Code Review / aaf / authz.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Update Fixes from testing
[aaf/authz.git] / auth / auth-cass / src / main / java / org / onap / aaf / auth / dao / cass / CredDAO.java
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
index 7674c7e..7140188 100644 (file)
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
@@ -26,6 +26,7 @@ import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
 import java.nio.ByteBuffer;
+import java.security.SecureRandom;
 import java.util.Date;
 import java.util.List;
 
@@ -52,14 +53,18 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
     public static final String TABLE = "cred";
     public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
     public static final int RAW = -1;
+    public static final int NONE = 0;
+    public static final int FQI = 10;
     public static final int BASIC_AUTH = 1;
     public static final int BASIC_AUTH_SHA256 = 2;
     public static final int CERT_SHA256_RSA =200;
+    public static final SecureRandom srand = new SecureRandom();
     
     private HistoryDAO historyDAO;
     private CIDAO<AuthzTrans> infoDAO;
     private PSInfo psNS;
     private PSInfo psID;
+    private PSInfo psIDBath;
     
     public CredDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
         super(trans, CredDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
@@ -78,11 +83,12 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
         
         public String                   id;
         public Integer                  type;
-        public Date                      expires;
-        public Integer                    other;
-        public String                    ns;
+        public Date                     expires;
+        public Integer                  other;
+        public String                   ns;
+        public String                    tag;
         public String                    notes;
-        public ByteBuffer                cred;  //   this is a blob in cassandra
+        public ByteBuffer               cred;  //   this is a blob in cassandra
 
 
         @Override
@@ -109,9 +115,9 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
         }
     }
 
-    private static class CredLoader extends Loader<Data> implements Streamer<Data>{
+    public static class CredLoader extends Loader<Data> implements Streamer<Data>{
         public static final int MAGIC=153323443;
-        public static final int VERSION=1;
+        public static final int VERSION=2;
         public static final int BUFF_SIZE=48; // Note: 
 
         public static final CredLoader deflt = new CredLoader(KEYLIMIT);
@@ -126,14 +132,15 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
             data.expires = row.getTimestamp(2);
             data.other = row.getInt(3);
             data.ns = row.getString(4);     
-            data.notes = row.getString(5);
-            data.cred = row.getBytesUnsafe(6);            
+            data.tag = row.getString(5);
+            data.notes = row.getString(6);
+            data.cred = row.getBytesUnsafe(7);            
             return data;
         }
 
         @Override
         protected void key(Data data, int _idx, Object[] obj) {
-        int idx = _idx;
+            int idx = _idx;
 
             obj[idx] = data.id;
             obj[++idx] = data.type;
@@ -145,6 +152,7 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
             int i;
             obj[i=idx] = data.other;
             obj[++i] = data.ns;
+            obj[++i] = data.tag;
             obj[++i] = data.notes;
             obj[++i] = data.cred;
         }
@@ -157,6 +165,7 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
             os.writeLong(data.expires==null?-1:data.expires.getTime());
             os.writeInt(data.other==null?0:data.other);
             writeString(os, data.ns);
+            writeString(os, data.tag);
             writeString(os, data.notes);
             if (data.cred==null) {
                 os.writeInt(-1);
@@ -179,6 +188,7 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
             data.expires = l<0?null:new Date(l);
             data.other = is.readInt();
             data.ns = readString(is,buff);
+            data.tag = readString(is,buff);
             data.notes = readString(is,buff);
             
             int i = is.readInt();
@@ -210,8 +220,33 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
         
         psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
                 " WHERE id = ?", CredLoader.deflt,readConsistency);
+        
+        // NOTE: (type) in ((1),(2)) is valid for Cass 2.1.14.  After 2.1.14, more obvious
+        // syntax of type in (1,2) is available
+        // ALSO, 1 & 2 STAND FOR BASIC_AUTH (MD5) AND BASIC_AUTH_SHA256(with salt).
+        // If more Basic Auth Protocols become available, add here but do NOT
+        // add X509, and there can be man Certs, and we don't need to read them every time, or
+        // as discovered, or provide CASS Outage due to too many Certs to read.
+        psIDBath = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+                " WHERE id = ? and (type) in ((1),(2))", CredLoader.deflt,readConsistency);
     }
     
+    /* (non-Javadoc)
+     * @see org.onap.aaf.auth.dao.CassDAOImpl#create(org.onap.aaf.misc.env.TransStore, java.lang.Object)
+     */
+    @Override
+    public Result<Data> create(AuthzTrans trans, Data data) {
+        if(data.tag == null) {
+            if(data.type==0) {
+                data.tag="PlaceHolder";
+            } else {
+                long l = srand.nextLong();
+                data.tag = Long.toHexString(l);
+            }
+        }
+        return super.create(trans, data);
+    }
+
     public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
         return psNS.read(trans, R_TEXT, new Object[]{ns});
     }
@@ -220,6 +255,10 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
         return psID.read(trans, R_TEXT, new Object[]{id});
     }
     
+    public Result<List<Data>> readIDBAth(AuthzTrans trans, String id) {
+        return psIDBath.read(trans, R_TEXT, new Object[] {id});
+    }
+
     /**
      * Log Modification statements to History
      *
@@ -240,6 +279,16 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
         hd.memo = memo
                 ? String.format("%s by %s", override[0], hd.user)
                 : (modified.name() + "d credential for " + data.id);
+        String spacer = ": ";
+        if(data.notes!=null) {
+            hd.memo+=spacer + data.notes;
+            spacer = ", ";
+        }
+
+        if(data.tag!=null) {
+            hd.memo+=spacer + data.tag;
+        }
+
         // Detail?
            if (modified==CRUD.delete) {
                     try {
ARCHIVED- 2022-02-15 at the request of the project