// Package access
final public int timeout, cleanInterval, connTimeout;
final public int highCount, userExpires, usageRefreshTriggerCount;
- private Map<String,Rcli<CLIENT>> clients = new ConcurrentHashMap<String,Rcli<CLIENT>>();
+ private Map<String,Rcli<CLIENT>> clients = new ConcurrentHashMap<>();
final public RosettaDF<Perms> permsDF;
final public RosettaDF<Certs> certsDF;
final public RosettaDF<Users> usersDF;
final public RosettaDF<Error> errDF;
private String realm;
public final String app;
- protected SecuritySetter<CLIENT> ss;
protected SecurityInfoC<CLIENT> si;
private AAFLurPerm lur;
final public RosettaEnv env;
protected abstract URI initURI();
protected abstract void setInitURI(String uriString) throws CadiException;
-
+ protected abstract SecuritySetter<CLIENT> bestSS(SecurityInfoC<CLIENT> si) throws CadiException;
+
/**
* Use this call to get the appropriate client based on configuration (HTTP, future)
*
public Rcli<CLIENT> client(String apiVersion) throws CadiException {
Rcli<CLIENT> client = clients.get(apiVersion);
if(client==null) {
- client = rclient(initURI(),ss);
+ client = rclient(initURI(),si.defSS);
client.apiVersion(apiVersion)
.readTimeout(connTimeout);
clients.put(apiVersion, client);
}
public Rcli<CLIENT> client(URI uri) throws CadiException {
- return rclient(uri,ss).readTimeout(connTimeout);
+ return rclient(uri,si.defSS).readTimeout(connTimeout);
}
/**
usersDF = copy.usersDF;
errDF = copy.errDF;
app = copy.app;
- ss = copy.ss;
si = copy.si;
env = copy.env;
realm = copy.realm;
if(tag==null) {
throw new CadiException("AAFCon cannot be constructed without a property tag or URL");
} else {
+ si.defSS = bestSS(si);
String str = access.getProperty(tag,null);
if(str==null) {
if(tag.contains("://")) { // assume a URL
try {
this.access = access;
this.si = si;
- this.ss = si.defSS;
- if(ss.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one
+ if(si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one
String mechid = access.getProperty(Config.AAF_APPID, null);
if(mechid==null) {
mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null);
access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID);
set(si.defSS);
} else {
- set(si.defSS=x509Alias(alias));
+ si.defSS=x509Alias(alias);
+ set(si.defSS);
}
} else {
- if(mechid!=null && encpass !=null) {
- set(si.defSS=basicAuth(mechid, encpass));
+ if(mechid!=null) {
+ si.defSS=basicAuth(mechid, encpass);
+ set(si.defSS);
} else {
- set(si.defSS=new SecuritySetter<CLIENT>() {
-
+ si.defSS=new SecuritySetter<CLIENT>() {
+
@Override
public String getID() {
return "";
}
-
+
@Override
public void setSecurity(CLIENT client) throws CadiException {
throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
public int setLastResponse(int respCode) {
return 0;
}
- });
+ };
+ set(si.defSS);
}
}
}
userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim());
usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based
- app=FQI.reverseDomain(ss.getID());
+ app=FQI.reverseDomain(si.defSS.getID());
//TODO Get Realm from AAF
- realm="csp.att.com";
+ realm="people.osaaf.org";
env = new RosettaEnv();
permsDF = env.newDataFactory(Perms.class);
public AAFAuthn<CLIENT> newAuthn() throws APIException {
try {
- return new AAFAuthn<CLIENT>(this);
- } catch (APIException e) {
- throw e;
+ return new AAFAuthn<>(this);
} catch (Exception e) {
throw new APIException(e);
}
}
public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> c) {
- return new AAFAuthn<CLIENT>(this,c);
+ return new AAFAuthn<>(this, c);
}
public AAFLurPerm newLur() throws CadiException {
try {
if(lur==null) {
- return (lur = new AAFLurPerm(this));
+ lur = new AAFLurPerm(this);
+ return lur;
} else {
return new AAFLurPerm(this,lur);
}
public abstract Rcli<CLIENT> rclient(Locator<URI> loc, SecuritySetter<CLIENT> ss) throws CadiException;
public Rcli<CLIENT> client(Locator<URI> locator) throws CadiException {
- return rclient(locator,ss);
+ return rclient(locator,si.defSS);
}
public abstract<RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException;
}
public SecuritySetter<CLIENT> set(final SecuritySetter<CLIENT> ss) {
- this.ss = ss;
+ si.set(ss);
for(Rcli<CLIENT> client : clients.values()) {
client.setSecuritySetter(ss);
}
}
public String defID() {
- if(ss!=null) {
- return ss.getID();
+ if(si!=null) {
+ return si.defSS.getID();
}
return "unknown";
}
Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject();
return Vars.convert(err.getText(),err.getVariables());
} catch (APIException e){
- // just return the body below
+ access.log(e);
}
}
return text;
}
- public static AAFCon<?> newInstance(PropAccess pa) throws APIException, CadiException, LocatorException {
+ public static AAFCon<?> newInstance(PropAccess pa) throws CadiException, LocatorException {
// Potentially add plugin for other kinds of Access
return new AAFConHttp(pa);
}
Code Review / aaf / authz.git / blobdiff