auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.cmd.user;
  23
  24 import org.onap.aaf.auth.cmd.AAFcli;
  25 import org.onap.aaf.auth.cmd.Cmd;
  26 import org.onap.aaf.auth.cmd.Param;
  27 import org.onap.aaf.auth.rserv.HttpMethods;
  28 import org.onap.aaf.cadi.CadiException;
  29 import org.onap.aaf.cadi.LocatorException;
  30 import org.onap.aaf.cadi.client.Future;
  31 import org.onap.aaf.cadi.client.Rcli;
  32 import org.onap.aaf.cadi.client.Retryable;
  33 import org.onap.aaf.misc.env.APIException;
  34
  35 import aaf.v2_0.CredRequest;
  36
  37 public class Cred extends Cmd {
  38         public static final String ATTEMPT_FAILED_SPECIFICS_WITHELD = "Attempt Failed.  Specifics witheld.";
  39         private static final String CRED_PATH = "/authn/cred";
  40         private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
  41 //              private Clean clean;
  42         public Cred(User parent) {
  43                 super(parent,"cred",
  44                                 new Param(optionsToString(options),true),
  45                                 new Param("id",true),
  46                                 new Param("password (! D|E)",false),
  47                                 new Param("entry# (if multi)",false)
  48                 );
  49 //                      clean = new Clean(this);
  50         }
  51
  52         @Override
  53         public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
  54             int idx = _idx;
  55                 String key = args[idx++];
  56                 final int option = whichOption(options,key);
  57
  58                 final CredRequest cr = new CredRequest();
  59                 cr.setId(args[idx++]);
  60                 if(option!=1 && option!=3) {
  61                         if(idx>=args.length) throw new CadiException("Password Required");
  62                         cr.setPassword(args[idx++]);
  63                 }
  64                 if(args.length>idx)
  65                         cr.setEntry(args[idx++]);
  66
  67                 // Set Start/End commands
  68                 setStartEnd(cr);
  69 //                      final int cleanIDX = _idx+1;
  70                 Integer ret = same(new Retryable<Integer>() {
  71                         @Override
  72                         public Integer code(Rcli<?> client) throws CadiException, APIException {
  73                                 Future<CredRequest> fp=null;
  74                                 String verb =null;
  75                                 switch(option) {
  76                                         case 0:
  77                                                 fp = client.create(
  78                                                         CRED_PATH,
  79                                                         getDF(CredRequest.class),
  80                                                         cr
  81                                                         );
  82                                                 verb = "Added Credential [";
  83                                                 break;
  84                                         case 1:
  85 //                                                      if(aafcli.addForce())cr.setForce("TRUE");
  86                                                 setQueryParamsOn(client);
  87                                                 fp = client.delete(CRED_PATH,
  88                                                         getDF(CredRequest.class),
  89                                                         cr
  90                                                         );
  91                                                 verb = "Deleted Credential [";
  92                                                 break;
  93                                         case 2:
  94                                                 fp = client.update(
  95                                                         CRED_PATH,
  96                                                         getDF(CredRequest.class),
  97                                                         cr
  98                                                         );
  99                                                 verb = "Reset Credential [";
 100                                                 break;
 101                                         case 3:
 102                                                 fp = client.update(
 103                                                         CRED_PATH+"/5",
 104                                                         getDF(CredRequest.class),
 105                                                         cr
 106                                                         );
 107                                                 verb = "Extended Credential [";
 108                                                 break;
 109 //                                              case 4:
 110 //                                                      return clean.exec(cleanIDX, args);
 111                                 }
 112                                 if(fp.get(AAFcli.timeout())) {
 113                                         pw().print(verb);
 114                                         pw().print(cr.getId());
 115                                         pw().println(']');
 116                                 } else if(fp.code()==202) {
 117                                                 pw().println("Credential Action Accepted, but requires Approvals before actualizing");
 118                                 } else if(fp.code()==406 && option==1) {
 119                                                 pw().println("You cannot delete this Credential");
 120                                 } else {
 121                                         pw().println(ATTEMPT_FAILED_SPECIFICS_WITHELD);
 122                                 }
 123                                 return fp.code();
 124                         }
 125                 });
 126                 if(ret==null)ret = -1;
 127                 return ret;
 128         }
 129
 130         @Override
 131         public void detailedHelp(int _indent, StringBuilder sb) {
 132                 int indent = _indent;
 133                 detailLine(sb,indent,"Add, Delete or Reset Credential");
 134                 indent+=2;
 135                 detailLine(sb,indent,"id       - the ID to create/delete/reset within AAF");
 136                 detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)");
 137                 detailLine(sb,indent,"entry    - selected option when deleting/resetting a cred with multiple entries");
 138                 sb.append('\n');
 139                 detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *");
 140                 detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. ");
 141                 detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com");
 142                 sb.append('\n');
 143                 detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
 144                 detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
 145                 sb.append('\n');
 146                 detailLine(sb,indent,"*NOTE: com.att.csp is a reserved Domain for Global Sign On");
 147
 148                 detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
 149                 indent-=2;
 150                 api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true);
 151                 api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false);
 152                 api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false);
 153         }
 154 }