X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Fcore%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Fconfig%2FConfig.java;h=7bd578a5e45954c6885c2e321b2ed8aeccc5f895;hb=3d1706fcbe7f95830ff6fd23cf679ee55c6d0595;hp=ff1f3955ea8882ef9d89cb473a08bb6cd17161ec;hpb=133592f4d210a3e509c1c53a736e87ec2f1533ce;p=aaf%2Fauthz.git diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index ff1f3955..7bd578a5 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -88,6 +88,9 @@ public class Config { public static final String CADI_LOGDIR = "cadi_log_dir"; public static final String CADI_ETCDIR = "cadi_etc_dir"; public static final String CADI_LOGNAME = "cadi_logname"; +// public static final String CADI_LOGFMT="cad_logging_format"; +// public static final String CADI_LOGFMT_UTC="UTC"; +// public static final String CADI_LOGFMT_ISO8601="ISO-8601"; public static final String CADI_KEYFILE = "cadi_keyfile"; public static final String CADI_KEYSTORE = "cadi_keystore"; public static final String CADI_KEYSTORE_PASSWORD = "cadi_keystore_password"; @@ -148,9 +151,13 @@ public class Config { public static final String AAF_ROOT_NS = "aaf_root_ns"; public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf"; public static final String AAF_ROOT_COMPANY = "aaf_root_company"; + /** + * Use Config.getAAFLocateUrl(access) to get correct property in/out of container + */ public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator public static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables. public static final String AAF_DEFAULT_API_VERSION = "2.1"; + public static final String AAF_DEPLOYED_VERSION="aaf_deployed_version"; public static final String AAF_API_VERSION = "aaf_api_version"; public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration public static final String AAF_LOCATOR_CLASS = "aaf_locator_class"; @@ -174,6 +181,11 @@ public class Config { public static final String AAF_LOCATOR_PUBLIC_PORT = "aaf_locator_public_port"; public static final String AAF_LOCATOR_PUBLIC_FQDN = "aaf_locator_public_fqdn"; public static final String AAF_LOCATOR_PUBLIC_NAME = "aaf_locator_public_name"; + + // AAF Service will write to the Audit Log if a past due AAF stored Password + // is being used within # of days specified. + public static final String AAF_CRED_WARN_DAYS="aaf_cred_warn_days"; + public static final String AAF_CRED_WARN_DAYS_DFT="7"; public static final String AAF_APPID = "aaf_id"; public static final String AAF_APPPASS = "aaf_password"; @@ -208,13 +220,19 @@ public class Config { public static final String AAF_CERT_IDS = "aaf_cert_ids"; public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only. - public static final String AAF_RELEASE = "aaf_release"; + public static final String AAF_URL_OAUTH = "aaf_url_oauth"; public static final String AAF_URL_GUI="aaf_url_gui"; public static final String AAF_URL_FS="aaf_url_fs"; public static final String AAF_URL_CM = "aaf_url_cm"; + public static final String AAF_URL_CM_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:"+AAF_DEFAULT_API_VERSION; public static final String AAF_URL_HELLO = "aaf_url_hello"; public static final String CM_TRUSTED_CAS = "cm_trusted_cas"; + // let NS Owners choose with .certman aaf ignoreIPs" to ignoreIP Check for Configs + // Probably only want to allow in a DEV Env. + public static final String CM_ALLOW_IGNORE_IPS="cm_allow_ignore_ips"; + // Docker doesn't have a default DNS. The property turns off IP Checking of DNSs before creating. + public static final String CM_ALWAYS_IGNORE_IPS="cm_always_ignore_ips"; public static final String PATHFILTER_URLPATTERN = "pathfilter_urlpattern"; public static final String PATHFILTER_STACK = "pathfilter_stack"; @@ -257,10 +275,10 @@ public class Config { Access access = si.access; RegistrationPropHolder rph; try { - rph = new RegistrationPropHolder(access, 0); - } catch (UnknownHostException e2) { - throw new CadiException(e2); - } + rph = new RegistrationPropHolder(access, 0); + } catch (UnknownHostException e2) { + throw new CadiException(e2); + } ///////////////////////////////////////////////////// // Setup AAFCon for any following ///////////////////////////////////////////////////// @@ -486,7 +504,7 @@ public class Config { // Any Additional Tafs passed in Constructor ///////////////////////////////////////////////////// if (additionalTafLurs!=null) { - int i=0; + int i=0; for (Object additional : additionalTafLurs) { if (additional instanceof BasicHttpTaf) { BasicHttpTaf ht = (BasicHttpTaf)additional; @@ -538,21 +556,21 @@ public class Config { // just return the one taf = htlist.get(0).t; } else { - Collections.sort(htlist); + Collections.sort(htlist); HttpTaf[] htarray = new HttpTaf[htlist.size()]; int i=-1; StringBuilder sb = new StringBuilder("Tafs processed in this order:\n"); for(Priori pht : htlist) { - htarray[++i] = pht.t; - sb.append(" "); - sb.append(pht.t.getClass().getName()); - sb.append('('); - sb.append(pht.priority); - sb.append(")\n"); + htarray[++i] = pht.t; + sb.append(" "); + sb.append(pht.t.getClass().getName()); + sb.append('('); + sb.append(pht.priority); + sb.append(")\n"); } access.log(Level.INIT, sb); - Locator locator = loadLocator(si, logProp(rph, AAF_LOCATE_URL, null)); + Locator locator = loadLocator(si, aafURL); taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null String level = logProp(access, CADI_LOGLEVEL, null); @@ -567,13 +585,13 @@ public class Config { public static String logProp(RegistrationPropHolder rph, String tag, String def) { String rv = rph.access().getProperty(tag, def); if (rv == null) { - rph.access().log(Level.INIT,tag,"is not explicitly set"); + rph.access().log(Level.INIT,tag,"is not explicitly set"); } else { - rv = rph.replacements("Config.logProp",rv, null, null); - rph.access().log(Level.INIT,tag,"is set to",rv); + rv = rph.replacements("Config.logProp",rv, null, null); + rph.access().log(Level.INIT,tag,"is set to",rv); } return rv; - + } public static String logProp(Access access,String tag, String def) { @@ -590,10 +608,10 @@ public class Config { Access access = si.access; RegistrationPropHolder rph; try { - rph = new RegistrationPropHolder(access, 0); - } catch (UnknownHostException e2) { - throw new CadiException(e2); - } + rph = new RegistrationPropHolder(access, 0); + } catch (UnknownHostException e2) { + throw new CadiException(e2); + } List> lurs = new ArrayList<>(); @@ -710,7 +728,7 @@ public class Config { // Any Additional passed in Constructor ///////////////////////////////////////////////////// if (additionalTafLurs!=null) { - int i=0; + int i=0; for (Object additional : additionalTafLurs) { if (additional instanceof Lur) { lurs.add(new Priori((Lur)additional,50+i++)); @@ -736,17 +754,17 @@ public class Config { return lurs.get(0).t; // Only one, just return it, save processing default: // Multiple Lurs, use EpiLUR to handle - Collections.sort(lurs); + Collections.sort(lurs); Lur[] la = new Lur[lurs.size()]; int i=-1; StringBuilder sb = new StringBuilder("Lurs processed in this order:\n"); for(Priori pht : lurs) { - la[++i] = pht.t; - sb.append(" "); - sb.append(pht.t.getClass().getName()); - sb.append('('); - sb.append(pht.priority); - sb.append(")\n"); + la[++i] = pht.t; + sb.append(" "); + sb.append(pht.t.getClass().getName()); + sb.append('('); + sb.append(pht.priority); + sb.append(")\n"); } access.log(Level.INIT, sb); return new EpiLur(la); @@ -837,29 +855,65 @@ public class Config { if (_url==null) { access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled"); } else { + try { + Class aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator"); + Method aalMth = aalCls.getMethod("create", String.class,String.class); + int colon = _url.lastIndexOf(':'); + if(colon>=0) { + int slash = _url.indexOf('/',colon); + String version; + if(slash<0) { + version = _url.substring(colon+1); + } else { + version = _url.substring(colon+1,slash); + } + slash = _url.lastIndexOf('/',colon); + if(slash>=0) { + Object aal = aalMth.invoke(null/*static*/, _url.substring(slash+1, colon),version); + return (Locator)aal; + } + } + } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + String msg; + char quote; + if(e.getCause()!=null) { + msg=e.getCause().getMessage(); + quote='"'; + } else { + msg = "-"; + quote=' '; + } + access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",quote,msg,quote); + } // String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS."); // String root_ns = access.getProperty(Config.AAF_ROOT_NS, null); - String url; + String url; RegistrationPropHolder rph; try { - rph = new RegistrationPropHolder(access, 0); - url = rph.replacements("Config.loadLocator",_url, null, null); - access.printf(Level.INFO, "loadLocator URL is %s",url); - } catch (UnknownHostException | CadiException e1) { - throw new LocatorException(e1); - } - + rph = new RegistrationPropHolder(access, 0); + url = rph.replacements("Config.loadLocator",_url, null, null); + access.printf(Level.INFO, "loadLocator URL is %s",url); + } catch (UnknownHostException | CadiException e1) { + throw new LocatorException(e1); + } + + String aaf_locator_class; + if(_url.equals(url) && !url.contains("/locate/")) { + aaf_locator_class = "org.onap.aaf.cadi.locator.DNSLocator"; + } else { + aaf_locator_class = AAF_LOCATOR_CLASS_DEF; + } try { - Class lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF); + Class lcls = loadClass(access,aaf_locator_class); if (lcls==null) { throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator"); } // First check for preloaded try { - Method meth = lcls.getMethod("create",String.class); - locator = (Locator)meth.invoke(null,url); + Method meth = lcls.getMethod("create",Access.class,String.class); + locator = (Locator)meth.invoke(null,access,url); } catch (Exception e) { - access.log(Level.DEBUG, "(Not fatal) Cannot load by create(String)", e); + access.log(Level.NONE, "(Not fatal) Cannot load by create(String)", e); } if (locator==null) { URI locatorURI = new URI(url); @@ -889,67 +943,85 @@ public class Config { public static String getDefaultRealm() { return defaultRealm; } + + public static String getAAFLocateUrl(Access access) { + String rv = null; + String cont = access.getProperty(AAF_LOCATOR_CONTAINER,null); + if(cont!=null) { + rv = access.getProperty(AAF_LOCATE_URL + '.' +cont, null); + } + if(rv==null) { + rv = access.getProperty(AAF_LOCATE_URL, null); + } + return rv; + } private static class Priori implements Comparable> { - public final T t; - public final int priority; - - public Priori(final T t, final int priority) { - this.t = t; - this.priority = priority; - } - - @Override - public int compareTo(Priori o) { - if(priority==o.priority) { - return 0; - } else if(priority void add(Access access, final String tag, List> list) { - String plugins = access.getProperty(tag, null); - if(plugins!=null) { - for(String tafs : Split.splitTrim(';', plugins)) { - String[] pluginArray = Split.splitTrim(',', tafs); - String clssn = null; - int priority = 60; - switch(pluginArray.length) { - case 0: - break; - case 1: - clssn = tafs; - break; - default: - clssn = pluginArray[0]; - try { - priority = Integer.parseInt(pluginArray[1]); - } catch (NumberFormatException nfe) { - access.printf(Level.ERROR, "%s format is ,priority[;...]\n",CADI_ADD_TAFS); - } - } - - if(clssn!=null) { - Class cls = loadClass(access, clssn); - if(cls!=null) { - try { - @SuppressWarnings("unchecked") - Constructor cnst = (Constructor)cls.getConstructor(Access.class); - try { - list.add(new Priori(cnst.newInstance(access),priority)); - } catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - access.printf(Level.ERROR, "%s cannot be constructed with Access.\n",clssn); - } - } catch (NoSuchMethodException | SecurityException e) { - access.printf(Level.ERROR, "%s needs a Constructor taking Access as sole param.\n",clssn); - } - } - } - } - } - } + public final T t; + public final int priority; + + public Priori(final T t, final int priority) { + this.t = t; + this.priority = priority; + } + + @Override + public int compareTo(Priori o) { + if(priority==o.priority) { + return 0; + } else if(priority void add(Access access, final String tag, List> list) { + String plugins = access.getProperty(tag, null); + if(plugins!=null) { + access.log(Level.INIT, "Adding TAF Plugins: ", plugins); + for(String tafs : Split.splitTrim(';', plugins)) { + String[] pluginArray = Split.splitTrim(',', tafs); + String clssn = null; + int priority = 60; + switch(pluginArray.length) { + case 0: + break; + case 1: + clssn = tafs; + break; + default: + clssn = pluginArray[0]; + try { + priority = Integer.parseInt(pluginArray[1]); + } catch (NumberFormatException nfe) { + access.printf(Level.ERROR, "%s format is ,priority[;...]\n",CADI_ADD_TAFS); + } + } + + if(clssn!=null) { + Class cls = loadClass(access, clssn); + if(cls!=null) { + try { + @SuppressWarnings("unchecked") + Constructor cnst = (Constructor)cls.getConstructor(Access.class); + try { + list.add(new Priori(cnst.newInstance(access),priority)); + } catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + String hostname = access.getProperty(Config.HOSTNAME,null); + if(hostname==null) { + access.printf(Level.ERROR, "%s cannot be constructed on this machine. Set valid 'hostname' in your properties\n",clssn); + } else { + access.printf(Level.ERROR, "%s cannot be constructed on %s with Access.\n",clssn, hostname); + } + } + } catch (NoSuchMethodException | SecurityException e) { + access.printf(Level.ERROR, "%s needs a Constructor taking Access as sole param.\n",clssn); + } + } + } + } + } + } } }