X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Faaf%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Faaf%2Fv2_0%2FAAFCon.java;h=3b97883b4f3694b1238313ce93ead4d58917def5;hb=07fb3ece74a9aa1fad8e2a9fab73b4de3e36853b;hp=b66443681b308968bc58a05a1540d1c43187a683;hpb=7e966914050e66219689001ff4ab601a49eef0ac;p=aaf%2Fauthz.git diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index b6644368..3b97883b 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -22,11 +22,13 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.net.URI; +import java.net.UnknownHostException; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import org.onap.aaf.cadi.AbsUserCache; import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.CadiWrap; import org.onap.aaf.cadi.Connector; @@ -41,6 +43,7 @@ import org.onap.aaf.cadi.client.Future; import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.config.RegistrationPropHolder; import org.onap.aaf.cadi.config.SecurityInfoC; import org.onap.aaf.cadi.lur.EpiLur; import org.onap.aaf.cadi.principal.BasicPrincipal; @@ -53,6 +56,7 @@ import org.onap.aaf.misc.rosetta.env.RosettaDF; import org.onap.aaf.misc.rosetta.env.RosettaEnv; import aaf.v2_0.Certs; +import aaf.v2_0.CredRequest; import aaf.v2_0.Error; import aaf.v2_0.Perms; import aaf.v2_0.Users; @@ -66,59 +70,19 @@ public abstract class AAFCon implements Connector { final public RosettaDF permsDF; final public RosettaDF certsDF; final public RosettaDF usersDF; + final public RosettaDF credReqDF; final public RosettaDF errDF; private String realm; public final String app; + protected final String apiVersion; protected SecurityInfoC si; private AAFLurPerm lur; final public RosettaEnv env; - protected abstract URI initURI(); - protected abstract void setInitURI(String uriString) throws CadiException; - /* - protected abstract SecuritySetter bestSS(SecurityInfoC si) throws CadiException; - */ - - /** - * Use this call to get the appropriate client based on configuration (HTTP, future) - * - * @param apiVersion - * @return - * @throws CadiException - */ - public Rcli client(String apiVersion) throws CadiException { - Rcli client = clients.get(apiVersion); - if (client==null) { - client = rclient(initURI(),si.defSS); - client.apiVersion(apiVersion) - .readTimeout(connTimeout); - clients.put(apiVersion, client); - } - return client; - } - - public Rcli client(URI uri) throws CadiException { - return rclient(uri,si.defSS).readTimeout(connTimeout); - } - - /** - * Use this API when you have permission to have your call act as the end client's ID. - * - * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given. - * - * @param apiVersion - * @param req - * @return - * @throws CadiException - */ - public Rcli clientAs(String apiVersion, TaggedPrincipal p) throws CadiException { - Rcli cl = client(apiVersion); - return cl.forUser(transferSS(p)); - } - protected AAFCon(AAFCon copy) { access = copy.access; + apiVersion = access.getProperty(Config.AAF_API_VERSION, Config.AAF_DEFAULT_API_VERSION); timeout = copy.timeout; cleanInterval = copy.cleanInterval; connTimeout = copy.connTimeout; @@ -128,14 +92,15 @@ public abstract class AAFCon implements Connector { permsDF = copy.permsDF; certsDF = copy.certsDF; usersDF = copy.usersDF; + credReqDF = copy.credReqDF; errDF = copy.errDF; app = copy.app; si = copy.si; env = copy.env; realm = copy.realm; } - protected AAFCon(Access access, String tag, SecurityInfoC si) throws CadiException{ + apiVersion = access.getProperty(Config.AAF_API_VERSION, Config.AAF_DEFAULT_API_VERSION); if (tag==null) { throw new CadiException("AAFCon cannot be constructed without a property tag or URL"); } else { @@ -147,6 +112,13 @@ public abstract class AAFCon implements Connector { throw new CadiException("A URL or " + tag + " property is required."); } } + try { + RegistrationPropHolder rph = new RegistrationPropHolder(access, 0); + str = rph.replacements("AAFCon",str, null,null); + } catch (UnknownHostException e) { + throw new CadiException(e); + } + access.printf(Level.INFO, "AAFCon has URL of %s",str); setInitURI(str); } try { @@ -157,42 +129,46 @@ public abstract class AAFCon implements Connector { if (mechid==null) { mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null); } - String encpass = access.getProperty(Config.AAF_APPPASS, null); - if (encpass==null) { - encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null); - } - if (encpass==null) { - String alias = access.getProperty(Config.CADI_ALIAS, mechid); - if (alias==null) { - access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID); - set(si.defSS); - } else { - si.defSS=x509Alias(alias); - set(si.defSS); - } + String alias = access.getProperty(Config.CADI_ALIAS, null); + if(alias != null) { + si.defSS=x509Alias(alias); + set(si.defSS); } else { - if (mechid!=null) { - si.defSS=basicAuth(mechid, encpass); - set(si.defSS); + + String encpass = access.getProperty(Config.AAF_APPPASS, null); + if (encpass==null) { + encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null); + } + + if (encpass==null) { + if (alias==null) { + access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID); + set(si.defSS); + } } else { - si.defSS=new SecuritySetter() { - - @Override - public String getID() { - return ""; - } - - @Override - public void setSecurity(CLIENT client) throws CadiException { - throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)"); - } - - @Override - public int setLastResponse(int respCode) { - return 0; - } - }; - set(si.defSS); + if (mechid!=null) { + si.defSS=basicAuth(mechid, encpass); + set(si.defSS); + } else { + si.defSS=new SecuritySetter() { + + @Override + public String getID() { + return ""; + } + + @Override + public void setSecurity(CLIENT client) throws CadiException { + throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)"); + } + + @Override + public int setLastResponse(int respCode) { + return 0; + } + }; + set(si.defSS); + } } } } @@ -213,11 +189,82 @@ public abstract class AAFCon implements Connector { usersDF = env.newDataFactory(Users.class); certsDF = env.newDataFactory(Certs.class); certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling + credReqDF = env.newDataFactory(CredRequest.class); errDF = env.newDataFactory(Error.class); } catch (APIException e) { throw new CadiException("AAFCon cannot be configured",e); } } + protected abstract URI initURI(); + protected abstract void setInitURI(String uriString) throws CadiException; + + public final String aafVersion() { + return apiVersion; + } + + /** + * Use this call to get the appropriate client based on configuration (HTTP, future) + * using default AAF API Version + * + * @param apiVersion + * @return + * @throws CadiException + */ + public Rcli client() throws CadiException { + return client(apiVersion); + } + + /** + * Use this call to get the appropriate client based on configuration (HTTP, future) + * + * @param apiVersion + * @return + * @throws CadiException + */ + public Rcli client(final String apiVersion) throws CadiException { + Rcli client = clients.get(apiVersion); + if (client==null) { + client = rclient(initURI(),si.defSS); + client.apiVersion(apiVersion) + .readTimeout(connTimeout); + clients.put(apiVersion, client); + } + return client; + } + + public Rcli client(URI uri) throws CadiException { + return rclient(uri,si.defSS).readTimeout(connTimeout); + } + + /** + * Use this API when you have permission to have your call act as the end client's ID. + * + * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given. + * + * @param apiVersion + * @param req + * @return + * @throws CadiException + */ + public Rcli clientAs(TaggedPrincipal p) throws CadiException { + return clientAs(apiVersion,p); + } + + /** + * Use this API when you have permission to have your call act as the end client's ID. + * + * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given. + * + * @param apiVersion + * @param req + * @return + * @throws CadiException + */ + public Rcli clientAs(String apiVersion, TaggedPrincipal p) throws CadiException { + Rcli cl = client(apiVersion); + return cl.forUser(transferSS(p)); + } + public RosettaEnv env() { return env;