import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.cadi.PropAccess;
import org.onap.aaf.cadi.Symm;
import org.onap.aaf.cadi.aaf.Defaults;
+import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
+import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.configure.ArtifactDir;
+import org.onap.aaf.cadi.locator.SingleEndpointLocator;
import org.onap.aaf.cadi.util.MyConsole;
import org.onap.aaf.cadi.util.SubStandardConsole;
import org.onap.aaf.cadi.util.TheConsole;
+import org.onap.aaf.misc.env.APIException;
+import org.onap.aaf.misc.rosetta.env.RosettaDF;
+import org.onap.aaf.misc.rosetta.env.RosettaEnv;
+
+import locate.v1_1.Configuration;
+import locate.v1_1.Configuration.Props;
public class AAFSSO {
public static final MyConsole cons = TheConsole.implemented() ? new TheConsole() : new SubStandardConsole();
System.setErr(os);
sso = new File(dot_aaf, "sso.props");
- if(sso.exists()) {
+ if (sso.exists()) {
InputStream propStream = new FileInputStream(sso);
try {
diskprops.load(propStream);
if (sso.exists()) {
Properties temp = new Properties();
// Keep only these
- for(Entry<Object, Object> es : diskprops.entrySet()) {
- if(Config.CADI_LATITUDE.equals(es.getKey()) ||
+ for (Entry<Object, Object> es : diskprops.entrySet()) {
+ if (Config.CADI_LATITUDE.equals(es.getKey()) ||
Config.CADI_LONGITUDE.equals(es.getKey()) ||
Config.AAF_DEFAULT_REALM.equals(es.getKey())) {
temp.setProperty(es.getKey().toString(), es.getValue().toString());
// Config.setDefaultRealm(access);
if (!dot_aaf_kf.exists()) {
- FileOutputStream fos = new FileOutputStream(dot_aaf_kf);
- try {
- fos.write(Symm.keygen());
- setReadonly(dot_aaf_kf);
- } finally {
- fos.close();
- }
+ // This will create, as required, or reuse
+ ArtifactDir.getSymm(dot_aaf_kf);
}
- for(Entry<Object, Object> es : diskprops.entrySet()) {
+ for (Entry<Object, Object> es : diskprops.entrySet()) {
nargs.add(es.getKey().toString() + '=' + es.getValue().toString());
}
String[] naargs = new String[nargs.size()];
nargs.toArray(naargs);
access = new PropAccess(os, naargs);
- if(loginOnly) {
- for(String tag : new String[] {Config.AAF_APPID, Config.AAF_APPPASS,
+ if (loginOnly) {
+ for (String tag : new String[] {Config.AAF_APPID, Config.AAF_APPPASS,
Config.CADI_ALIAS, Config.CADI_KEYSTORE,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) {
access.getProperties().remove(tag);
diskprops.remove(tag);
touchDiskprops=true;
// TODO Do we want to require reset of Passwords at least every Eight Hours.
// } else if (sso.lastModified() > (System.currentTimeMillis() - EIGHT_HOURS)) {
-// for(String tag : new String[] {Config.AAF_APPPASS,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) {
+// for (String tag : new String[] {Config.AAF_APPPASS,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) {
// access.getProperties().remove(tag);
// diskprops.remove(tag);
// }
String alias, appID;
alias = access.getProperty(Config.CADI_ALIAS);
- if(alias==null) {
+ if (alias==null) {
appID = access.getProperty(Config.AAF_APPID);
user=appID;
} else {
appID=null;
}
- if(appID!=null && access.getProperty(Config.AAF_APPPASS)==null) {
- char[] password = cons.readPassword("Password for %s: ", appID);
- String app_pass = access.encrypt(new String(password));
- access.setProperty(Config.AAF_APPPASS,app_pass);
- diskprops.setProperty(Config.AAF_APPPASS, app_pass);
+ String aaf_container_ns = "";
+ if (appID!=null) {
+ if( access.getProperty(Config.AAF_APPPASS)==null) {
+ appID = user = cons.readLine("Deployer ID [%s]: ", user);
+ access.setProperty(Config.AAF_APPID,appID);
+ char[] password = cons.readPassword("Password for %s: ", user);
+ if(password.length>0) {
+ String app_pass = access.encrypt(new String(password));
+ access.setProperty(Config.AAF_APPPASS,app_pass);
+ diskprops.setProperty(Config.AAF_APPPASS,app_pass);
+ }
+ aaf_container_ns = cons.readLine("Container Namespace (blank if none)? [\"\"]: ", aaf_container_ns);
+ }
+ diskprops.setProperty(Config.AAF_APPID,appID);
}
String keystore=access.getProperty(Config.CADI_KEYSTORE);
String keystore_pass=access.getProperty(Config.CADI_KEYSTORE_PASSWORD);
- if(user==null || (alias!=null && (keystore==null || keystore_pass==null))) {
+ if (user==null || (alias!=null && (keystore==null || keystore_pass==null))) {
String select = null;
String name;
for (File tsf : dot_aaf.listFiles()) {
if (!name.contains("trust") && (name.endsWith(".jks") || name.endsWith(".p12"))) {
setLogDefault();
select = cons.readLine("Use %s for Identity? (y/n): ",tsf.getName());
- if("y".equalsIgnoreCase(select)) {
+ if ("y".equalsIgnoreCase(select)) {
keystore = tsf.getCanonicalPath();
access.setProperty(Config.CADI_KEYSTORE, keystore);
addProp(Config.CADI_KEYSTORE, keystore);
}
}
}
- if(alias==null) {
+ if (alias==null) {
user = appID = cons.readLine(Config.AAF_APPID + ": ");
access.setProperty(Config.AAF_APPID, appID);
addProp(Config.AAF_APPID, appID);
}
} else {
encrypted_pass = access.getProperty(Config.CADI_KEYSTORE_PASSWORD);
- if(encrypted_pass == null) {
+ if (encrypted_pass == null) {
keystore_pass = null;
encrypted_pass = access.getProperty(Config.AAF_APPPASS);
} else {
use_X509 = true;
} else {
use_X509 = false;
- Symm decryptor = Symm.obtain(dot_aaf_kf);
+ Symm decryptor = ArtifactDir.getSymm(dot_aaf_kf);
if (user == null) {
if (sso.exists()) {
- String cm_url = access.getProperty(Config.CM_URL); // SSO might overwrite...
+ String cm_url = access.getProperty(Config.AAF_URL_CM); // SSO might overwrite...
FileInputStream fos = new FileInputStream(sso);
try {
access.load(fos);
access.setProperty(Config.AAF_APPPASS,
access.encrypt(decryptor.depass(encrypted_pass)));
if (cm_url != null) { //Command line CM_URL Overwrites ssofile.
- access.setProperty(Config.CM_URL, cm_url);
+ access.setProperty(Config.AAF_URL_CM, cm_url);
}
} finally {
fos.close();
err.append("-D" + Config.AAF_APPPASS + "=<passwd> ");
}
- String locateUrl = access.getProperty(Config.AAF_LOCATE_URL);
- if(locateUrl==null) {
- locateUrl=AAFSSO.cons.readLine("AAF Locator URL=https://");
- if(locateUrl==null || locateUrl.length()==0) {
- err = new StringBuilder(Config.AAF_LOCATE_URL);
- err.append(" is required.");
- ok = false;
- return;
- } else {
- locateUrl="https://"+locateUrl;
- }
- access.setProperty(Config.AAF_LOCATE_URL, locateUrl);
- addProp(Config.AAF_LOCATE_URL, locateUrl);
- }
-
- access.setProperty(Config.AAF_URL, Defaults.AAF_URL);
- access.setProperty(Config.CM_URL, Defaults.CM_URL);
String cadiLatitude = access.getProperty(Config.CADI_LATITUDE);
- if(cadiLatitude==null) {
+ if (cadiLatitude==null) {
System.out.println("# If you do not know your Global Coordinates, we suggest bing.com/maps");
cadiLatitude=AAFSSO.cons.readLine("cadi_latitude[0.000]=");
- if(cadiLatitude==null || cadiLatitude.isEmpty()) {
+ if (cadiLatitude==null || cadiLatitude.isEmpty()) {
cadiLatitude="0.000";
}
access.setProperty(Config.CADI_LATITUDE, cadiLatitude);
}
String cadiLongitude = access.getProperty(Config.CADI_LONGITUDE);
- if(cadiLongitude==null) {
+ if (cadiLongitude==null) {
cadiLongitude=AAFSSO.cons.readLine("cadi_longitude[0.000]=");
- if(cadiLongitude==null || cadiLongitude.isEmpty()) {
+ if (cadiLongitude==null || cadiLongitude.isEmpty()) {
cadiLongitude="0.000";
}
access.setProperty(Config.CADI_LONGITUDE, cadiLongitude);
}
String cadi_truststore = access.getProperty(Config.CADI_TRUSTSTORE);
- if(cadi_truststore==null) {
+ if (cadi_truststore==null) {
String name;
String select;
for (File tsf : dot_aaf.listFiles()) {
if (name.contains("trust") &&
(name.endsWith(".jks") || name.endsWith(".p12"))) {
select = cons.readLine("Use %s for TrustStore? (y/n):",tsf.getName());
- if("y".equalsIgnoreCase(select)) {
+ if ("y".equalsIgnoreCase(select)) {
cadi_truststore=tsf.getCanonicalPath();
access.setProperty(Config.CADI_TRUSTSTORE, cadi_truststore);
addProp(Config.CADI_TRUSTSTORE, cadi_truststore);
}
}
}
- if(cadi_truststore!=null) {
- if(cadi_truststore.indexOf(File.separatorChar)<0) {
+ if (cadi_truststore!=null) {
+ if (cadi_truststore.indexOf(File.separatorChar)<0) {
cadi_truststore=dot_aaf.getPath()+File.separator+cadi_truststore;
}
String cadi_truststore_password = access.getProperty(Config.CADI_TRUSTSTORE_PASSWORD);
- if(cadi_truststore_password==null) {
+ if (cadi_truststore_password==null) {
cadi_truststore_password=AAFSSO.cons.readLine("cadi_truststore_password[%s]=","changeit");
cadi_truststore_password = access.encrypt(cadi_truststore_password);
access.setProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadi_truststore_password);
}
ok = err==null;
}
+ String locateUrl = Config.getAAFLocateUrl(access);
+ if (locateUrl==null) {
+ locateUrl=AAFSSO.cons.readLine("AAF Locator URL=https://");
+ if (locateUrl==null || locateUrl.length()==0) {
+ err = new StringBuilder(Config.AAF_LOCATE_URL);
+ err.append(" is required.");
+ ok = false;
+ return;
+ } else {
+ locateUrl="https://"+locateUrl;
+ }
+ access.setProperty(Config.AAF_LOCATE_URL, locateUrl);
+ addProp(Config.AAF_LOCATE_URL, locateUrl);
+ try {
+ if(access.getProperty(Config.AAF_URL)==null) {
+ access.setProperty(Config.AAF_URL, Defaults.AAF_ROOT+".service:"+Defaults.AAF_VERSION);
+ }
+ AAFCon<?> aafCon = AAFCon.newInstance(access);
+ Future<Configuration> acf;
+ RosettaDF<Configuration> configDF = new RosettaEnv().newDataFactory(Configuration.class);
+ acf = aafCon.client(new SingleEndpointLocator(locateUrl))
+ .read("/configure/"+user+"/aaf", configDF);
+ if (acf.get(aafCon.connTimeout)) {
+ for(Props p : acf.value.getProps()) {
+ addProp(p.getTag(),p.getValue());
+ if(access.getProperty(p.getTag())==null) {
+ access.setProperty(p.getTag(), p.getValue());
+ }
+ }
+ } else {
+ access.log(Level.INFO,acf.body());
+ }
+ } catch (LocatorException | APIException e) {
+ access.log(e);
+ }
+ }
+
+ final String apiVersion = access.getProperty(Config.AAF_API_VERSION, Config.AAF_DEFAULT_API_VERSION);
+ final String aaf_root_ns = access.getProperty(Config.AAF_ROOT_NS);
+ String locateRoot;
+ if(aaf_root_ns==null) {
+ locateRoot=Defaults.AAF_ROOT;
+ } else {
+ locateRoot = Defaults.AAF_LOCATE_CONST + "/%CNS." + aaf_root_ns;
+ }
+ if(access.getProperty(Config.AAF_URL)==null) {
+ access.setProperty(Config.AAF_URL, locateRoot+".service:"+apiVersion);
+ }
+
writeFiles();
}
}
public void setLogDefault(Level level) {
- if(access!=null) {
+ if (access!=null) {
access.setLogLevel(level);
}
System.setOut(stdOutOrig);
}
public void addProp(String key, String value) {
- if(key==null || value==null) {
+ if (key==null || value==null) {
return;
}
touchDiskprops=true;
}
public void writeFiles() throws IOException {
- if(touchDiskprops) {
+ if (touchDiskprops) {
// Store Creds, if they work
if (diskprops != null) {
if (!dot_aaf.exists()) {
diskprops.store(fos, "AAF Single Signon");
} finally {
fos.close();
- setReadonly(sso);
}
}
if (sso != null) {
Code Review / aaf / authz.git / blobdiff