1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.authz.cm.api;
\r
26 import javax.servlet.http.HttpServletRequest;
\r
27 import javax.servlet.http.HttpServletResponse;
\r
29 import com.att.aft.dme2.internal.jetty.http.HttpStatus;
\r
30 import com.att.authz.cm.ca.CA;
\r
31 import com.att.authz.cm.mapper.Mapper.API;
\r
32 import com.att.authz.cm.service.CertManAPI;
\r
33 import com.att.authz.cm.service.Code;
\r
34 import com.att.authz.env.AuthzTrans;
\r
35 import com.att.authz.layer.Result;
\r
36 import com.att.cssa.rserv.HttpMethods;
\r
37 import com.att.inno.env.Slot;
\r
38 import com.att.inno.env.TransStore;
\r
41 * API Apis.. using Redirect for mechanism
\r
45 public class API_Cert {
\r
46 public static final String CERT_AUTH = "CertAuthority";
\r
47 private static Slot sCertAuth;
\r
50 * Normal Init level APIs
\r
56 public static void init(final CertManAPI cmAPI) throws Exception {
\r
57 // Check for Created Certificate Authorities in TRANS
\r
58 sCertAuth = ((TransStore) cmAPI.env).slot(CERT_AUTH);
\r
63 cmAPI.route(HttpMethods.PUT,"/cert/:ca",API.CERT_REQ,new Code(cmAPI,"Request Certificate") {
\r
65 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
\r
66 String key = pathParam(req, ":ca");
\r
68 if((ca = cmAPI.getCA(key))==null) {
\r
69 context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
\r
71 trans.put(sCertAuth, ca);
\r
73 Result<Void> r = context.requestCert(trans, req, resp, req.getParameter("withTrust")!=null);
\r
75 resp.setStatus(HttpStatus.OK_200);
\r
77 context.error(trans,resp,r);
\r
86 cmAPI.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(cmAPI,"Check Permission") {
\r
88 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
\r
89 Result<Void> r = context.check(trans, resp, pathParam(req,"perm"));
\r
91 resp.setStatus(HttpStatus.OK_200);
\r
93 trans.checkpoint(r.errorString());
\r
94 context.error(trans,resp,Result.err(Result.ERR_Denied,"%s does not have Permission.",trans.user()));
\r