Code Review / dmaap / dbcapi.git / blob
? search:


68fca7918fd0b690c8f7be3b0d9ecf31c06cdc70
[dmaap/dbcapi.git] / src / main / java / org / onap / dmaap / dbcapi / aaf / AafService.java
1 /*-
2  * ============LICENSE_START=======================================================
3  * org.onap.dmaap
4  * ================================================================================
5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6  * ================================================================================
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  * 
11  *      http://www.apache.org/licenses/LICENSE-2.0
12  * 
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  * ============LICENSE_END=========================================================
19  */
20
21 package org.onap.dmaap.dbcapi.aaf;
22
23 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
24 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
25 import org.onap.dmaap.dbcapi.util.DmaapConfig;
26
27 /*
28  * this service uses the AAF REST API endpoints to provision values in AAF
29  */
30 public class AafService extends BaseLoggingClass {
31         public enum ServiceType {
32                 AAF_Admin,
33                 AAF_TopicMgr
34         }
35         
36         private AafConnection aaf;
37         private ServiceType ctype;
38         private String aafURL ;
39         private boolean useAAF = false;
40         
41         
42         private String getCred( boolean wPwd ) {
43                 String mechIdProperty = null;
44                 String pwdProperty = null;
45                 DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
46                 AafDecrypt decryptor = new AafDecrypt();
47
48                 if ( ctype == ServiceType.AAF_Admin ) {
49                          mechIdProperty = "aaf.AdminUser";
50                          pwdProperty = "aaf.AdminPassword";
51                 } else if ( ctype == ServiceType.AAF_TopicMgr ){        
52                          mechIdProperty = "aaf.TopicMgrUser";
53                          pwdProperty = "aaf.TopicMgrPassword";
54                 } else {
55                         logger.error( "Unexpected case for AAF credential type: " + ctype );
56                         return null;
57                 }
58                 String user = p.getProperty( mechIdProperty, "noMechId@domain.netset.com" );
59
60                 String pwd = "";
61                 String encPwd = p.getProperty( pwdProperty, "notSet" );
62
63                 
64                 pwd = decryptor.decrypt(encPwd);
65                 
66                 if ( wPwd ) {
67                         return user + ":" + pwd;
68                 } else {
69                         return user;
70                 }
71                 
72                 
73         }
74         
75         public AafService(ServiceType t ) {
76                 DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
77                 aafURL = p.getProperty( "aaf.URL", "https://authentication.domain.netset.com:8095/proxy/");
78                 initAafService( t );
79         }
80         public AafService( ServiceType t, String url ) {
81                 aafURL = url;
82                 initAafService( t );
83         }
84                 
85         private void initAafService( ServiceType t ) {
86                 DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
87                 useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "true"));
88                 
89                 ctype = t;
90                 aaf = new AafConnection( getCred( true ) );
91         }
92         
93         public int addPerm(DmaapPerm perm) {
94
95                 int rc = -1;
96                 logger.info( "entry: addPerm() "  );
97                 String pURL = aafURL + "authz/perm";
98                 if ( useAAF ) {
99                         rc = aaf.postAaf( perm, pURL );
100                 } else {
101                         rc = 201;
102                 }
103         switch( rc ) {
104         case 401:
105         case 403:
106                 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR,  getCred( false ) );
107                 System.exit(1);
108         case 409:
109                 logger.warn( "Perm already exists. Possible conflict.");
110                 break;
111                 
112         case 201:
113                 logger.info( "expected response: " + rc);
114                 break;
115         default :
116                 logger.error( "Unexpected response: " + rc );
117                 break;
118         }
119                 
120                 return rc;
121         }
122         public int addGrant(DmaapGrant grant ) {
123
124                 int rc = -1;
125                 logger.info( "entry: addGrant() "  );
126
127                 String pURL = aafURL + "authz/role/perm";
128                 if ( useAAF ) {
129                         rc = aaf.postAaf( grant, pURL );
130                 } else {
131                         rc = 201;
132                 }
133                 
134         switch( rc ) {
135         case 401:
136         case 403:
137                 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR,  getCred( false ) );
138                 System.exit(1);
139                 break;
140
141         case 409:
142                 logger.warn( "Perm already exists. Possible conflict.");
143                 break;
144                 
145         case 201:
146                 logger.info( "expected response" );
147                 break;
148         default :
149                 logger.error( "Unexpected response: " + rc );
150                 break;
151         }
152                 
153                 return rc;
154         }
155
156         public int delGrant( DmaapGrant grant ) {
157                 int rc = -1;
158                 logger.info( "entry: delGrant() "  );
159
160                 String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
161                 
162                 if ( useAAF ) {
163                         rc = aaf.delAaf( grant, pURL );
164                 } else {
165                         rc = 200;
166                 }
167         switch( rc ) {
168         case 401:
169         case 403:
170                 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR,  getCred( false ) );
171                 System.exit(1);
172                 break;
173  
174         case 404:
175                 logger.warn( "Perm not found...ignore");
176                 break;
177                 
178         case 200:
179                 logger.info( "expected response" );
180                 break;
181         default :
182                 logger.error( "Unexpected response: " + rc );
183                 break;
184         }
185                 
186                 return rc;
187         }
188
189
190 }
Provides a northbound REST API to ONAP clients to manage DMaaP resources. This includes DMaaP components such as MR and DR, as well as provisioning of topics and feeds. Southbound, it communicates with the respective component APIs.