*/
package org.opendaylight.aaa.cert.impl;
+import static java.util.Objects.requireNonNull;
+
import com.google.common.base.Strings;
import com.google.common.util.concurrent.ListenableFuture;
+import org.eclipse.jdt.annotation.NonNull;
import org.opendaylight.aaa.cert.api.IAaaCertProvider;
-import org.opendaylight.aaa.encrypt.AAAEncryptionService;
-import org.opendaylight.mdsal.binding.api.DataBroker;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.AaaCertServiceConfig;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rpc.rev151215.AaaCertRpcService;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rpc.rev151215.GetNodeCertificateInput;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rpc.rev151215.GetNodeCertificateOutput;
* the shiro.ini file for more info.
*
* @author mserngawy
- *
*/
-public class AaaCertRpcServiceImpl implements AaaCertRpcService {
-
+final class AaaCertRpcServiceImpl implements AaaCertRpcService {
private static final Logger LOG = LoggerFactory.getLogger(AaaCertRpcServiceImpl.class);
private final IAaaCertProvider aaaCertProvider;
- public AaaCertRpcServiceImpl(final AaaCertServiceConfig aaaCertServiceConfig, final DataBroker dataBroker,
- final AAAEncryptionService encryptionSrv) {
- if (aaaCertServiceConfig.getUseConfig()) {
- if (aaaCertServiceConfig.getUseMdsal()) {
- aaaCertProvider = new DefaultMdsalSslData(new AaaCertMdsalProvider(dataBroker, encryptionSrv),
- aaaCertServiceConfig.getBundleName(), aaaCertServiceConfig.getCtlKeystore(),
- aaaCertServiceConfig.getTrustKeystore());
- LOG.debug("Using default mdsal SslData as aaaCertProvider");
- } else {
- aaaCertProvider = new AaaCertProvider(aaaCertServiceConfig.getCtlKeystore(),
- aaaCertServiceConfig.getTrustKeystore());
- LOG.debug("Using default keystore files as aaaCertProvider");
- }
- LOG.info("AaaCert Rpc Service has been initialized");
- } else {
- aaaCertProvider = null;
- LOG.info(
- "AaaCert Rpc Service has not been initialized,"
- + "change the initial aaa-cert-config data and restart Opendaylight");
- }
+ AaaCertRpcServiceImpl(final @NonNull IAaaCertProvider aaaCertProvider) {
+ this.aaaCertProvider = requireNonNull(aaaCertProvider);
}
@Override
import org.opendaylight.aaa.cert.api.ICertificateManager;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.mdsal.binding.api.DataBroker;
+import org.opendaylight.mdsal.binding.api.RpcProviderService;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.AaaCertServiceConfig;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.AaaCertServiceConfigBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.aaa.cert.service.config.CtlKeystore;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.aaa.cert.service.config.CtlKeystoreBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.aaa.cert.service.config.TrustKeystore;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.aaa.cert.service.config.TrustKeystoreBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rpc.rev151215.AaaCertRpcService;
+import org.opendaylight.yangtools.concepts.Registration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
* to which AaaCertProvider is used.
*
* @author mserngawy
- *
*/
-public class CertificateManagerService implements ICertificateManager {
-
+public class CertificateManagerService implements ICertificateManager, AutoCloseable {
private static final Logger LOG = LoggerFactory.getLogger(CertificateManagerService.class);
-
private static final String DEFAULT_CONFIG_FILE_PATH = "etc" + File.separator + "opendaylight" + File.separator
+ "datastore" + File.separator + "initial" + File.separator + "config" + File.separator
+ "aaa-cert-config.xml";
private static final int PWD_LENGTH = 12;
+
private final IAaaCertProvider aaaCertProvider;
+ private final Registration reg;
- public CertificateManagerService(AaaCertServiceConfig aaaCertServiceConfig, final DataBroker dataBroker,
- final AAAEncryptionService encryptionSrv) {
+ public CertificateManagerService(final RpcProviderService rpcProviderService, final DataBroker dataBroker,
+ final AAAEncryptionService encryptionSrv, AaaCertServiceConfig aaaCertServiceConfig) {
if (aaaCertServiceConfig == null) {
throw new IllegalArgumentException("Certificate Manager service configuration is null");
}
}
aaaCertProvider.createKeyStores();
LOG.info("Certificate Manager service has been initialized");
+ reg = rpcProviderService.registerRpcImplementation(AaaCertRpcService.class,
+ new AaaCertRpcServiceImpl(aaaCertProvider));
+ LOG.info("AaaCert Rpc Service has been initialized");
} else {
aaaCertProvider = null;
- LOG.info(
- "Certificate Manager service has not been initialized,"
- + " change the initial aaa-cert-config data and restart Opendaylight");
+ reg = null;
+ LOG.info("Certificate Manager service has not been initialized, change the initial aaa-cert-config data "
+ + "and restart Opendaylight");
+ }
+ }
+
+ @Override
+ public void close() {
+ if (reg != null) {
+ reg.close();
}
}
</odl:clustered-app-config>
<reference id="dataBroker" interface="org.opendaylight.mdsal.binding.api.DataBroker"/>
-
+ <reference id="rpcProviderService" interface="org.opendaylight.mdsal.binding.api.RpcProviderService"/>
<reference id="encryService" interface="org.opendaylight.aaa.encrypt.AAAEncryptionService"/>
- <bean id="certManager" class="org.opendaylight.aaa.cert.impl.CertificateManagerService">
- <argument ref="aaaCertDefaultConfig"/>
+ <bean id="certManager" class="org.opendaylight.aaa.cert.impl.CertificateManagerService" destroy-method="close">
+ <argument ref="rpcProviderService"/>
<argument ref="dataBroker"/>
<argument ref="encryService"/>
- </bean>
-
- <service ref="certManager" interface="org.opendaylight.aaa.cert.api.ICertificateManager" odl:type="default-certificate-manager"/>
-
- <bean id="aaaCertRpcService" class="org.opendaylight.aaa.cert.impl.AaaCertRpcServiceImpl">
<argument ref="aaaCertDefaultConfig"/>
- <argument ref="dataBroker"/>
- <argument ref="encryService"/>
</bean>
-
- <odl:rpc-implementation ref="aaaCertRpcService" />
+ <service ref="certManager" interface="org.opendaylight.aaa.cert.api.ICertificateManager" odl:type="default-certificate-manager"/>
</blueprint>
package org.opendaylight.aaa.cert.impl;
import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.BeforeClass;
import org.junit.Test;
+import org.opendaylight.aaa.cert.api.IAaaCertProvider;
import org.opendaylight.aaa.cert.utils.KeyStoresDataUtils;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.cipher.suite.CipherSuitesBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.ssl.data.OdlKeystore;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.ssl.data.OdlKeystoreBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.ssl.data.TrustKeystore;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.AaaCertServiceConfig;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rev151126.AaaCertServiceConfigBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rpc.rev151215.GetNodeCertificateInputBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rpc.rev151215.GetODLCertificateInputBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.rpc.rev151215.GetODLCertificateReqInputBuilder;
private static final String PROTOCOL = "SSLv2Hello";
private static final String TEST_PATH = "target" + File.separator + "test" + File.separator;
private static final String TRUST_NAME = "trustTest.jks";
- private static final AaaCertServiceConfig CONFIG = new AaaCertServiceConfigBuilder()
- .setUseConfig(true)
- .setUseMdsal(true)
- .setBundleName(BUNDLE_NAME)
- .build();
private static AAAEncryptionService aaaEncryptionService;
private static SslData signedSslData;
aaaEncryptionService = aaaEncryptionServiceInit;
// Create class
- aaaCertRpcService = new AaaCertRpcServiceImpl(CONFIG, mockDataBroker(signedSslData),
- aaaEncryptionService);
- assertNotNull(aaaCertRpcService);
+ aaaCertRpcService = new AaaCertRpcServiceImpl(mockMdsalProvider(signedSslData));
}
@Test
@Test
public void setODLCertificateTest() throws Exception {
final var result = Futures.getDone(
- new AaaCertRpcServiceImpl(CONFIG, mockDataBroker(unsignedSslData), aaaEncryptionService)
+ new AaaCertRpcServiceImpl(mockMdsalProvider(unsignedSslData))
.setODLCertificate(
new SetODLCertificateInputBuilder().setOdlCertAlias(ALIAS).setOdlCert(CERTIFICATE).build()));
assertTrue(result.isSuccessful());
@Test
public void setNodeCertificate() throws Exception {
final var result = Futures.getDone(
- new AaaCertRpcServiceImpl(CONFIG, mockDataBroker(unsignedSslData), aaaEncryptionService)
+ new AaaCertRpcServiceImpl(mockMdsalProvider(unsignedSslData))
.setNodeCertificate(
new SetNodeCertificateInputBuilder().setNodeAlias(ALIAS).setNodeCert(CERTIFICATE).build()));
assertTrue(result.isSuccessful());
}
+
+ private static IAaaCertProvider mockMdsalProvider(final SslData sslData) throws Exception {
+ return new DefaultMdsalSslData(new AaaCertMdsalProvider(mockDataBroker(sslData), aaaEncryptionService),
+ BUNDLE_NAME, null, null);
+ }
}