import java.io.DataOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
+import java.security.SecureRandom;
import java.util.Date;
import java.util.List;
public static final String TABLE = "cred";
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
public static final int RAW = -1;
+ public static final int NONE = 0;
+ public static final int FQI = 10;
public static final int BASIC_AUTH = 1;
public static final int BASIC_AUTH_SHA256 = 2;
public static final int CERT_SHA256_RSA =200;
+ public static final SecureRandom srand = new SecureRandom();
private HistoryDAO historyDAO;
private CIDAO<AuthzTrans> infoDAO;
private PSInfo psNS;
private PSInfo psID;
+ private PSInfo psIDBath;
public CredDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
super(trans, CredDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
public String id;
public Integer type;
- public Date expires;
- public Integer other;
- public String ns;
+ public Date expires;
+ public Integer other;
+ public String ns;
+ public String tag;
public String notes;
- public ByteBuffer cred; // this is a blob in cassandra
+ public ByteBuffer cred; // this is a blob in cassandra
@Override
}
}
- private static class CredLoader extends Loader<Data> implements Streamer<Data>{
+ public static class CredLoader extends Loader<Data> implements Streamer<Data>{
public static final int MAGIC=153323443;
- public static final int VERSION=1;
+ public static final int VERSION=2;
public static final int BUFF_SIZE=48; // Note:
public static final CredLoader deflt = new CredLoader(KEYLIMIT);
data.expires = row.getTimestamp(2);
data.other = row.getInt(3);
data.ns = row.getString(4);
- data.notes = row.getString(5);
- data.cred = row.getBytesUnsafe(6);
+ data.tag = row.getString(5);
+ data.notes = row.getString(6);
+ data.cred = row.getBytesUnsafe(7);
return data;
}
@Override
protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
+ int idx = _idx;
obj[idx] = data.id;
obj[++idx] = data.type;
int i;
obj[i=idx] = data.other;
obj[++i] = data.ns;
+ obj[++i] = data.tag;
obj[++i] = data.notes;
obj[++i] = data.cred;
}
os.writeLong(data.expires==null?-1:data.expires.getTime());
os.writeInt(data.other==null?0:data.other);
writeString(os, data.ns);
+ writeString(os, data.tag);
writeString(os, data.notes);
if (data.cred==null) {
os.writeInt(-1);
data.expires = l<0?null:new Date(l);
data.other = is.readInt();
data.ns = readString(is,buff);
+ data.tag = readString(is,buff);
data.notes = readString(is,buff);
int i = is.readInt();
psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
" WHERE id = ?", CredLoader.deflt,readConsistency);
+
+ // NOTE: (type) in ((1),(2)) is valid for Cass 2.1.14. After 2.1.14, more obvious
+ // syntax of type in (1,2) is available
+ // ALSO, 1 & 2 STAND FOR BASIC_AUTH (MD5) AND BASIC_AUTH_SHA256(with salt).
+ // If more Basic Auth Protocols become available, add here but do NOT
+ // add X509, and there can be man Certs, and we don't need to read them every time, or
+ // as discovered, or provide CASS Outage due to too many Certs to read.
+ psIDBath = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE id = ? and (type) in ((1),(2))", CredLoader.deflt,readConsistency);
}
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.dao.CassDAOImpl#create(org.onap.aaf.misc.env.TransStore, java.lang.Object)
+ */
+ @Override
+ public Result<Data> create(AuthzTrans trans, Data data) {
+ if(data.tag == null) {
+ if(data.type==0) {
+ data.tag="PlaceHolder";
+ } else {
+ long l = srand.nextLong();
+ data.tag = Long.toHexString(l);
+ }
+ }
+ return super.create(trans, data);
+ }
+
public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
return psNS.read(trans, R_TEXT, new Object[]{ns});
}
return psID.read(trans, R_TEXT, new Object[]{id});
}
+ public Result<List<Data>> readIDBAth(AuthzTrans trans, String id) {
+ return psIDBath.read(trans, R_TEXT, new Object[] {id});
+ }
+
/**
* Log Modification statements to History
*
hd.memo = memo
? String.format("%s by %s", override[0], hd.user)
: (modified.name() + "d credential for " + data.id);
+ String spacer = ": ";
+ if(data.notes!=null) {
+ hd.memo+=spacer + data.notes;
+ spacer = ", ";
+ }
+
+ if(data.tag!=null) {
+ hd.memo+=spacer + data.tag;
+ }
+
// Detail?
if (modified==CRUD.delete) {
try {