Fixes in aaf-cadi-aaf module
Change-Id: Ie5148f3526d782bd45e0ae9c0423ab8f84187a50
Issue-ID: AAF-396
Signed-off-by: Maciej Wejs <maciej.wejs@nokia.com>
* @return
* @throws LocatorException
*/
* @return
* @throws LocatorException
*/
- protected synchronized AAFConHttp _newAAFConHttp() throws CadiException, LocatorException {
- try {
+ protected synchronized AAFConHttp _newAAFConHttp() throws CadiException, LocatorException {
if(aafCon==null) {
aafCon = new AAFConHttp(access);
if(aafCon==null) {
aafCon = new AAFConHttp(access);
- } catch (APIException e) {
- throw new CadiException(e);
// This is a method, so we can overload for AAFAPI
public String aaf_url() {
// This is a method, so we can overload for AAFAPI
public String aaf_url() {
}
// utilize pre-constructed DirectAAFLocator
return new AAFConHttp(env.access(),dal);
}
// utilize pre-constructed DirectAAFLocator
return new AAFConHttp(env.access(),dal);
- } catch (APIException | LocatorException e) {
+ } catch (LocatorException e) {
throw new CadiException(e);
}
throw new CadiException(e);
}
}
public Locator<URI> getGUILocator() throws LocatorException {
}
public Locator<URI> getGUILocator() throws LocatorException {
* @throws Exception ..
*/
// Package on purpose
* @throws Exception ..
*/
// Package on purpose
- AAFAuthn(AAFCon<CLIENT> con) throws Exception {
+ AAFAuthn(AAFCon<CLIENT> con) {
super(con.access,con.cleanInterval,con.highCount,con.usageRefreshTriggerCount);
this.con = con;
}
super(con.access,con.cleanInterval,con.highCount,con.usageRefreshTriggerCount);
this.con = con;
}
*
* Convenience function. Passes "null" for State object
*/
*
* Convenience function. Passes "null" for State object
*/
- public String validate(String user, String password) throws IOException, CadiException {
+ public String validate(String user, String password) throws IOException {
return validate(user,password,null);
}
return validate(user,password,null);
}
* @throws CadiException
* @throws Exception
*/
* @throws CadiException
* @throws Exception
*/
- public String validate(String user, String password, Object state) throws IOException, CadiException {
+ public String validate(String user, String password, Object state) throws IOException {
password = access.decrypt(password, false);
byte[] bytes = password.getBytes();
User<AAFPermission> usr = getUser(user,bytes);
password = access.decrypt(password, false);
byte[] bytes = password.getBytes();
User<AAFPermission> usr = getUser(user,bytes);
- AAFCachedPrincipal cp = new AAFCachedPrincipal(this,con.app, user, bytes, con.cleanInterval);
+ AAFCachedPrincipal cp = new AAFCachedPrincipal(user, bytes, con.cleanInterval);
// Since I've relocated the Validation piece in the Principal, just revalidate, then do Switch
// Statement
switch(cp.revalidate(state)) {
// Since I've relocated the Validation piece in the Principal, just revalidate, then do Switch
// Statement
switch(cp.revalidate(state)) {
}
private class AAFCachedPrincipal extends ConfigPrincipal implements CachedPrincipal {
}
private class AAFCachedPrincipal extends ConfigPrincipal implements CachedPrincipal {
- private long expires,timeToLive;
+ private long expires;
+ private long timeToLive;
- public AAFCachedPrincipal(AAFAuthn<?> aaf, String app, String name, byte[] pass, int timeToLive) {
+ private AAFCachedPrincipal(String name, byte[] pass, int timeToLive) {
super(name,pass);
this.timeToLive = timeToLive;
expires = timeToLive + System.currentTimeMillis();
super(name,pass);
this.timeToLive = timeToLive;
expires = timeToLive + System.currentTimeMillis();
public long expires() {
return expires;
}
public long expires() {
return expires;
}
access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID);
set(si.defSS);
} else {
access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID);
set(si.defSS);
} else {
- set(si.defSS=x509Alias(alias));
+ si.defSS=x509Alias(alias);
+ set(si.defSS);
- if(mechid!=null && encpass !=null) {
- set(si.defSS=basicAuth(mechid, encpass));
+ if(mechid!=null) {
+ si.defSS=basicAuth(mechid, encpass);
+ set(si.defSS);
- set(si.defSS=new SecuritySetter<CLIENT>() {
-
+ si.defSS=new SecuritySetter<CLIENT>() {
+
@Override
public String getID() {
return "";
}
@Override
public String getID() {
return "";
}
@Override
public void setSecurity(CLIENT client) throws CadiException {
throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
@Override
public void setSecurity(CLIENT client) throws CadiException {
throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
public int setLastResponse(int respCode) {
return 0;
}
public int setLastResponse(int respCode) {
return 0;
}
public AAFAuthn<CLIENT> newAuthn() throws APIException {
try {
public AAFAuthn<CLIENT> newAuthn() throws APIException {
try {
- return new AAFAuthn<CLIENT>(this);
- } catch (APIException e) {
- throw e;
+ return new AAFAuthn<>(this);
} catch (Exception e) {
throw new APIException(e);
}
}
public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> c) {
} catch (Exception e) {
throw new APIException(e);
}
}
public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> c) {
- return new AAFAuthn<CLIENT>(this,c);
+ return new AAFAuthn<>(this, c);
}
public AAFLurPerm newLur() throws CadiException {
try {
if(lur==null) {
}
public AAFLurPerm newLur() throws CadiException {
try {
if(lur==null) {
- return (lur = new AAFLurPerm(this));
+ lur = new AAFLurPerm(this);
+ return lur;
} else {
return new AAFLurPerm(this,lur);
}
} else {
return new AAFLurPerm(this,lur);
}
Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject();
return Vars.convert(err.getText(),err.getVariables());
} catch (APIException e){
Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject();
return Vars.convert(err.getText(),err.getVariables());
} catch (APIException e){
- // just return the body below
- public static AAFCon<?> newInstance(PropAccess pa) throws APIException, CadiException, LocatorException {
+ public static AAFCon<?> newInstance(PropAccess pa) throws CadiException, LocatorException {
// Potentially add plugin for other kinds of Access
return new AAFConHttp(pa);
}
// Potentially add plugin for other kinds of Access
return new AAFConHttp(pa);
}
public class AAFConHttp extends AAFCon<HttpURLConnection> {
private final HMangr hman;
public class AAFConHttp extends AAFCon<HttpURLConnection> {
private final HMangr hman;
- public AAFConHttp(Access access) throws APIException, CadiException, LocatorException {
+ public AAFConHttp(Access access) throws CadiException, LocatorException {
super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
bestSS(si);
hman = new HMangr(access,Config.loadLocator(si, access.getProperty(Config.AAF_URL,null)));
super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
bestSS(si);
hman = new HMangr(access,Config.loadLocator(si, access.getProperty(Config.AAF_URL,null)));
} catch (APIException e) {
throw new CadiException(e);
}
} catch (APIException e) {
throw new CadiException(e);
}
- } else if((s = access.getProperty(Config.AAF_APPID, null))!=null){
+ } else if((access.getProperty(Config.AAF_APPID, null))!=null){
try {
return new HBasicAuthSS(si,true);
} catch (IOException /*| GeneralSecurityException*/ e) {
try {
return new HBasicAuthSS(si,true);
} catch (IOException /*| GeneralSecurityException*/ e) {
- public AAFConHttp(Access access, String tag) throws APIException, CadiException, LocatorException {
+ public AAFConHttp(Access access, String tag) throws CadiException, LocatorException {
super(access,tag,SecurityInfoC.instance(access, HttpURLConnection.class));
bestSS(si);
hman = new HMangr(access,Config.loadLocator(si, access.getProperty(tag,tag/*try the content itself*/)));
}
super(access,tag,SecurityInfoC.instance(access, HttpURLConnection.class));
bestSS(si);
hman = new HMangr(access,Config.loadLocator(si, access.getProperty(tag,tag/*try the content itself*/)));
}
- public AAFConHttp(Access access, String urlTag, SecurityInfoC<HttpURLConnection> si) throws CadiException, APIException, LocatorException {
+ public AAFConHttp(Access access, String urlTag, SecurityInfoC<HttpURLConnection> si) throws CadiException, LocatorException {
super(access,urlTag,si);
bestSS(si);
hman = new HMangr(access,Config.loadLocator(si, access.getProperty(urlTag,null)));
}
super(access,urlTag,si);
bestSS(si);
hman = new HMangr(access,Config.loadLocator(si, access.getProperty(urlTag,null)));
}
- public AAFConHttp(Access access, Locator<URI> locator) throws CadiException, LocatorException, APIException {
+ public AAFConHttp(Access access, Locator<URI> locator) throws CadiException, LocatorException {
super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
bestSS(si);
hman = new HMangr(access,locator);
super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
bestSS(si);
hman = new HMangr(access,locator);
- public SecuritySetter<HttpURLConnection> x509Alias(String alias) throws APIException, CadiException {
+ public SecuritySetter<HttpURLConnection> x509Alias(String alias) throws CadiException {
try {
return set(new HX509SS(alias,si));
} catch (Exception e) {
try {
return set(new HX509SS(alias,si));
} catch (Exception e) {
- public AbsTransferSS<HttpURLConnection> transferSS(TaggedPrincipal principal) throws CadiException {
+ public AbsTransferSS<HttpURLConnection> transferSS(TaggedPrincipal principal) {
return new HTransferSS(principal, app,si);
}
return new HTransferSS(principal, app,si);
}
@Override
public <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
@Override
public <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- return hman.best(si.defSS, (Retryable<RET>)retryable);
+ return hman.best(si.defSS, retryable);
*/
@Override
public <RET> RET bestForUser(GetSetter getSetter, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
*/
@Override
public <RET> RET bestForUser(GetSetter getSetter, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- return hman.best(getSetter.get(this), (Retryable<RET>)retryable);
+ return hman.best(getSetter.get(this), retryable);
* @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#setInitURI(java.lang.String)
*/
@Override
* @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#setInitURI(java.lang.String)
*/
@Override
- protected void setInitURI(String uriString) throws CadiException {
+ protected void setInitURI(String uriString) {
// Using Locator, not URLString, which is mostly for DME2
}
// Using Locator, not URLString, which is mostly for DME2
}
package org.onap.aaf.cadi.aaf.v2_0;
import java.io.IOException;
package org.onap.aaf.cadi.aaf.v2_0;
import java.io.IOException;
-import java.net.ConnectException;
import java.security.Principal;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.cadi.AbsUserCache;
import org.onap.aaf.cadi.AbsUserCache;
+import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.CachedPrincipal;
import org.onap.aaf.cadi.CachedPrincipal;
+import org.onap.aaf.cadi.CachedPrincipal.Resp;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.Connector;
import org.onap.aaf.cadi.GetCred;
import org.onap.aaf.cadi.Hash;
import org.onap.aaf.cadi.SecuritySetter;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.Connector;
import org.onap.aaf.cadi.GetCred;
import org.onap.aaf.cadi.Hash;
import org.onap.aaf.cadi.SecuritySetter;
-import org.onap.aaf.cadi.User;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.CachedPrincipal.Resp;
import org.onap.aaf.cadi.Taf.LifeForm;
import org.onap.aaf.cadi.Taf.LifeForm;
+import org.onap.aaf.cadi.User;
import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.aaf.cadi.aaf.v2_0.AAFCon.GetSetter;
import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.aaf.cadi.aaf.v2_0.AAFCon.GetSetter;
import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.misc.env.APIException;
public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpTaf {
import org.onap.aaf.misc.env.APIException;
public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpTaf {
-// private static final String INVALID_AUTH_TOKEN = "Invalid Auth Token";
-// private static final String AUTHENTICATING_SERVICE_UNAVAILABLE = "Authenticating Service unavailable";
private AAFCon<CLIENT> aaf;
private boolean warn;
private AAFCon<CLIENT> aaf;
private boolean warn;
public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
super(other);
public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
super(other);
- aaf = (AAFCon<CLIENT>)con;
warn = turnOnWarning;
}
// Note: Needed for Creation of this Object with Generics
@SuppressWarnings("unchecked")
warn = turnOnWarning;
}
// Note: Needed for Creation of this Object with Generics
@SuppressWarnings("unchecked")
- public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning, AbsUserCache<AAFPermission> other) throws CadiException {
+ public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning,other);
}
// Note: Needed for Creation of this Object with Generics
@SuppressWarnings("unchecked")
this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning,other);
}
// Note: Needed for Creation of this Object with Generics
@SuppressWarnings("unchecked")
- public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning) throws CadiException {
+ public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning) {
this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning);
}
this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning);
}
// Note: Either Carbon or Silicon based LifeForms ok
String authz = req.getHeader("Authorization");
if(authz != null && authz.startsWith("Basic ")) {
// Note: Either Carbon or Silicon based LifeForms ok
String authz = req.getHeader("Authorization");
if(authz != null && authz.startsWith("Basic ")) {
- if(warn&&!req.isSecure())aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
+ if(warn&&!req.isSecure()) {
+ aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
+ }
try {
final CachedBasicPrincipal bp;
if(req.getUserPrincipal() instanceof CachedBasicPrincipal) {
try {
final CachedBasicPrincipal bp;
if(req.getUserPrincipal() instanceof CachedBasicPrincipal) {
}
// First try Cache
final User<AAFPermission> usr = getUser(bp);
}
// First try Cache
final User<AAFPermission> usr = getUser(bp);
- if(usr != null && usr.principal != null) {
- if(usr.principal instanceof GetCred) {
- if(Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) {
- return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
- }
- }
+ if(usr != null
+ && usr.principal instanceof GetCred
+ && Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) {
+ return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
Miss miss = missed(bp.getName(), bp.getCred());
if(miss!=null && !miss.mayContinue()) {
return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
Miss miss = missed(bp.getName(), bp.getCred());
if(miss!=null && !miss.mayContinue()) {
return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
}
},new Retryable<BasicHttpTafResp>() {
@Override
}
},new Retryable<BasicHttpTafResp>() {
@Override
- public BasicHttpTafResp code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ public BasicHttpTafResp code(Rcli<?> client) throws CadiException, APIException {
Future<String> fp = client.read("/authn/basicAuth", "text/plain");
if(fp.get(aaf.timeout)) {
if(usr!=null) {
Future<String> fp = client.read("/authn/basicAuth", "text/plain");
if(fp.get(aaf.timeout)) {
if(usr!=null) {
return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
}
return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
}
- public String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
+ private String buildMsg(Principal pr, HttpServletRequest req, Object... msg) {
StringBuilder sb = new StringBuilder();
for(Object s : msg) {
sb.append(s.toString());
StringBuilder sb = new StringBuilder();
for(Object s : msg) {
sb.append(s.toString());
version = split[1];
name = split[0];
break;
version = split[1];
name = split[0];
break;
}
private boolean noEntries() {
}
private boolean noEntries() {
- return epList.size()<=0;
+ return epList.isEmpty();
}
protected static class EP implements Comparable<EP> {
}
protected static class EP implements Comparable<EP> {
- public URI uri;
- public final double distance;
+ private URI uri;
+ private final double distance;
private boolean valid;
public EP(final Endpoint ep, double latitude, double longitude) throws URISyntaxException {
private boolean valid;
public EP(final Endpoint ep, double latitude, double longitude) throws URISyntaxException {
try {
return new URI(rv.getScheme(),rv.getUserInfo(),rv.getHost(),rv.getPort(),pathInfo,query,fragment);
} catch (URISyntaxException e) {
try {
return new URI(rv.getScheme(),rv.getUserInfo(),rv.getHost(),rv.getPort(),pathInfo,query,fragment);
} catch (URISyntaxException e) {
- throw new LocatorException("Error copying URL");
+ throw new LocatorException("Error copying URL", e);