2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.cm.api;
24 import javax.servlet.http.HttpServletRequest;
25 import javax.servlet.http.HttpServletResponse;
27 import org.eclipse.jetty.http.HttpStatus;
28 import org.onap.aaf.auth.cm.AAF_CM;
29 import org.onap.aaf.auth.cm.ca.CA;
30 import org.onap.aaf.auth.cm.mapper.Mapper.API;
31 import org.onap.aaf.auth.cm.service.Code;
32 import org.onap.aaf.auth.env.AuthzTrans;
33 import org.onap.aaf.auth.layer.Result;
34 import org.onap.aaf.auth.rserv.HttpMethods;
35 import org.onap.aaf.misc.env.Slot;
38 * API Apis.. using Redirect for mechanism
43 public class API_Cert {
44 public static final String CERT_AUTH = "CertAuthority";
45 private static Slot sCertAuth;
48 * Normal Init level APIs
54 public static void init(final AAF_CM aafCM) throws Exception {
55 // Check for Created Certificate Authorities in TRANS
56 sCertAuth = aafCM.env.slot(CERT_AUTH);
61 aafCM.route(HttpMethods.PUT,"/cert/:ca",API.CERT_REQ,new Code(aafCM,"Request Certificate") {
63 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
64 String key = pathParam(req, ":ca");
66 if ((ca = aafCM.getCA(key))==null) {
67 context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
69 trans.put(sCertAuth, ca);
70 Result<Void> r = context.requestCert(trans, req, resp, ca);
72 resp.setStatus(HttpStatus.OK_200);
74 context.error(trans,resp,r);
80 aafCM.route(HttpMethods.GET,"/cert/:ca/personal",API.CERT,new Code(aafCM,"Request Personal Certificate") {
82 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
83 String key = pathParam(req, ":ca");
85 if ((ca = aafCM.getCA(key))==null) {
86 context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
88 trans.put(sCertAuth, ca);
89 Result<Void> r = context.requestPersonalCert(trans, req, resp, ca);
91 resp.setStatus(HttpStatus.OK_200);
93 context.error(trans,resp,r);
103 aafCM.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(aafCM,"Check Permission") {
105 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
106 Result<Void> r = context.check(trans, resp, pathParam(req,"perm"));
108 resp.setStatus(HttpStatus.OK_200);
110 trans.checkpoint(r.errorString());
111 context.error(trans,resp,Result.err(Result.ERR_Denied,"%s does not have Permission.",trans.user()));
117 * Get Cert by ID and Machine
124 aafCM.route(HttpMethods.GET, "/cert/id/:id", API.CERT, new Code(aafCM,"GetByID") {
126 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
127 Result<Void> r = context.readCertsByMechID(trans, resp, pathParam(req,"id"));
129 resp.setStatus(HttpStatus.OK_200);
131 context.error(trans,resp,r);
138 * Get Certs by Machine