X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Faaf%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Foauth%2FTokenClient.java;h=58ecaa84eb4b99c5b95953a5956bae6543969da3;hb=7e966914050e66219689001ff4ab601a49eef0ac;hp=0558e8157b3ec7d470f7e77ca0e8c69946d792a8;hpb=467b962cbf1c78bf617f2dac70096b61f4af5003;p=aaf%2Fauthz.git diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java index 0558e815..58ecaa84 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java @@ -51,436 +51,446 @@ import aafoauth.v2_0.Introspect; import aafoauth.v2_0.Token; public class TokenClient { - private static final String UTF_8 = "UTF-8"; + private static final String UTF_8 = "UTF-8"; - public enum AUTHN_METHOD {client_credentials,password,payload,basic_auth,certificate,refresh_token, none} + public enum AUTHN_METHOD {client_credentials,password,payload,basic_auth,certificate,refresh_token, none} - private final TokenClientFactory factory; - private final AAFCon tkCon; - private static RosettaDF tokenDF; - protected static RosettaDF introspectDF; + private final TokenClientFactory factory; + private final AAFCon tkCon; + private static RosettaDF tokenDF; + protected static RosettaDF introspectDF; - private int timeout; - private String client_id, username; - private byte[] enc_client_secret, enc_password; + private int timeout; + private String client_id, username; + private byte[] enc_client_secret, enc_password; - private GetSetter ss; - private AUTHN_METHOD authn_method; - private byte[] hash; - private final char okind; - private String default_scope; + private GetSetter ss; + private AUTHN_METHOD authn_method; + private byte[] hash; + private final char okind; + private String default_scope; - // Package on Purpose - TokenClient(char okind, final TokenClientFactory tcf, final AAFCon tkCon, final int timeout, AUTHN_METHOD am) throws CadiException, APIException { - this.okind = okind; - factory = tcf; - this.tkCon = tkCon; - this.timeout = timeout; - ss = null; - authn_method = am; - synchronized(tcf) { - if(introspectDF==null) { - tokenDF = tkCon.env().newDataFactory(Token.class); - introspectDF = tkCon.env().newDataFactory(Introspect.class); - } - } + // Package on Purpose + TokenClient(char okind, final TokenClientFactory tcf, final AAFCon tkCon, final int timeout, AUTHN_METHOD am) throws CadiException, APIException { + this.okind = okind; + factory = tcf; + this.tkCon = tkCon; + this.timeout = timeout; + ss = null; + authn_method = am; + synchronized(tcf) { + if (introspectDF==null) { + tokenDF = tkCon.env().newDataFactory(Token.class); + introspectDF = tkCon.env().newDataFactory(Introspect.class); + } + } - } + } - public void client_id(String client_id) { - this.client_id = client_id; - default_scope = FQI.reverseDomain(client_id); - } - - public String client_id() { - return client_id; - } - - /** - * This scope based on client_id... the App configured for call - * @return - */ - public String defaultScope() { - return default_scope; - } + public void client_id(String client_id) { + this.client_id = client_id; + default_scope = FQI.reverseDomain(client_id); + } + + public String client_id() { + return client_id; + } + + /** + * This scope based on client_id... the App configured for call + * @return + */ + public String defaultScope() { + return default_scope; + } - public void client_creds(Access access) throws CadiException { - if(okind=='A') { - client_creds(access.getProperty(Config.AAF_APPID, null),access.getProperty(Config.AAF_APPPASS, null)); - } else { - client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID, null),access.getProperty(Config.AAF_ALT_CLIENT_SECRET, null)); - } - } + public void client_creds(Access access) throws CadiException { + if (okind=='A') { + String alias = access.getProperty(Config.CADI_ALIAS, null); + if (alias == null) { + client_creds(access.getProperty(Config.AAF_APPID, null),access.getProperty(Config.AAF_APPPASS, null)); + } else { + client_creds(alias,null); + } + } else { + client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID, null),access.getProperty(Config.AAF_ALT_CLIENT_SECRET, null)); + } + } - /** - * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid - * way to get Credentials. However, support is up to the OAuth2 Implementation - * - * This method is for setting an App's creds (client) to another App. - * - * @param client_id - * @param client_secret - * @throws IOException - */ - public void client_creds(final String client_id, final String client_secret) throws CadiException { - if(client_id==null) { - throw new CadiException(Config.AAF_ALT_CLIENT_ID + " is null"); - } - this.client_id = client_id; - default_scope = FQI.reverseDomain(client_id); + /** + * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid + * way to get Credentials. However, support is up to the OAuth2 Implementation + * + * This method is for setting an App's creds (client) to another App. + * + * @param client_id + * @param client_secret + * @throws IOException + */ + public void client_creds(final String client_id, final String client_secret) throws CadiException { + if (client_id==null) { + throw new CadiException("client_creds:client_id is null"); + } + this.client_id = client_id; + default_scope = FQI.reverseDomain(client_id); - if(client_secret!=null) { - try { - if(client_secret.startsWith("enc:")) { - final String temp = factory.access.decrypt(client_secret, false); // this is a more powerful, but non-thread-safe encryption - hash = Hash.hashSHA256(temp.getBytes()); - this.enc_client_secret = factory.symm.encode(temp.getBytes()); - ss = new GetSetter() { - @Override - public SecuritySetter get(AAFCon con) throws CadiException { - return con.basicAuth(client_id, temp);// Base class encrypts password - } - }; - } else { - byte[] temp = client_secret.getBytes(); - hash = Hash.hashSHA256(temp); - this.enc_client_secret = factory.symm.encode(temp); - ss = new GetSetter() { - @Override - public SecuritySetter get(AAFCon con) throws CadiException { - return con.basicAuth(client_id, client_secret);// Base class encrypts password - } - }; - } - authn_method = AUTHN_METHOD.client_credentials; - } catch(IOException | NoSuchAlgorithmException e) { - throw new CadiException(e); - } - } else { - ss = new GetSetter() { - @Override - public SecuritySetter get(AAFCon con) throws CadiException { - try { - return con.x509Alias(client_id);// no password, assume Cert - } catch (APIException e) { - throw new CadiException(e); - } - } - }; - authn_method = AUTHN_METHOD.client_credentials; - } - } - - public void username(String username) { - this.username = username; - } + if (client_secret!=null) { + try { + if (client_secret.startsWith("enc:")) { + final String temp = factory.access.decrypt(client_secret, false); // this is a more powerful, but non-thread-safe encryption + hash = Hash.hashSHA256(temp.getBytes()); + this.enc_client_secret = factory.symm.encode(temp.getBytes()); + ss = new GetSetter() { + @Override + public SecuritySetter get(AAFCon con) throws CadiException { + return con.basicAuth(client_id, temp);// Base class encrypts password + } + }; + } else { + byte[] temp = client_secret.getBytes(); + hash = Hash.hashSHA256(temp); + this.enc_client_secret = factory.symm.encode(temp); + ss = new GetSetter() { + @Override + public SecuritySetter get(AAFCon con) throws CadiException { + return con.basicAuth(client_id, client_secret);// Base class encrypts password + } + }; + } + authn_method = AUTHN_METHOD.client_credentials; + } catch (IOException | NoSuchAlgorithmException e) { + throw new CadiException(e); + } + } else { + ss = new GetSetter() { + @Override + public SecuritySetter get(AAFCon con) throws CadiException { + try { + return con.x509Alias(client_id);// no password, assume Cert + } catch (APIException e) { + throw new CadiException(e); + } + } + }; + authn_method = AUTHN_METHOD.client_credentials; + } + } + + public void username(String username) { + this.username = username; + } - /** - * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid - * way to get Credentials. However, support is up to the OAuth2 Implementation - * - * This method is for setting the End-User's Creds - * - * @param client_id - * @param client_secret - * @throws IOException - */ - public void password(final String user, final String password) throws CadiException { - this.username = user; - if(password!=null) { - try { - if(password.startsWith("enc:")) { - final String temp = factory.access.decrypt(password, false); // this is a more powerful, but non-thread-safe encryption - hash = Hash.hashSHA256(temp.getBytes()); - this.enc_password = factory.symm.encode(temp.getBytes()); - ss = new GetSetter() { - @Override - public SecuritySetter get(AAFCon con) throws CadiException { - return con.basicAuth(user, temp);// Base class encrypts password - } - }; - } else { - byte[] temp = password.getBytes(); - hash = Hash.hashSHA256(temp); - this.enc_password = factory.symm.encode(temp); - ss = new GetSetter() { - @Override - public SecuritySetter get(AAFCon con) throws CadiException { - return con.basicAuth(user, password);// Base class encrypts password - } - }; - } - authn_method = AUTHN_METHOD.password; - } catch (IOException | NoSuchAlgorithmException e) { - throw new CadiException(e); - } - } - } - - public void clearEndUser() { - username = null; - enc_password = null; - if(client_id!=null && enc_client_secret!=null) { - authn_method = AUTHN_METHOD.client_credentials; - } else { - authn_method = AUTHN_METHOD.password; - } - } + /** + * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid + * way to get Credentials. However, support is up to the OAuth2 Implementation + * + * This method is for setting the End-User's Creds + * + * @param client_id + * @param client_secret + * @throws IOException + */ + public void password(final String user, final String password) throws CadiException { + this.username = user; + if (password!=null) { + try { + if (password.startsWith("enc:")) { + final String temp = factory.access.decrypt(password, false); // this is a more powerful, but non-thread-safe encryption + hash = Hash.hashSHA256(temp.getBytes()); + this.enc_password = factory.symm.encode(temp.getBytes()); + ss = new GetSetter() { + @Override + public SecuritySetter get(AAFCon con) throws CadiException { + return con.basicAuth(user, temp);// Base class encrypts password + } + }; + } else { + byte[] temp = password.getBytes(); + hash = Hash.hashSHA256(temp); + this.enc_password = factory.symm.encode(temp); + ss = new GetSetter() { + @Override + public SecuritySetter get(AAFCon con) throws CadiException { + return con.basicAuth(user, password);// Base class encrypts password + } + }; + } + authn_method = AUTHN_METHOD.password; + } catch (IOException | NoSuchAlgorithmException e) { + throw new CadiException(e); + } + } + } + + public void clearEndUser() { + username = null; + enc_password = null; + if (client_id!=null && enc_client_secret!=null) { + authn_method = AUTHN_METHOD.client_credentials; + } else { + authn_method = AUTHN_METHOD.password; + } + } - public Result getToken(final String ... scopes) throws LocatorException, CadiException, APIException { - return getToken(Kind.OAUTH,scopes); - } + public Result getToken(final String ... scopes) throws LocatorException, CadiException, APIException { + return getToken(Kind.OAUTH,scopes); + } - public void clearToken(final String ... scopes) throws CadiException { - clearToken(Kind.OAUTH,scopes); - } + public void clearToken(final String ... scopes) throws CadiException { + clearToken(Kind.OAUTH,scopes); + } - public void clearToken(final char kind, final String ... scopes) throws CadiException { - final String scope = addScope(scopes); - char c; - if(kind==Kind.OAUTH) { - c = okind; - } else { - c = kind; - } - final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope); - factory.delete(key); - } - /** - * Get AuthToken - * @throws APIException - * @throws CadiException - * @throws LocatorException - */ - public Result getToken(final char kind, final String ... scopes) throws LocatorException, CadiException, APIException { - final String scope = addScope(scopes); - char c; - if(kind==Kind.OAUTH) { - c = okind; - } else { - c = kind; - } - final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope); - if(ss==null) { - throw new APIException("client_creds(...) must be set before obtaining Access Tokens"); - } - - Result rtt = factory.get(key,hash,new Loader() { - @Override - public Result load(final String key) throws APIException, CadiException, LocatorException { - final List params = new ArrayList(); - params.add(scope); - addSecurity(params,authn_method); - - final String paramsa[] = new String[params.size()]; - params.toArray(paramsa); - Result rt = tkCon.best(new Retryable>() { - @Override - public Result code(Rcli client) throws CadiException, ConnectException, APIException { - // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test - Future f = client.postForm(null,tokenDF,paramsa); - if(f.get(timeout)) { - return Result.ok(f.code(),f.value); - } else { - return Result.err(f.code(), f.body()); - } - } - }); - - if(rt.isOK()) { - try { - return Result.ok(rt.code,factory.putTimedToken(key,rt.value, hash)); - } catch (IOException e) { - // TODO What to do here? - e.printStackTrace(); - return Result.err(999,e.getMessage()); - } - } else { - return Result.err(rt); - } - } - }); - if(rtt.isOK()) { // not validated for Expired - TimedToken tt = rtt.value; - if(tt.expired()) { - rtt = refreshToken(tt); - if(rtt.isOK()) { - tkCon.access.printf(Level.INFO, "Refreshed token %s to %s",tt.getAccessToken(),rtt.value.getAccessToken()); - return Result.ok(200,rtt.value); - } else { - tkCon.access.printf(Level.INFO, "Expired token %s cannot be renewed %d %s",tt.getAccessToken(),rtt.code,rtt.error); - factory.delete(key); - tt=null; - } - } else { - return Result.ok(200,tt); - } - } else { - Result.err(rtt); - } - return Result.err(404,"Not Found"); - } - - public Result refreshToken(Token token) throws APIException, LocatorException, CadiException { - if(ss==null) { - throw new APIException("client_creds(...) must be set before obtaining Access Tokens"); - } - final List params = new ArrayList(); - params.add("refresh_token="+token.getRefreshToken()); - addSecurity(params,AUTHN_METHOD.refresh_token); - final String scope="scope="+token.getScope().replace(' ', '+'); - params.add(scope); - - final String paramsa[] = new String[params.size()]; - params.toArray(paramsa); - Result rt = tkCon.best(new Retryable>() { - @Override - public Result code(Rcli client) throws CadiException, ConnectException, APIException { - // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test - Future f = client.postForm(null,tokenDF,paramsa); - if(f.get(timeout)) { - return Result.ok(f.code(),f.value); - } else { - return Result.err(f.code(), f.body()); - } - } - }); - String key = TokenClientFactory.getKey(okind,client_id, username, hash, scope); - if(rt.isOK()) { - try { - return Result.ok(200,factory.putTimedToken(key, rt.value, hash)); - } catch (IOException e) { - //TODO what to do here? - return Result.err(999, e.getMessage()); - } - } else if(rt.code==404) { - factory.deleteFromDisk(key); - } - return Result.err(rt); - } + public void clearToken(final char kind, final String ... scopes) throws CadiException { + final String scope = addScope(scopes); + char c; + if (kind==Kind.OAUTH) { + c = okind; + } else { + c = kind; + } + final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope); + factory.delete(key); + } + /** + * Get AuthToken + * @throws APIException + * @throws CadiException + * @throws LocatorException + */ + public Result getToken(final char kind, final String ... scopes) throws LocatorException, CadiException, APIException { + final String scope = addScope(scopes); + char c; + if (kind==Kind.OAUTH) { + c = okind; + } else { + c = kind; + } + final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope); + if (ss==null) { + throw new APIException("client_creds(...) must be set before obtaining Access Tokens"); + } + + Result rtt = factory.get(key,hash,new Loader() { + @Override + public Result load(final String key) throws APIException, CadiException, LocatorException { + final List params = new ArrayList<>(); + params.add(scope); + addSecurity(params,authn_method); + + final String paramsa[] = new String[params.size()]; + params.toArray(paramsa); + Result rt = tkCon.best(new Retryable>() { + @Override + public Result code(Rcli client) throws CadiException, ConnectException, APIException { + // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test + Future f = client.postForm(null,tokenDF,paramsa); + if (f.get(timeout)) { + return Result.ok(f.code(),f.value); + } else { + return Result.err(f.code(), f.body()); + } + } + }); + + if (rt.isOK()) { + try { + return Result.ok(rt.code,factory.putTimedToken(key,rt.value, hash)); + } catch (IOException e) { + // TODO What to do here? + e.printStackTrace(); + return Result.err(999,e.getMessage()); + } + } else { + return Result.err(rt); + } + } + }); + if (rtt.isOK()) { // not validated for Expired + TimedToken tt = rtt.value; + if (tt.expired()) { + rtt = refreshToken(tt); + if (rtt.isOK()) { + tkCon.access.printf(Level.INFO, "Refreshed token %s to %s",tt.getAccessToken(),rtt.value.getAccessToken()); + return Result.ok(200,rtt.value); + } else { + tkCon.access.printf(Level.INFO, "Expired token %s cannot be renewed %d %s",tt.getAccessToken(),rtt.code,rtt.error); + factory.delete(key); + tt=null; + } + } else { + return Result.ok(200,tt); + } + } else { + Result.err(rtt); + } + return Result.err(404,"Not Found"); + } + + public Result refreshToken(Token token) throws APIException, LocatorException, CadiException { + if (ss==null) { + throw new APIException("client_creds(...) must be set before obtaining Access Tokens"); + } + final List params = new ArrayList<>(); + params.add("refresh_token="+token.getRefreshToken()); + addSecurity(params,AUTHN_METHOD.refresh_token); + final String scope="scope="+token.getScope().replace(' ', '+'); + params.add(scope); + + final String paramsa[] = new String[params.size()]; + params.toArray(paramsa); + Result rt = tkCon.best(new Retryable>() { + @Override + public Result code(Rcli client) throws CadiException, ConnectException, APIException { + // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test + Future f = client.postForm(null,tokenDF,paramsa); + if (f.get(timeout)) { + return Result.ok(f.code(),f.value); + } else { + return Result.err(f.code(), f.body()); + } + } + }); + String key = TokenClientFactory.getKey(okind,client_id, username, hash, scope); + if (rt.isOK()) { + try { + return Result.ok(200,factory.putTimedToken(key, rt.value, hash)); + } catch (IOException e) { + //TODO what to do here? + return Result.err(999, e.getMessage()); + } + } else if (rt.code==404) { + factory.deleteFromDisk(key); + } + return Result.err(rt); + } - public Result introspect(final String token) throws APIException, LocatorException, CadiException { - if(ss==null) { - throw new APIException("client_creds(...) must be set before introspecting Access Tokens"); - } + public Result introspect(final String token) throws APIException, LocatorException, CadiException { + if (ss==null) { + throw new APIException("client_creds(...) must be set before introspecting Access Tokens"); + } - return tkCon.best(new Retryable>() { - @Override - public Result code(Rcli client) throws CadiException, ConnectException, APIException { - final List params = new ArrayList(); - params.add("token="+token); - addSecurity(params,AUTHN_METHOD.client_credentials); - final String paramsa[] = new String[params.size()]; - params.toArray(paramsa); - // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test - Future f = client.postForm(null,introspectDF,paramsa); - if(f.get(timeout)) { - return Result.ok(f.code(),f.value); - } else { - return Result.err(f.code(), f.body()); - } - } - } - ); - } - - private String addScope(String[] scopes) { - String rv = null; - StringBuilder scope=null; - boolean first = true; - for(String s : scopes) { - if(first) { - scope = new StringBuilder(); - scope.append("scope="); - first=false; - } else { - scope.append('+'); - } - scope.append(s); - } - if(scope!=null) { - rv=scope.toString(); - } - return rv; - } + return tkCon.best(new Retryable>() { + @Override + public Result code(Rcli client) throws CadiException, ConnectException, APIException { + final List params = new ArrayList<>(); + params.add("token="+token); + addSecurity(params,AUTHN_METHOD.client_credentials); + final String paramsa[] = new String[params.size()]; + params.toArray(paramsa); + // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test + Future f = client.postForm(null,introspectDF,paramsa); + if (f.get(timeout)) { + return Result.ok(f.code(),f.value); + } else { + return Result.err(f.code(), f.body()); + } + } + } + ); + } + + private String addScope(String[] scopes) { + String rv = null; + StringBuilder scope=null; + boolean first = true; + for (String s : scopes) { + if (first) { + scope = new StringBuilder(); + scope.append("scope="); + first=false; + } else { + scope.append('+'); + } + scope.append(s); + } + if (scope!=null) { + rv=scope.toString(); + } + return rv; + } - private void addSecurity(List params, AUTHN_METHOD authn) throws APIException { - // Set GrantType... different than Credentials - switch(authn) { - case client_credentials: - params.add("grant_type=client_credentials"); - break; - case password: - params.add("grant_type=password"); - break; - case refresh_token: - params.add("grant_type=refresh_token"); - break; - case none: - break; - default: - // Nothing to do - break; - } - - // Set Credentials appropriate - switch(authn_method) { - case client_credentials: - if(client_id!=null) { - params.add("client_id="+client_id); - } - - if(enc_client_secret!=null) { - try { - params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); - } catch (IOException e) { - throw new APIException("Error Decrypting Password",e); - } - } - break; - case refresh_token: - if(client_id!=null) { - params.add("client_id="+client_id); - } - - if(enc_client_secret!=null) { - try { - params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); - } catch (IOException e) { - throw new APIException("Error Decrypting Password",e); - } - } - break; + private void addSecurity(List params, AUTHN_METHOD authn) throws APIException { + // Set GrantType... different than Credentials + switch(authn) { + case client_credentials: + params.add("grant_type=client_credentials"); + break; + case password: + params.add("grant_type=password"); + break; + case refresh_token: + params.add("grant_type=refresh_token"); + break; + case none: + break; + default: + // Nothing to do + break; + } + + // Set Credentials appropriate + switch(authn_method) { + case client_credentials: + if (client_id!=null) { + params.add("client_id="+client_id); + } + + if (enc_client_secret!=null) { + try { + params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); + } catch (IOException e) { + throw new APIException("Error Decrypting Password",e); + } + } + + if (username!=null) { + params.add("username="+username); + } - case password: - if(client_id!=null) { - params.add("client_id="+client_id); - } - - if(enc_client_secret!=null) { - try { - params.add("client_secret="+ URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); - } catch (IOException e) { - throw new APIException("Error Decrypting Password",e); - } - } - if(username!=null) { - params.add("username="+username); - } - - if(enc_password!=null) { - try { - params.add("password="+ URLEncoder.encode(new String(factory.symm.decode(enc_password)),UTF_8)); - } catch (IOException e) { - throw new APIException("Error Decrypting Password",e); - } - } - - break; - default: - // Nothing to do - break; - } - } + break; + case refresh_token: + if (client_id!=null) { + params.add("client_id="+client_id); + } + + if (enc_client_secret!=null) { + try { + params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); + } catch (IOException e) { + throw new APIException("Error Decrypting Password",e); + } + } + break; + + case password: + if (client_id!=null) { + params.add("client_id="+client_id); + } + + if (enc_client_secret!=null) { + try { + params.add("client_secret="+ URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); + } catch (IOException e) { + throw new APIException("Error Decrypting Password",e); + } + } + if (username!=null) { + params.add("username="+username); + } + + if (enc_password!=null) { + try { + params.add("password="+ URLEncoder.encode(new String(factory.symm.decode(enc_password)),UTF_8)); + } catch (IOException e) { + throw new APIException("Error Decrypting Password",e); + } + } + + break; + default: + // Nothing to do + break; + } + } }