package org.onap.aaf.auth.cm;
import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
import java.util.Map;
import java.util.Map.Entry;
import java.util.TreeMap;
import org.onap.aaf.auth.cm.mapper.Mapper.API;
import org.onap.aaf.auth.cm.service.CMService;
import org.onap.aaf.auth.cm.service.Code;
+import org.onap.aaf.auth.cm.validation.CertmanValidator;
import org.onap.aaf.auth.dao.CassAccess;
import org.onap.aaf.auth.dao.cass.LocateDAO;
import org.onap.aaf.auth.direct.DirectLocatorCreator;
public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
private static final String USER_PERMS = "userPerms";
+ private static final String CM_ALLOW_TMP = "cm_allow_tmp";
private static final Map<String,CA> certAuths = new TreeMap<>();
- public Facade1_0 facade1_0; // this is the default Facade
- public Facade1_0 facade1_0_XML; // this is the XML Facade
- public Map<String, Dated> cacheUser;
- public AAFAuthn<?> aafAuthn;
- public AAFLurPerm aafLurPerm;
- final public Cluster cluster;
+ public static Facade1_0 facade1_0; // this is the default Facade
+ public static Facade1_0 facade1_0_XML; // this is the XML Facade
+ public static Map<String, Dated> cacheUser;
+ public static AAFAuthn<?> aafAuthn;
+ public static AAFLurPerm aafLurPerm;
+ public final Cluster cluster;
public final LocateDAO locateDAO;
+ public static AuthzEnv envLog;
+ CMService service;
-
+ //Added for junits
+ public CMService getService() {
+ return null;
+ }
/**
* Construct AuthzAPI with all the Context Supporting Routes that Authz needs
*
// Note: If you need both Authn and Authz construct the following:
aafAuthn = aafCon().newAuthn(aafLurPerm);
- String aaf_env = env.getProperty(Config.AAF_ENV);
- if(aaf_env==null) {
+ String aafEnv = env.getProperty(Config.AAF_ENV);
+ if (aafEnv==null) {
throw new APIException("aaf_env needs to be set");
}
+
+ // Check for allowing /tmp in Properties
+ String allowTmp = env.getProperty(CM_ALLOW_TMP);
+ if("true".equalsIgnoreCase(allowTmp)) {
+ CertmanValidator.allowTmp();
+ }
+
// Initialize Facade for all uses
AuthzTrans trans = env.newTrans();
// Load Supported Certificate Authorities by property
// Note: Some will be dynamic Properties, so we need to look through all
- for(Entry<Object, Object> es : env.access().getProperties().entrySet()) {
+ for (Entry<Object, Object> es : env.access().getProperties().entrySet()) {
String key = es.getKey().toString();
- if(key.startsWith(CA.CM_CA_PREFIX)) {
+ if (key.startsWith(CA.CM_CA_PREFIX)) {
int idx = key.indexOf('.');
- if(idx==key.lastIndexOf('.')) { // else it's a regular property
-
+ if (idx==key.lastIndexOf('.')) { // else it's a regular property
env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1));
String[] segs = Split.split(',', env.getProperty(key));
- if(segs.length>0) {
+ if (segs.length>0) {
String[][] multiParams = new String[segs.length-1][];
- for(int i=0;i<multiParams.length;++i) {
+ for (int i=0;i<multiParams.length;++i) {
multiParams[i]=Split.split(';',segs[1+i]);
}
@SuppressWarnings("unchecked")
Object pinst[] = new Object[4];
pinst[0]=env;
pinst[1]= key.substring(idx+1);
- pinst[2]= aaf_env;
+ pinst[2]= aafEnv;
pinst[3] = multiParams;
- CA ca = cons.newInstance(pinst);
- certAuths.put(ca.getName(),ca);
+ try {
+ CA ca = cons.newInstance(pinst);
+ certAuths.put(ca.getName(),ca);
+ } catch (InvocationTargetException e) {
+ access.log(e, "Loading", segs[0]);
+ }
}
}
}
}
- if(certAuths.size()==0) {
+ if (certAuths.size()==0) {
throw new APIException("No Certificate Authorities have been configured in CertMan");
}
- CMService service = new CMService(trans, this);
+ service = getService();
+ if(service == null) {
+ service = new CMService(trans, this);
+ }
// note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor
facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade
facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML);
synchronized(env) {
- if(cacheUser == null) {
+ if (cacheUser == null) {
cacheUser = Cache.obtain(USER_PERMS);
Cache.startCleansing(env, USER_PERMS);
}
public CA getCA(String key) {
return certAuths.get(key);
}
+
/**
* Setup XML and JSON implementations for each supported Version type
String version = "1.0";
// Get Correct API Class from Mapper
Class<?> respCls = facade1_0.mapper().getClass(api);
- if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
+ if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
// setup Application API HTML ContentTypes for JSON and Route
String application = applicationJSON(respCls, version);
route(env,meth,path,code,application,"application/json;version="+version,"*/*");
@Override
public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
return new Registrant[] {
- new DirectRegistrar(access,locateDAO,app_name,app_version,port)
+ new DirectRegistrar(access,locateDAO,port)
};
}
try {
Log4JLogIt logIt = new Log4JLogIt(args, "cm");
PropAccess propAccess = new PropAccess(logIt,args);
-
- AAF_CM service = new AAF_CM(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
+ try {
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_CM(new AuthzEnv(propAccess)),true)
+ .start();
+ } catch (Exception e) {
+ propAccess.log(e);
+ }
+ } catch (APIException e) {
+ e.printStackTrace(System.err);
}
}
}
Code Review / aaf / authz.git / blobdiff