2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.dmaap.dbcapi.aaf;
23 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
24 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
25 import org.onap.dmaap.dbcapi.util.DmaapConfig;
27 public class AafServiceImpl extends BaseLoggingClass implements AafService {
28 public enum ServiceType {
33 private AafConnection aaf;
34 private AafService.ServiceType ctype;
35 private String aafURL;
36 private String identity;
37 private boolean useAAF = false;
40 public String getIdentity() {
45 public void setIdentity(String identity) {
46 this.identity = identity;
50 private String getCred(boolean wPwd) {
51 String mechIdProperty = null;
52 String pwdProperty = null;
53 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
54 AafDecrypt decryptor = new AafDecrypt();
56 if (ctype == AafService.ServiceType.AAF_Admin) {
57 mechIdProperty = "aaf.AdminUser";
58 pwdProperty = "aaf.AdminPassword";
59 } else if (ctype == AafService.ServiceType.AAF_TopicMgr) {
60 mechIdProperty = "aaf.TopicMgrUser";
61 pwdProperty = "aaf.TopicMgrPassword";
63 logger.error("Unexpected case for AAF credential type: " + ctype);
66 identity = p.getProperty(mechIdProperty, "noMechId@domain.netset.com");
69 String encPwd = p.getProperty(pwdProperty, "notSet");
72 pwd = decryptor.decrypt(encPwd);
75 return identity + ":" + pwd;
84 public AafServiceImpl(AafService.ServiceType t) {
85 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
86 aafURL = p.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
90 public AafServiceImpl(AafService.ServiceType t, String url) {
95 private void initAafService(AafService.ServiceType t) {
96 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
97 useAAF = "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
98 logger.info("AafService initAafService: useAAF=" + useAAF);
101 aaf = new AafConnection(getCred(true));
104 public int addPerm(DmaapPerm perm) {
105 logger.info("entry: addPerm() ");
106 return doPost(perm, "authz/perm", 201);
110 public int delPerm(DmaapPerm perm) {
114 public int addGrant(DmaapGrant grant) {
115 logger.info("entry: addGrant() ");
116 return doPost(grant, "authz/role/perm", 201);
119 public int addUserRole(AafUserRole ur) {
120 logger.info("entry: addUserRole() ");
121 return doPost(ur, "authz/userRole", 201);
124 public int delGrant(DmaapGrant grant) {
126 logger.info("entry: delGrant() ");
128 String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm";
131 rc = aaf.delAaf(grant, pURL);
138 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
143 logger.warn("Perm not found...ignore");
147 logger.info("expected response");
150 logger.error("Unexpected response: " + rc);
157 public int addRole(AafRole role) {
158 logger.info("entry: addRole() ");
159 return doPost(role, "authz/role", 201);
163 public int addNamespace(AafNamespace ns) {
164 logger.info("entry: addNamespace() ");
165 return doPost(ns, "authz/ns", 201);
169 public int delNamespace(AafNamespace ns) {
174 private int doPost(AafObject obj, String uri, int expect) {
176 logger.info("entry: doPost() ");
177 String pURL = aafURL + uri;
178 logger.info("doPost: useAAF=" + useAAF);
180 logger.info("doPost: " + obj.toJSON());
181 rc = aaf.postAaf(obj, pURL);
188 errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
191 logger.warn("Object for " + uri + " already exists. Possible conflict.");
197 logger.info("expected response: " + rc);
199 logger.error("Unexpected response: " + rc);