1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package org.onap.aaf.authz.server;
\r
25 import java.io.IOException;
\r
26 import java.io.InputStream;
\r
27 import java.lang.reflect.Constructor;
\r
28 import java.net.URL;
\r
29 import java.security.GeneralSecurityException;
\r
30 import java.security.Principal;
\r
31 import java.util.Properties;
\r
33 import javax.net.ssl.SSLContext;
\r
34 import javax.net.ssl.SSLSocketFactory;
\r
36 import org.onap.aaf.authz.common.Define;
\r
37 import org.onap.aaf.authz.env.AuthzEnv;
\r
38 import org.onap.aaf.authz.env.AuthzTrans;
\r
39 import org.onap.aaf.cssa.rserv.RServlet;
\r
41 import org.onap.aaf.cadi.CadiException;
\r
42 import org.onap.aaf.cadi.LocatorException;
\r
43 //import org.onap.aaf.cadi.PropAccess;
\r
44 import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
\r
45 import org.onap.aaf.cadi.client.Rcli;
\r
46 import org.onap.aaf.cadi.client.Retryable;
\r
47 import org.onap.aaf.cadi.config.Config;
\r
48 import org.onap.aaf.cadi.http.HTransferSS;
\r
49 import org.onap.aaf.inno.env.APIException;
\r
51 public abstract class AbsServer extends RServlet<AuthzTrans> {
\r
52 private static final String AAF_API_VERSION = "2.0";
\r
53 public final String app;
\r
54 public final AuthzEnv env;
\r
55 public AAFConHttp aafCon;
\r
57 public AbsServer(final AuthzEnv env, final String app) throws CadiException, GeneralSecurityException, IOException {
\r
60 if(env.getProperty(Config.AAF_URL)!=null) {
\r
61 //aafCon = new AAFConHttp(env);
\r
65 // This is a method, so we can overload for AAFAPI
\r
66 public String aaf_url() {
\r
67 return env.getProperty(Config.AAF_URL);
\r
70 public abstract void startDME2(Properties props) throws Exception;
\r
71 public static void setup(Class<?> abss, String propFile) {
\r
74 // Load Properties from authFramework.properties. Needed for DME2 and AuthzEnv
\r
75 Properties props = new Properties();
\r
76 URL rsrc = ClassLoader.getSystemResource(propFile);
\r
78 System.err.println("Folder containing " + propFile + " must be on Classpath");
\r
82 InputStream is = rsrc.openStream();
\r
90 // Load Properties into AuthzEnv
\r
91 AuthzEnv env = new AuthzEnv(props);
\r
92 // Log where Config found
\r
93 env.init().log("Configuring from",rsrc.getPath());
\r
96 // Print Cipher Suites Available
\r
97 if(env.debug().isLoggable()) {
\r
98 SSLContext context = SSLContext.getDefault();
\r
99 SSLSocketFactory sf = context.getSocketFactory();
\r
100 StringBuilder sb = new StringBuilder("Available Cipher Suites: ");
\r
101 boolean first = true;
\r
103 for( String cs : sf.getSupportedCipherSuites()) {
\r
104 if(first)first = false;
\r
105 else sb.append(',');
\r
107 if(++count%4==0){sb.append('\n');}
\r
109 env.debug().log(sb);
\r
112 // Set ROOT NS, etc
\r
115 // Convert CADI properties and Encrypted Passwords for these two properties (if exist)
\r
116 // to DME2 Readable. Further, Discovery Props are loaded to System if missing.
\r
117 // May be causing client errors
\r
118 //Config.cadiToDME2(env,props);
\r
119 env.init().log("DME2 ServiceName: " + env.getProperty("DMEServiceName","unknown"));
\r
121 // Construct with Env
\r
122 Constructor<?> cons = abss.getConstructor(new Class<?>[] {AuthzEnv.class});
\r
123 // Start DME2 (DME2 needs Properties form of props)
\r
124 AbsServer s = (AbsServer)cons.newInstance(env);
\r
126 // Schedule removal of Clear Text Passwords from System Props (DME2 Requirement)
\r
127 // new Timer("PassRemove").schedule(tt, 120000);
\r
130 s.startDME2(props);
\r
131 } catch (Exception e) {
\r
132 e.printStackTrace(System.err);
\r
137 public Rcli<?> client() throws CadiException {
\r
138 return aafCon.client(AAF_API_VERSION);
\r
141 public Rcli<?> clientAsUser(Principal p) throws CadiException {
\r
142 return aafCon.client(AAF_API_VERSION).forUser(
\r
143 new HTransferSS(p,app, aafCon.securityInfo()));
\r
146 public<RET> RET clientAsUser(Principal p,Retryable<RET> retryable) throws APIException, LocatorException, CadiException {
\r
147 return aafCon.hman().best(new HTransferSS(p,app, aafCon.securityInfo()), retryable);
\r