From 4528a9aac1841e7c4d5ec87392b8929f4ef6bc45 Mon Sep 17 00:00:00 2001 From: efiacor Date: Fri, 16 Jul 2021 12:18:44 +0100 Subject: [PATCH] [DMAAP-KAFKA] Fix sonar coverage etc Signed-off-by: efiacor Change-Id: Ia33a8740bf28fc66d06246c82e1c518d5e4b677e Issue-ID: DMAAP-1629 --- .../base/authorization/AuthorizationProvider.java | 9 ++- .../AuthorizationProviderFactory.java | 10 ++- .../kafka/base/authorization/Cadi3AAFProvider.java | 45 ++++++-------- .../KafkaCustomAuthorizer.java | 68 +++++++++++---------- .../PlainLoginModule1.java | 16 +++-- .../PlainSaslServer1.java | 28 ++++----- .../PlainSaslServerProvider1.java | 5 +- .../AuthorizationProviderFactoryTest.java | 5 +- .../base/authorization/Cadi3AAFProviderTest.java | 29 +++------ .../kafka/base/authorization/JUnitTestSuite.java | 41 ------------- .../kafka/base/authorization/TestRunner.java | 41 ------------- .../onap/dmaap/kafkaAuthorize/JUnitTestSuite.java | 41 ------------- .../org/onap/dmaap/kafkaAuthorize/TestRunner.java | 41 ------------- .../KafkaCustomAuthorizerTest.java | 12 ++-- .../PlainLoginModule1Test.java | 50 +++++++++------ .../PlainSaslServer1Test.java | 51 +++++++++++----- src/test/resources/cadi.properties | 21 ++++--- src/test/resources/org.onap.dmaap.mr.keyfile | 54 ++++++++-------- src/test/resources/org.onap.dmaap.mr.p12 | Bin 4261 -> 4637 bytes src/test/resources/org.onap.dmaap.mr.trust.jks | Bin 1413 -> 1413 bytes 20 files changed, 209 insertions(+), 358 deletions(-) rename src/main/java/org/onap/dmaap/{kafkaAuthorize => kafkaauthorize}/KafkaCustomAuthorizer.java (77%) rename src/main/java/org/onap/dmaap/{kafkaAuthorize => kafkaauthorize}/PlainLoginModule1.java (85%) rename src/main/java/org/onap/dmaap/{kafkaAuthorize => kafkaauthorize}/PlainSaslServer1.java (88%) rename src/main/java/org/onap/dmaap/{kafkaAuthorize => kafkaauthorize}/PlainSaslServerProvider1.java (91%) delete mode 100644 src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/JUnitTestSuite.java delete mode 100644 src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/TestRunner.java delete mode 100644 src/test/java/org/onap/dmaap/kafkaAuthorize/JUnitTestSuite.java delete mode 100644 src/test/java/org/onap/dmaap/kafkaAuthorize/TestRunner.java rename src/test/java/org/onap/dmaap/{kafkaAuthorize => kafkaauthorize}/KafkaCustomAuthorizerTest.java (98%) rename src/test/java/org/onap/dmaap/{kafkaAuthorize => kafkaauthorize}/PlainLoginModule1Test.java (61%) rename src/test/java/org/onap/dmaap/{kafkaAuthorize => kafkaauthorize}/PlainSaslServer1Test.java (80%) diff --git a/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProvider.java b/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProvider.java index da96929..551cf81 100644 --- a/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProvider.java +++ b/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProvider.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,11 +21,13 @@ *******************************************************************************/ package org.onap.dmaap.commonauth.kafka.base.authorization; +import java.io.IOException; + public interface AuthorizationProvider { - public boolean hasPermission(String userId, String permission, String instance, String action); + boolean hasPermission(String userId, String permission, String instance, String action); - public String getId(); + String getId(); - public String authenticate(String userId, String password) throws Exception; + String authenticate(String userId, String password) throws IOException; } diff --git a/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactory.java b/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactory.java index 6b872af..bdced2d 100644 --- a/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactory.java +++ b/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactory.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,9 +24,12 @@ package org.onap.dmaap.commonauth.kafka.base.authorization; import java.util.HashMap; import java.util.Map; import java.util.ServiceLoader; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; -public class AuthorizationProviderFactory { - private static final Map AUTHORIZATION_PROVIDER_MAP = new HashMap(); +public class AuthorizationProviderFactory { + private static final Logger logger = LoggerFactory.getLogger(AuthorizationProviderFactory.class); + private static final Map AUTHORIZATION_PROVIDER_MAP = new HashMap<>(); private static final AuthorizationProviderFactory AUTHORIZATION_PROVIDER_FACTORY = new AuthorizationProviderFactory(); private AuthorizationProviderFactory() { @@ -36,7 +40,7 @@ public class AuthorizationProviderFactory { } } catch (Exception ee) { - System.out.println(ee); + logger.error(ee.getMessage(), ee); System.exit(0); } } diff --git a/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProvider.java b/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProvider.java index b5193cc..92e27b7 100644 --- a/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProvider.java +++ b/src/main/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProvider.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,14 +25,8 @@ import java.io.FileInputStream; import java.io.IOException; import java.util.Map; import java.util.Properties; - import javax.security.auth.login.AppConfigurationEntry; import javax.security.auth.login.Configuration; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; @@ -39,6 +34,8 @@ import org.onap.aaf.cadi.aaf.v2_0.AAFCon; import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLur; import org.onap.aaf.cadi.principal.UnAuthPrincipal; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class Cadi3AAFProvider implements AuthorizationProvider { @@ -51,16 +48,17 @@ public class Cadi3AAFProvider implements AuthorizationProvider { private static AAFAuthn aafAuthn; private static AbsAAFLur aafLur; private static boolean enableCadi = false; + private static final String ENABLE_CADI = "enableCadi"; private static final Logger logger = LoggerFactory.getLogger(Cadi3AAFProvider.class); static { - if (System.getProperty("enableCadi") != null) { - if (System.getProperty("enableCadi").equals("true")) { + if (System.getProperty(ENABLE_CADI) != null) { + if (System.getProperty(ENABLE_CADI).equals("true")) { enableCadi = true; } } else{ - if (System.getenv("enableCadi") != null && System.getenv("enableCadi").equals("true")) { + if (System.getenv(ENABLE_CADI) != null && System.getenv(ENABLE_CADI).equals("true")) { enableCadi = true; } } @@ -78,8 +76,7 @@ public class Cadi3AAFProvider implements AuthorizationProvider { apiKey = "apiKey"; } else { - for (int i = 0; i < entries.length; i++) { - AppConfigurationEntry entry = entries[i]; + for (AppConfigurationEntry entry : entries) { Map optionsMap = entry.getOptions(); kafkaUsername = (String) optionsMap.get("username"); apiKey = (String) optionsMap.get("password"); @@ -87,7 +84,7 @@ public class Cadi3AAFProvider implements AuthorizationProvider { } } } catch (Exception e) { - logger.error("CRITICAL ERROR: JAAS configuration incorrectly set: " + e.getMessage()); + logger.error("CRITICAL ERROR: JAAS configuration incorrectly set: {}", e.getMessage()); } } @@ -100,13 +97,6 @@ public class Cadi3AAFProvider implements AuthorizationProvider { return enableCadi; } - public static AAFAuthn getAafAuthn() throws CadiException { - if (aafAuthn == null) { - throw new CadiException("Cadi is uninitialized in Cadi3AAFProvider.getAafAuthn()"); - } - return aafAuthn; - } - public Cadi3AAFProvider() { setup(); } @@ -115,7 +105,7 @@ public class Cadi3AAFProvider implements AuthorizationProvider { if (access == null) { Properties props = new Properties(); - FileInputStream fis = null; + FileInputStream fis; try { if (System.getProperty("CADI_PROPERTIES") != null) { fis = new FileInputStream(System.getProperty("CADI_PROPERTIES")); @@ -158,8 +148,7 @@ public class Cadi3AAFProvider implements AuthorizationProvider { public boolean hasPermission(String userId, String permission, String instance, String action) { boolean hasPermission = false; try { - logger.info("^ Event at hasPermission to validate userid " + userId + " with " + permission + " " + instance - + " " + action); + logger.info("^ Event at hasPermission to validate userid {} with {} {} {}", userId, permission, instance, action); // AAF Style permissions are in the form // Resource Name, Resource Type, Action if (userId.equals("admin")) { @@ -169,7 +158,7 @@ public class Cadi3AAFProvider implements AuthorizationProvider { AAFPermission perm = new AAFPermission(null, permission, instance, action); if (aafLur != null) { hasPermission = aafLur.fish(new UnAuthPrincipal(userId), perm); - logger.trace("Permission: " + perm.getKey() + " for user :" + userId + " found: " + hasPermission); + logger.trace("Permission: {} for user : {} found: {}" , perm.getKey(), userId, hasPermission); } else { logger.error("AAF client not initialized. Not able to find permissions."); } @@ -183,16 +172,16 @@ public class Cadi3AAFProvider implements AuthorizationProvider { return "CADI_AAF_PROVIDER"; } - public String authenticate(String userId, String password) throws Exception { + public String authenticate(String userId, String password) throws IOException { - logger.info("^Event received with username " + userId); + logger.info("^Event received with username {}", userId); if (!enableCadi) { return null; } else { if (userId.equals(kafkaUsername)) { if (password.equals(apiKey)) { - logger.info("by passes the authentication for the admin " + kafkaUsername); + logger.info("by passes the authentication for the admin {}", kafkaUsername); return null; } else { String errorMessage = "Authentication failed for user " + kafkaUsername; @@ -203,10 +192,10 @@ public class Cadi3AAFProvider implements AuthorizationProvider { } String aafResponse = aafAuthn.validate(userId, password); - logger.info("aafResponse=" + aafResponse + " for " + userId); + logger.info("aafResponse = {} for {}", aafResponse, userId); if (aafResponse != null) { - logger.error("Authentication failed for user ." + userId); + logger.error("Authentication failed for user {}", userId); } return aafResponse; } diff --git a/src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java b/src/main/java/org/onap/dmaap/kafkaauthorize/KafkaCustomAuthorizer.java similarity index 77% rename from src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java rename to src/main/java/org/onap/dmaap/kafkaauthorize/KafkaCustomAuthorizer.java index 950cd9f..09f704a 100644 --- a/src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java +++ b/src/main/java/org/onap/dmaap/kafkaauthorize/KafkaCustomAuthorizer.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,7 +19,7 @@ * * *******************************************************************************/ -package org.onap.dmaap.kafkaAuthorize; +package org.onap.dmaap.kafkaauthorize; import java.util.EnumSet; import java.util.Map; @@ -45,12 +46,13 @@ import scala.collection.immutable.Set; */ public class KafkaCustomAuthorizer implements Authorizer { - private String[] adminPermission = new String[3]; - public static final EnumSet TOPIC_DESCRIBE_OPERATIONS = EnumSet.of(AclOperation.DESCRIBE_CONFIGS); - public static final EnumSet TOPIC_READ_WRITE_DESCRIBE_OPERATIONS = EnumSet.of(AclOperation.WRITE, + private final String[] adminPermission = new String[3]; + protected static final EnumSet TOPIC_DESCRIBE_OPERATIONS = EnumSet.of(AclOperation.DESCRIBE_CONFIGS); + protected static final EnumSet TOPIC_READ_WRITE_DESCRIBE_OPERATIONS = EnumSet.of(AclOperation.WRITE, AclOperation.READ, AclOperation.DESCRIBE_CONFIGS); - public static final EnumSet TOPIC_ADMIN_OPERATIONS = EnumSet.of(AclOperation.ALTER, + protected static final EnumSet TOPIC_ADMIN_OPERATIONS = EnumSet.of(AclOperation.ALTER, AclOperation.ALTER_CONFIGS, AclOperation.CREATE); + static final String TOPIC = "Topic"; private static final Logger logger = LoggerFactory.getLogger(KafkaCustomAuthorizer.class); @@ -85,10 +87,10 @@ public class KafkaCustomAuthorizer implements Authorizer { } } else if (aclOperation.equals(AclOperation.DELETE)) { - permission = new String(System.getProperty("msgRtr.topicfactory.aaf") + namspace + "|destroy").split("\\|"); + permission = (System.getProperty("msgRtr.topicfactory.aaf") + namspace + "|destroy").split("\\|"); } else if (TOPIC_ADMIN_OPERATIONS.contains(aclOperation)) { - permission = new String(System.getProperty("msgRtr.topicfactory.aaf") + namspace + "|create").split("\\|"); + permission = (System.getProperty("msgRtr.topicfactory.aaf") + namspace + "|create").split("\\|"); } return permission; @@ -113,7 +115,7 @@ public class KafkaCustomAuthorizer implements Authorizer { case ALTER_CONFIGS: case CREATE: case DELETE: - if (resource.equals("Topic")) { + if (resource.equals(TOPIC)) { permission = getTopicPermission(topicName, aclOperation); } else if (resource.equals("Cluster")) { permission = getAdminPermission(); @@ -122,7 +124,7 @@ public class KafkaCustomAuthorizer implements Authorizer { case DESCRIBE_CONFIGS: case READ: case WRITE: - if (resource.equals("Topic")) { + if (resource.equals(TOPIC)) { permission = getTopicPermission(topicName, aclOperation); } break; @@ -135,7 +137,6 @@ public class KafkaCustomAuthorizer implements Authorizer { break; } - return permission; } @@ -149,11 +150,11 @@ public class KafkaCustomAuthorizer implements Authorizer { String fullName = arg0.principal().getName(); fullName = fullName != null ? fullName.trim() : fullName; String topicName = null; - String[] permission = new String[3]; + String[] permission; String resource = arg2.resourceType().name(); - if (resource.equals("Topic")) { + if (resource.equals(TOPIC)) { topicName = arg2.name(); } @@ -167,31 +168,32 @@ public class KafkaCustomAuthorizer implements Authorizer { permission = getPermission(arg1.toJava(), resource, topicName); - if (permission[0] == null) { - return true; - } else { - - try { - - if (null != topicName) { - boolean hasResp = AuthorizationProviderFactory.getProviderFactory().getProvider() - .hasPermission(fullName, permission[0], permission[1], permission[2]); - if (hasResp) { - logger.info("Successful Authorization for " + fullName + " on " + topicName + " for " - + permission[0] + "|" + permission[1] + "|" + permission[2]); - } - if (!hasResp) { - logger.info(fullName + " is not allowed in " + permission[0] + "|" + permission[1] + "|" - + permission[2]); - return false; - } + if (permission[0] != null) { + return !checkPermissions(fullName, topicName, permission); + } + return true; + } + + private boolean checkPermissions(String fullName, String topicName, String[] permission) { + try { + + if (null != topicName) { + boolean hasResp = AuthorizationProviderFactory.getProviderFactory().getProvider() + .hasPermission(fullName, permission[0], permission[1], permission[2]); + if (hasResp) { + logger.info("Successful Authorization for {} on {} for {} | {} | {}", fullName, topicName, + permission[0], permission[1], permission[2]); + } + if (!hasResp) { + logger.info("{} is not allowed in {} | {} | {}", fullName, permission[0], permission[1], + permission[2]); + return true; } - } catch (final Exception e) { - return false; } + } catch (final Exception e) { return true; - } + return false; } @Override diff --git a/src/main/java/org/onap/dmaap/kafkaAuthorize/PlainLoginModule1.java b/src/main/java/org/onap/dmaap/kafkaauthorize/PlainLoginModule1.java similarity index 85% rename from src/main/java/org/onap/dmaap/kafkaAuthorize/PlainLoginModule1.java rename to src/main/java/org/onap/dmaap/kafkaauthorize/PlainLoginModule1.java index dd21682..f230418 100644 --- a/src/main/java/org/onap/dmaap/kafkaAuthorize/PlainLoginModule1.java +++ b/src/main/java/org/onap/dmaap/kafkaauthorize/PlainLoginModule1.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,13 +19,11 @@ * * *******************************************************************************/ -package org.onap.dmaap.kafkaAuthorize; +package org.onap.dmaap.kafkaauthorize; import java.util.Map; - import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; public class PlainLoginModule1 implements LoginModule { @@ -37,8 +36,7 @@ public class PlainLoginModule1 implements LoginModule { } @Override - public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, - Map options) { + public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { String username = (String) options.get(USERNAME_CONFIG); if (username != null) subject.getPublicCredentials().add(username); @@ -49,22 +47,22 @@ public class PlainLoginModule1 implements LoginModule { } @Override - public boolean login() throws LoginException { + public boolean login() { return true; } @Override - public boolean logout() throws LoginException { + public boolean logout() { return true; } @Override - public boolean commit() throws LoginException { + public boolean commit() { return true; } @Override - public boolean abort() throws LoginException { + public boolean abort() { return false; } } diff --git a/src/main/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServer1.java b/src/main/java/org/onap/dmaap/kafkaauthorize/PlainSaslServer1.java similarity index 88% rename from src/main/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServer1.java rename to src/main/java/org/onap/dmaap/kafkaauthorize/PlainSaslServer1.java index 6213b9b..ae15bbc 100644 --- a/src/main/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServer1.java +++ b/src/main/java/org/onap/dmaap/kafkaauthorize/PlainSaslServer1.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,28 +19,19 @@ * * *******************************************************************************/ -package org.onap.dmaap.kafkaAuthorize; +package org.onap.dmaap.kafkaauthorize; -import java.io.UnsupportedEncodingException; import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.Map; - -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; import javax.security.sasl.Sasl; import javax.security.sasl.SaslException; import javax.security.sasl.SaslServer; import javax.security.sasl.SaslServerFactory; - import org.apache.kafka.common.errors.SaslAuthenticationException; -import org.apache.kafka.common.security.JaasContext; -import org.apache.kafka.common.security.authenticator.SaslServerCallbackHandler; -import org.apache.kafka.common.security.plain.PlainAuthenticateCallback; -import org.apache.kafka.common.security.plain.internals.PlainSaslServer; import org.onap.dmaap.commonauth.kafka.base.authorization.AuthorizationProviderFactory; /** @@ -62,6 +54,7 @@ public class PlainSaslServer1 implements SaslServer { private boolean complete; private String authorizationId; + private static final String AUTH_EXC_NOT_COMPLETE = "Authentication exchange has not completed"; /** @@ -105,13 +98,13 @@ public class PlainSaslServer1 implements SaslServer { try { aafResponse = AuthorizationProviderFactory.getProviderFactory().getProvider().authenticate(username, password); - } catch (Exception e) { + } catch (Exception ignored) { + throw new SaslAuthenticationException("Authentication failed: " + aafResponse + " User " + username); } if (null != aafResponse) { throw new SaslAuthenticationException("Authentication failed: " + aafResponse + " User " + username); } - if (!authorizationIdFromClient.isEmpty() && !authorizationIdFromClient.equals(username)) throw new SaslAuthenticationException("Authentication failed: Client requested an authorization id that is different from username"); @@ -144,7 +137,7 @@ public class PlainSaslServer1 implements SaslServer { @Override public String getAuthorizationID() { if (!complete) - throw new IllegalStateException("Authentication exchange has not completed"); + throw new IllegalStateException(AUTH_EXC_NOT_COMPLETE); return authorizationId; } @@ -156,7 +149,7 @@ public class PlainSaslServer1 implements SaslServer { @Override public Object getNegotiatedProperty(String propName) { if (!complete) - throw new IllegalStateException("Authentication exchange has not completed"); + throw new IllegalStateException(AUTH_EXC_NOT_COMPLETE); return null; } @@ -168,19 +161,20 @@ public class PlainSaslServer1 implements SaslServer { @Override public byte[] unwrap(byte[] incoming, int offset, int len) { if (!complete) - throw new IllegalStateException("Authentication exchange has not completed"); + throw new IllegalStateException(AUTH_EXC_NOT_COMPLETE); return Arrays.copyOfRange(incoming, offset, offset + len); } @Override public byte[] wrap(byte[] outgoing, int offset, int len) { if (!complete) - throw new IllegalStateException("Authentication exchange has not completed"); + throw new IllegalStateException(AUTH_EXC_NOT_COMPLETE); return Arrays.copyOfRange(outgoing, offset, offset + len); } @Override public void dispose() { + // TODO Auto-generate method stub } public static class PlainSaslServerFactory1 implements SaslServerFactory { @@ -190,7 +184,7 @@ public class PlainSaslServer1 implements SaslServer { throws SaslException { if (!PLAIN_MECHANISM.equals(mechanism)) - throw new SaslException(String.format("Mechanism \'%s\' is not supported. Only PLAIN is supported.", mechanism)); + throw new SaslException(String.format("Mechanism '%s' is not supported. Only PLAIN is supported.", mechanism)); return new PlainSaslServer1(); } diff --git a/src/main/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServerProvider1.java b/src/main/java/org/onap/dmaap/kafkaauthorize/PlainSaslServerProvider1.java similarity index 91% rename from src/main/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServerProvider1.java rename to src/main/java/org/onap/dmaap/kafkaauthorize/PlainSaslServerProvider1.java index 441a023..b9fbf7a 100644 --- a/src/main/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServerProvider1.java +++ b/src/main/java/org/onap/dmaap/kafkaauthorize/PlainSaslServerProvider1.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,12 +19,12 @@ * * *******************************************************************************/ -package org.onap.dmaap.kafkaAuthorize; +package org.onap.dmaap.kafkaauthorize; import java.security.Provider; import java.security.Security; -import org.onap.dmaap.kafkaAuthorize.PlainSaslServer1.PlainSaslServerFactory1; +import org.onap.dmaap.kafkaauthorize.PlainSaslServer1.PlainSaslServerFactory1; public class PlainSaslServerProvider1 extends Provider { diff --git a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactoryTest.java b/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactoryTest.java index 7f441f0..bf7890e 100644 --- a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactoryTest.java +++ b/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/AuthorizationProviderFactoryTest.java @@ -20,6 +20,8 @@ *******************************************************************************/ package org.onap.dmaap.commonauth.kafka.base.authorization; +import static org.junit.Assert.assertNotNull; + import org.junit.Test; import org.junit.runner.RunWith; import org.powermock.core.classloader.annotations.PowerMockIgnore; @@ -31,8 +33,7 @@ public class AuthorizationProviderFactoryTest { @Test public void testFactory() { - AuthorizationProviderFactory.getProviderFactory().getProvider(); - + assertNotNull(AuthorizationProviderFactory.getProviderFactory().getProvider()); } } diff --git a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProviderTest.java b/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProviderTest.java index 1a2bd95..4f9de3d 100644 --- a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProviderTest.java +++ b/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/Cadi3AAFProviderTest.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +25,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; import static org.mockito.Mockito.when; import org.junit.Before; @@ -31,11 +33,7 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.mockito.MockitoAnnotations; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLur; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.modules.junit4.PowerMockRunner; @@ -48,21 +46,15 @@ public class Cadi3AAFProviderTest { @Mock private static AAFAuthn aafAuthn; - - @Mock - private static AAFConHttp aafCon; - - @Mock - private static AbsAAFLur aafLur; - @Mock - private static PropAccess access; + static { + System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties"); + System.setProperty("enableCadi", "true"); + } @Before - public void setUp() throws Exception { + public void setUp() { MockitoAnnotations.initMocks(this); - System.setProperty("enableCadi", "true"); - System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties"); cadi3AAFProvider = new Cadi3AAFProvider(); } @@ -73,14 +65,12 @@ public class Cadi3AAFProviderTest { @Test public void testHasAdminPermission() { - assertEquals(cadi3AAFProvider.hasPermission("admin", "permission", "instance", "action"), true); + assertTrue(cadi3AAFProvider.hasPermission("admin", "permission", "instance", "action")); } - @Test(expected = NullPointerException.class) public void tesAuthenticate() throws Exception { - System.setProperty("enableCadi", "true"); when(aafAuthn.validate("userId", "password")).thenReturn("valid"); - assertEquals(cadi3AAFProvider.authenticate("userId", "password"), "valid"); + assertEquals("valid", cadi3AAFProvider.authenticate("userId", "password")); } @Test @@ -92,5 +82,4 @@ public class Cadi3AAFProviderTest { public void tesAuthenticateAdminwtWrongCred() throws Exception { assertNotNull(cadi3AAFProvider.authenticate("kafkaUsername", "api")); } - } diff --git a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/JUnitTestSuite.java b/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/JUnitTestSuite.java deleted file mode 100644 index e9b52d1..0000000 --- a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/JUnitTestSuite.java +++ /dev/null @@ -1,41 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP Policy Engine - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dmaap.commonauth.kafka.base.authorization; - -import junit.framework.TestSuite; -import org.junit.runner.RunWith; -import org.junit.runners.Suite; -import org.junit.runners.Suite.SuiteClasses; -import org.apache.log4j.Logger; - -@RunWith(Suite.class) -@SuiteClasses({ AuthorizationProviderFactoryTest.class, Cadi3AAFProviderTest.class }) -public class JUnitTestSuite { - private static final Logger LOGGER = Logger.getLogger(JUnitTestSuite.class); - - public static void main(String[] args) { - LOGGER.info("Running the test suite"); - - TestSuite tstSuite = new TestSuite(); - LOGGER.info("Total Test Counts " + tstSuite.countTestCases()); - } - -} diff --git a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/TestRunner.java b/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/TestRunner.java deleted file mode 100644 index 7f7ea11..0000000 --- a/src/test/java/org/onap/dmaap/commonauth/kafka/base/authorization/TestRunner.java +++ /dev/null @@ -1,41 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP Policy Engine - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dmaap.commonauth.kafka.base.authorization; - -import org.junit.runner.JUnitCore; -import org.junit.runner.Result; -import org.junit.runner.notification.Failure; -import org.apache.log4j.Logger; - -public class TestRunner { - private static final Logger LOGGER = Logger.getLogger(TestRunner.class); - - public static void main(String[] args) { - // TODO Auto-generated method stub - Result result = JUnitCore.runClasses(JUnitTestSuite.class); - for (Failure failure : result.getFailures()) { - LOGGER.info(failure.toString()); - - } - LOGGER.info(result.wasSuccessful()); - } - -} diff --git a/src/test/java/org/onap/dmaap/kafkaAuthorize/JUnitTestSuite.java b/src/test/java/org/onap/dmaap/kafkaAuthorize/JUnitTestSuite.java deleted file mode 100644 index 9486662..0000000 --- a/src/test/java/org/onap/dmaap/kafkaAuthorize/JUnitTestSuite.java +++ /dev/null @@ -1,41 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP Policy Engine - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dmaap.kafkaAuthorize; - -import junit.framework.TestSuite; -import org.junit.runner.RunWith; -import org.junit.runners.Suite; -import org.junit.runners.Suite.SuiteClasses; -import org.apache.log4j.Logger; - -@RunWith(Suite.class) -@SuiteClasses({ KafkaCustomAuthorizerTest.class, PlainSaslServer1Test.class, PlainLoginModule1Test.class }) -public class JUnitTestSuite { - private static final Logger LOGGER = Logger.getLogger(JUnitTestSuite.class); - - public static void main(String[] args) { - LOGGER.info("Running the test suite"); - - TestSuite tstSuite = new TestSuite(); - LOGGER.info("Total Test Counts " + tstSuite.countTestCases()); - } - -} diff --git a/src/test/java/org/onap/dmaap/kafkaAuthorize/TestRunner.java b/src/test/java/org/onap/dmaap/kafkaAuthorize/TestRunner.java deleted file mode 100644 index 829d18d..0000000 --- a/src/test/java/org/onap/dmaap/kafkaAuthorize/TestRunner.java +++ /dev/null @@ -1,41 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP Policy Engine - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dmaap.kafkaAuthorize; - -import org.junit.runner.JUnitCore; -import org.junit.runner.Result; -import org.junit.runner.notification.Failure; -import org.apache.log4j.Logger; - -public class TestRunner { - private static final Logger LOGGER = Logger.getLogger(TestRunner.class); - - public static void main(String[] args) { - // TODO Auto-generated method stub - Result result = JUnitCore.runClasses(JUnitTestSuite.class); - for (Failure failure : result.getFailures()) { - LOGGER.info(failure.toString()); - - } - LOGGER.info(result.wasSuccessful()); - } - -} diff --git a/src/test/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizerTest.java b/src/test/java/org/onap/dmaap/kafkaauthorize/KafkaCustomAuthorizerTest.java similarity index 98% rename from src/test/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizerTest.java rename to src/test/java/org/onap/dmaap/kafkaauthorize/KafkaCustomAuthorizerTest.java index 7f01be4..098d472 100644 --- a/src/test/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizerTest.java +++ b/src/test/java/org/onap/dmaap/kafkaauthorize/KafkaCustomAuthorizerTest.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,7 +19,7 @@ * * *******************************************************************************/ -package org.onap.dmaap.kafkaAuthorize; +package org.onap.dmaap.kafkaauthorize; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; @@ -62,14 +63,14 @@ public class KafkaCustomAuthorizerTest { AuthorizationProvider provider; KafkaCustomAuthorizer authorizer; - + static { System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties"); + System.setProperty("enableCadi", "true"); } @Before - public void setUp() throws Exception { - + public void setUp() { MockitoAnnotations.initMocks(this); PowerMockito.when(principal.getName()).thenReturn("fullName"); PowerMockito.when(arg0.principal()).thenReturn(principal); @@ -85,13 +86,10 @@ public class KafkaCustomAuthorizerTest { @Test public void testAuthorizerSuccess() { - - PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub")) .thenReturn(true); authorizer = new KafkaCustomAuthorizer(); assertTrue(authorizer.authorize(arg0, arg1, arg2)); - } @Test diff --git a/src/test/java/org/onap/dmaap/kafkaAuthorize/PlainLoginModule1Test.java b/src/test/java/org/onap/dmaap/kafkaauthorize/PlainLoginModule1Test.java similarity index 61% rename from src/test/java/org/onap/dmaap/kafkaAuthorize/PlainLoginModule1Test.java rename to src/test/java/org/onap/dmaap/kafkaauthorize/PlainLoginModule1Test.java index 3fd9f0e..33a0708 100644 --- a/src/test/java/org/onap/dmaap/kafkaAuthorize/PlainLoginModule1Test.java +++ b/src/test/java/org/onap/dmaap/kafkaauthorize/PlainLoginModule1Test.java @@ -3,6 +3,7 @@ * org.onap.dmaap * ================================================================================ * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * Modification copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,49 +19,62 @@ * * *******************************************************************************/ -package org.onap.dmaap.kafkaAuthorize; +package org.onap.dmaap.kafkaauthorize; -import javax.security.auth.login.LoginException; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import java.util.Map; +import javax.security.auth.Subject; +import javax.security.auth.callback.CallbackHandler; import org.junit.Before; import org.junit.Test; -import org.junit.runner.RunWith; +import org.mockito.Mock; import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; -@RunWith(PowerMockRunner.class) @PowerMockIgnore({"jdk.internal.reflect.*"}) @PrepareForTest({ PlainLoginModule1.class }) public class PlainLoginModule1Test { - PlainLoginModule1 pLogin = new PlainLoginModule1(); - + static PlainLoginModule1 pLogin = new PlainLoginModule1(); + static Subject subject; + @Mock + static CallbackHandler callbackHandler; + + @Mock + static Map mymap1; + + @Mock + static Map mymap2; + @Before - public void setUp() throws Exception { + public void setUp() { MockitoAnnotations.initMocks(this); + PowerMockito.when(mymap1.get("username")).thenReturn("user1"); + PowerMockito.when(mymap1.get("password")).thenReturn("pass1"); + pLogin.initialize(subject, callbackHandler, mymap1, mymap2); } @Test - public void testLogin() throws LoginException { - boolean b = pLogin.login(); - - assert(b==true); + public void testLogin() { + assertTrue(pLogin.login()); } @Test - public void testLogout() throws LoginException { - assert(pLogin.logout()==true); + public void testLogout() { + assertTrue(pLogin.logout()); } @Test - public void testCommit() throws LoginException { - assert(pLogin.commit()==true); + public void testCommit() { + assertTrue(pLogin.commit()); } @Test - public void testAbort() throws LoginException { - assert(pLogin.abort()==false); + public void testAbort() { + assertFalse(pLogin.abort()); } } diff --git a/src/test/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServer1Test.java b/src/test/java/org/onap/dmaap/kafkaauthorize/PlainSaslServer1Test.java similarity index 80% rename from src/test/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServer1Test.java rename to src/test/java/org/onap/dmaap/kafkaauthorize/PlainSaslServer1Test.java index c354378..6128978 100644 --- a/src/test/java/org/onap/dmaap/kafkaAuthorize/PlainSaslServer1Test.java +++ b/src/test/java/org/onap/dmaap/kafkaauthorize/PlainSaslServer1Test.java @@ -18,22 +18,27 @@ * * *******************************************************************************/ -package org.onap.dmaap.kafkaAuthorize; +package org.onap.dmaap.kafkaauthorize; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; +import java.util.Map; +import javax.security.auth.callback.CallbackHandler; +import javax.security.sasl.Sasl; import javax.security.sasl.SaslException; - import org.apache.kafka.common.errors.SaslAuthenticationException; -import org.apache.kafka.common.security.JaasContext; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; +import org.mockito.Mockito; import org.mockito.MockitoAnnotations; import org.onap.dmaap.commonauth.kafka.base.authorization.AuthorizationProvider; import org.onap.dmaap.commonauth.kafka.base.authorization.AuthorizationProviderFactory; +import org.onap.dmaap.kafkaauthorize.PlainSaslServer1.PlainSaslServerFactory1; import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.core.classloader.annotations.PrepareForTest; @@ -45,16 +50,18 @@ import org.powermock.modules.junit4.PowerMockRunner; public class PlainSaslServer1Test { PlainSaslServer1 sslServer = new PlainSaslServer1(); - @Mock - JaasContext jaasContext; + @Mock AuthorizationProviderFactory factory; @Mock AuthorizationProvider provider; + @Mock + CallbackHandler callbackHandler; + @Mock + static Map props; @Before - public void setUp() throws Exception { - + public void setUp() { MockitoAnnotations.initMocks(this); PowerMockito.mockStatic(AuthorizationProviderFactory.class); PowerMockito.when(AuthorizationProviderFactory.getProviderFactory()).thenReturn(factory); @@ -72,15 +79,13 @@ public class PlainSaslServer1Test { public void testAuthenticationEmptyAuth() throws Exception { String response = "\u0000username\u0000password"; PowerMockito.when(provider.authenticate("username", "password")).thenReturn(null); - sslServer.evaluateResponse(response.getBytes()); - assert(true); + assertNotNull(sslServer.evaluateResponse(response.getBytes())); } @Test public void testAuthenticationEmptyUser() throws Exception { String response = "authorizationID\u0000\u0000password"; PowerMockito.when(provider.authenticate("username", "password")).thenReturn(null); - try { sslServer.evaluateResponse(response.getBytes()); } @@ -88,6 +93,7 @@ public class PlainSaslServer1Test { assertNotNull(e); } } + @Test public void testAuthenticationEmptyPassword() throws Exception { String response = "authorizationID\u0000username\u0000"; @@ -102,7 +108,6 @@ public class PlainSaslServer1Test { @Test public void testGetAuthorizationIdWithException() { - try { sslServer.getAuthorizationID(); } @@ -113,7 +118,6 @@ public class PlainSaslServer1Test { @Test public void testGetNegotiatedPropertyWithException() { - try { sslServer.getNegotiatedProperty("test"); } @@ -124,7 +128,6 @@ public class PlainSaslServer1Test { @Test public void testIsComplete() { - try { sslServer.getNegotiatedProperty("test"); } @@ -134,7 +137,6 @@ public class PlainSaslServer1Test { assert(true); } - @Test public void testUnwrap() { try { @@ -159,5 +161,24 @@ public class PlainSaslServer1Test { e.printStackTrace(); } assert(true); - } + } + + @Test + public void testGetMech() { + assertEquals("PLAIN", sslServer.getMechanismName()); + } + + @Test + public void testIsCompleteBool() { + assertFalse(sslServer.isComplete()); + } + + @Test + public void testPlainSaslServer1() throws SaslException { + PlainSaslServerFactory1 plainSaslServerFactory1 = new PlainSaslServerFactory1(); + PlainSaslServer1 saslServer1 = (PlainSaslServer1) plainSaslServerFactory1.createSaslServer(PlainSaslServer1.PLAIN_MECHANISM, "https", "mySaslServer", props, callbackHandler); + assertNotNull(saslServer1); + Mockito.when(props.get(Sasl.POLICY_NOPLAINTEXT)).thenReturn("javax.security.sasl.policy.noplaintext"); + assertEquals(new String[]{"PLAIN"}, plainSaslServerFactory1.getMechanismNames(props)); + } } diff --git a/src/test/resources/cadi.properties b/src/test/resources/cadi.properties index acbb0de..fc14bf1 100644 --- a/src/test/resources/cadi.properties +++ b/src/test/resources/cadi.properties @@ -1,18 +1,19 @@ -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_locate_url=https://aaf-locate.onap:8095 aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm -Challenge=enc:26N3deVSkeOeUORRKhI8aWTMLTGNMgO-EdGT7blB5O3XmNXtHcE4du9Bunz8k7O5 -cadi_alias=dmaapmr@mr.dmaap.onap.org -cadi_key_password=enc:je9_4VCevykPfd24WLzQDzCqokPRfmNsyhwUC3mXcibPFhzvjmCKyws3-r-oZEqo + +cadi_truststore=src/test/resources/org.onap.dmaap.mr.trust.jks +cadi_truststore_password=@MP:Wc^8}%n6tG1kr]MI{:#V + cadi_keyfile=src/test/resources/org.onap.dmaap.mr.keyfile + +cadi_alias=dmaapmr@mr.dmaap.onap.org cadi_keystore=src/test/resources/org.onap.dmaap.mr.p12 -cadi_keystore_password=enc:NHmvDrri9DSkZJ_-GLuOM0e-UGi_RpVgj9xYdpAamEILHm7I2E6rjbOif2G94UYW -cadi_keystore_password_jks=enc:wi5LqsAIJ8W29tFYNiPMgJ86n9BAgOrlcOq2_xPNzb6F5M_r487_GLiQT4iIcXbb -cadi_keystore_password_p12=enc:NHmvDrri9DSkZJ_-GLuOM0e-UGi_RpVgj9xYdpAamEILHm7I2E6rjbOif2G94UYW -cadi_truststore=src/test/resources/org.onap.dmaap.mr.trust.jks -cadi_truststore_password=enc:7U4uOSdXQblnjiDsrqyjXugG4nChBXBBjqZ5amRaCq5yeYzbC9hQpH7BwUzYTa59 +cadi_keystore_password=iAHma{haRm)lJ^ah5Au{nZ;$ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US + +cadi_loglevel=INFO cadi_protocols=TLSv1.1,TLSv1.2 cadi_latitude=37.78187 -cadi_longitude=-122.26147 \ No newline at end of file +cadi_longitude=-122.26147 diff --git a/src/test/resources/org.onap.dmaap.mr.keyfile b/src/test/resources/org.onap.dmaap.mr.keyfile index 88ae118..977f63a 100644 --- a/src/test/resources/org.onap.dmaap.mr.keyfile +++ b/src/test/resources/org.onap.dmaap.mr.keyfile @@ -1,27 +1,27 @@ -WGfF6i2ePMJQ-xNiTEG4qmMOjn6lD4UaQCwsUminLaaGj5ymqQBGQedJFOnhE49UJwwv-pRGJeXP -w-xAgAKArIr7MGRCtGrgau28nl1i4s6Sc1f8FiPkZfavnjlXw9kqtmpswg0sWoR9CvnUSlcMXgyi -ZF4BNenYBYwMOEi5cQN1P0qI6dYOEOFw-wD8tXYMBOjeeF6NjQP5kyk3QXIdktdF12ixmKh2ziMV -yLsJ1nL7Cp4scGLKYKH349tLTEESxdgQYsmljnw5H9OaLPUyFfNn5HqyAQHbd-GTJ-zNcQwvDbQI -bMqi0rlB_Z4NvvZ_6cS7O2NakNMOZoUFdrfDNCh1H2SltxmFwz1hzyU4NWFxF2rzSOdJplJVkb5O -vg4U2lxvAGaNyg2Qz_XbR_mIgLG2pba8doWzNnMImjm8uc4dexWpHmqogHHg2BWVsYfOuEV7HL-b -IaJKNrdU2L9vwpxmKzE0LyRnK41nZ1w22BHUck3FoLSZfOBIoV7ufzs7H3b2G8I3Iwh3M9ax44Fu -h3YEbwyTCEJwKr8VH8isyISfUYCzwjvF_MNCfAh4Sv8uXVDv9w2hYuwgw0Gf0kw9UPcKrl6hAYpg -WuoQYgGWuAl8BF1KB08Em1sQ-4Cn_irfjKrIJSRIUyLqZwOz_5HhQCSAhhx8Hk8hf3VPKNWEhkoi -zNt6AomxE_LS3qcNrxdR1PAzfvg2Lqd0mszE6bMA4I-Nfm41Ji47b4ym6bn5BRwJxcFFfRhfw2V0 -BNWU3ipfoKcfKakHNbZERDZ5WREWNqt6Tzw_qde1qWo9s102Uk8At3nfVNKcfxaB3q9TlUGj0sGP -TmqZvRGYABXrAnILPeCnn66ZcY-HF6q-TZ2KHCeRYm2oGJ5M9G4bVIdMK55QDG6yaRxmwjwyWH3z -gvC5dH5hhmY-uUA5gCtskdHxC9eGXpsb-y-zCZkOgRWY_IWCnzJmDqZzij3cnh_iDpBQIecDMUgi -oI3GlOkZv7jffN-5k2lREpmIH14CjpQCwBcTWoBsMeJNgIXBGoZj3N8gxelQ1n6YUNGm5yflviGa -pIbCgLRXwUsalOj6WQMSHSwTUuV5S_DmWTYc7vYPfyDQeO0XoiNDGFRZt11J55KvcKYZ3l8KZxPl -YqwD1qmV9A46746FLBvxeIfaiAtS4TTtUcUINDF55ywRCIM6SnFwL7fk82qmv8sYKlyBuAnfS75b -1nW8bFvJyrVdQdl9VIbmPZAvEiVPo7sj6t9xUxxhfv-vYT45prl8xR3TetIWuQH_sLhj7Cc9-Foh -BvWniCcQtQbZhdB383MibWYDtQUje9xa9O4gCkebqW0uTbz1YtezhgOH5R6O7tsYfLzPOGiFAYAS -VhrtRQCslAcUPCMYFlr5UUIMPNyocyligiR4TQxFxpXN3yb0dyQUjdY9Utf-fdjYC9IRqWQ4XlKa -Om9b9p2n5p3C4HQbuvKd1Gl4d1aZ3IYSfXsJiNdXB5xc-_-CzMHiHUu7QeAOQBNzRWbskOIqxLnj -1e5DpiPYq98-dKFWY8dcUtgUdje7CojXToVTRNxzoLf9hRFDTBvMMHY3zasCGG5LymQ2G0PBox3V -vOgRfTuGznBjoYzZr2jhGUF9H0jbRaG7wiyWt1dOOEOCiRMZL2Ct_VMcobVdlMyz_vNYNkzf8Ggu -u5j3dPjfB3a1q-GOuxeKU1GSQNW2kYPJNR37o-2HR_-NIXddwGPEHPnesRgZoWmwCEn32SrLXRqL -9QROJQAC4OOm9TqYX0iFYbCNM-qfdlwkgdBn7ZXeKATVVipiytugwJ9jLFrcXlUrNInuMFdxnt5a -hRAZjQcYsSx8OJLJqtoDrFYH-bjEahgTTpxjNfJEojPTiiBC72OHAym6XVmMTsw5hFSnqYoPdDxj -02NQGNs3wZdDRcbBG731RnoLJxdZz5063iwBMjwYzFjwZAtVCyvQkmv628nIwT6OImGlOfEgO88d -iWSOV3FfbORgvQIlzKcY6DawyJLsEAmqQ3Pvx5WffHiaMHTWI38adAIj4ApDIDFfOzSTJlZb \ No newline at end of file +TbnInQ-QMCbTM2Kl9R8DfsTKhwt0nv8PTHooRfzyuHDQD3bHVmU4vjGXeQaFbj1Rq_DcOz6shg8k +mYL0F5L0a-ZxO8id4sbkKqs_BAcRMf4PLJB0X0kBEvAq7Cqt_Hafgq4tz3c_OmutLJlGsWU4AtDe +b68ISK2TG_P1CJGO-Y4xmRC4WW3YxnrL7pWq3r1VJ59KLlCAkL796EGy253lP2Uxl3788uUHZo-Q +h74Yq3sxyyBn2shlH6vhRFOY8PVXO2-ljmBHrQj_NpL62ensYb1cxuGD5mivayGo2g98S3pX2ec2 +jhBB1uXsRSOJ-g1oScB9mDJYkib5l52lNKGw_ZSVaTNh2BP8T-HQjtgpM4lRps6nqLpwzV37u5wi +67a5KIAdQz4txAjBBr62zGBpwkvEOgrtG-fk3Gh6C6C8KwxfUk-mysZNP1SaWLG0U4T05ilnrZa6 +PNqr35wqh_IBfJj2iK1pLqvlFCq8-VDDg1HWNvzlTzyzmlIFNrvHRaskgoM0QNi9ulbQyZ-j6Nsw +l0B4khpNcOt2nc2cnI_jK7yy92i9I3IF4RcubZJSwvL1UEhtbw21XgIaWOcfnCmzIDdUZ33T-eNn +6C6nL4_YAYfSndxOtr25tuUAbq5LWvXKUij1HAaQluN4gBMJxIdY4qm_tcKDxLTsHPTsjujyA_vr +Ut2RWwwIqvUb98Sf2P7r8aIJe6GYrbKMs4mEnbKHzWibaW5z6652EGK20-Z3gvnZaGZ103fcV_4C +IIQUxMmZf8TbPgjMHAP-f-uLCoQ9pPSAFsm3tdQB8IRCsfIFXsg65FPpa2YW7lVpwajCa-hPcGer +pDbT7gKvUNijmcokNFRjjCiMUv8GyXk9xJ1XUB54pb0pZO9Nvswn94FHTpJV8o-ZSeEbnWGYfbFP +gJYtLMrjmoolSQeGOH3gZiLoi_qkscBXhVVQ8_USSouQQPVgs2CgHpYqCrEeul9tIVTEQ6Ae_-nY +IZKHmaEWewIRa7MhP3QzdwbuQ4v5V8D2vYYGrfrTSCOogPx8nwLKhfD1uztbMFb3pZ_qfjEvvL93 +2s8M2tnAGKXOG4z-TLQZmA0KkW32B0IB7XKQBQaElHlkbv2Sibt87APkTk38H4dlGGs1eVRnjmyX +7sIjtbPSCzU9YXr6sRzCQH6qbzdioExUJQYNmraLx8JwJZw-C5_6jUc1jYkGMB3WFGj5i8awxSGM +aPOeH8s6PzwK0M_4hsdl_40S8KVtaMH3541hxpUeTl_wWtlYGyRefHzSB3cEE_UD3ZvKaR56DFFJ +szIVTeNBgZewHPkRyUiUYM3OhUwgbGkLPMA5es60qXGstqGUUZWWGRNOjE8aqQDOMElPpMZOFeqi +m-zaUNU5i0uVpgwfEGVzl5i3jr6qRRnRRYyt7Ufiq_-L4gATQ_FtpO3YR87V9MSqKFoFT1Lr9XSg +_-RSlaZ_uUc6DeplZqD3sExqqz3RcxvyaF1pieFMAv4IUb2-8FwNVSiMymT4g_F98s3iavydu5oy +YtnYVAMgXeMM_O3uLnWX3uyNDWVTmSmYHSm9L0yL84E55Q-KHyjRJ5k5MKqAOmj_NzpdFyJ0zvly +wI145Rr0IErHcrVAaqk7PR1NMoRFnndd3eRWRnsP8JzajvZfJLtLIiR2KRBl8q3Hw55rx0zr7lLu +Wf_tRnAHfhdvwaTXZiGWPDTVOm4LlXUYm4WNu2RjEJeKq0aJ8z4aRSynxAE95xBn4wPEgu76l97X +ipIYDz8Fv2VD4k2Oe358FtQri6wxeHV_0PVJqwSGthn3X9aDpfrAl4scUU8SoOG6CGkWRM1U1ALv +2pv7aYrdv729j-2F8UTdXYDCxg8nlXXIi0RekPviB-AhQRX9vt4z4z6ePFXKIZqf5Lt0diG4rz_z +-tN7Vyb21CsgcE-yDk_yonyp66G1dOFMaJd-FXelfyx-9-0PskvRCrD_OMspAqb7xqDyML2CSZxs +BvDTH9V-5Ixr72FlA3jecd9SJwCE_icpdqttZnkF-Gu7DN2dHM31WIX7ivnwef2YmxtglwKL \ No newline at end of file diff --git a/src/test/resources/org.onap.dmaap.mr.p12 b/src/test/resources/org.onap.dmaap.mr.p12 index 41c82b0cb2eab3a0fa77173d07cffc1de4f2b126..589075ee13adb04c8ad492dc204ab466dc8596fa 100644 GIT binary patch delta 4538 zcmV;r5k>B$A)O>5FoF^p0s#Xsf)UaN2`Yw2hW8Bt2LYgh5yJ$65x+2k5xbEhMt?n! z&T&7`>_N2#pX=Dth<$k&a*hH60K-rOf&|E1?&;34k2DFa`J4&7MXv4qtZ4LH8v4We zLAb5jbU}VXI);3#DkH=DGGiYbR2$eZ`LaX=qp2#rXSsJ4SyW`@;L0-aOf-YcX)p2I z95!a+RaRQ-YB%$ax5vrC#q`29f`6mF6HNOd;#Yg0@rtBglvO&&DZJP&^26S zz!Z*}X&4VlI(!i7vCSK-TVzF$}$o+a=R4Ys1s0a!v&{K0#XlF zY7KPfALK14Nzldjao-Hv9Di80Uw8_QW#x;SLp*41IK41%tqcHk7T(~adFD$iY!yYs zJ7i}z{of5j#}5tEb=$Qw>3G-8ppnv&;Hk&+sFCg#miIqBVL0$STbS^wGCb?yEBx(# zU+AG6?ujnhP={F1CU~Q-+`KGOkJHWmlbHdeZLaM|!<)#qI@|7kDSxPg3%rTeXBc%V z-|S)HECyQZM2~(!S?%4pTAvnK;oVjB2C6wW@1*xSw ztE?I8!PSBeX>yZ!)_;){k~6g7uOS&D{L&~%5)ene%X2G5{yjU#?aXjA_P5^Q92PGH zu5@Wu7@6CY?b12D9op!zY?Yq7;!3wyX;*h|nh%&$>ju6hEwR%CTi`l*yz3p0f2e<| zLhT|i?%qTg|AU*M)6VrCY5c7KYn))Qj=9oE*2vLP~>KBZeV#lyAmg$#cE&$-K4w`PE zauMvWSno1b^eRrM0E%@cJO=hETQhZPKbmSl-mi9ZFH?j)Bs1O_2$=RD4|;92+e{ok z1-9ZJ#moWK`8oN)PJPP8-&WHrOzcEMixCIOBV4w@C4cbh1lG+AX@An}thY|#+Y4lF zIOj0+-!?P&tuw=|K1&5%P_}OT)-iOW$GtEbUTFQ{cRw}c64G% zp?sSja?LEN=w0GgZEpxyHqzCorf#d}o!8ZexGKd*vu!8Xn}u{*(Aur{3fhoc72Jeb zz+J-l=zo6O4&i*Vw^rqV&k&=+z$gXCjNg|--`+4>ir5D#u9>DBu~G2+R>&J^K0!Pn zbJ9%s=u)F7PfYia;nK60{Uh#nAI3xSQ}y4cN;{m<7O2PhVno=B;M(%dbUwYIq%egm zv|gPj-lzxlWPn6vF=jA91_>&LNQU&L zNQU_oA$<6?vJZeLOL7=5&@aL91sz8revo07P(IHch)SlMkLIFV%78_o znt@@MZaw(2wCakY4%;2cT<7P-Rf0Y^hP>H3|ECAOligM&ii#5>kfsDw~kvwup&6awK9rAL<2_T0Tw&vKa^7u;J) zVH21K4OLvU^h^3}z4!6k>lRkSIzeAZbWUtj@hH$U*7F~dCR}g(cXgqPi)vmr`WjHw zbg;hASrL-;PQB6X4gXV%LfH`xM0E&j0Z59?t`+9XOc=XyvTzQN_ygojiVCZQ-qzj6 z#eeqDBSD%9aEq*O8Y8=rnhpCxt%VrGn2QIwDdS)FnKd zX=bzbPR~N zK^y_H33D6pQ$M`^-h}yUawQdN_;pg)pxI!(^J0`99M)X6bkb(g0#v=PieYw0A#8SQQj0`VS$9jDVnif4gA0-pmg`=iYfYK@y?0M*b1aS5Aujdx*3cBWIoda3ghm}(Cwe_#E zMyG92)8L2v2~VO~5EmE|J|Ci^SkrXz)f)_{xlJ_U*oN#n#TUZ$UkQ|vA0|W$N1KVb zWuHicN;RMxUdu#a(rN7-h{XmwcYlC^1I5qSpdj!G$ika>M1jJ34hYHCP5^+5-H=AV~y1ox&ro%>62iJ7c&*J@h(C|Ewh@_!Wa>##eJ zsrLZGfUd6eC2=r)S*b9BkIxObIRg{&O8T=hli}lF<~h(dZGvTOyrkkl^#(a?8WYa# zY@JLC06aC|EN*Ya6h|U^EU0W^K*|>IXwlnW!GpyX+AgkbE2C+$i_*GVF$~Jcce%>A zlPA8tU;xx9c4k<5%NMV3FV#g%)psdf>ZC78Z<=j7{Y` zkk+8#@3_-_z(bCqa^u7IKtR~6mu3BGu0t!HCv3NMkyjU9yh@o03wVAbKhYOINoL;7 z`yD|Fo#%7dqCK*7%FgZk3ruuL6_wL6OC?(m@577fwVoNelbHCC#(+saqjYL7e4_Xd z5p)a-IT=+wD9J9ab$<&ZqW&hKsNMchXzf__)Ktfm6R=EYBMz2i#SoB9#7dC97~|8j zGj_e7hT>-=&hcNjxvZa(r51{B#4LC6Vf@m6e;^AMjflBuOf~Id-_LJ}#ZY+j5+qhv zngsi9-#5j*$OI$8sSl`f-w3Vz7wBUo%gi*=akZ2;%MrMz5`U1Q#Rx`X#fPuX!n%_xPeZX-ct+4LLsHo?oQ-AXAigu+4T-v5n9sA zebiRTEg04R8waA0J)8mwC{>bbRFzk{FNEM*NUx=}1b=#-+Hh76#F!SUv(VBE-TM@5 zpZg-AjH7QS6{#7mB(URL&v{}u>Mw>M+`b%k<2P%@C8c;z5S@O!6a{7E!d6aQekIhr z|L-Rlv8AC!POk8K4sbN_j!|Dj@m1)tFf^lUYOT0uT-Xxg#B4yX7*PqJ>tjo%hkE66 z@^=g5qkp9E+h~zdz&BKXGxgw~_CG|7T4T*9i3VblJ7PTl{{pW)aep*(OI9%Pq@DT6 z25e{zlvkI0(l=BX#a11cM*Kwbo`)zjlcv0tew3!e(E?`hvc3i6UCpu+Io!hme*C1t zf!=-adq1fF8pBSLa6-3TS%ZvwfTl;(?~#{FuYb-eAltWbIZwCTt-SCGAGt+Ba=?Pf zC6(nz>^)PwaE-pi`>S5mTEfqwyv}@7G@V|>{Sc0rb9&q!A}PL5&k#{435h0XA=$84 zktt^qh!-f@zO0m<@Bd1#gMlG2_1&D!O3kXZEtHN528LuzDTuR#`3$!10x9emGmpsz zGJo5j+7=)m>J;Ee?)*)oHU|mIHkv_7h8LFl^S4WP*MU9j9W7>m<##Q@`11nFUV`|N zBoa1MrRuiCC6JMz3*!ZO$&Ew`Ru3%!00a-35H8bVb)5TBvy4_frbqFb7YJ=Z2G3Bh zTCZ-`ETzaMf}k&hzD{E$>IkNFC1@755nE57hT zv9x0dAq~ACg7_3eL%S*u=7gQ$aLWfx+x&)s9?CIC!)J{tp`qHDLDNDRS9ufX8p`xh zl0L*Y2chRV%Lc5>fbfOpp89=WWL~cT?`UQx9#k6EcuxPh_6^vbJ!SMt_Hb zV8{F}{9g6qid6SlkZ;6MFTe(G<~@6Siu90Zn4Aiy=CQo@1ZxSopYf4&B@4x(%(XuwJI<*& zsw6%+5f4j*Ke~};e$x>((s7z6n15RYO2V^%kb}JGH9}V8LU#P`oGOKOmzu#3_Z)e9 zVyyBhTBDaBd)cK;HJdyz)VsFHtZClAbIpip;XajN-YjPJL{D;{O1ij-w!AZ*-o?ID zJ%7skv(hYb)g+fW(_4lHkr0M=RQir~7lF`y-B5}YcQhB881WpDSgoD_^nW-tTlpVB zfBboI7Y3tTH!@G0Iws36g7a=3g2oxyiZ_EQ=F)Q)g)e?vZHcOqemrnx+17nw6>lk1 z+%Z~LV-DJ-b5kR-C!G(Rx`4P&@*|Qc#^DqkOGjy)PJqdP&8aH*=_P&k{58N zBAObgjxcTsDkLw_HPp=q)M4T=NlRNjfHe&J+NC-q&!1U+q}l8xS_nEE8k=ZG zxhkomi><$TFg`FLFbM_)D-Ht!8U+9Z6lH@xuMEdPizea0QBqg&azNw!Z3Glsq YyehXDOG8djq6;Cut*q;~0s{etprbCZZ~y=R delta 4159 zcmV-F5Ww%9B&8uDFoF=F0s#Xsf)H8;2`Yw2hW8Bt2LYgh5K9Dt5JxbA5JQn7Mt|Z{ zD7T107w5k)b)TB}^FGvY^w0tW0K-rOf&|FGQD7RshZBu%5I2D~L{jFt>R%A=eyHpy z=Uk{S=9}oQ+sE`{Iuj1np<2P@IJ!Dr;+zGJ7WE*bpVO8Q>jr&EU>JwVpa=NqmjFGI z$}oFqn=IZ5ondubqdXHUEl*e%tKQLoF20GemZB|JKm3*k9}tPoSaMSCh7$ zebE-iK?9N_Eo)2<(3=YLHgemYfLW`YgC-8(g23P~%JSK}T7c7wCy(fve}5>O6Nm=@g<9Xk~n`g6kZ|(x{7~|y5~@r-{;JBixo=Z4i8?%`D{by+3a~8=1Uh=% zN93uS6^Q)V?ElmOIHg{uyX#Si2ou{ouMY6_A9X%<^a2h7mu$o0lNn3N*eoXY#(DzL z{g}yuj`-$$g3CV2cr}P2Y{N$x+g(3k+0|Oh9U3)Lck7lDJzs%*6MQLgU!`eccV%)J;{F zy>YH2^3xVj_>x|u8!9R(F5unu4{0h+>QvOAqC(mQg$+$q6;DQ$XP~Z z?dt#YND*vW|2MbPA%D<*86`7nt&j6m7=>?wL7y`>UClC97*HVjegEnNXT7=wag3Mm zAO2Z^fIiG8b?9?9k5I)KV8N)f^5?5&*32(3i((S7?uaPQad&-EPEok0#87UwnvU(+ zN%WI+I8wA)R5Ef@KGlrzixCvZ{mu!wY5Jr8HA3D6>XwDPEPp&4L!fe?YkXH&>|^2R zHd%e$>UYoF$B@&5K3{X_U!bIVm(=1r%Ooc5ZleJ-}#1MO!5Q+>x9ACC6v z;qP-AYqfnmX#}wcg)@GeNFu5&Y?Ma|u;dVD#s>izWrm;3O2g0`MW!0>HIv~su6%%G7$aNh56M#5uA2Yhg$%s~M_omW^~#gf`aL~MdV z%FdOF-`J^+3#w+EsL#bt#S&?_Q(VvtoGk*?&iX&V?(lhuM3l%owRifY1uCv+ITUqe z-g4tHr1qLTaN9<&e#UHqmxc>tH`R0uBXJbU#ou`Jx;(YC)F#U9;MU0c+!?F9 zi~gs#^nVx>2L+I^$BD=}QuD;gnbP{<8pB!}f!me5$aInRuHNK_j~w_@!mO}d=6Kx6 zr{+Z0o4Sm^&LNQU&L zNQUR zvj*`X9Panh>!u(ABCAL$p@*pg0|3KNfPxBGCFbTCz%uIGsi>VyM9>4PR_%PQN&oBJ zlF{((tAC^yc6ynK^hR0~~t18%~9nia1I0PS`s z-f57Xknvd@Y#vYq)&Ya`=$yM|nLEwoNuA&}a(^Wifi4t^R5uR;O{sKW8=#Wm-Wfif z*BzXUz#PP@94<{Q9iqAM*x)7V0X>#TI(l2DZ`vY$5-bXJ$-UtzlVA4K)IR%U=new7 zi2D?XtFOkr9794s6B!|c!VzWt)gTcq_!lsE>~@RPdm?~6R1ak85@Jg-Yg$>PgQ3qh z5r5^rMovadbDv;WxDt2ZUnJTauckqZE=4u%4FM^{zKdTJ`RubQJt}Uuvod~u2@!>$ z&^R7)7%+CtttCeO{10wOFzXE3Gvj3E&RL0vHglu~s}r;i%pKnE*OI)zUZE@~{1Wsq z28R+jvv})cj<2R~gPe9DpsCa%@h^9v&VSH}aMLkr&@1=C@H5ROX|`V$@_;NFZYnC1 zfZs#L1^8@w!>qPQvmjtBF}$m9GK)jhw>YTwoipukL`{Ug`58Qyu$U6UG5J!4d{ZXD zQcKmfDT0N`3(SVRye2hvCL2A`tUJ34JEc3Bjv&a&{Ki(L)?Jn;{BYf$f8raBB!86N znxcCf#wjVtRD|e9Auk6*aP-|xWej|EWF+EPYUz@lOz%L55h;bZm%=;`&(_k(Vt&Y- z1I@W}7@~fe?Np^9WcAk#`sYV(ZUD8SGEo#j0Z~?{EU?L2BpyN`x-;31`@2b!3;|nP z4hE6URrV}wgKt)$p?8tAJK}uKd4GJWBzsxUM;*Z?Tk%LS&QGkITW0TqhOyAz)*AOo zSO0@?u*(fR#8>?lLbT7GNn^3|1M8&$O`ZiH4`fy5K)aFqYJU(OoKc^_ zG|dj`k_?~cb9l`aY`+|g(g-W6#o7r!Gag`woz5qTs%VKvCXdXi4?*W=h@fv3exPHp z))k$0_9{!Kf&6U@oyCB9(Q)(pe(3p$!7~8Af>E%~hM6K&mKD&L)XBcjWuJ9`SRdYN ze|X9%FELUgdywu*h}}g6S$~YCo7r!V0Gz7lT`VSI8{!A{Z$=RXl|JGJN=J}MnL>n! zT$Yk_*J}M+iQ*xm0#+$H!nmo5eu~F4*~2`PsHuOq&Xq8Fe^_q38h7*mky)$S^O3=w zOu3Komhw^B`9ix)Pns*k;2ZWN`UF|*NcFI8yS}Cv!b@K^B?aH~T=WY(rxb!~rq6o>Wam?x z;F@!iLAlcF@clMK01KIm6VIULJE3zL1FM}Er?Ke)octq~3_ax?UtMkVd-bR;e{voZ zbBEVYgyk`BJ)OW(6o0=XOG<+`XSGcFb?x$r@K2bMxWMl;zbme`P4zd_ql>}H-WQ&B zk-y9H-*Wy=R&5zH(H$%Nj0CJg`m#ArW>BGh6$%#@EMPA$jHuo0^M*+?Q zbUq<=p;2vS7`L?kjJyecmpY$3NMn_D&&vMW{iIddRCg9M|IS2oY@O|Q=)HkMo#2QA~jRW^9`rd^Dw!V4hJv;Lco#Q zOjCDbrCxvofqw<3U0oeDFY^@wC^;Nk)YTbx^YUYg;yVPs56Okd(q7%E{=M{@>H^dE zwL<<5fdv3Uzx5}04Fx03)H^_5BD10A{zAa}c#6-MSDxiWIOo`8%E(m2P zzO96~8c>Pw5Iin}>@r8yLvEtOxyli;6d0iPy&amPX-+Yy5Ojgkx z+7qTqd6boyWc$=?VHGmt&EH8i1Wsf>%Et24G8O-O5+&~08w?%{=JBu zmT9=!ALyM6=BhHS10>B6lAejNkT)#e%71>Yl=$U+jnm9eOADv2Ao$(PLbdC!wT?*> z+F(iY&F@Atz9EVCPUFXjR%HoPkj>m(v>FmI&g9gKav%Sj1>tzL;cJPMxPC84JR4rH3o!n{vwh1ji0V|Nvs>whOZ zFD{E^VvO^EXwJAMBkO$(rkMD!P@I2lj*^Fl-FO0h$fGHl<4%Ry*wN=(m1N9~Z+aDr zpN_4~F46Sr1I>A|oSf?Rq@V~~%?YO^(!u*2u4zBVy3tXLrJy*-5IFAq#8Rp;FFRL6wyYQRp2m;J73E}ia(%`?2D=V3mrTJ2r=VkqlMtDWJ*tUgG;a4%~i!cHItn|23o*$Q<^#< zV4n=g762iS071*;2TKe-gEA!tLSMQ#l+{{__JJ-)X-WhBw$u&I$Kv4*x_`y0L_B9~ zJJy}ZZle0nd1TNIoM234kMp760zouNwu$PMQwrUy;p;1qBZ0v@{bdrQHZ^Fg$F-=W z5x5x3#!z&JQM2%~xXO_jE~en{gxujKpxp3#A(WXoaX*pQd*@xHR|f82zmig_Z=V?p z&x9=AwGB9eKaMW$N#RVhTYr)c%uJpwo|CvA%NKKo49xw)T$6_g_i-Z5?HBDVP;zU< zr6Cs;t{MpfvcywT%}xo0)%uvY#A&M(ys5vuSrk#UIdLH}k5@IVmFdG>R4_g;AutIB z1uG5%0vZJX1Qap-O8}{K%8;*P&+iQYKwkp{kER3^H}`V3+CNf%oFk051k^F9N*s+7D>;M~q5HkP( -- 2.16.6