2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2019 IBM.
7 * ===========================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END====================================================
23 package org.onap.aaf.auth.cm.mapper;
25 import java.io.IOException;
26 import java.util.ArrayList;
27 import java.util.List;
30 import org.onap.aaf.auth.cm.data.CertDrop;
31 import org.onap.aaf.auth.cm.data.CertRenew;
32 import org.onap.aaf.auth.cm.data.CertReq;
33 import org.onap.aaf.auth.cm.data.CertResp;
34 import org.onap.aaf.auth.cm.validation.CertmanValidator;
35 import org.onap.aaf.auth.dao.cass.ArtiDAO;
36 import org.onap.aaf.auth.dao.cass.ArtiDAO.Data;
37 import org.onap.aaf.auth.dao.cass.CertDAO;
38 import org.onap.aaf.auth.env.AuthzTrans;
39 import org.onap.aaf.auth.layer.Result;
40 import org.onap.aaf.cadi.util.Vars;
42 import aaf.v2_0.Error;
43 import certman.v1_0.Artifacts;
44 import certman.v1_0.Artifacts.Artifact;
45 import certman.v1_0.BaseRequest;
46 import certman.v1_0.CertInfo;
47 import certman.v1_0.CertificateDrop;
48 import certman.v1_0.CertificateRenew;
49 import certman.v1_0.CertificateRequest;
52 public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
55 public Class<?> getClass(API api) {
57 case CERT_REQ: return CertificateRequest.class;
58 case CERT_RENEW: return CertificateRenew.class;
59 case CERT_DROP: return CertificateDrop.class;
60 case CERT: return CertInfo.class;
61 case ARTIFACTS: return Artifacts.class;
62 case ERROR: return Error.class;
63 case VOID: return Void.class;
68 @SuppressWarnings("unchecked")
70 public <A> A newInstance(API api) {
72 case CERT_REQ: return (A) new CertificateRequest();
73 case CERT_RENEW: return (A) new CertificateRenew();
74 case CERT_DROP: return (A) new CertificateDrop();
75 case CERT: return (A) new CertInfo();
76 case ARTIFACTS: return (A) new Artifacts();
77 case ERROR: return (A)new Error();
78 case VOID: return null;
83 ////////////// Mapping Functions /////////////
85 public Error errorFromMessage(StringBuilder holder, String msgID, String text, Object ... var) {
86 Error err = new Error();
87 err.setMessageId(msgID);
88 // AT&T Restful Error Format requires numbers "%" placements
89 err.setText(Vars.convert(holder, text, var));
90 for (Object s : var) {
91 err.getVariables().add(s.toString());
97 * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
100 public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
102 return Result.err(in);
105 CertResp cin = in.value;
106 CertInfo cout = newInstance(API.CERT);
107 cout.setPrivatekey(cin.privateString());
109 if ((value=cin.challenge())!=null) {
110 cout.setChallenge(value);
112 // In Version 1, Cert is always first
113 cout.getCerts().add(cin.asCertString());
114 // Follow with Trust Chain
115 if (cin.trustChain()!=null) {
116 for (String c : cin.trustChain()) {
118 cout.getCerts().add(c);
123 // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
124 // Certs in keystore versus Truststore. Separate in Version 2_0
125 if (cin.trustCAs()!=null) {
126 for (String c : cin.trustCAs()) {
127 if ((c!=null)&&(!cout.getCerts().contains(c))) {
128 cout.getCerts().add(c);
132 if (cin.notes()!=null) {
133 boolean first = true;
134 StringBuilder sb = new StringBuilder();
135 for (String n : cin.notes()) {
143 cout.setNotes(sb.toString());
145 List<String> caIssuerDNs = cout.getCaIssuerDNs();
146 for (String s : cin.caIssuerDNs()) {
149 cout.setEnv(cin.env());
150 return Result.ok(cout);
155 public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
157 CertInfo cout = newInstance(API.CERT);
158 List<String> certs = cout.getCerts();
159 for (CertDAO.Data cdd : in.value) {
162 return Result.ok(cout);
164 return Result.err(in);
169 * @see com.att.authz.certman.mapper.Mapper#toReq(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
172 public Result<CertReq> toReq(AuthzTrans trans, BaseRequest req) {
173 CertificateRequest in;
175 in = (CertificateRequest)req;
176 } catch (ClassCastException e) {
177 return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
180 CertReq out = new CertReq();
181 CertmanValidator v = new CertmanValidator();
182 out.mechid=in.getMechid();
183 out.fqdns=in.getFqdns();
184 v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid);
185 v.nullBlankMin("FQDNs", out.fqdns,1);
187 return Result.err(Result.ERR_BadData, v.errs());
189 out.emails = in.getEmail();
190 out.sponsor=in.getSponsor();
191 out.start = in.getStart();
192 out.end = in.getEnd();
193 out.fqdns = in.getFqdns();
194 return Result.ok(out);
198 * @see com.att.authz.certman.mapper.Mapper#toRenew(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
201 public Result<CertRenew> toRenew(AuthzTrans trans, BaseRequest req) {
202 return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
206 * @see com.att.authz.certman.mapper.Mapper#toDrop(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
209 public Result<CertDrop> toDrop(AuthzTrans trans, BaseRequest req) {
210 return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
214 * @see org.onap.aaf.auth.cm.mapper.Mapper#toArtifact(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
217 public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
218 List<ArtiDAO.Data> ladd = new ArrayList<>();
219 for (Artifact arti : artifacts.getArtifact()) {
220 ArtiDAO.Data data = new ArtiDAO.Data();
221 data.mechid = trim(arti.getMechid());
222 data.machine = trim(arti.getMachine());
223 if(arti.getType()!=null) {
224 Set<String> ss = data.type(true);
225 for(String t : arti.getType()) {
229 data.ca = trim(arti.getCa());
230 data.dir = trim(arti.getDir());
231 data.os_user = trim(arti.getOsUser());
232 // Optional (on way in)
233 data.ns = trim(arti.getNs());
234 data.renewDays = arti.getRenewDays();
235 data.notify = trim(arti.getNotification());
237 // Ignored on way in for create/update
238 data.sponsor = (arti.getSponsor());
239 if(arti.getSans()!=null) {
240 Set<String> ls = data.sans(true);
241 for(String t : arti.getSans()) {
252 * @see org.onap.aaf.auth.cm.mapper.Mapper#fromArtifacts(org.onap.aaf.auth.layer.test.Result)
255 public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
256 if (lArtiDAO.isOK()) {
257 Artifacts artis = new Artifacts();
258 for (ArtiDAO.Data arti : lArtiDAO.value) {
259 Artifact a = new Artifact();
260 a.setMechid(trim(arti.mechid));
261 a.setMachine(trim(arti.machine));
262 a.setSponsor(trim(arti.sponsor));
263 a.setNs(trim(arti.ns));
264 a.setCa(trim(arti.ca));
265 a.setDir(trim(arti.dir));
266 for(String t : arti.type(false)) {
267 a.getType().add(trim(t));
269 a.setOsUser(trim(arti.os_user));
270 a.setRenewDays(arti.renewDays);
271 a.setNotification(trim(arti.notify));
272 for(String t : arti.sans(false)) {
273 a.getSans().add(trim(t));
275 artis.getArtifact().add(a);
277 return Result.ok(artis);
279 return Result.err(lArtiDAO);
285 private String trim(String s) {