* org.onap.aaf
* ===========================================================================
* Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * Modifications Copyright (C) 2019 IBM.
* ===========================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
private final RosettaDF<ARTIFACTS> artiDF;
private Mapper<REQ, CERT, ARTIFACTS, ERROR> mapper;
// private Slot sCertAuth;
- private AAF_CM certman;
private final String voidResp;
public FacadeImpl(AAF_CM certman,
Data.TYPE dataType) throws APIException {
this.service = service;
this.mapper = mapper;
- this.certman = certman;
AuthzEnv env = certman.env;
//TODO: Gabe [JUnit] Static issue, talk to Jonathan
(errDF = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType);
(certDF = env.newDataFactory(mapper.getClass(API.CERT))).in(dataType).out(dataType);
(artiDF = env.newDataFactory(mapper.getClass(API.ARTIFACTS))).in(dataType).out(dataType);
// sCertAuth = env.slot(API_Cert.CERT_AUTH);
- if(artiDF.getOutType().name().contains("xml")) {
+ if (artiDF.getOutType().name().contains("xml")) {
voidResp = "application/Void+xml;charset=utf-8;version=1.0,application/xml;version=1.0,*/*";
} else {
voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*";
public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
error(trans, response, result.status,
result.details==null?"":result.details.trim(),
- result.variables==null?new String[0]:result.variables);
+ result.variables==null?Result.EMPTY_VARS:result.variables);
}
@Override
- public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final String ... _detail) {
+ public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final Object ... _detail) {
String msgId;
String prefix;
boolean hidemsg=false;
"] " +
holder.toString(),
Env.ALWAYS);
- if(hidemsg) {
+ if (hidemsg) {
holder.setLength(0);
em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
}
default:
return Result.err(Result.ERR_BadData,"Invalid Perm String");
}
- if(certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
+ if (AAF_CM.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
resp.setContentType(voidResp);
resp.getOutputStream().write(0);
return Result.ok();
try {
Data<REQ> rd = certRequestDF.newData().load(req.getInputStream());
request = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,REQUEST_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca);
- if(rcr.notOK()) {
+ if (rcr.notOK()) {
return Result.err(rcr);
}
-// CA certAuth = trans.get(sCertAuth,null);
Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
- switch(rc.status) {
- case OK:
- RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
- data.to(resp.getOutputStream());
-
- setContentType(resp,certDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rc);
+ if (rc.status == OK) {
+ RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+ data.to(resp.getOutputStream());
+
+ setContentType(resp, certDF.getOutType());
+ return Result.ok();
}
+ return Result.err(rc);
} catch (Exception e) {
trans.error().log(e,IN,REQUEST_CERT);
*/
@Override
public Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) {
- return Result.err(Result.ERR_NotImplemented,"not implemented yet");
-// Result<CertResp> rcr = service.requestPersonalCert(trans,ca);
-// if(rcr.notOK()) {
-// return Result.err(rcr);
-// } else {
-// try {
-// resp.setContentType("application/zip, application/octet-stream");
-// ZipOutputStream zos = new ZipOutputStream(resp.getOutputStream());
-// PrintStream ps = new PrintStream(zos);
-// ZipEntry ze = new ZipEntry(trans.user()+".key");
-// zos.putNextEntry(ze);
-// ps.print(rcr.value.privateString());
-// zos.closeEntry();
-//
-// zos.putNextEntry(new ZipEntry(trans.user()+".crt"));
-// ps.print(rcr.value.asCertString());
-// zos.closeEntry();
-//
-// String wt;
-// if((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) {
-// zos.putNextEntry(new ZipEntry(trans.user()+".trustCrts"));
-// for(String s : ca.getTrustChain()) {
-// ps.println(s);
-// }
-// zos.closeEntry();
-// }
-//
-// boolean withJKS = (wt=req.getParameter("withJKS"))!=null || TRUE.equalsIgnoreCase(wt);
-// if(withJKS) {
-// if(trans.getUserPrincipal() instanceof BasicPrincipal) {
-// char[] cap = new String(((BasicPrincipal)trans.getUserPrincipal()).getCred()).toCharArray();
-// KeyStore ks = keystore(trans, rcr.value, ca.getTrustChain(), trans.user(), cap);
-// zos.putNextEntry(new ZipEntry(trans.user()+".jks"));
-// ks.store(zos, cap);
-// zos.closeEntry();
-// }
-// }
-//
-// zos.putNextEntry(new ZipEntry("cert_deploy.sh"));
-// ps.println("# Deploy Certificate to ~/.aaf");
-// ps.println("if [ \"$1\" = \"\" ]; then echo \"sh deploy.sh <zipfile>\";exit; else chmod 700 $HOME/.aaf; fi");
-// ps.println("chmod 600 $1");
-// ps.println("if [ ! -e $HOME/.aaf ]; then mkdir -m 700 $HOME/.aaf; fi");
-// ps.println("THE_PWD=`pwd`");
-// ps.println("cd $HOME/.aaf");
-// ps.println("echo \"Deploying to `pwd`\"");
-// ps.println("jar -xvf $THE_PWD/$1 " + trans.user());
-// ps.println("chmod 600 " + trans.user() + ".key");
-// if(withJKS) {
-// ps.println("chmod 600 " + trans.user() + ".jks");
-// }
-// ps.println("cd $THE_PWD");
-// ps.println("rm cert_deploy.sh");
-// zos.closeEntry();
-//
-//
-// zos.close();
-//
-// } catch (IOException | KeyStoreException | CertificateException | APIException | CertException | NoSuchAlgorithmException e) {
-// return Result.err(e);
-// }
-// }
-//
-// return Result.ok();
+ return Result.err(Result.ERR_NotImplemented, "not implemented yet");
}
-// private KeyStore keystore(AuthzTrans trans, CertResp cr, String[] trustChain, String name, char[] cap) throws KeyStoreException, CertificateException, APIException, IOException, CertException, NoSuchAlgorithmException {
-// KeyStore jks = KeyStore.getInstance("jks");
-// jks.load(null, cap);
-//
-// // Get the Cert(s)... Might include Trust store
-// List<String> lcerts = new ArrayList<>();
-// lcerts.add(cr.asCertString());
-// for(String s : trustChain) {
-// lcerts.add(s);
-// }
-//
-// Collection<? extends Certificate> certColl = Factory.toX509Certificate(lcerts);
-// X509Certificate[] certs = new X509Certificate[certColl.size()];
-// certColl.toArray(certs);
-// KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(cap);
-//
-// PrivateKey pk = Factory.toPrivateKey(trans, cr.privateString());
-// KeyStore.PrivateKeyEntry pkEntry =
-// new KeyStore.PrivateKeyEntry(pk, new Certificate[] {certs[0]});
-// jks.setEntry(name, pkEntry, protParam);
-//
-// int i=0;
-// for(X509Certificate x509 : certs) {
-// jks.setCertificateEntry("cert_"+ ++i, x509);
-// }
-// return jks;
-// }
-
@Override
public Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust) {
TimeTaken tt = trans.start(RENEW_CERT, Env.SUB|Env.ALWAYS);
try {
Data<REQ> rd = certRenewDF.newData().load(req.getInputStream());
request = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,RENEW_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
-// String certAuth = trans.get(sCertAuth,null);
Result<CertResp> rcr = service.renewCert(trans,mapper.toRenew(trans,request));
Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
- switch(rc.status) {
- case OK:
- RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
- data.to(resp.getOutputStream());
+ if (rc.status == OK) {
+ RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+ data.to(resp.getOutputStream());
- setContentType(resp,certDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rc);
+ setContentType(resp, certDF.getOutType());
+ return Result.ok();
}
+ return Result.err(rc);
} catch (Exception e) {
trans.error().log(e,IN,RENEW_CERT);
return Result.err(e);
try {
Data<REQ> rd = certDropDF.newData().load(req.getInputStream());
request = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,DROP_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
Result<Void> rv = service.dropCert(trans,mapper.toDrop(trans, request));
- switch(rv.status) {
- case OK:
- setContentType(resp,certRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rv);
+ if (rv.status == OK) {
+ setContentType(resp, certRequestDF.getOutType());
+ return Result.ok();
}
+ return Result.err(rv);
} catch (Exception e) {
trans.error().log(e,IN,DROP_CERT);
return Result.err(e);
TimeTaken tt = trans.start(READ_CERTS_MECHID, Env.SUB|Env.ALWAYS);
try {
Result<CERT> rc = mapper.toCert(trans, service.readCertsByMechID(trans,mechID));
- switch(rc.status) {
- case OK:
- RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
- data.to(resp.getOutputStream());
-
- setContentType(resp,certDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rc);
+ if (rc.status == OK) {
+ RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+ data.to(resp.getOutputStream());
+
+ setContentType(resp, certDF.getOutType());
+ return Result.ok();
}
+ return Result.err(rc);
} catch (Exception e) {
trans.error().log(e,IN,READ_CERTS_MECHID);
return Result.err(e);
try {
Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
arti = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
String ns = req.getParameter("ns");
Result<ARTIFACTS> ra;
- if( machine !=null && mechid == null) {
+ if ( machine !=null && mechid == null) {
ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine));
- } else if(mechid!=null && machine==null) {
+ } else if (mechid!=null && machine==null) {
ra = mapper.fromArtifacts(service.readArtifactsByMechID(trans, mechid));
- } else if(mechid!=null && machine!=null) {
+ } else if (mechid!=null && machine!=null) {
ArtiDAO.Data add = new ArtiDAO.Data();
add.mechid = mechid;
add.machine = machine;
add.ns = ns;
ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
- } else if(ns!=null) {
+ } else if (ns!=null) {
ra = mapper.fromArtifacts(service.readArtifactsByNs(trans, ns));
} else {
ra = Result.err(Status.ERR_BadData,"Invalid request inputs");
}
- if(ra.isOK()) {
+ if (ra.isOK()) {
RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
data.to(resp.getOutputStream());
setContentType(resp,artiDF.getOutType());
add.mechid = mechid;
add.machine = machine;
Result<ARTIFACTS> ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
- if(ra.isOK()) {
+ if (ra.isOK()) {
RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
data.to(resp.getOutputStream());
setContentType(resp,artiDF.getOutType());
try {
Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
arti = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
try {
Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
arti = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
Result<Void> rv = service.deleteArtifact(trans,mapper.toArtifact(trans,arti));
- switch(rv.status) {
- case OK:
- setContentType(resp,artiDF.getOutType());
- }
+ if (rv.status == OK) {
+ setContentType(resp, artiDF.getOutType());
+ }
return rv;
} catch (Exception e) {
trans.error().log(e,IN,DELETE_ARTIFACTS);
TimeTaken tt = trans.start(DELETE_ARTIFACTS, Env.SUB);
try {
Result<Void> rv = service.deleteArtifact(trans, mechid, machine);
- switch(rv.status) {
- case OK:
- setContentType(resp,artiDF.getOutType());
- }
+ if (rv.status == OK) {
+ setContentType(resp, artiDF.getOutType());
+ }
return rv;
} catch (Exception e) {
trans.error().log(e,IN,DELETE_ARTIFACTS);
Code Review / aaf / authz.git / blobdiff