authz-certman/src/main/java/com/att/authz/cm/api/API_Cert.java

   1 /*******************************************************************************\r
   2  * ============LICENSE_START====================================================\r
   3  * * org.onap.aai\r
   4  * * ===========================================================================\r
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * * Copyright © 2017 Amdocs\r
   7  * * ===========================================================================\r
   8  * * Licensed under the Apache License, Version 2.0 (the "License");\r
   9  * * you may not use this file except in compliance with the License.\r
  10  * * You may obtain a copy of the License at\r
  11  * * \r
  12  *  *      http://www.apache.org/licenses/LICENSE-2.0\r
  13  * * \r
  14  *  * Unless required by applicable law or agreed to in writing, software\r
  15  * * distributed under the License is distributed on an "AS IS" BASIS,\r
  16  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  17  * * See the License for the specific language governing permissions and\r
  18  * * limitations under the License.\r
  19  * * ============LICENSE_END====================================================\r
  20  * *\r
  21  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
  22  * *\r
  23  ******************************************************************************/\r
  24 package com.att.authz.cm.api;\r
  25 \r
  26 import javax.servlet.http.HttpServletRequest;\r
  27 import javax.servlet.http.HttpServletResponse;\r
  28 \r
  29 import com.att.aft.dme2.internal.jetty.http.HttpStatus;\r
  30 import com.att.authz.cm.ca.CA;\r
  31 import com.att.authz.cm.mapper.Mapper.API;\r
  32 import com.att.authz.cm.service.CertManAPI;\r
  33 import com.att.authz.cm.service.Code;\r
  34 import com.att.authz.env.AuthzTrans;\r
  35 import com.att.authz.layer.Result;\r
  36 import com.att.cssa.rserv.HttpMethods;\r
  37 import com.att.inno.env.Slot;\r
  38 import com.att.inno.env.TransStore;\r
  39 \r
  40 /**\r
  41  * API Apis.. using Redirect for mechanism\r
  42  * \r
  43  *\r
  44  */\r
  45 public class API_Cert {\r
  46         public static final String CERT_AUTH = "CertAuthority";\r
  47         private static Slot sCertAuth;\r
  48 \r
  49         /**\r
  50          * Normal Init level APIs\r
  51          * \r
  52          * @param cmAPI\r
  53          * @param facade\r
  54          * @throws Exception\r
  55          */\r
  56         public static void init(final CertManAPI cmAPI) throws Exception {\r
  57                 // Check for Created Certificate Authorities in TRANS\r
  58                 sCertAuth = ((TransStore) cmAPI.env).slot(CERT_AUTH);\r
  59                 \r
  60                 ////////\r
  61                 // Overall APIs\r
  62                 ///////\r
  63                 cmAPI.route(HttpMethods.PUT,"/cert/:ca",API.CERT_REQ,new Code(cmAPI,"Request Certificate") {\r
  64                         @Override\r
  65                         public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {\r
  66                                 String key = pathParam(req, ":ca");\r
  67                                 CA ca;\r
  68                                 if((ca = cmAPI.getCA(key))==null) {\r
  69                                         context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);\r
  70                                 } else {\r
  71                                         trans.put(sCertAuth, ca);\r
  72                                         \r
  73                                         Result<Void> r = context.requestCert(trans, req, resp, req.getParameter("withTrust")!=null);\r
  74                                         if(r.isOK()) {\r
  75                                                 resp.setStatus(HttpStatus.OK_200);\r
  76                                         } else {\r
  77                                                 context.error(trans,resp,r);\r
  78                                         }\r
  79                                 }\r
  80                         }\r
  81                 });\r
  82                 \r
  83                 /**\r
  84                  * \r
  85                  */\r
  86                 cmAPI.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(cmAPI,"Check Permission") {\r
  87                         @Override\r
  88                         public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {\r
  89                                 Result<Void> r = context.check(trans, resp, pathParam(req,"perm"));\r
  90                                 if(r.isOK()) {\r
  91                                         resp.setStatus(HttpStatus.OK_200);\r
  92                                 } else {\r
  93                                         trans.checkpoint(r.errorString());\r
  94                                         context.error(trans,resp,Result.err(Result.ERR_Denied,"%s does not have Permission.",trans.user()));\r
  95                                 }\r
  96                         }\r
  97                 });\r
  98 \r
  99         }\r
 100 }\r