Code Review / dmaap / dbcapi.git / blob
? search:


727ec19e9764f1f40eeebf2be07f3040e0c0f5fb
[dmaap/dbcapi.git] / src / main / java / org / onap / dmaap / dbcapi / aaf / AafService.java
1 /*-
2  * ============LICENSE_START=======================================================
3  * org.onap.dmaap
4  * ================================================================================
5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6  * ================================================================================
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  * 
11  *      http://www.apache.org/licenses/LICENSE-2.0
12  * 
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  * ============LICENSE_END=========================================================
19  */
20
21 package org.onap.dmaap.dbcapi.aaf;
22
23 import java.io.IOException;
24
25 import org.apache.log4j.Logger;
26 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
27 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
28 import org.onap.dmaap.dbcapi.util.DmaapConfig;
29
30 public class AafService extends BaseLoggingClass {
31         public enum ServiceType {
32                 AAF_Admin,
33                 AAF_TopicMgr
34         }
35         
36         private AafConnection aaf;
37         private ServiceType ctype;
38         private String aafURL ;
39         
40         private String getCred( boolean wPwd ) {
41                 String mechIdProperty = null;
42                 String pwdProperty = null;
43                 DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
44                 AafDecrypt decryptor = new AafDecrypt();
45
46                 if ( ctype == ServiceType.AAF_Admin ) {
47                          mechIdProperty = "aaf.AdminUser";
48                          pwdProperty = "aaf.AdminPassword";
49                 } else if ( ctype == ServiceType.AAF_TopicMgr ){        
50                          mechIdProperty = "aaf.TopicMgrUser";
51                          pwdProperty = "aaf.TopicMgrPassword";
52                 } else {
53                         logger.error( "Unexpected case for AAF credential type: " + ctype );
54                         return null;
55                 }
56                 String user = p.getProperty( mechIdProperty, "noMechId@domain.netset.com" );
57                 //String dClass = p.getProperty( "AafDecryption.Class", "org.openecomp.dmaapbc.aaf.ClearDecrypt");
58                 String pwd = "";
59                 String encPwd = p.getProperty( pwdProperty, "notSet" );
60                 //DecryptionInterface dec = null;
61                 //try {
62                 //      dec = (DecryptionInterface) (Class.forName(dClass).newInstance());      
63                 //      dec.init( p.getProperty("CredentialCodecKeyfile", "LocalKey"));
64                 //} catch (Exception ee ) {
65                 //      errorLogger.error(DmaapbcLogMessageEnum.UNEXPECTED_CONDITION, "attempting to use " + dClass + " to decrypt " + encPwd );                
66                 //}     
67                 //try {         
68                 //      pwd = dec.decrypt( encPwd );
69                 //} catch( IOException io ) {
70                 //      errorLogger.error(DmaapbcLogMessageEnum.DECRYPT_IO_ERROR, dClass, encPwd );
71                 //} 
72                 
73                 pwd = decryptor.decrypt(encPwd);
74                 
75                 if ( wPwd ) {
76                         return user + ":" + pwd;
77                 } else {
78                         return user;
79                 }
80                 
81                 
82         }
83         
84         public AafService(ServiceType t ) {
85                 DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
86                 aafURL = p.getProperty( "aaf.URL", "https://authentication.domain.netset.com:8095/proxy/");
87                 initAafService( t );
88         }
89         public AafService( ServiceType t, String url ) {
90                 aafURL = url;
91                 initAafService( t );
92         }
93                 
94         private void initAafService( ServiceType t ) {
95                 ctype = t;
96                 aaf = new AafConnection( getCred( true ) );
97         }
98         
99         public int addPerm(DmaapPerm perm) {
100
101                 int rc = -1;
102                 logger.info( "entry: addPerm() "  );
103                 String pURL = aafURL + "authz/perm";
104                 rc = aaf.postAaf( perm, pURL );
105         switch( rc ) {
106         case 401:
107         case 403:
108                 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR,  getCred( false ) );
109                 System.exit(1);
110         case 409:
111                 logger.warn( "Perm already exists. Possible conflict.");
112                 break;
113                 
114         case 201:
115                 logger.info( "expected response" );
116                 break;
117         default :
118                 logger.error( "Unexpected response: " + rc );
119                 break;
120         }
121                 
122                 return rc;
123         }
124         public int addGrant(DmaapGrant grant ) {
125
126                 int rc = -1;
127                 logger.info( "entry: addGrant() "  );
128
129                 String pURL = aafURL + "authz/role/perm";
130                 rc = aaf.postAaf( grant, pURL );
131         switch( rc ) {
132         case 401:
133         case 403:
134                 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR,  getCred( false ) );
135                 System.exit(1);
136                 break;
137
138         case 409:
139                 logger.warn( "Perm already exists. Possible conflict.");
140                 break;
141                 
142         case 201:
143                 logger.info( "expected response" );
144                 break;
145         default :
146                 logger.error( "Unexpected response: " + rc );
147                 break;
148         }
149                 
150                 return rc;
151         }
152
153         public int delGrant( DmaapGrant grant ) {
154                 int rc = -1;
155                 logger.info( "entry: delGrant() "  );
156
157                 String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
158                 rc = aaf.delAaf( grant, pURL );
159         switch( rc ) {
160         case 401:
161         case 403:
162                 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR,  getCred( false ) );
163                 System.exit(1);
164                 break;
165  
166         case 404:
167                 logger.warn( "Perm not found...ignore");
168                 break;
169                 
170         case 200:
171                 logger.info( "expected response" );
172                 break;
173         default :
174                 logger.error( "Unexpected response: " + rc );
175                 break;
176         }
177                 
178                 return rc;
179         }
180 }
Provides a northbound REST API to ONAP clients to manage DMaaP resources. This includes DMaaP components such as MR and DR, as well as provisioning of topics and feeds. Southbound, it communicates with the respective component APIs.