auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.cmd.user;
  23
  24 import org.onap.aaf.auth.cmd.AAFcli;
  25 import org.onap.aaf.auth.cmd.Cmd;
  26 import org.onap.aaf.auth.cmd.Param;
  27 import org.onap.aaf.auth.rserv.HttpMethods;
  28 import org.onap.aaf.cadi.CadiException;
  29 import org.onap.aaf.cadi.LocatorException;
  30 import org.onap.aaf.cadi.client.Future;
  31 import org.onap.aaf.cadi.client.Rcli;
  32 import org.onap.aaf.cadi.client.Retryable;
  33 import org.onap.aaf.misc.env.APIException;
  34
  35 import aaf.v2_0.CredRequest;
  36
  37 public class Cred extends Cmd {
  38     public static final String ATTEMPT_FAILED_SPECIFICS_WITHELD = "Attempt Failed.  Specifics witheld.";
  39     private static final String CRED_PATH = "/authn/cred";
  40     private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
  41 //        private Clean clean;
  42     public Cred(User parent) {
  43         super(parent,"cred",
  44                 new Param(optionsToString(options),true),
  45                 new Param("id",true),
  46                 new Param("password (! D|E)",false),
  47                 new Param("entry# (if multi)",false)
  48         );
  49 //            clean = new Clean(this);
  50     }
  51
  52     @Override
  53     public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
  54         int idx = _idx;
  55         String key = args[idx++];
  56         final int option = whichOption(options,key);
  57
  58         final CredRequest cr = new CredRequest();
  59         cr.setId(args[idx++]);
  60         if(option!=1 && option!=3) {
  61             if(idx>=args.length) throw new CadiException("Password Required");
  62             cr.setPassword(args[idx++]);
  63         }
  64         if(args.length>idx)
  65             cr.setEntry(args[idx++]);
  66
  67         // Set Start/End commands
  68         setStartEnd(cr);
  69 //            final int cleanIDX = _idx+1;
  70         Integer ret = same(new Retryable<Integer>() {
  71             @Override
  72             public Integer code(Rcli<?> client) throws CadiException, APIException {
  73                 Future<CredRequest> fp=null;
  74                 String verb =null;
  75                 switch(option) {
  76                     case 0:
  77                         fp = client.create(
  78                             CRED_PATH,
  79                             getDF(CredRequest.class),
  80                             cr
  81                             );
  82                         verb = "Added Credential [";
  83                         break;
  84                     case 1:
  85 //                            if(aafcli.addForce())cr.setForce("TRUE");
  86                         setQueryParamsOn(client);
  87                         fp = client.delete(CRED_PATH,
  88                             getDF(CredRequest.class),
  89                             cr
  90                             );
  91                         verb = "Deleted Credential [";
  92                         break;
  93                     case 2:
  94                         fp = client.update(
  95                             CRED_PATH,
  96                             getDF(CredRequest.class),
  97                             cr
  98                             );
  99                         verb = "Reset Credential [";
 100                         break;
 101                     case 3:
 102                         fp = client.update(
 103                             CRED_PATH+"/5",
 104                             getDF(CredRequest.class),
 105                             cr
 106                             );
 107                         verb = "Extended Credential [";
 108                         break;
 109 //                        case 4:
 110 //                            return clean.exec(cleanIDX, args);
 111                 }
 112                 if(fp==null) {
 113                     return null; // get by Sonar check.
 114                 }
 115                 if(fp.get(AAFcli.timeout())) {
 116                     pw().print(verb);
 117                     pw().print(cr.getId());
 118                     pw().println(']');
 119                 } else if(fp.code()==202) {
 120                         pw().println("Credential Action Accepted, but requires Approvals before actualizing");
 121                 } else if(fp.code()==406 && option==1) {
 122                         pw().println("You cannot delete this Credential");
 123                 } else {
 124                     pw().println(ATTEMPT_FAILED_SPECIFICS_WITHELD);
 125                 }
 126                 return fp.code();
 127             }
 128         });
 129         if(ret==null)ret = -1;
 130         return ret;
 131     }
 132
 133     @Override
 134     public void detailedHelp(int _indent, StringBuilder sb) {
 135             int indent = _indent;
 136         detailLine(sb,indent,"Add, Delete or Reset Credential");
 137         indent+=2;
 138         detailLine(sb,indent,"id       - the ID to create/delete/reset within AAF");
 139         detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)");
 140         detailLine(sb,indent,"entry    - selected option when deleting/resetting a cred with multiple entries");
 141         sb.append('\n');
 142         detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *");
 143         detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. ");
 144         detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com");
 145         sb.append('\n');
 146         detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
 147         detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
 148         sb.append('\n');
 149         detailLine(sb,indent,"*NOTE: com.att.csp is a reserved Domain for Global Sign On");
 150
 151         detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
 152         indent-=2;
 153         api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true);
 154         api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false);
 155         api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false);
 156     }
 157 }