* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
package org.onap.dmaap.dbcapi.aaf;
-import java.io.IOException;
-
-import org.apache.log4j.Logger;
-import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
-import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
-import org.onap.dmaap.dbcapi.util.DmaapConfig;
-
-public class AafService extends BaseLoggingClass {
- public enum ServiceType {
- AAF_Admin,
- AAF_TopicMgr
- }
-
- private AafConnection aaf;
- private ServiceType ctype;
- private String aafURL ;
- private boolean useAAF = false;
-
- public AafService() {
- DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
- useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
-
- }
-
- private String getCred( boolean wPwd ) {
- String mechIdProperty = null;
- String pwdProperty = null;
- DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
- AafDecrypt decryptor = new AafDecrypt();
+/*
+ * this service uses the AAF REST API endpoints to provision values in AAF
+ */
+public interface AafService {
+ enum ServiceType {
+ AAF_Admin,
+ AAF_TopicMgr
+ }
- if ( ctype == ServiceType.AAF_Admin ) {
- mechIdProperty = "aaf.AdminUser";
- pwdProperty = "aaf.AdminPassword";
- } else if ( ctype == ServiceType.AAF_TopicMgr ){
- mechIdProperty = "aaf.TopicMgrUser";
- pwdProperty = "aaf.TopicMgrPassword";
- } else {
- logger.error( "Unexpected case for AAF credential type: " + ctype );
- return null;
- }
- String user = p.getProperty( mechIdProperty, "noMechId@domain.netset.com" );
+ String getIdentity();
- String pwd = "";
- String encPwd = p.getProperty( pwdProperty, "notSet" );
+ int addPerm(DmaapPerm perm);
-
- pwd = decryptor.decrypt(encPwd);
-
- if ( wPwd ) {
- return user + ":" + pwd;
- } else {
- return user;
- }
-
-
- }
-
- public AafService(ServiceType t ) {
- DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
- aafURL = p.getProperty( "aaf.URL", "https://authentication.domain.netset.com:8095/proxy/");
- initAafService( t );
- }
- public AafService( ServiceType t, String url ) {
- aafURL = url;
- initAafService( t );
- }
-
- private void initAafService( ServiceType t ) {
- ctype = t;
- aaf = new AafConnection( getCred( true ) );
- }
-
- public int addPerm(DmaapPerm perm) {
+ int delPerm(DmaapPerm perm);
- int rc = -1;
- logger.info( "entry: addPerm() " );
- String pURL = aafURL + "authz/perm";
- if ( useAAF ) {
- rc = aaf.postAaf( perm, pURL );
- } else {
- rc = 201;
- }
- switch( rc ) {
- case 401:
- case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred( false ) );
- System.exit(1);
- case 409:
- logger.warn( "Perm already exists. Possible conflict.");
- break;
-
- case 201:
- logger.info( "expected response" );
- break;
- default :
- logger.error( "Unexpected response: " + rc );
- break;
- }
-
- return rc;
- }
- public int addGrant(DmaapGrant grant ) {
+ int addGrant(DmaapGrant grant);
- int rc = -1;
- logger.info( "entry: addGrant() " );
+ int addUserRole(AafUserRole ur);
- String pURL = aafURL + "authz/role/perm";
- if ( useAAF ) {
- rc = aaf.postAaf( grant, pURL );
- } else {
- rc = 201;
- }
-
- switch( rc ) {
- case 401:
- case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred( false ) );
- System.exit(1);
- break;
+ int delGrant(DmaapGrant grant);
- case 409:
- logger.warn( "Perm already exists. Possible conflict.");
- break;
-
- case 201:
- logger.info( "expected response" );
- break;
- default :
- logger.error( "Unexpected response: " + rc );
- break;
- }
-
- return rc;
- }
+ int addRole(AafRole role);
- public int delGrant( DmaapGrant grant ) {
- int rc = -1;
- logger.info( "entry: delGrant() " );
+ int addNamespace(AafNamespace ns);
- String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
-
- if ( useAAF ) {
- rc = aaf.delAaf( grant, pURL );
- } else {
- rc = 200;
- }
- switch( rc ) {
- case 401:
- case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred( false ) );
- System.exit(1);
- break;
-
- case 404:
- logger.warn( "Perm not found...ignore");
- break;
-
- case 200:
- logger.info( "expected response" );
- break;
- default :
- logger.error( "Unexpected response: " + rc );
- break;
- }
-
- return rc;
- }
+ int delNamespace(AafNamespace ns);
}