From 4ae2b76732fc04aaab62b8449a003d470e6c99ba Mon Sep 17 00:00:00 2001
From: Instrumental <jcgmisc@stl.gathman.org>
Date: Thu, 26 Apr 2018 10:40:44 -0500
Subject: [PATCH] Fix Bath config issue

Issue-ID: AAF-264
Change-Id: Id9203fe4d756ac9aab51f7ccc5f33d8a41e2f5ce
Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
---
 .../java/org/onap/aaf/auth/dao/hl/Question.java    | 20 +++++++------------
 auth/auth-hello/pom.xml                            |  4 ----
 .../org/onap/aaf/auth/service/api/API_Mgmt.java    |  2 +-
 .../main/java/org/onap/aaf/cadi/AbsUserCache.java  | 23 +++++++++++++++-------
 .../main/java/org/onap/aaf/cadi/config/Config.java |  2 +-
 .../onap/aaf/cadi/principal/BasicPrincipal.java    |  2 +-
 .../aaf/cadi/principal/test/JU_BasicPrincipal.java |  2 +-
 7 files changed, 27 insertions(+), 28 deletions(-)

diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
index 3634af97..4c03f313 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
@@ -50,6 +50,7 @@ import org.onap.aaf.auth.dao.cass.ApprovalDAO;
 import org.onap.aaf.auth.dao.cass.CacheInfoDAO;
 import org.onap.aaf.auth.dao.cass.CertDAO;
 import org.onap.aaf.auth.dao.cass.CredDAO;
+import org.onap.aaf.auth.dao.cass.CredDAO.Data;
 import org.onap.aaf.auth.dao.cass.DelegateDAO;
 import org.onap.aaf.auth.dao.cass.FutureDAO;
 import org.onap.aaf.auth.dao.cass.HistoryDAO;
@@ -61,10 +62,9 @@ import org.onap.aaf.auth.dao.cass.PermDAO;
 import org.onap.aaf.auth.dao.cass.RoleDAO;
 import org.onap.aaf.auth.dao.cass.Status;
 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
-import org.onap.aaf.auth.dao.cass.CredDAO.Data;
 import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.env.AuthzTransFilter;
 import org.onap.aaf.auth.env.AuthzTrans.REQD_TYPE;
+import org.onap.aaf.auth.env.AuthzTransFilter;
 import org.onap.aaf.auth.layer.Result;
 import org.onap.aaf.auth.org.Organization;
 import org.onap.aaf.cadi.Hash;
@@ -780,7 +780,7 @@ public class Question {
 										checkLessThanDays(trans,7,now,cdd);
 										return Result.ok(cdd.expires);
 									} else if (debug!=null) {
-										load(debug, cdd,dbcred);
+										load(debug, cdd);
 									}
 									break;
 								case CredDAO.BASIC_AUTH_SHA256:
@@ -793,7 +793,7 @@ public class Question {
 										checkLessThanDays(trans,7,now,cdd);
 										return Result.ok(cdd.expires);
 									} else if (debug!=null) {
-										load(debug, cdd, dbcred);
+										load(debug, cdd);
 									}
 									break;
 								default:
@@ -809,14 +809,10 @@ public class Question {
 					}
 				} // end for each
 				if(debug==null) {
-					debug=new StringBuilder();
+					trans.audit().printf("No cred matches ip=%s, user=%s\n",trans.ip(),user);
 				} else {
-					debug.append(", ");
+					trans.audit().printf("No cred matches ip=%s, user=%s %s\n",trans.ip(),user,debug.toString());
 				}
-				
-				debug.append("cred=");
-				debug.append(new String(cred));
-				trans.audit().printf("No cred matches ip=%s, user=%s, %s\n",trans.ip(),user,trans.encryptor().encrypt(debug.toString()));
 				if(expired!=null) {
 					// Note: this is only returned if there are no good Credentials
 					rv = Result.err(Status.ERR_Security,
@@ -830,13 +826,11 @@ public class Question {
 	}
 
 
-	private void load(StringBuilder debug, Data cdd, byte[] dbcred) {
+	private void load(StringBuilder debug, Data cdd) {
 		debug.append("DB Entry: user=");
 		debug.append(cdd.id);
 		debug.append(",type=");
 		debug.append(cdd.type);
-		debug.append(",cred=");
-		debug.append(Hash.toHex(dbcred));
 		debug.append(",expires=");
 		debug.append(Chrono.dateTime(cdd.expires));
 		debug.append('\n');
diff --git a/auth/auth-hello/pom.xml b/auth/auth-hello/pom.xml
index ddaebff3..c465f818 100644
--- a/auth/auth-hello/pom.xml
+++ b/auth/auth-hello/pom.xml
@@ -49,13 +49,11 @@
 		<dependency>
 			<groupId>org.onap.aaf.authz</groupId>
 			<artifactId>aaf-auth-core</artifactId>
-			<version>${project.version}</version>
 		</dependency>
 
 		<dependency>
 			<groupId>org.onap.aaf.authz</groupId>
 			<artifactId>aaf-cadi-aaf</artifactId>
-			<version>${project.version}</version>
 		</dependency>
 
 	</dependencies>
@@ -101,7 +99,6 @@
 			<plugin>
 				<groupId>org.sonatype.plugins</groupId>
 				<artifactId>nexus-staging-maven-plugin</artifactId>
-				<version>1.6.7</version>
 				<extensions>true</extensions>
 				<configuration>
 					<nexusUrl>${nexusproxy}</nexusUrl>
@@ -112,7 +109,6 @@
 			<plugin>
 				<groupId>org.jacoco</groupId>
 				<artifactId>jacoco-maven-plugin</artifactId>
-				<version>${jacoco.version}</version>
 				<configuration>
 					<excludes>
 						<exclude>**/gen/**</exclude>
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
index 7eb9fd7b..b68b445c 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
@@ -52,7 +52,7 @@ public class API_Mgmt {
 	private final static String PERM_DB_POOL_CLEAR=Define.ROOT_NS()+".db|pool|clear";
 	private final static String PERM_DENY_IP = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|ip";
 	private final static String PERM_DENY_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id";
-	private final static String PERM_LOG_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id";
+	private final static String PERM_LOG_ID = Define.ROOT_NS()+".log|" + Define.ROOT_COMPANY() + "|id";
 
 	/**
 	 * Normal Init level APIs
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
index be1e739b..cf5c92d0 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -154,7 +154,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
 		}
 		Miss miss = missMap.get(mkey);
 		if(miss==null) {
-			missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval));
+			missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval,key));
 			return true;
 		}
 		return miss.mayContinue(); 
@@ -376,12 +376,17 @@ public abstract class AbsUserCache<PERM extends Permission> {
 					keys.addAll(missMap.keySet());
 					for(String key : keys) {
 						Miss m = missMap.get(key);
-						if(m!=null && m.timestamp<System.currentTimeMillis()) {
-							synchronized(missMap) {
-								missMap.remove(key);
+						if(m!=null) {
+							long timeLeft = m.timestamp - System.currentTimeMillis();
+							if(timeLeft<0) {
+								synchronized(missMap) {
+									missMap.remove(key);
+								}
+								access.log(Level.INFO, m.name, " has been removed from Missed Credential Map (" + m.tries + " invalid tries)");
+								++miss;
+							} else {
+								access.log(Level.INFO, m.name, " remains in Missed Credential Map (" + m.tries + " invalid tries) for " + (timeLeft/1000) + " more seconds");
 							}
-							access.log(Level.INFO, key, "has been removed from Missed Credential Map (" + m.tries + " invalid tries)");
-							++miss;
 						}
 					}
 				}
@@ -419,11 +424,14 @@ public abstract class AbsUserCache<PERM extends Permission> {
 		private long timetolive;
 
 		private long tries;
+
+		private final String name;
 		
-		public Miss(byte[] first, long timeInterval) {
+		public Miss(final byte[] first, final long timeInterval, final String name) {
 			timestamp = System.currentTimeMillis() + timeInterval;
 			this.timetolive = timeInterval;
 			tries = 0L;
+			this.name = name;
 		}
 		
 		
@@ -437,6 +445,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
 			}
 			return true;
 		}
+		
 	}
 	
 	/**
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 26ad758f..c4634cf4 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -142,7 +142,7 @@ public class Config {
 	public static final String AAF_APPPASS = "aaf_password";
 	public static final String AAF_LUR_CLASS = "aaf_lur_class";
 	public static final String AAF_TAF_CLASS = "aaf_taf_class";
-	public static final String AAF_TAF_CLASS_DEF = "org.osaaf.cadi.aaf.v2_0.AAFTaf";
+	public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
 	public static final String AAF_CONNECTOR_CLASS = "aaf_connector_class";
 	public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
 	public static final String AAF_CONN_TIMEOUT = "aaf_conn_timeout";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
index 6a49401c..22ba702c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
@@ -121,6 +121,6 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred {
 
 	@Override
 	public String personalName() {
-		return null;  // personalName not available with Basic Auth
+		return name;  // personalName not available with Basic Auth
 	}
 }
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
index dee7fc21..1fafe2e8 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
@@ -103,7 +103,7 @@ public class JU_BasicPrincipal {
 		assertTrue(Math.abs(bp.created() - created) < 10);
 		assertThat(bp.toString(), is(expected));
 		assertThat(bp.tag(), is("BAth"));
-		assertThat(bp.personalName(), is(nullValue()));
+		assertThat(bp.personalName(), is(bp.getName()));
 
 		// This test hits the abstract class BearerPrincipal
 		assertThat(bp.getBearer(), is(bearer));
-- 
2.16.6