X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-certman%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fcm%2Ffacade%2FFacadeImpl.java;h=f381a9e8f748c2b813b9b166723ce07ac467f402;hb=6309ef454e6960d95d13534645e1f15904de6862;hp=310ea8b25a53ad21f9efdfab5540fdef682630e4;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git

diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
index 310ea8b2..f381a9e8 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
@@ -3,6 +3,7 @@
  * org.onap.aaf
  * ===========================================================================
  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * Modifications Copyright (C) 2019 IBM.
  * ===========================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -96,7 +97,6 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
     private final RosettaDF<ARTIFACTS>    artiDF;
     private Mapper<REQ, CERT, ARTIFACTS, ERROR>     mapper;
 //    private Slot sCertAuth;
-    private AAF_CM certman;
     private final String voidResp;
 
     public FacadeImpl(AAF_CM certman,
@@ -105,7 +105,6 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
                       Data.TYPE dataType) throws APIException {
         this.service = service;
         this.mapper = mapper;
-        this.certman = certman;
         AuthzEnv env = certman.env;
         //TODO: Gabe [JUnit] Static issue, talk to Jonathan
         (errDF                 = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType);
@@ -115,7 +114,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
         (certDF             = env.newDataFactory(mapper.getClass(API.CERT))).in(dataType).out(dataType);
         (artiDF             = env.newDataFactory(mapper.getClass(API.ARTIFACTS))).in(dataType).out(dataType);
 //        sCertAuth = env.slot(API_Cert.CERT_AUTH);
-        if(artiDF.getOutType().name().contains("xml")) {
+        if (artiDF.getOutType().name().contains("xml")) {
             voidResp = "application/Void+xml;charset=utf-8;version=1.0,application/xml;version=1.0,*/*";
         } else {
             voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*";
@@ -135,11 +134,11 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
     public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
         error(trans, response, result.status,
                 result.details==null?"":result.details.trim(),
-                result.variables==null?new String[0]:result.variables);
+                result.variables==null?Result.EMPTY_VARS:result.variables);
     }
         
     @Override
-    public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final String ... _detail) {
+    public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final Object ... _detail) {
         String msgId;
         String prefix;
         boolean hidemsg=false;
@@ -206,7 +205,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
                     "] " +
                     holder.toString(),
                     Env.ALWAYS);
-            if(hidemsg) {
+            if (hidemsg) {
                 holder.setLength(0);
                 em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
             }
@@ -231,7 +230,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             default:
                 return Result.err(Result.ERR_BadData,"Invalid Perm String");
         }
-        if(certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
+        if (AAF_CM.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
             resp.setContentType(voidResp);
             resp.getOutputStream().write(0);
             return Result.ok();
@@ -253,28 +252,25 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             try {
                 Data<REQ> rd = certRequestDF.newData().load(req.getInputStream());
                 request = rd.asObject();
-            } catch(APIException e) {
+            } catch (APIException e) {
                 trans.error().log("Invalid Input",IN,REQUEST_CERT);
                 return Result.err(Result.ERR_BadData,"Invalid Input");
             }
             
             Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca);
-            if(rcr.notOK()) {
+            if (rcr.notOK()) {
                 return Result.err(rcr);
             }
             
-//            CA certAuth = trans.get(sCertAuth,null);
             Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
-            switch(rc.status) {
-                case OK: 
-                    RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
-                    data.to(resp.getOutputStream());
-    
-                    setContentType(resp,certDF.getOutType());
-                    return Result.ok();
-                default:
-                    return Result.err(rc);
+            if (rc.status == OK) {
+                RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+                data.to(resp.getOutputStream());
+
+                setContentType(resp, certDF.getOutType());
+                return Result.ok();
             }
+            return Result.err(rc);
 
         } catch (Exception e) {
             trans.error().log(e,IN,REQUEST_CERT);
@@ -289,100 +285,9 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
      */
     @Override
     public Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) {
-        return Result.err(Result.ERR_NotImplemented,"not implemented yet");
-//        Result<CertResp> rcr = service.requestPersonalCert(trans,ca);
-//        if(rcr.notOK()) {
-//            return Result.err(rcr);
-//        } else {
-//            try {
-//                resp.setContentType("application/zip, application/octet-stream");
-//                ZipOutputStream zos = new ZipOutputStream(resp.getOutputStream());
-//                PrintStream ps = new PrintStream(zos);
-//                ZipEntry ze = new ZipEntry(trans.user()+".key");
-//                zos.putNextEntry(ze);
-//                ps.print(rcr.value.privateString());
-//                zos.closeEntry();
-//
-//                zos.putNextEntry(new ZipEntry(trans.user()+".crt"));
-//                ps.print(rcr.value.asCertString());
-//                zos.closeEntry();
-//                
-//                String wt;
-//                if((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) {
-//                    zos.putNextEntry(new ZipEntry(trans.user()+".trustCrts"));
-//                    for(String s : ca.getTrustChain()) {
-//                        ps.println(s);
-//                    }
-//                    zos.closeEntry();
-//                }
-//                
-//                boolean withJKS = (wt=req.getParameter("withJKS"))!=null || TRUE.equalsIgnoreCase(wt);
-//                if(withJKS) {
-//                    if(trans.getUserPrincipal() instanceof BasicPrincipal) {
-//                        char[] cap = new String(((BasicPrincipal)trans.getUserPrincipal()).getCred()).toCharArray();
-//                        KeyStore ks = keystore(trans, rcr.value, ca.getTrustChain(), trans.user(), cap);
-//                        zos.putNextEntry(new ZipEntry(trans.user()+".jks"));
-//                        ks.store(zos, cap);
-//                        zos.closeEntry();
-//                    }
-//                }
-//                
-//                zos.putNextEntry(new ZipEntry("cert_deploy.sh"));
-//                ps.println("# Deploy Certificate to ~/.aaf");
-//                ps.println("if [ \"$1\" = \"\" ]; then echo \"sh deploy.sh <zipfile>\";exit; else chmod 700 $HOME/.aaf; fi");
-//                ps.println("chmod 600 $1");
-//                ps.println("if [ ! -e $HOME/.aaf ]; then mkdir -m 700 $HOME/.aaf; fi");
-//                ps.println("THE_PWD=`pwd`");
-//                ps.println("cd $HOME/.aaf");
-//                ps.println("echo \"Deploying to `pwd`\"");
-//                ps.println("jar -xvf $THE_PWD/$1 " + trans.user());
-//                ps.println("chmod 600 " + trans.user() + ".key");
-//                if(withJKS) {
-//                    ps.println("chmod 600 " + trans.user() + ".jks");
-//                }
-//                ps.println("cd $THE_PWD");
-//                ps.println("rm cert_deploy.sh");
-//                zos.closeEntry();
-//                
-//
-//                zos.close();
-//                
-//            } catch (IOException | KeyStoreException | CertificateException | APIException | CertException | NoSuchAlgorithmException e) {
-//                return Result.err(e);
-//            }
-//        }
-//
-//        return Result.ok();
+        return Result.err(Result.ERR_NotImplemented, "not implemented yet");
     }
 
-//    private KeyStore keystore(AuthzTrans trans, CertResp cr, String[] trustChain, String name, char[] cap) throws KeyStoreException, CertificateException, APIException, IOException, CertException, NoSuchAlgorithmException {
-//        KeyStore jks = KeyStore.getInstance("jks");
-//        jks.load(null, cap);
-//        
-//        // Get the Cert(s)... Might include Trust store
-//        List<String> lcerts = new ArrayList<>();
-//        lcerts.add(cr.asCertString());
-//        for(String s : trustChain) {
-//            lcerts.add(s);
-//        }
-//        
-//        Collection<? extends Certificate> certColl = Factory.toX509Certificate(lcerts);
-//        X509Certificate[] certs = new X509Certificate[certColl.size()];
-//        certColl.toArray(certs);
-//        KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(cap);
-//        
-//        PrivateKey pk = Factory.toPrivateKey(trans, cr.privateString());
-//        KeyStore.PrivateKeyEntry pkEntry = 
-//                new KeyStore.PrivateKeyEntry(pk, new Certificate[] {certs[0]});
-//        jks.setEntry(name, pkEntry, protParam);
-//        
-//        int i=0;
-//        for(X509Certificate x509 : certs) {
-//            jks.setCertificateEntry("cert_"+ ++i, x509);
-//        }
-//        return jks;
-//    }
-
     @Override
     public Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust) {
         TimeTaken tt = trans.start(RENEW_CERT, Env.SUB|Env.ALWAYS);
@@ -391,25 +296,22 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             try {
                 Data<REQ> rd = certRenewDF.newData().load(req.getInputStream());
                 request = rd.asObject();
-            } catch(APIException e) {
+            } catch (APIException e) {
                 trans.error().log("Invalid Input",IN,RENEW_CERT);
                 return Result.err(Result.ERR_BadData,"Invalid Input");
             }
             
-//            String certAuth = trans.get(sCertAuth,null);
             Result<CertResp> rcr = service.renewCert(trans,mapper.toRenew(trans,request));
             Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
 
-            switch(rc.status) {
-                case OK: 
-                    RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
-                    data.to(resp.getOutputStream());
+            if (rc.status == OK) {
+                RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+                data.to(resp.getOutputStream());
 
-                    setContentType(resp,certDF.getOutType());
-                    return Result.ok();
-                default:
-                    return Result.err(rc);
+                setContentType(resp, certDF.getOutType());
+                return Result.ok();
             }
+            return Result.err(rc);
         } catch (Exception e) {
             trans.error().log(e,IN,RENEW_CERT);
             return Result.err(e);
@@ -427,19 +329,17 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             try {
                 Data<REQ> rd = certDropDF.newData().load(req.getInputStream());
                 request = rd.asObject();
-            } catch(APIException e) {
+            } catch (APIException e) {
                 trans.error().log("Invalid Input",IN,DROP_CERT);
                 return Result.err(Result.ERR_BadData,"Invalid Input");
             }
             
             Result<Void> rv = service.dropCert(trans,mapper.toDrop(trans, request));
-            switch(rv.status) {
-                case OK: 
-                    setContentType(resp,certRequestDF.getOutType());
-                    return Result.ok();
-                default:
-                    return Result.err(rv);
+            if (rv.status == OK) {
+                setContentType(resp, certRequestDF.getOutType());
+                return Result.ok();
             }
+            return Result.err(rv);
         } catch (Exception e) {
             trans.error().log(e,IN,DROP_CERT);
             return Result.err(e);
@@ -456,16 +356,14 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
         TimeTaken tt = trans.start(READ_CERTS_MECHID, Env.SUB|Env.ALWAYS);
         try {
             Result<CERT> rc = mapper.toCert(trans, service.readCertsByMechID(trans,mechID));
-            switch(rc.status) {
-                case OK: 
-                    RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
-                    data.to(resp.getOutputStream());
-    
-                    setContentType(resp,certDF.getOutType());
-                    return Result.ok();
-                default:
-                    return Result.err(rc);
+            if (rc.status == OK) {
+                RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+                data.to(resp.getOutputStream());
+
+                setContentType(resp, certDF.getOutType());
+                return Result.ok();
             }
+            return Result.err(rc);
         } catch (Exception e) {
             trans.error().log(e,IN,READ_CERTS_MECHID);
             return Result.err(e);
@@ -485,7 +383,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             try {
                 Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
                 arti = rd.asObject();
-            } catch(APIException e) {
+            } catch (APIException e) {
                 trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS);
                 return Result.err(Result.ERR_BadData,"Invalid Input");
             }
@@ -509,23 +407,23 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             String ns = req.getParameter("ns");
             
             Result<ARTIFACTS> ra;
-            if( machine !=null && mechid == null) {
+            if ( machine !=null && mechid == null) {
                 ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine));
-            } else if(mechid!=null && machine==null) {
+            } else if (mechid!=null && machine==null) {
                 ra = mapper.fromArtifacts(service.readArtifactsByMechID(trans, mechid));
-            } else if(mechid!=null && machine!=null) {
+            } else if (mechid!=null && machine!=null) {
                 ArtiDAO.Data add = new ArtiDAO.Data();
                 add.mechid = mechid;
                 add.machine = machine;
                 add.ns = ns;
                 ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
-            } else if(ns!=null) {
+            } else if (ns!=null) {
                 ra = mapper.fromArtifacts(service.readArtifactsByNs(trans, ns));
             } else {
                 ra = Result.err(Status.ERR_BadData,"Invalid request inputs");
             }
             
-            if(ra.isOK()) {
+            if (ra.isOK()) {
                 RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
                 data.to(resp.getOutputStream());
                 setContentType(resp,artiDF.getOutType());
@@ -550,7 +448,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             add.mechid = mechid;
             add.machine = machine;
             Result<ARTIFACTS> ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
-            if(ra.isOK()) {
+            if (ra.isOK()) {
                 RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
                 data.to(resp.getOutputStream());
                 setContentType(resp,artiDF.getOutType());
@@ -575,7 +473,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             try {
                 Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
                 arti = rd.asObject();
-            } catch(APIException e) {
+            } catch (APIException e) {
                 trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS);
                 return Result.err(Result.ERR_BadData,"Invalid Input");
             }
@@ -597,16 +495,15 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
             try {
                 Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
                 arti = rd.asObject();
-            } catch(APIException e) {
+            } catch (APIException e) {
                 trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS);
                 return Result.err(Result.ERR_BadData,"Invalid Input");
             }
             
             Result<Void> rv = service.deleteArtifact(trans,mapper.toArtifact(trans,arti));
-            switch(rv.status) {
-                case OK: 
-                    setContentType(resp,artiDF.getOutType());
-            } 
+            if (rv.status == OK) {
+                setContentType(resp, artiDF.getOutType());
+            }
             return rv;
         } catch (Exception e) {
             trans.error().log(e,IN,DELETE_ARTIFACTS);
@@ -621,10 +518,9 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
         TimeTaken tt = trans.start(DELETE_ARTIFACTS, Env.SUB);
         try {
             Result<Void> rv = service.deleteArtifact(trans, mechid, machine);
-            switch(rv.status) {
-                case OK: 
-                    setContentType(resp,artiDF.getOutType());
-            } 
+            if (rv.status == OK) {
+                setContentType(resp, artiDF.getOutType());
+            }
             return rv;
         } catch (Exception e) {
             trans.error().log(e,IN,DELETE_ARTIFACTS);