X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-certman%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fcm%2FAAF_CM.java;h=024d9f96594b038a80e976680ecc7151e86791ff;hb=be1edcb6830745015f5de72e820f40f36dd571ad;hp=d80b085b3ff317da234d5a90e2bd69787404366f;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java index d80b085b..024d9f96 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java @@ -3,13 +3,14 @@ * org.onap.aaf * =========================================================================== * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * Modifications Copyright (C) 2019 IBM. * =========================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -23,6 +24,7 @@ package org.onap.aaf.auth.cm; import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; import java.util.Map; import java.util.Map.Entry; import java.util.TreeMap; @@ -39,6 +41,7 @@ import org.onap.aaf.auth.cm.facade.FacadeFactory; import org.onap.aaf.auth.cm.mapper.Mapper.API; import org.onap.aaf.auth.cm.service.CMService; import org.onap.aaf.auth.cm.service.Code; +import org.onap.aaf.auth.cm.validation.CertmanValidator; import org.onap.aaf.auth.dao.CassAccess; import org.onap.aaf.auth.dao.cass.LocateDAO; import org.onap.aaf.auth.direct.DirectLocatorCreator; @@ -71,24 +74,30 @@ import com.datastax.driver.core.Cluster; public class AAF_CM extends AbsService { private static final String USER_PERMS = "userPerms"; + private static final String CM_ALLOW_TMP = "cm_allow_tmp"; private static final Map certAuths = new TreeMap<>(); - public Facade1_0 facade1_0; // this is the default Facade - public Facade1_0 facade1_0_XML; // this is the XML Facade - public Map cacheUser; - public AAFAuthn aafAuthn; - public AAFLurPerm aafLurPerm; - final public Cluster cluster; + public static Facade1_0 facade1_0; // this is the default Facade + public static Facade1_0 facade1_0_XML; // this is the XML Facade + public static Map cacheUser; + public static AAFAuthn aafAuthn; + public static AAFLurPerm aafLurPerm; + public final Cluster cluster; public final LocateDAO locateDAO; + public static AuthzEnv envLog; + CMService service; - + //Added for junits + public CMService getService() { + return null; + } /** * Construct AuthzAPI with all the Context Supporting Routes that Authz needs - * + * * @param env - * @param si - * @param dm - * @param decryptor - * @throws APIException + * @param si + * @param dm + * @param decryptor + * @throws APIException */ public AAF_CM(AuthzEnv env) throws Exception { super(env.access(),env); @@ -96,11 +105,18 @@ public class AAF_CM extends AbsService { // Note: If you need both Authn and Authz construct the following: aafAuthn = aafCon().newAuthn(aafLurPerm); - String aaf_env = env.getProperty(Config.AAF_ENV); - if(aaf_env==null) { + String aafEnv = env.getProperty(Config.AAF_ENV); + if (aafEnv==null) { throw new APIException("aaf_env needs to be set"); } + // Check for allowing /tmp in Properties + String allowTmp = env.getProperty(CM_ALLOW_TMP); + if("true".equalsIgnoreCase(allowTmp)) { + CertmanValidator.allowTmp(); + } + + // Initialize Facade for all uses AuthzTrans trans = env.newTrans(); @@ -112,17 +128,16 @@ public class AAF_CM extends AbsService { // Load Supported Certificate Authorities by property // Note: Some will be dynamic Properties, so we need to look through all - for(Entry es : env.access().getProperties().entrySet()) { + for (Entry es : env.access().getProperties().entrySet()) { String key = es.getKey().toString(); - if(key.startsWith(CA.CM_CA_PREFIX)) { + if (key.startsWith(CA.CM_CA_PREFIX)) { int idx = key.indexOf('.'); - if(idx==key.lastIndexOf('.')) { // else it's a regular property - + if (idx==key.lastIndexOf('.')) { // else it's a regular property env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1)); String[] segs = Split.split(',', env.getProperty(key)); - if(segs.length>0) { + if (segs.length>0) { String[][] multiParams = new String[segs.length-1][]; - for(int i=0;i { Object pinst[] = new Object[4]; pinst[0]=env; pinst[1]= key.substring(idx+1); - pinst[2]= aaf_env; - pinst[3] = multiParams; - CA ca = cons.newInstance(pinst); - certAuths.put(ca.getName(),ca); + pinst[2]= aafEnv; + pinst[3] = multiParams; + try { + CA ca = cons.newInstance(pinst); + certAuths.put(ca.getName(),ca); + } catch (InvocationTargetException e) { + if(e.getLocalizedMessage()==null) { + access.log((Exception)e.getTargetException(), "Loading", segs[0]); + } else { + access.log(e, "Loading", segs[0]); + } + } } } } } - if(certAuths.size()==0) { + if (certAuths.size()==0) { throw new APIException("No Certificate Authorities have been configured in CertMan"); } - CMService service = new CMService(trans, this); + service = getService(); + if(service == null) { + service = new CMService(trans, this); + } // note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade - facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML); + facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML); synchronized(env) { - if(cacheUser == null) { + if (cacheUser == null) { cacheUser = Cache.obtain(USER_PERMS); Cache.startCleansing(env, USER_PERMS); } @@ -173,18 +199,19 @@ public class AAF_CM extends AbsService { return certAuths.get(key); } + /** * Setup XML and JSON implementations for each supported Version type - * + * * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties * to do Versions and Content switches - * + * */ public void route(HttpMethods meth, String path, API api, Code code) throws Exception { String version = "1.0"; // Get Correct API Class from Mapper - Class respCls = facade1_0.mapper().getClass(api); - if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); + Class respCls = facade1_0.mapper().getClass(api); + if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); // setup Application API HTML ContentTypes for JSON and Route String application = applicationJSON(respCls, version); route(env,meth,path,code,application,"application/json;version="+version,"*/*"); @@ -196,7 +223,7 @@ public class AAF_CM extends AbsService { // Add other Supported APIs here as created } - public void routeAll(HttpMethods meth, String path, API api, Code code) throws Exception { + public void routeAll(HttpMethods meth, String path, API api, Code code) { route(env,meth,path,code,""); // this will always match } @@ -217,10 +244,11 @@ public class AAF_CM extends AbsService { @Override public Registrant[] registrants(final int port) throws CadiException, LocatorException { return new Registrant[] { - new DirectRegistrar(access,locateDAO,app_name,app_version,port) + new DirectRegistrar(access,locateDAO,port) }; } - + + @Override public void destroy() { Cache.stopTimer(); locateDAO.close(env.newTransNoAvg()); @@ -231,12 +259,15 @@ public class AAF_CM extends AbsService { try { Log4JLogIt logIt = new Log4JLogIt(args, "cm"); PropAccess propAccess = new PropAccess(logIt,args); - - AAF_CM service = new AAF_CM(new AuthzEnv(propAccess)); - JettyServiceStarter jss = new JettyServiceStarter(service); - jss.start(); - } catch (Exception e) { - e.printStackTrace(); + try { + new JettyServiceStarter( + new AAF_CM(new AuthzEnv(propAccess)),true) + .start(); + } catch (Exception e) { + propAccess.log(e); + } + } catch (APIException e) { + e.printStackTrace(System.err); } } }