2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.dmaap.dbcapi.aaf;
23 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
24 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
25 import org.onap.dmaap.dbcapi.util.DmaapConfig;
27 public class AafServiceImpl extends BaseLoggingClass implements AafService {
29 private AafConnection aaf;
30 private AafService.ServiceType ctype;
31 private String aafURL;
32 private String identity;
33 private boolean useAAF = false;
35 public AafServiceImpl(AafService.ServiceType t) {
36 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
37 aafURL = p.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
41 private void initAafService(AafService.ServiceType t) {
42 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
43 useAAF = "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
44 logger.info("AafService initAafService: useAAF=" + useAAF);
47 aaf = new AafConnection(getCred(true));
50 private String getCred(boolean wPwd) {
51 String mechIdProperty;
52 String secretProperty;
53 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
54 AafDecrypt decryptor = new AafDecrypt();
56 if (ctype == AafService.ServiceType.AAF_Admin) {
57 mechIdProperty = "aaf.AdminUser";
58 secretProperty = "aaf.AdminPassword";
59 } else if (ctype == AafService.ServiceType.AAF_TopicMgr) {
60 mechIdProperty = "aaf.TopicMgrUser";
61 secretProperty = "aaf.TopicMgrPassword";
63 logger.error("Unexpected case for AAF credential type: " + ctype);
66 identity = p.getProperty(mechIdProperty, "noMechId@domain.netset.com");
68 String encPwd = p.getProperty(secretProperty, "notSet");
70 String pwd = decryptor.decrypt(encPwd);
73 return identity + ":" + pwd;
80 public String getIdentity() {
85 public int addPerm(DmaapPerm perm) {
86 logger.info("entry: addPerm() ");
87 return doPost(perm, "authz/perm", 201);
91 public int delPerm(DmaapPerm perm) {
96 public int addGrant(DmaapGrant grant) {
97 logger.info("entry: addGrant() ");
98 return doPost(grant, "authz/role/perm", 201);
102 public int addUserRole(AafUserRole ur) {
103 logger.info("entry: addUserRole() ");
104 return doPost(ur, "authz/userRole", 201);
108 public int delGrant(DmaapGrant grant) {
109 logger.info("entry: delGrant() ");
110 return doDelete(grant, "authz/role/:" + grant.getRole() + "/perm", 200);
114 public int addRole(AafRole role) {
115 logger.info("entry: addRole() ");
116 return doPost(role, "authz/role", 201);
120 public int addNamespace(AafNamespace ns) {
121 logger.info("entry: addNamespace() ");
122 return doPost(ns, "authz/ns", 201);
126 public int delNamespace(AafNamespace ns) {
130 private int doPost(AafObject obj, String uri, int expect) {
132 logger.info("entry: doPost() ");
133 String pURL = aafURL + uri;
134 logger.info("doPost: useAAF=" + useAAF);
136 logger.info("doPost: " + obj.toJSON());
137 rc = aaf.postAaf(obj, pURL);
144 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
147 logger.warn("Object for " + uri + " already exists. Possible conflict.");
151 logger.info("expected response: " + rc);
153 logger.error("Unexpected response: " + rc);
161 private int doDelete(AafObject obj, String uri, int expect) {
163 String pURL = aafURL + uri;
165 logger.info("doDelete: " + obj.toJSON());
166 rc = aaf.delAaf(obj, pURL);
173 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
176 logger.warn("Object not found...ignore");
179 logger.info("expected response");
182 logger.error("Unexpected response: " + rc);