X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-cass%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fdao%2Fcass%2FCredDAO.java;h=9a47e576290d101c4b2e2d57d3b55768fb5816ff;hb=628b7105ce4d9818aac69a082e515f9275fd46fd;hp=46dc12bf9f5b3c8c8f02f80ce097bd71da30bf5a;hpb=71037c39a37d3549dcfe31926832a657744fbe05;p=aaf%2Fauthz.git diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java index 46dc12bf..9a47e576 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java @@ -26,6 +26,7 @@ import java.io.DataInputStream; import java.io.DataOutputStream; import java.io.IOException; import java.nio.ByteBuffer; +import java.security.SecureRandom; import java.util.Date; import java.util.List; @@ -51,16 +52,17 @@ import com.datastax.driver.core.Row; public class CredDAO extends CassDAOImpl { public static final String TABLE = "cred"; public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F - public static final int RAW = -1; + public static final int RAW = -1; public static final int BASIC_AUTH = 1; public static final int BASIC_AUTH_SHA256 = 2; public static final int CERT_SHA256_RSA =200; + public static final SecureRandom srand = new SecureRandom(); private HistoryDAO historyDAO; - private CIDAO infoDAO; - private PSInfo psNS; - private PSInfo psID; - + private CIDAO infoDAO; + private PSInfo psNS; + private PSInfo psID; + public CredDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException { super(trans, CredDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE)); init(trans); @@ -74,66 +76,66 @@ public class CredDAO extends CassDAOImpl { } public static final int KEYLIMIT = 3; - public static class Data extends CacheableData implements Bytification { - - public String id; - public Integer type; - public Date expires; - public Integer other; - public String ns; - public String notes; - public ByteBuffer cred; // this is a blob in cassandra + public static class Data extends CacheableData implements Bytification { + + public String id; + public Integer type; + public Date expires; + public Integer other; + public String ns; + public String tag; + public ByteBuffer cred; // this is a blob in cassandra @Override - public int[] invalidate(Cached cache) { - return new int[] { - seg(cache,id) // cache is for all entities - }; - } + public int[] invalidate(Cached cache) { + return new int[] { + seg(cache,id) // cache is for all entities + }; + } - @Override - public ByteBuffer bytify() throws IOException { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - CredLoader.deflt.marshal(this,new DataOutputStream(baos)); - return ByteBuffer.wrap(baos.toByteArray()); - } - - @Override - public void reconstitute(ByteBuffer bb) throws IOException { - CredLoader.deflt.unmarshal(this, toDIS(bb)); - } + @Override + public ByteBuffer bytify() throws IOException { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + CredLoader.deflt.marshal(this,new DataOutputStream(baos)); + return ByteBuffer.wrap(baos.toByteArray()); + } + + @Override + public void reconstitute(ByteBuffer bb) throws IOException { + CredLoader.deflt.unmarshal(this, toDIS(bb)); + } - public String toString() { - return id + ' ' + type + ' ' + Chrono.dateTime(expires); - } + public String toString() { + return id + ' ' + type + ' ' + Chrono.dateTime(expires); + } } private static class CredLoader extends Loader implements Streamer{ - public static final int MAGIC=153323443; - public static final int VERSION=1; - public static final int BUFF_SIZE=48; // Note: + public static final int MAGIC=153323443; + public static final int VERSION=2; + public static final int BUFF_SIZE=48; // Note: - public static final CredLoader deflt = new CredLoader(KEYLIMIT); - public CredLoader(int keylimit) { + public static final CredLoader deflt = new CredLoader(KEYLIMIT); + public CredLoader(int keylimit) { super(keylimit); } - @Override + @Override public Data load(Data data, Row row) { data.id = row.getString(0); data.type = row.getInt(1); // NOTE: in datastax driver, If the int value is NULL, 0 is returned! data.expires = row.getTimestamp(2); data.other = row.getInt(3); data.ns = row.getString(4); - data.notes = row.getString(5); + data.tag = row.getString(5); data.cred = row.getBytesUnsafe(6); return data; } @Override protected void key(Data data, int _idx, Object[] obj) { - int idx = _idx; + int idx = _idx; obj[idx] = data.id; obj[++idx] = data.type; @@ -145,80 +147,93 @@ public class CredDAO extends CassDAOImpl { int i; obj[i=idx] = data.other; obj[++i] = data.ns; - obj[++i] = data.notes; + obj[++i] = data.tag; obj[++i] = data.cred; } - @Override - public void marshal(Data data, DataOutputStream os) throws IOException { - writeHeader(os,MAGIC,VERSION); - writeString(os, data.id); - os.writeInt(data.type); - os.writeLong(data.expires==null?-1:data.expires.getTime()); - os.writeInt(data.other==null?0:data.other); - writeString(os, data.ns); - writeString(os, data.notes); - if(data.cred==null) { - os.writeInt(-1); - } else { - int l = data.cred.limit()-data.cred.position(); - os.writeInt(l); - os.write(data.cred.array(),data.cred.position(),l); - } - } + @Override + public void marshal(Data data, DataOutputStream os) throws IOException { + writeHeader(os,MAGIC,VERSION); + writeString(os, data.id); + os.writeInt(data.type); + os.writeLong(data.expires==null?-1:data.expires.getTime()); + os.writeInt(data.other==null?0:data.other); + writeString(os, data.ns); + writeString(os, data.tag); + if (data.cred==null) { + os.writeInt(-1); + } else { + int l = data.cred.limit()-data.cred.position(); + os.writeInt(l); + os.write(data.cred.array(),data.cred.position(),l); + } + } - @Override - public void unmarshal(Data data, DataInputStream is) throws IOException { - /*int version = */readHeader(is,MAGIC,VERSION); - // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields - byte[] buff = new byte[BUFF_SIZE]; - data.id = readString(is,buff); - data.type = is.readInt(); - - long l = is.readLong(); - data.expires = l<0?null:new Date(l); - data.other = is.readInt(); - data.ns = readString(is,buff); - data.notes = readString(is,buff); - - int i = is.readInt(); - if(i<0) { - data.cred=null; - } else { - byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads - is.read(bytes); - data.cred = ByteBuffer.wrap(bytes); - } - } + @Override + public void unmarshal(Data data, DataInputStream is) throws IOException { + /*int version = */readHeader(is,MAGIC,VERSION); + // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields + byte[] buff = new byte[BUFF_SIZE]; + data.id = readString(is,buff); + data.type = is.readInt(); + + long l = is.readLong(); + data.expires = l<0?null:new Date(l); + data.other = is.readInt(); + data.ns = readString(is,buff); + data.tag = readString(is,buff); + + int i = is.readInt(); + data.cred=null; + if (i>=0) { + byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads + int read = is.read(bytes); + if (read>0) { + data.cred = ByteBuffer.wrap(bytes); + } + } + } } private void init(AuthzTrans trans) throws APIException, IOException { // Set up sub-DAOs - if(historyDAO==null) { - historyDAO = new HistoryDAO(trans,this); + if (historyDAO==null) { + historyDAO = new HistoryDAO(trans,this); } - if(infoDAO==null) { - infoDAO = new CacheInfoDAO(trans,this); - } - + if (infoDAO==null) { + infoDAO = new CacheInfoDAO(trans,this); + } + - String[] helpers = setCRUD(trans, TABLE, Data.class, CredLoader.deflt); - - psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE + - " WHERE ns = ?", CredLoader.deflt,readConsistency); - - psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE + - " WHERE id = ?", CredLoader.deflt,readConsistency); + String[] helpers = setCRUD(trans, TABLE, Data.class, CredLoader.deflt); + + psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE + + " WHERE ns = ?", CredLoader.deflt,readConsistency); + + psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE + + " WHERE id = ?", CredLoader.deflt,readConsistency); } - public Result> readNS(AuthzTrans trans, String ns) { - return psNS.read(trans, R_TEXT, new Object[]{ns}); - } - - public Result> readID(AuthzTrans trans, String id) { - return psID.read(trans, R_TEXT, new Object[]{id}); + /* (non-Javadoc) + * @see org.onap.aaf.auth.dao.CassDAOImpl#create(org.onap.aaf.misc.env.TransStore, java.lang.Object) + */ + @Override + public Result create(AuthzTrans trans, Data data) { + if(data.tag == null) { + long l = srand.nextLong(); + data.tag = Long.toHexString(l); + } + return super.create(trans, data); } - + + public Result> readNS(AuthzTrans trans, String ns) { + return psNS.read(trans, R_TEXT, new Object[]{ns}); + } + + public Result> readID(AuthzTrans trans, String id) { + return psID.read(trans, R_TEXT, new Object[]{id}); + } + /** * Log Modification statements to History * @@ -228,8 +243,8 @@ public class CredDAO extends CassDAOImpl { */ @Override protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) { - boolean memo = override.length>0 && override[0]!=null; - boolean subject = override.length>1 && override[1]!=null; + boolean memo = override.length>0 && override[0]!=null; + boolean subject = override.length>1 && override[1]!=null; HistoryDAO.Data hd = HistoryDAO.newInitedData(); hd.user = trans.user(); @@ -240,19 +255,19 @@ public class CredDAO extends CassDAOImpl { ? String.format("%s by %s", override[0], hd.user) : (modified.name() + "d credential for " + data.id); // Detail? - if(modified==CRUD.delete) { - try { - hd.reconstruct = data.bytify(); - } catch (IOException e) { - trans.error().log(e,"Could not serialize CredDAO.Data"); - } - } + if (modified==CRUD.delete) { + try { + hd.reconstruct = data.bytify(); + } catch (IOException e) { + trans.error().log(e,"Could not serialize CredDAO.Data"); + } + } - if(historyDAO.create(trans, hd).status!=Status.OK) { - trans.error().log("Cannot log to History"); + if (historyDAO.create(trans, hd).status!=Status.OK) { + trans.error().log("Cannot log to History"); } - if(infoDAO.touch(trans, TABLE,data.invalidate(cache)).status!=Status.OK) { - trans.error().log("Cannot touch Cred"); + if (infoDAO.touch(trans, TABLE,data.invalidate(cache)).status!=Status.OK) { + trans.error().log("Cannot touch Cred"); } } }