2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2019 IBM.
7 * ===========================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END====================================================
23 package org.onap.aaf.auth.batch.helpers;
25 import java.util.ArrayList;
26 import java.util.Calendar;
27 import java.util.Date;
28 import java.util.GregorianCalendar;
29 import java.util.HashSet;
30 import java.util.Iterator;
31 import java.util.List;
33 import java.util.SortedMap;
34 import java.util.TreeMap;
36 import org.onap.aaf.auth.dao.cass.CredDAO;
37 import org.onap.aaf.auth.dao.hl.Question;
38 import org.onap.aaf.cadi.util.CSV;
39 import org.onap.aaf.misc.env.Env;
40 import org.onap.aaf.misc.env.TimeTaken;
41 import org.onap.aaf.misc.env.Trans;
42 import org.onap.aaf.misc.env.util.Chrono;
44 import com.datastax.driver.core.ResultSet;
45 import com.datastax.driver.core.Row;
46 import com.datastax.driver.core.Session;
47 import com.datastax.driver.core.SimpleStatement;
48 import com.datastax.driver.core.Statement;
51 public static final SortedMap<String,Cred> data = new TreeMap<>();
52 public static final SortedMap<String,List<Cred>> byNS = new TreeMap<>();
54 public final String id;
55 public final List<Instance> instances;
56 public final String ns;
58 public Cred(String id) {
60 instances = new ArrayList<>();
61 ns=Question.domain2ns(id);
64 public static class Instance {
65 public final int type;
66 public final Date expires;
67 public final Date written;
68 public final Integer other;
69 public final String tag;
70 public List<Note> notes;
73 public Instance(int type, Date expires, Integer other, long written, String tag) {
75 this.expires = expires;
77 this.written = new Date(written);
82 * Usually returns Null...
85 public List<Note> notes() {
89 public void addNote(int level, String note) {
91 notes=new ArrayList<>();
93 notes.add(new Note(level,note));
96 public String toString() {
97 return expires.toString() + ": " + type + ' ' + tag;
101 public static class Note {
102 public final int level;
103 public final String note;
105 public Note(int level, String note) {
110 public Date last(final int ... types) {
112 for (Instance i : instances) {
113 if (types.length>0) { // filter by types, if requested
115 for (int t : types) {
125 if (last==null || i.expires.after(last)) {
133 public Set<Integer> types() {
134 Set<Integer> types = new HashSet<>();
135 for (Instance i : instances) {
141 public static void load(Trans trans, Session session, int ... types ) {
142 load(trans, session,"select id, type, expires, other, writetime(cred), tag from authz.cred;",types);
145 public static void loadOneNS(Trans trans, Session session, String ns,int ... types ) {
146 load(trans, session,"select id, type, expires, other, writetime(cred), tag from authz.cred WHERE ns='" + ns + "';", types);
149 private static void load(Trans trans, Session session, String query, int ...types) {
151 trans.info().log( "query: " + query );
152 TimeTaken tt = trans.start("Read Creds", Env.REMOTE);
156 Statement stmt = new SimpleStatement( query );
157 results = session.execute(stmt);
163 Iterator<Row> iter = results.iterator();
165 tt = trans.start("Load Credentials", Env.SUB);
167 while (iter.hasNext()) {
170 int type = row.getInt(1);
171 if (types.length>0) { // filter by types, if requested
172 boolean hastype = false;
173 for (int t : types) {
183 add(row.getString(0), row.getInt(1),row.getTimestamp(2),row.getInt(3),row.getLong(4),
190 trans.info().log("Found",count,"creds");
194 public static void add(
197 final Date timestamp,
202 Cred cred = data.get(id);
207 cred.instances.add(new Instance(type, timestamp, other, written/1000,tag));
209 List<Cred> lscd = byNS.get(cred.ns);
211 lscd=new ArrayList<>();
212 byNS.put(cred.ns,lscd);
214 boolean found = false;
215 for (Cred c : lscd) {
216 if (c.id.equals(cred.id)) {
228 * Count entries in Cred data.
229 * Note, as opposed to other methods, need to load the whole cred table for the Types.
233 public static CredCount count(int numbuckets) {
234 CredCount cc = new CredCount(numbuckets);
235 for (Cred c : data.values()) {
236 for (Instance ci : c.instances) {
237 cc.inc(ci.type,ci.written, ci.expires);
243 public static class CredCount {
245 public int [] basicAuth;
246 public int [] basicAuth256;
248 public int [] x509Added;
249 public int [] x509Expired;
250 public Date [] dates;
252 public CredCount(int numbuckets) {
253 raw = new int[numbuckets];
254 basicAuth = new int[numbuckets];
255 basicAuth256 = new int[numbuckets];
256 cert = new int[numbuckets];
257 x509Added = new int[numbuckets];
258 x509Expired = new int[numbuckets];
259 dates = new Date[numbuckets];
260 GregorianCalendar gc = new GregorianCalendar();
261 dates[0]=gc.getTime(); // now
262 gc.set(Calendar.DAY_OF_MONTH, 1);
263 gc.set(Calendar.HOUR, 0);
264 gc.set(Calendar.MINUTE, 0);
265 gc.set(Calendar.SECOND,0);
266 gc.set(Calendar.MILLISECOND,0);
267 gc.add(Calendar.MILLISECOND, -1); // last milli of month
268 for (int i = 1; i < numbuckets; ++i) {
269 dates[i] = gc.getTime();
270 gc.add(Calendar.MONTH, -1);
275 public void inc(int type, Date start, Date expires) {
276 for (int i = 0; i < dates.length - 1; ++i) {
277 if (start.before(dates[i])) {
278 if ((type == CredDAO.CERT_SHA256_RSA)&&(start.after(dates[i + 1]))) {
281 if (expires.after(dates[i])) {
286 case CredDAO.BASIC_AUTH:
289 case CredDAO.BASIC_AUTH_SHA256:
292 case CredDAO.CERT_SHA256_RSA:
301 public long authCount(int idx) {
302 return (long)basicAuth[idx] + basicAuth256[idx];
305 public long x509Count(int idx) {
313 public void row(final CSV.Writer csvw, final Instance inst) {
314 csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires),
315 inst.expires.getTime(),inst.tag);
318 public void row(final CSV.Writer csvw, final Instance inst, final String reason) {
319 csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires),
320 inst.expires.getTime(),inst.tag,reason);
323 public static void batchDelete(StringBuilder sb, List<String> row) {
324 long l = Long.parseLong(row.get(5));
325 String date = Chrono.batchFmt.format(new Date(l));
326 sb.append("DELETE from authz.cred WHERE id='");
327 sb.append(row.get(1));
328 sb.append("' AND type=");
329 sb.append(Integer.parseInt(row.get(3)));
330 // Note: We have to work with long, because Expires is part of Key... can't easily do date.
331 sb.append(" AND expires='");
337 public String toString() {
338 StringBuilder sb = new StringBuilder(id);
340 for (Instance i : instances) {
344 sb.append(i.expires);
348 return sb.toString();
352 * @see java.lang.Object#hashCode()
355 public int hashCode() {
356 return id.hashCode();
360 * @see java.lang.Object#equals(java.lang.Object)
363 public boolean equals(Object obj) {
364 return id.equals(obj);
368 public static String histSubject(List<String> row) {
373 public static String histMemo(String fmt, String orgName, List<String> row) {
375 if(row.size()>5) { // Reason included
378 reason = String.format(fmt, row.get(1),orgName,row.get(4));
384 public static void clear() {