import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
-import org.onap.dmaap.dbcapi.util.DmaapConfig;
public class AafServiceImpl extends BaseLoggingClass implements AafService {
- public enum ServiceType {
- AAF_Admin,
- AAF_TopicMgr
- }
- private AafConnection aaf;
- private AafService.ServiceType ctype;
- private String aafURL;
+ private String aafUrl;
private String identity;
- private boolean useAAF = false;
-
-
- public String getIdentity() {
- return identity;
- }
+ private boolean useAAF;
+ private AafConnection aafConnection;
-
- public void setIdentity(String identity) {
+ AafServiceImpl(boolean useAaf, String aafUrl, String identity, AafConnection aafConnection) {
+ this.useAAF = useAaf;
+ this.aafUrl = aafUrl;
this.identity = identity;
+ this.aafConnection = aafConnection;
}
-
- private String getCred(boolean wPwd) {
- String mechIdProperty = null;
- String pwdProperty = null;
- DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
- AafDecrypt decryptor = new AafDecrypt();
-
- if (ctype == AafService.ServiceType.AAF_Admin) {
- mechIdProperty = "aaf.AdminUser";
- pwdProperty = "aaf.AdminPassword";
- } else if (ctype == AafService.ServiceType.AAF_TopicMgr) {
- mechIdProperty = "aaf.TopicMgrUser";
- pwdProperty = "aaf.TopicMgrPassword";
- } else {
- logger.error("Unexpected case for AAF credential type: " + ctype);
- return null;
- }
- identity = p.getProperty(mechIdProperty, "noMechId@domain.netset.com");
-
- String pwd = "";
- String encPwd = p.getProperty(pwdProperty, "notSet");
-
-
- pwd = decryptor.decrypt(encPwd);
-
- if (wPwd) {
- return identity + ":" + pwd;
- } else {
- return identity;
- }
-
-
- }
-
-
- public AafServiceImpl(AafService.ServiceType t) {
- DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
- aafURL = p.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
- initAafService(t);
- }
-
- public AafServiceImpl(AafService.ServiceType t, String url) {
- aafURL = url;
- initAafService(t);
- }
-
- private void initAafService(AafService.ServiceType t) {
- DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
- useAAF = "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
- logger.info("AafService initAafService: useAAF=" + useAAF);
-
- ctype = t;
- aaf = new AafConnection(getCred(true));
+ @Override
+ public String getIdentity() {
+ return identity;
}
+ @Override
public int addPerm(DmaapPerm perm) {
logger.info("entry: addPerm() ");
return doPost(perm, "authz/perm", 201);
return 200;
}
+ @Override
public int addGrant(DmaapGrant grant) {
logger.info("entry: addGrant() ");
return doPost(grant, "authz/role/perm", 201);
}
+ @Override
public int addUserRole(AafUserRole ur) {
logger.info("entry: addUserRole() ");
return doPost(ur, "authz/userRole", 201);
}
+ @Override
public int delGrant(DmaapGrant grant) {
- int rc = -1;
logger.info("entry: delGrant() ");
-
- String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
-
- if (useAAF) {
- rc = aaf.delAaf(grant, pURL);
- } else {
- rc = 200;
- }
- switch (rc) {
- case 401:
- case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
- System.exit(1);
- break;
-
- case 404:
- logger.warn("Perm not found...ignore");
- break;
-
- case 200:
- logger.info("expected response");
- break;
- default:
- logger.error("Unexpected response: " + rc);
- break;
- }
-
- return rc;
+ return doDelete(grant, "authz/role/:" + grant.getRole() + "/perm", 200);
}
+ @Override
public int addRole(AafRole role) {
logger.info("entry: addRole() ");
return doPost(role, "authz/role", 201);
}
-
+ @Override
public int addNamespace(AafNamespace ns) {
logger.info("entry: addNamespace() ");
return doPost(ns, "authz/ns", 201);
return 200;
}
-
private int doPost(AafObject obj, String uri, int expect) {
- int rc = -1;
+ int rc;
logger.info("entry: doPost() ");
- String pURL = aafURL + uri;
+ String pURL = aafUrl + uri;
logger.info("doPost: useAAF=" + useAAF);
if (useAAF) {
logger.info("doPost: " + obj.toJSON());
- rc = aaf.postAaf(obj, pURL);
+ rc = aafConnection.postAaf(obj, pURL);
} else {
rc = expect;
}
switch (rc) {
case 401:
case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
- System.exit(1);
+ errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity);
+ break;
case 409:
logger.warn("Object for " + uri + " already exists. Possible conflict.");
break;
-
-
default:
if (rc == expect) {
logger.info("expected response: " + rc);
return rc;
}
+
+ private int doDelete(AafObject obj, String uri, int expect) {
+ int rc;
+ String pURL = aafUrl + uri;
+ if (useAAF) {
+ logger.info("doDelete: " + obj.toJSON());
+ rc = aafConnection.delAaf(obj, pURL);
+ } else {
+ rc = expect;
+ }
+ switch (rc) {
+ case 401:
+ case 403:
+ errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity);
+ break;
+ case 404:
+ logger.warn("Object not found...ignore");
+ break;
+ case 200:
+ logger.info("expected response");
+ break;
+ default:
+ logger.error("Unexpected response: " + rc);
+ break;
+ }
+
+ return rc;
+ }
+
+ String getAafUrl() {
+ return aafUrl;
+ }
+
+ boolean isUseAAF() {
+ return useAAF;
+ }
+
}
\ No newline at end of file