* org.onap.aaf
* ===========================================================================
* Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ *
+ * Modifications Copyright (C) 2019 IBM.
* ===========================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
package org.onap.aaf.auth.cmd.user;
+import java.util.List;
+
import org.onap.aaf.auth.cmd.AAFcli;
import org.onap.aaf.auth.cmd.Cmd;
import org.onap.aaf.auth.cmd.Param;
import org.onap.aaf.auth.rserv.HttpMethods;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.aaf.client.ErrMessage;
import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.client.Rcli;
import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.CredRequest;
+import aaf.v2_0.Error;
public class Cred extends Cmd {
public static final String ATTEMPT_FAILED_SPECIFICS_WITHELD = "Attempt Failed. Specifics witheld.";
private static final String CRED_PATH = "/authn/cred";
private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
- public Cred(User parent) {
+ private ErrMessage em;
+ public Cred(User parent) throws APIException {
super(parent,"cred",
new Param(optionsToString(options),true),
new Param("id",true),
new Param("password (! D|E)",false),
new Param("entry# (if multi)",false)
);
+ em = new ErrMessage(aafcli.env());
}
@Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
+ public int _exec(int idxVar, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = idxVar;
String key = args[idx++];
final int option = whichOption(options,key);
final CredRequest cr = new CredRequest();
cr.setId(args[idx++]);
if (option!=1 && option!=3) {
- if (idx>=args.length) throw new CadiException("Password Required");
+ if (idx>=args.length) {
+ throw new CadiException("Password Required");
+ }
cr.setPassword(args[idx++]);
}
- if (args.length>idx)
+ if (args.length>idx) {
cr.setEntry(args[idx]);
-
+ }
+
// Set Start/End commands
setStartEnd(cr);
Integer ret = same(new Retryable<Integer>() {
switch(option) {
case 0:
fp = client.create(
- CRED_PATH,
- getDF(CredRequest.class),
+ CRED_PATH,
+ getDF(CredRequest.class),
cr
);
verb = "Added Credential [";
pw().println(']');
} else if (fp.code()==202) {
pw().println("Credential Action Accepted, but requires Approvals before actualizing");
+ } else if (fp.code()==300 || fp.code()==406) {
+ Error err = em.getError(fp);
+ String text = err.getText();
+ List<String> vars = err.getVariables();
+
+ // IMPORTANT! We do this backward, because it is looking for string
+ // %1 or %13. If we replace %1 first, that messes up %13
+ for(int i=vars.size()-1;i>0;--i) {
+ text = text.replace("%"+(i+1), (i<10?" ":"") + i+") " + vars.get(i));
+ }
+
+ text = text.replace("%1",vars.get(0));
+ pw().println(text);
} else if (fp.code()==406 && option==1) {
pw().println("You cannot delete this Credential");
+ } else if (fp.code()==409 && option==0) {
+ pw().println("You cannot add two Passwords for same day");
} else {
pw().println(ATTEMPT_FAILED_SPECIFICS_WITHELD);
}
return fp.code();
}
});
- if (ret==null)ret = -1;
+ if (ret==null) {
+ ret = -1;
+ }
return ret;
}
-
+
@Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
+ public void detailedHelp(int indentVar, StringBuilder sb) {
+ int indent = indentVar;
detailLine(sb,indent,"Add, Delete or Reset Credential");
indent+=2;
detailLine(sb,indent,"id - the ID to create/delete/reset within AAF");
sb.append('\n');
detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
- sb.append('\n');
+ sb.append('\n');
detailLine(sb,indent,"*NOTE: com.att.csp is a reserved Domain for Global Sign On");
detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
Code Review / aaf / authz.git / blobdiff