--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aai\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * Copyright © 2017 Amdocs\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package com.att.authz.cm.api;\r
+\r
+import javax.servlet.http.HttpServletRequest;\r
+import javax.servlet.http.HttpServletResponse;\r
+\r
+import com.att.aft.dme2.internal.jetty.http.HttpStatus;\r
+import com.att.authz.cm.ca.CA;\r
+import com.att.authz.cm.mapper.Mapper.API;\r
+import com.att.authz.cm.service.CertManAPI;\r
+import com.att.authz.cm.service.Code;\r
+import com.att.authz.env.AuthzTrans;\r
+import com.att.authz.layer.Result;\r
+import com.att.cssa.rserv.HttpMethods;\r
+import com.att.inno.env.Slot;\r
+import com.att.inno.env.TransStore;\r
+\r
+/**\r
+ * API Apis.. using Redirect for mechanism\r
+ * \r
+ *\r
+ */\r
+public class API_Cert {\r
+ public static final String CERT_AUTH = "CertAuthority";\r
+ private static Slot sCertAuth;\r
+\r
+ /**\r
+ * Normal Init level APIs\r
+ * \r
+ * @param cmAPI\r
+ * @param facade\r
+ * @throws Exception\r
+ */\r
+ public static void init(final CertManAPI cmAPI) throws Exception {\r
+ // Check for Created Certificate Authorities in TRANS\r
+ sCertAuth = ((TransStore) cmAPI.env).slot(CERT_AUTH);\r
+ \r
+ ////////\r
+ // Overall APIs\r
+ ///////\r
+ cmAPI.route(HttpMethods.PUT,"/cert/:ca",API.CERT_REQ,new Code(cmAPI,"Request Certificate") {\r
+ @Override\r
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {\r
+ String key = pathParam(req, ":ca");\r
+ CA ca;\r
+ if((ca = cmAPI.getCA(key))==null) {\r
+ context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);\r
+ } else {\r
+ trans.put(sCertAuth, ca);\r
+ \r
+ Result<Void> r = context.requestCert(trans, req, resp, req.getParameter("withTrust")!=null);\r
+ if(r.isOK()) {\r
+ resp.setStatus(HttpStatus.OK_200);\r
+ } else {\r
+ context.error(trans,resp,r);\r
+ }\r
+ }\r
+ }\r
+ });\r
+ \r
+ /**\r
+ * \r
+ */\r
+ cmAPI.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(cmAPI,"Check Permission") {\r
+ @Override\r
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {\r
+ Result<Void> r = context.check(trans, resp, pathParam(req,"perm"));\r
+ if(r.isOK()) {\r
+ resp.setStatus(HttpStatus.OK_200);\r
+ } else {\r
+ trans.checkpoint(r.errorString());\r
+ context.error(trans,resp,Result.err(Result.ERR_Denied,"%s does not have Permission.",trans.user()));\r
+ }\r
+ }\r
+ });\r
+\r
+ }\r
+}\r
Code Review / aaf / authz.git / blobdiff