X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Faaf%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Faaf%2Fv2_0%2FAAFCon.java;h=88333d892a8274cb97917e5cdf5341ba4636a033;hb=861b557b294032f9443ee1fca6b42d7252e92481;hp=40684057aae98d07712cb5223ac9b6de91eb75ff;hpb=3d1706fcbe7f95830ff6fd23cf679ee55c6d0595;p=aaf%2Fauthz.git diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index 40684057..88333d89 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -28,6 +28,7 @@ import java.util.concurrent.ConcurrentHashMap; import org.onap.aaf.cadi.AbsUserCache; import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.CadiWrap; import org.onap.aaf.cadi.Connector; @@ -36,7 +37,6 @@ import org.onap.aaf.cadi.LocatorException; import org.onap.aaf.cadi.Lur; import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.SecuritySetter; -import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.aaf.marshal.CertsMarshal; import org.onap.aaf.cadi.client.Future; @@ -56,6 +56,7 @@ import org.onap.aaf.misc.rosetta.env.RosettaDF; import org.onap.aaf.misc.rosetta.env.RosettaEnv; import aaf.v2_0.Certs; +import aaf.v2_0.CredRequest; import aaf.v2_0.Error; import aaf.v2_0.Perms; import aaf.v2_0.Users; @@ -69,6 +70,7 @@ public abstract class AAFCon implements Connector { final public RosettaDF permsDF; final public RosettaDF certsDF; final public RosettaDF usersDF; + final public RosettaDF credReqDF; final public RosettaDF errDF; private String realm; public final String app; @@ -90,6 +92,7 @@ public abstract class AAFCon implements Connector { permsDF = copy.permsDF; certsDF = copy.certsDF; usersDF = copy.usersDF; + credReqDF = copy.credReqDF; errDF = copy.errDF; app = copy.app; si = copy.si; @@ -131,12 +134,12 @@ public abstract class AAFCon implements Connector { si.defSS=x509Alias(alias); set(si.defSS); } else { - + String encpass = access.getProperty(Config.AAF_APPPASS, null); if (encpass==null) { encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null); } - + if (encpass==null) { if (alias==null) { access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID); @@ -148,17 +151,17 @@ public abstract class AAFCon implements Connector { set(si.defSS); } else { si.defSS=new SecuritySetter() { - + @Override public String getID() { return ""; } - + @Override public void setSecurity(CLIENT client) throws CadiException { throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)"); } - + @Override public int setLastResponse(int respCode) { return 0; @@ -169,23 +172,23 @@ public abstract class AAFCon implements Connector { } } } - + timeout = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT, Config.AAF_CALL_TIMEOUT_DEF)); cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)); highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim()); connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim()); userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim()); usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based - + app=FQI.reverseDomain(si.defSS.getID()); - //TODO Get Realm from AAF - realm="people.osaaf.org"; - + realm = access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm()); + env = new RosettaEnv(); permsDF = env.newDataFactory(Perms.class); usersDF = env.newDataFactory(Users.class); certsDF = env.newDataFactory(Certs.class); certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling + credReqDF = env.newDataFactory(CredRequest.class); errDF = env.newDataFactory(Error.class); } catch (APIException e) { throw new CadiException("AAFCon cannot be configured",e); @@ -197,22 +200,22 @@ public abstract class AAFCon implements Connector { public final String aafVersion() { return apiVersion; } - + /** * Use this call to get the appropriate client based on configuration (HTTP, future) * using default AAF API Version - * + * * @param apiVersion * @return * @throws CadiException */ public Rcli client() throws CadiException { return client(apiVersion); - } + } /** * Use this call to get the appropriate client based on configuration (HTTP, future) - * + * * @param apiVersion * @return * @throws CadiException @@ -224,19 +227,19 @@ public abstract class AAFCon implements Connector { client.apiVersion(apiVersion) .readTimeout(connTimeout); clients.put(apiVersion, client); - } + } return client; } public Rcli client(URI uri) throws CadiException { return rclient(uri,si.defSS).readTimeout(connTimeout); } - + /** * Use this API when you have permission to have your call act as the end client's ID. - * + * * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given. - * + * * @param apiVersion * @param req * @return @@ -245,12 +248,12 @@ public abstract class AAFCon implements Connector { public Rcli clientAs(TaggedPrincipal p) throws CadiException { return clientAs(apiVersion,p); } - + /** * Use this API when you have permission to have your call act as the end client's ID. - * + * * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given. - * + * * @param apiVersion * @param req * @return @@ -261,14 +264,14 @@ public abstract class AAFCon implements Connector { return cl.forUser(transferSS(p)); } - + public RosettaEnv env() { return env; } - + /** * Return the backing AAFCon, if there is a Lur Setup that is AAF. - * + * * If there is no AAFLur setup, it will return "null" * @param servletRequest * @return @@ -291,9 +294,9 @@ public abstract class AAFCon implements Connector { } return null; } - + public abstract AAFCon clone(String url) throws CadiException, LocatorException; - + public AAFAuthn newAuthn() throws APIException { try { return new AAFAuthn<>(this); @@ -320,7 +323,7 @@ public abstract class AAFCon implements Connector { throw new CadiException(e); } } - + public AAFLurPerm newLur(AbsUserCache c) throws APIException { try { return new AAFLurPerm(this,c); @@ -332,33 +335,33 @@ public abstract class AAFCon implements Connector { } protected abstract Rcli rclient(URI uri, SecuritySetter ss) throws CadiException; - + public abstract Rcli rclient(Locator loc, SecuritySetter ss) throws CadiException; public Rcli client(Locator locator) throws CadiException { return rclient(locator,si.defSS); } - + public abstract RET best(Retryable retryable) throws LocatorException, CadiException, APIException; public abstract RET bestForUser(GetSetter get, Retryable retryable) throws LocatorException, CadiException, APIException; public abstract SecuritySetter basicAuth(String user, String password) throws CadiException; - + public abstract SecuritySetter transferSS(TaggedPrincipal principal) throws CadiException; - + public abstract SecuritySetter basicAuthSS(BasicPrincipal principal) throws CadiException; - + public abstract SecuritySetter tokenSS(final String client_id, final String accessToken) throws CadiException; - + public abstract SecuritySetter x509Alias(String alias) throws APIException, CadiException; - + public String getRealm() { return realm; } - + /** * This interface allows the AAFCon, even though generic, to pass in correctly typed values based on the above SS commands. * @author Jonathan @@ -375,7 +378,7 @@ public abstract class AAFCon implements Connector { } return ss; } - + public SecurityInfoC securityInfo() { return si; } @@ -386,7 +389,7 @@ public abstract class AAFCon implements Connector { } return "unknown"; } - + public void invalidate() throws CadiException { for (Rcli client : clients.values()) { client.invalidate(); @@ -408,7 +411,7 @@ public abstract class AAFCon implements Connector { } return text; } - + public static AAFCon newInstance(PropAccess pa) throws CadiException, LocatorException { // Potentially add plugin for other kinds of Access return new AAFConHttp(pa);