auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.cmd.user;
  23
  24 import org.onap.aaf.auth.cmd.AAFcli;
  25 import org.onap.aaf.auth.cmd.Cmd;
  26 import org.onap.aaf.auth.cmd.Param;
  27 import org.onap.aaf.auth.rserv.HttpMethods;
  28 import org.onap.aaf.cadi.CadiException;
  29 import org.onap.aaf.cadi.LocatorException;
  30 import org.onap.aaf.cadi.client.Future;
  31 import org.onap.aaf.cadi.client.Rcli;
  32 import org.onap.aaf.cadi.client.Retryable;
  33 import org.onap.aaf.misc.env.APIException;
  34
  35 import aaf.v2_0.CredRequest;
  36
  37 public class Cred extends Cmd {
  38     public static final String ATTEMPT_FAILED_SPECIFICS_WITHELD = "Attempt Failed.  Specifics witheld.";
  39     private static final String CRED_PATH = "/authn/cred";
  40     private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
  41     public Cred(User parent) {
  42         super(parent,"cred",
  43                 new Param(optionsToString(options),true),
  44                 new Param("id",true),
  45                 new Param("password (! D|E)",false),
  46                 new Param("entry# (if multi)",false)
  47         );
  48     }
  49
  50     @Override
  51     public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
  52         int idx = _idx;
  53         String key = args[idx++];
  54         final int option = whichOption(options,key);
  55
  56         final CredRequest cr = new CredRequest();
  57         cr.setId(args[idx++]);
  58         if (option!=1 && option!=3) {
  59             if (idx>=args.length) throw new CadiException("Password Required");
  60             cr.setPassword(args[idx++]);
  61         }
  62         if (args.length>idx)
  63             cr.setEntry(args[idx]);
  64
  65         // Set Start/End commands
  66         setStartEnd(cr);
  67         Integer ret = same(new Retryable<Integer>() {
  68             @Override
  69             public Integer code(Rcli<?> client) throws CadiException, APIException {
  70                 Future<CredRequest> fp=null;
  71                 String verb =null;
  72                 switch(option) {
  73                     case 0:
  74                         fp = client.create(
  75                             CRED_PATH,
  76                             getDF(CredRequest.class),
  77                             cr
  78                             );
  79                         verb = "Added Credential [";
  80                         break;
  81                     case 1:
  82                         setQueryParamsOn(client);
  83                         fp = client.delete(CRED_PATH,
  84                             getDF(CredRequest.class),
  85                             cr
  86                             );
  87                         verb = "Deleted Credential [";
  88                         break;
  89                     case 2:
  90                         fp = client.update(
  91                             CRED_PATH,
  92                             getDF(CredRequest.class),
  93                             cr
  94                             );
  95                         verb = "Reset Credential [";
  96                         break;
  97                     case 3:
  98                         fp = client.update(
  99                             CRED_PATH+"/5",
 100                             getDF(CredRequest.class),
 101                             cr
 102                             );
 103                         verb = "Extended Credential [";
 104                         break;
 105                     default:
 106                         break;
 107                 }
 108                 if (fp==null) {
 109                     return null; // get by Sonar check.
 110                 }
 111                 if (fp.get(AAFcli.timeout())) {
 112                     pw().print(verb);
 113                     pw().print(cr.getId());
 114                     pw().println(']');
 115                 } else if (fp.code()==202) {
 116                         pw().println("Credential Action Accepted, but requires Approvals before actualizing");
 117                 } else if (fp.code()==406 && option==1) {
 118                         pw().println("You cannot delete this Credential");
 119                 } else {
 120                     pw().println(ATTEMPT_FAILED_SPECIFICS_WITHELD);
 121                 }
 122                 return fp.code();
 123             }
 124         });
 125         if (ret==null)ret = -1;
 126         return ret;
 127     }
 128
 129     @Override
 130     public void detailedHelp(int _indent, StringBuilder sb) {
 131             int indent = _indent;
 132         detailLine(sb,indent,"Add, Delete or Reset Credential");
 133         indent+=2;
 134         detailLine(sb,indent,"id       - the ID to create/delete/reset within AAF");
 135         detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)");
 136         detailLine(sb,indent,"entry    - selected option when deleting/resetting a cred with multiple entries");
 137         sb.append('\n');
 138         detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *");
 139         detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. ");
 140         detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com");
 141         sb.append('\n');
 142         detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
 143         detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
 144         sb.append('\n');
 145         detailLine(sb,indent,"*NOTE: com.att.csp is a reserved Domain for Global Sign On");
 146
 147         detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
 148         indent-=2;
 149         api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true);
 150         api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false);
 151         api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false);
 152     }
 153 }