public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
- private static final String USER_PERMS = "userPerms";
- private static final Map<String,CA> certAuths = new TreeMap<>();
- public Facade1_0 facade1_0; // this is the default Facade
- public Facade1_0 facade1_0_XML; // this is the XML Facade
- public Map<String, Dated> cacheUser;
- public AAFAuthn<?> aafAuthn;
- public AAFLurPerm aafLurPerm;
- final public Cluster cluster;
- public final LocateDAO locateDAO;
-
-
- /**
- * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
- * @param env
- * @param si
- * @param dm
- * @param decryptor
- * @throws APIException
- */
- public AAF_CM(AuthzEnv env) throws Exception {
- super(env.access(),env);
- aafLurPerm = aafCon().newLur();
- // Note: If you need both Authn and Authz construct the following:
- aafAuthn = aafCon().newAuthn(aafLurPerm);
-
- String aaf_env = env.getProperty(Config.AAF_ENV);
- if(aaf_env==null) {
- throw new APIException("aaf_env needs to be set");
- }
-
- // Initialize Facade for all uses
- AuthzTrans trans = env.newTrans();
-
- cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
- locateDAO = new LocateDAO(trans,cluster,CassAccess.KEYSPACE);
-
- // Have AAFLocator object Create DirectLocators for Location needs
- AbsAAFLocator.setCreator(new DirectLocatorCreator(env, locateDAO));
-
- // Load Supported Certificate Authorities by property
- // Note: Some will be dynamic Properties, so we need to look through all
- for(Entry<Object, Object> es : env.access().getProperties().entrySet()) {
- String key = es.getKey().toString();
- if(key.startsWith(CA.CM_CA_PREFIX)) {
- int idx = key.indexOf('.');
- if(idx==key.lastIndexOf('.')) { // else it's a regular property
-
- env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1));
- String[] segs = Split.split(',', env.getProperty(key));
- if(segs.length>0) {
- String[][] multiParams = new String[segs.length-1][];
- for(int i=0;i<multiParams.length;++i) {
- multiParams[i]=Split.split(';',segs[1+i]);
- }
- @SuppressWarnings("unchecked")
- Class<CA> cac = (Class<CA>)Class.forName(segs[0]);
- Constructor<CA> cons = cac.getConstructor(new Class<?>[] {
- Access.class,String.class,String.class,String[][].class
- });
- Object pinst[] = new Object[4];
- pinst[0]=env;
- pinst[1]= key.substring(idx+1);
- pinst[2]= aaf_env;
- pinst[3] = multiParams;
- CA ca = cons.newInstance(pinst);
- certAuths.put(ca.getName(),ca);
- }
- }
- }
- }
- if(certAuths.size()==0) {
- throw new APIException("No Certificate Authorities have been configured in CertMan");
- }
-
- CMService service = new CMService(trans, this);
- // note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor
- facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade
- facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML);
-
-
- synchronized(env) {
- if(cacheUser == null) {
- cacheUser = Cache.obtain(USER_PERMS);
- Cache.startCleansing(env, USER_PERMS);
- }
- }
-
- ////////////////////////////////////////////////////////////////////////////
- // APIs
- ////////////////////////////////////////////////////////////////////////
- API_Cert.init(this);
- API_Artifact.init(this);
-
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(2, sb);
- trans.init().log(sb);
- }
-
- public CA getCA(String key) {
- return certAuths.get(key);
- }
-
- /**
- * Setup XML and JSON implementations for each supported Version type
- *
- * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
- * to do Versions and Content switches
- *
- */
- public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
- String version = "1.0";
- // Get Correct API Class from Mapper
- Class<?> respCls = facade1_0.mapper().getClass(api);
- if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
- // setup Application API HTML ContentTypes for JSON and Route
- String application = applicationJSON(respCls, version);
- route(env,meth,path,code,application,"application/json;version="+version,"*/*");
-
- // setup Application API HTML ContentTypes for XML and Route
- application = applicationXML(respCls, version);
- route(env,meth,path,code.clone(facade1_0_XML),application,"application/xml;version="+version);
-
- // Add other Supported APIs here as created
- }
-
- public void routeAll(HttpMethods meth, String path, API api, Code code) throws Exception {
- route(env,meth,path,code,""); // this will always match
- }
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- try {
- return new Filter[] {
- new AuthzTransFilter(env,aafCon(),
- new AAFTrustChecker((Env)env),
- additionalTafLurs)
- };
- } catch (NumberFormatException e) {
- throw new CadiException("Invalid Property information", e);
- }
- }
-
- @SuppressWarnings("unchecked")
- @Override
-
public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
- return new Registrant[] {
- new DirectRegistrar(access,locateDAO,app_name,app_version,port)
- };
- }
-
- public void destroy() {
- Cache.stopTimer();
- locateDAO.close(env.newTransNoAvg());
- cluster.close();
- }
-
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "cm");
- PropAccess propAccess = new PropAccess(logIt,args);
-
- AAF_CM service = new AAF_CM(new AuthzEnv(propAccess));
-
JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ private static final String USER_PERMS = "userPerms";
+ private static final Map<String,CA> certAuths = new TreeMap<>();
+ public Facade1_0 facade1_0; // this is the default Facade
+ public Facade1_0 facade1_0_XML; // this is the XML Facade
+ public Map<String, Dated> cacheUser;
+ public AAFAuthn<?> aafAuthn;
+ public AAFLurPerm aafLurPerm;
+ final public Cluster cluster;
+ public final LocateDAO locateDAO;
+
+
+ /**
+ * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
+ *
+ * @param env
+ * @param si
+ * @param dm
+ * @param decryptor
+ * @throws APIException
+ */
+ public AAF_CM(AuthzEnv env) throws Exception {
+ super(env.access(),env);
+ aafLurPerm = aafCon().newLur();
+ // Note: If you need both Authn and Authz construct the following:
+ aafAuthn = aafCon().newAuthn(aafLurPerm);
+
+ String aaf_env = env.getProperty(Config.AAF_ENV);
+ if(aaf_env==null) {
+ throw new APIException("aaf_env needs to be set");
+ }
+
+ // Initialize Facade for all uses
+ AuthzTrans trans = env.newTrans();
+
+ cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
+ locateDAO = new LocateDAO(trans,cluster,CassAccess.KEYSPACE);
+
+ // Have AAFLocator object Create DirectLocators for Location needs
+ AbsAAFLocator.setCreator(new DirectLocatorCreator(env, locateDAO));
+
+ // Load Supported Certificate Authorities by property
+ // Note: Some will be dynamic Properties, so we need to look through all
+ for(Entry<Object, Object> es : env.access().getProperties().entrySet()) {
+ String key = es.getKey().toString();
+ if(key.startsWith(CA.CM_CA_PREFIX)) {
+ int idx = key.indexOf('.');
+ if(idx==key.lastIndexOf('.')) { // else it's a regular property
+
+ env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1));
+ String[] segs = Split.split(',', env.getProperty(key));
+ if(segs.length>0) {
+ String[][] multiParams = new String[segs.length-1][];
+ for(int i=0;i<multiParams.length;++i) {
+ multiParams[i]=Split.split(';',segs[1+i]);
+ }
+ @SuppressWarnings("unchecked")
+ Class<CA> cac = (Class<CA>)Class.forName(segs[0]);
+ Constructor<CA> cons = cac.getConstructor(new Class<?>[] {
+ Access.class,String.class,String.class,String[][].class
+ });
+ Object pinst[] = new Object[4];
+ pinst[0]=env;
+ pinst[1]= key.substring(idx+1);
+ pinst[2]= aaf_env;
+ pinst[3] = multiParams;
+ CA ca = cons.newInstance(pinst);
+ certAuths.put(ca.getName(),ca);
+ }
+ }
+ }
+ }
+ if(certAuths.size()==0) {
+ throw new APIException("No Certificate Authorities have been configured in CertMan");
+ }
+
+ CMService service = new CMService(trans, this);
+ // note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor
+ facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade
+ facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML);
+
+
+ synchronized(env) {
+ if(cacheUser == null) {
+ cacheUser = Cache.obtain(USER_PERMS);
+ Cache.startCleansing(env, USER_PERMS);
+ }
+ }
+
+ ////////////////////////////////////////////////////////////////////////////
+ // APIs
+ ////////////////////////////////////////////////////////////////////////
+ API_Cert.init(this);
+ API_Artifact.init(this);
+
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(2, sb);
+ trans.init().log(sb);
+ }
+
+ public CA getCA(String key) {
+ return certAuths.get(key);
+ }
+
+ /**
+ * Setup XML and JSON implementations for each supported Version type
+ *
+ * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
+ * to do Versions and Content switches
+ *
+ */
+ public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
+ String version = "1.0";
+ // Get Correct API Class from Mapper
+ Class<?> respCls = facade1_0.mapper().getClass(api);
+ if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
+ // setup Application API HTML ContentTypes for JSON and Route
+ String application = applicationJSON(respCls, version);
+ route(env,meth,path,code,application,"application/json;version="+version,"*/*");
+
+ // setup Application API HTML ContentTypes for XML and Route
+ application = applicationXML(respCls, version);
+ route(env,meth,path,code.clone(facade1_0_XML),application,"application/xml;version="+version);
+
+ // Add other Supported APIs here as created
+ }
+
+ public void routeAll(HttpMethods meth, String path, API api, Code code) throws Exception {
+ route(env,meth,path,code,""); // this will always match
+ }
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ try {
+ return new Filter[] {
+ new AuthzTransFilter(env,aafCon(),
+ new AAFTrustChecker((Env)env),
+ additionalTafLurs)
+ };
+ } catch (NumberFormatException e) {
+ throw new CadiException("Invalid Property information", e);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
+ return new Registrant[] {
+ new DirectRegistrar(access,locateDAO,app_name,app_version,port)
+ };
+ }
+
+ public void destroy() {
+ Cache.stopTimer();
+ locateDAO.close(env.newTransNoAvg());
+ cluster.close();
+ }
+
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "cm");
+ PropAccess propAccess = new PropAccess(logIt,args);
+
+ AAF_CM service = new AAF_CM(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
Code Review / aaf / authz.git / blobdiff