getSponsor();
193 out.start = in.getStart();
194 out.end = in.getEnd();
195 out.fqdns = in.getFqdns();
196 return Result.ok(out);
200 * @see com.att.authz.certman.mapper.Mapper#toRenew(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
203 public Result<CertRenew> toRenew(AuthzTrans trans, BaseRequest req) {
204 return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
208 * @see com.att.authz.certman.mapper.Mapper#toDrop(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
211 public Result<CertDrop> toDrop(AuthzTrans trans, BaseRequest req) {
212 return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
216 * @see org.onap.aaf.auth.cm.mapper.Mapper#toArtifact(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
219 public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
220 List<ArtiDAO.Data> ladd = new ArrayList<>();
221 for (Artifact arti : artifacts.getArtifact()) {
222 ArtiDAO.Data data = new ArtiDAO.Data();
223 data.mechid = trim(arti.getMechid());
224 data.machine = trim(arti.getMachine());
225 if(arti.getType()!=null) {
226 Set<String> ss = data.type(true);
227 for(String t : arti.getType()) {
231 data.ca = trim(arti.getCa());
232 data.dir = trim(arti.getDir());
233 data.os_user = trim(arti.getOsUser());
234 // Optional (on way in)
235 data.ns = trim(arti.getNs());
236 data.renewDays = arti.getRenewDays();
237 data.notify = trim(arti.getNotification());
239 // Ignored on way in for create/update
240 data.sponsor = (arti.getSponsor());
241 if(arti.getSans()!=null) {
242 Set<String> ls = data.sans(true);
243 for(String t : arti.getSans()) {
254 * @see org.onap.aaf.auth.cm.mapper.Mapper#fromArtifacts(org.onap.aaf.auth.layer.test.Result)
257 public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
258 if (lArtiDAO.isOK()) {
259 Artifacts artis = new Artifacts();
260 for (ArtiDAO.Data arti : lArtiDAO.value) {
261 Artifact a = new Artifact();
262 a.setMechid(trim(arti.mechid));
263 a.setMachine(trim(arti.machine));
264 a.setSponsor(trim(arti.sponsor));
265 a.setNs(trim(arti.ns));
266 a.setCa(trim(arti.ca));
267 a.setDir(trim(arti.dir));
268 for(String t : arti.type(false)) {
269 a.getType().add(trim(t));
271 a.setOsUser(trim(arti.os_user));
272 a.setRenewDays(arti.renewDays);
273 a.setNotification(trim(arti.notify));
274 for(String t : arti.sans(false)) {
275 a.getSans().add(trim(t));
277 artis.getArtifact().add(a);
279 return Result.ok(artis);
281 return Result.err(lArtiDAO);
287 private String trim(String s) {