2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.cm.mapper;
24 import java.io.IOException;
25 import java.util.ArrayList;
26 import java.util.List;
28 import org.onap.aaf.auth.cm.data.CertDrop;
29 import org.onap.aaf.auth.cm.data.CertRenew;
30 import org.onap.aaf.auth.cm.data.CertReq;
31 import org.onap.aaf.auth.cm.data.CertResp;
32 import org.onap.aaf.auth.cm.validation.CertmanValidator;
33 import org.onap.aaf.auth.dao.cass.ArtiDAO;
34 import org.onap.aaf.auth.dao.cass.ArtiDAO.Data;
35 import org.onap.aaf.auth.dao.cass.CertDAO;
36 import org.onap.aaf.auth.env.AuthzTrans;
37 import org.onap.aaf.auth.layer.Result;
38 import org.onap.aaf.cadi.util.FQI;
39 import org.onap.aaf.cadi.util.Vars;
41 import aaf.v2_0.Error;
42 import certman.v1_0.Artifacts;
43 import certman.v1_0.Artifacts.Artifact;
44 import certman.v1_0.BaseRequest;
45 import certman.v1_0.CertInfo;
46 import certman.v1_0.CertificateDrop;
47 import certman.v1_0.CertificateRenew;
48 import certman.v1_0.CertificateRequest;
51 public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
54 public Class<?> getClass(API api) {
56 case CERT_REQ: return CertificateRequest.class;
57 case CERT_RENEW: return CertificateRenew.class;
58 case CERT_DROP: return CertificateDrop.class;
59 case CERT: return CertInfo.class;
60 case ARTIFACTS: return Artifacts.class;
61 case ERROR: return Error.class;
62 case VOID: return Void.class;
67 @SuppressWarnings("unchecked")
69 public <A> A newInstance(API api) {
71 case CERT_REQ: return (A) new CertificateRequest();
72 case CERT_RENEW: return (A) new CertificateRenew();
73 case CERT_DROP: return (A) new CertificateDrop();
74 case CERT: return (A) new CertInfo();
75 case ARTIFACTS: return (A) new Artifacts();
76 case ERROR: return (A)new Error();
77 case VOID: return null;
82 ////////////// Mapping Functions /////////////
84 public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
85 Error err = new Error();
86 err.setMessageId(msgID);
87 // AT&T Restful Error Format requires numbers "%" placements
88 err.setText(Vars.convert(holder, text, var));
90 err.getVariables().add(s);
96 * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
99 public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
101 return Result.err(in);
104 CertResp cin = in.value;
105 CertInfo cout = newInstance(API.CERT);
106 cout.setPrivatekey(cin.privateString());
108 if((value=cin.challenge())!=null) {
109 cout.setChallenge(value);
111 // In Version 1, Cert is always first
112 cout.getCerts().add(cin.asCertString());
113 // Follow with Trust Chain
114 if(cin.trustChain()!=null) {
115 for(String c : cin.trustChain()) {
117 cout.getCerts().add(c);
122 // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
123 // Certs in keystore versus Truststore. Separate in Version 2_0
124 if(cin.trustCAs()!=null) {
125 for(String c : cin.trustCAs()) {
127 if(!cout.getCerts().contains(c)) {
128 cout.getCerts().add(c);
133 if(cin.notes()!=null) {
134 boolean first = true;
135 StringBuilder sb = new StringBuilder();
136 for(String n : cin.notes()) {
144 cout.setNotes(sb.toString());
146 List<String> caIssuerDNs = cout.getCaIssuerDNs();
147 for(String s : cin.caIssuerDNs()) {
150 cout.setEnv(cin.env());
151 return Result.ok(cout);
156 public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
158 CertInfo cout = newInstance(API.CERT);
159 List<String> certs = cout.getCerts();
160 for(CertDAO.Data cdd : in.value) {
163 return Result.ok(cout);
165 return Result.err(in);
170 * @see com.att.authz.certman.mapper.Mapper#toReq(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
173 public Result<CertReq> toReq(AuthzTrans trans, BaseRequest req) {
174 CertificateRequest in;
176 in = (CertificateRequest)req;
177 } catch(ClassCastException e) {
178 return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
181 CertReq out = new CertReq();
182 CertmanValidator v = new CertmanValidator();
183 out.mechid=in.getMechid();
184 out.fqdns=in.getFqdns();
185 v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid);
186 v.nullBlankMin("FQDNs", out.fqdns,1);
188 return Result.err(Result.ERR_BadData, v.errs());
190 out.emails = in.getEmail();
191 out.sponsor=in.getSponsor();
192 out.start = in.getStart();
193 out.end = in.getEnd();
194 out.fqdns = in.getFqdns();
195 return Result.ok(out);
199 * @see com.att.authz.certman.mapper.Mapper#toRenew(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
202 public Result<CertRenew> toRenew(AuthzTrans trans, BaseRequest req) {
203 return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
207 * @see com.att.authz.certman.mapper.Mapper#toDrop(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
210 public Result<CertDrop> toDrop(AuthzTrans trans, BaseRequest req) {
211 return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
215 * @see org.onap.aaf.auth.cm.mapper.Mapper#toArtifact(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
218 public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
219 List<ArtiDAO.Data> ladd = new ArrayList<>();
220 for(Artifact arti : artifacts.getArtifact()) {
221 ArtiDAO.Data data = new ArtiDAO.Data();
222 data.mechid = arti.getMechid();
223 data.machine = arti.getMachine();
224 data.type(true).addAll(arti.getType());
225 data.ca = arti.getCa();
226 data.dir = arti.getDir();
227 data.os_user = arti.getOsUser();
228 // Optional (on way in)
229 data.ns = arti.getNs();
230 data.renewDays = arti.getRenewDays();
231 data.notify = arti.getNotification();
233 // Ignored on way in for create/update
234 data.sponsor = arti.getSponsor();
237 // Derive Optional Data from Machine (Domain) if exists
238 if(data.machine!=null) {
239 if(data.ca==null && data.machine.endsWith(".att.com")) {
240 data.ca = "aaf"; // default
243 data.ns=FQI.reverseDomain(data.machine);
246 data.sans(true).addAll(arti.getSans());
253 * @see org.onap.aaf.auth.cm.mapper.Mapper#fromArtifacts(org.onap.aaf.auth.layer.test.Result)
256 public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
257 if(lArtiDAO.isOK()) {
258 Artifacts artis = new Artifacts();
259 for(ArtiDAO.Data arti : lArtiDAO.value) {
260 Artifact a = new Artifact();
261 a.setMechid(arti.mechid);
262 a.setMachine(arti.machine);
263 a.setSponsor(arti.sponsor);
267 a.getType().addAll(arti.type(false));
268 a.setOsUser(arti.os_user);
269 a.setRenewDays(arti.renewDays);
270 a.setNotification(arti.notify);
271 a.getSans().addAll(arti.sans(false));
272 artis.getArtifact().add(a);
274 return Result.ok(artis);
276 return Result.err(lArtiDAO);
Code Review / aaf / authz.git / blob