<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>org.opendaylight.aaa</groupId>
-
<artifactId>aaa-parent</artifactId>
- <version>0.6.0-SNAPSHOT</version>
- <relativePath>../parent</relativePath>
- </parent>
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.opendaylight.aaa</groupId>
+ <artifactId>aaa-parent</artifactId>
+ <version>0.6.0-SNAPSHOT</version>
+ <relativePath>../parent</relativePath>
+ </parent>
-
<artifactId>aaa-idmlight</artifactId>
- <name>ODL :: aaa :: ${project.artifactId}</name>
-
<packaging>bundle</packaging>
+ <artifactId>aaa-idmlight</artifactId>
+ <name>ODL :: aaa :: ${project.artifactId}</name>
+ <packaging>bundle</packaging>
- <dependencies>
- <!--Yang Binding -->
- <dependency>
- <groupId>org.opendaylight.controller</groupId>
-
<artifactId>config-api</artifactId>
- <version>${config.version}</version>
- </dependency>
- <dependency>
- <groupId>org.opendaylight.controller</groupId>
-
<artifactId>sal-binding-config</artifactId>
- </dependency>
- <dependency>
- <groupId>org.opendaylight.controller</groupId>
-
<artifactId>sal-binding-api</artifactId>
- </dependency>
- <dependency>
- <groupId>org.opendaylight.controller</groupId>
-
<artifactId>sal-common-util</artifactId>
- </dependency>
+ <dependencies>
+ <!--Yang Binding -->
+ <dependency>
+ <groupId>org.opendaylight.controller</groupId>
+ <artifactId>config-api</artifactId>
+ <version>${config.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.controller</groupId>
+ <artifactId>sal-binding-config</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.controller</groupId>
+ <artifactId>sal-binding-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.controller</groupId>
+ <artifactId>sal-common-util</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.opendaylight.aaa</groupId>
-
<artifactId>aaa-authn-api</artifactId>
- </dependency>
- <dependency>
- <groupId>org.opendaylight.aaa</groupId>
-
<artifactId>aaa-shiro</artifactId>
- </dependency>
- <dependency>
- <groupId>org.opendaylight.aaa</groupId>
-
<artifactId>aaa-authn</artifactId>
- </dependency>
- <dependency>
- <groupId>org.opendaylight.aaa</groupId>
-
<artifactId>aaa-filterchain</artifactId>
- </dependency>
- <dependency>
- <groupId>com.sun.jersey</groupId>
-
<artifactId>jersey-server</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
-
<artifactId>javax.servlet-api</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.felix</groupId>
-
<artifactId>org.apache.felix.dependencymanager</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
-
<artifactId>mockito-core</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.osgi</groupId>
-
<artifactId>org.osgi.core</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.opendaylight.aaa</groupId>
+ <artifactId>aaa-authn-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.aaa</groupId>
+ <artifactId>aaa-shiro</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.aaa</groupId>
+ <artifactId>aaa-authn</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.aaa</groupId>
+ <artifactId>aaa-filterchain</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.jersey</groupId>
+ <artifactId>jersey-server</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.dependencymanager</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-core</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.core</artifactId>
+ </dependency>
- <!-- JSON JAXB Stuff -->
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
-
<artifactId>jackson-core</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
-
<artifactId>jackson-annotations</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
-
<artifactId>jackson-databind</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.datatype</groupId>
-
<artifactId>jackson-datatype-json-org</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.jaxrs</groupId>
-
<artifactId>jackson-jaxrs-base</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.jaxrs</groupId>
-
<artifactId>jackson-jaxrs-json-provider</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.module</groupId>
-
<artifactId>jackson-module-jaxb-annotations</artifactId>
- </dependency>
+ <!-- JSON JAXB Stuff -->
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.datatype</groupId>
+ <artifactId>jackson-datatype-json-org</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
+ <artifactId>jackson-jaxrs-base</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
+ <artifactId>jackson-jaxrs-json-provider</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.module</groupId>
+ <artifactId>jackson-module-jaxb-annotations</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
-
<artifactId>jetty-servlets</artifactId>
- <scope>provided</scope>
- </dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-servlets</artifactId>
+ <scope>provided</scope>
+ </dependency>
- <!-- Testing Dependencies -->
- <dependency>
- <groupId>com.sun.jersey.jersey-test-framework</groupId>
- <artifactId>jersey-test-framework-grizzly2</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- <version>1.7.21</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>build-helper-maven-plugin</artifactId>
- <executions>
- <execution>
- <id>attach-artifacts-idmtool</id>
- <goals>
- <goal>attach-artifact</goal>
- </goals>
- <phase>package</phase>
- <configuration>
- <artifacts>
- <artifact>
- <file>${project.build.directory}/classes/idmtool.py</file>
- <type>py</type>
- <classifier>config</classifier>
- </artifact>
- </artifacts>
- </configuration>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.felix</groupId>
- <artifactId>maven-bundle-plugin</artifactId>
- <!-- override default version so we don't use bnd 2.3.0 when embedding sqlite -->
-
- <extensions>true</extensions>
- <configuration>
- <instructions>
- <Import-Package>
- com.google.*,
- com.sun.jersey.spi.container.servlet,
- javax.servlet.http,
- javax.ws.rs,javax.ws.rs.core,
- javax.xml.bind.annotation,
- org.xml.sax,
- org.apache.felix.dm,
- org.apache.shiro.web.env,org.apache.shiro.authc,
- org.eclipse.jetty.servlets;version="[8.1,10)",
- org.opendaylight.aaa,
- org.opendaylight.aaa.api.*,
- org.opendaylight.aaa.filterchain.filters,
- org.opendaylight.aaa.shiro.filters,
- org.opendaylight.aaa.shiro.realm,
- org.opendaylight.aaa.shiro.web.env,
- org.opendaylight.*,
- org.osgi.framework,
- org.osgi.util.tracker,
- org.slf4j,
- </Import-Package>
- <Web-ContextPath>/auth</Web-ContextPath>
- <!--<Web-Connectors>adminConn</Web-Connectors> -->
- <!--Bundle-Activator>org.opendaylight.aaa.idm.Activator</Bundle-Activator-->
- </instructions>
- </configuration>
- </plugin>
- </plugins>
- </build>
+ <!-- Testing Dependencies -->
+ <dependency>
+ <groupId>com.sun.jersey.jersey-test-framework</groupId>
+ <artifactId>jersey-test-framework-grizzly2</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jul-to-slf4j</artifactId>
+ <version>1.7.21</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-checkstyle-plugin</artifactId>
+ <configuration>
+ <propertyExpansion>checkstyle.violationSeverity=error</propertyExpansion>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>attach-artifacts-idmtool</id>
+ <goals>
+ <goal>attach-artifact</goal>
+ </goals>
+ <phase>package</phase>
+ <configuration>
+ <artifacts>
+ <artifact>
+ <file>${project.build.directory}/classes/idmtool.py</file>
+ <type>py</type>
+ <classifier>config</classifier>
+ </artifact>
+ </artifacts>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <!-- override default version so we don't use bnd 2.3.0 when embedding sqlite -->
+ <extensions>true</extensions>
+ <configuration>
+ <instructions>
+ <Import-Package>
+ com.google.*,
+ com.sun.jersey.spi.container.servlet,
+ javax.servlet.http,
+ javax.ws.rs,javax.ws.rs.core,
+ javax.xml.bind.annotation,
+ org.xml.sax,
+ org.apache.felix.dm,
+ org.apache.shiro.web.env,org.apache.shiro.authc,
+ org.eclipse.jetty.servlets;version="[8.1,10)",
+ org.opendaylight.aaa,
+ org.opendaylight.aaa.api.*,
+ org.opendaylight.aaa.filterchain.filters,
+ org.opendaylight.aaa.shiro.filters,
+ org.opendaylight.aaa.shiro.realm,
+ org.opendaylight.aaa.shiro.web.env,
+ org.opendaylight.*,
+ org.osgi.framework,
+ org.osgi.util.tracker,
+ org.slf4j,
+ </Import-Package>
+ <Web-ContextPath>/auth</Web-ContextPath>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
</project>
/*
- * Copyright (c) 2014, 2015 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
+ * Copyright (c) 2014, 2017 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
import org.opendaylight.aaa.idm.rest.UserHandler;
/**
- * A JAX-RS application for IdmLight. The REST endpoints delivered by this
- * application are in the form:
- * <code>http://{HOST}:{PORT}/auth/v1/</code>
+ * A JAX-RS application for IdmLight. The REST endpoints delivered by this
+ * application are in the form: <code>http://{HOST}:{PORT}/auth/v1/</code>
*
+ * <p>
* For example, the users REST endpoint is:
* <code>http://{HOST}:{PORT}/auth/v1/users</code>
*
- * This application is responsible for interaction with the backing h2
- * database store.
+ * <p>
+ * This application is responsible for interaction with the backing h2 database
+ * store.
*
* @author liemmn
* @author Ryan Goulding (ryandgoulding@gmail.com)
* @see <code>org.opendaylight.aaa.idm.rest.RoleHandler</code>
*/
public class IdmLightApplication extends Application {
-
- //TODO create a bug to address the fact that the implementation assumes 128
+ // TODO create a bug to address the fact that the implementation assumes 128
// as the max length, even though this claims 256.
/**
* The maximum field length for identity fields.
*/
public static final int MAX_FIELD_LEN = 256;
+
public IdmLightApplication() {
}
@Override
public Set<Class<?>> getClasses() {
- return new HashSet<Class<?>>(Arrays.asList(DomainHandler.class,
- RoleHandler.class,
- UserHandler.class));
+ return new HashSet<>(Arrays.asList(DomainHandler.class, RoleHandler.class, UserHandler.class));
}
}
/*
- * Copyright (c) 2014, 2015 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
+ * Copyright (c) 2014, 2017 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* REST application used to manipulate the H2 database domains table. The REST
* endpoint is <code>/auth/v1/domains</code>.
*
- * A wrapper script called <code>idmtool</code> is provided to manipulate AAA data.
+ * <p>
+ * A wrapper script called <code>idmtool</code> is provided to manipulate AAA
+ * data.
*
* @author peter.mellquist@hp.com
* @author Ryan Goulding (ryandgoulding@gmail.com)
Domains domains = null;
try {
domains = AAAIDMLightModule.getStore().getDomains();
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting domains");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
return Response.ok(domains).build();
/**
* Extracts the domain represented by <code>domainId</code>.
*
- * @param domainId the string domain (i.e., "sdn")
+ * @param domainId
+ * the string domain (i.e., "sdn")
* @return a response with the specified domain
*/
@GET
Domain domain = null;
try {
domain = AAAIDMLightModule.getStore().readDomain(domainId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting domain");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
}
/**
- * Creates a domain. The name attribute is required for domain creation.
- * Enabled and description fields are optional. Optional fields default
- * in the following manner:
- * <code>enabled</code>: <code>false</code>
+ * Creates a domain. The name attribute is required for domain creation.
+ * Enabled and description fields are optional. Optional fields default in
+ * the following manner: <code>enabled</code>: <code>false</code>
* <code>description</code>: An empty string (<code>""</code>).
*
- * @param info passed from Jersey
- * @param domain designated by the REST payload
+ * @param info
+ * passed from Jersey
+ * @param domain
+ * designated by the REST payload
* @return A response stating success or failure of domain creation.
*/
@POST
public Response createDomain(@Context UriInfo info, Domain domain) {
LOG.info("Post /domains");
try {
- // Bug 8382: domain id is an implementation detail and isn't specifiable
+ // Bug 8382: domain id is an implementation detail and isn't
+ // specifiable
if (domain.getDomainid() != null) {
- final String errorMessage =
- "do not specify domainId, it will be assigned automatically for you";
+ final String errorMessage = "do not specify domainId, it will be assigned automatically for you";
LOG.debug(errorMessage);
final IDMError idmError = new IDMError();
idmError.setMessage(errorMessage);
domain.setDescription("");
}
domain = AAAIDMLightModule.getStore().writeDomain(domain);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error creating domain");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
return Response.status(201).entity(domain).build();
/**
* Updates a domain.
*
- * @param info passed from Jersey
- * @param domain the REST payload
- * @param domainId the last part of the path, containing the specified domain id
+ * @param info
+ * passed from Jersey
+ * @param domain
+ * the REST payload
+ * @param domainId
+ * the last part of the path, containing the specified domain id
* @return A response stating success or failure of domain update.
*/
@PUT
domain = AAAIDMLightModule.getStore().updateDomain(domain);
if (domain == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! Domain id :" + domainId);
+ idmerror.setMessage("Not found! Domain id:" + domainId);
return Response.status(404).entity(idmerror).build();
}
IdmLightProxy.clearClaimCache();
return Response.status(200).entity(domain).build();
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error putting domain");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
}
/**
* Deletes a domain.
*
- * @param info passed from Jersey
- * @param domainId the last part of the path, containing the specified domain id
+ * @param info
+ * passed from Jersey
+ * @param domainId
+ * the last part of the path, containing the specified domain id
* @return A response stating success or failure of domain deletion.
*/
@DELETE
Domain domain = AAAIDMLightModule.getStore().deleteDomain(domainId);
if (domain == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! Domain id :" + domainId);
+ idmerror.setMessage("Not found! Domain id:" + domainId);
return Response.status(404).entity(idmerror).build();
}
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error deleting Domain");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
IdmLightProxy.clearClaimCache();
}
/**
- * Creates a grant. A grant defines the role a particular user is given on
- * a particular domain. For example, by default, AAA installs a grant for
- * the "admin" user, granting permission to act with "admin" role on the
- * "sdn" domain.
+ * Creates a grant. A grant defines the role a particular user is given on a
+ * particular domain. For example, by default, AAA installs a grant for the
+ * "admin" user, granting permission to act with "admin" role on the "sdn"
+ * domain.
*
- * @param info passed from Jersey
- * @param domainId the domain the user is allowed to access
- * @param userId the user that is allowed to access the domain
- * @param grant the payload containing role access controls
+ * @param info
+ * passed from Jersey
+ * @param domainId
+ * the domain the user is allowed to access
+ * @param userId
+ * the user that is allowed to access the domain
+ * @param grant
+ * the payload containing role access controls
* @return A response stating success or failure of grant creation.
*/
@POST
@PathParam("uid") String userId, Grant grant) {
LOG.info("Post /domains/{}/users/{}/roles", domainId, userId);
- // Bug 8382: grant id is an implementation detail and isn't specifiable
+ // Bug 8382: grant id is an implementation detail and isn't specifiable
if (grant.getGrantid() != null) {
- final String errorMessage =
- "do not specify grantId, it will be assigned automatically for you";
+ final String errorMessage = "do not specify grantId, it will be assigned automatically for you";
LOG.debug(errorMessage);
final IDMError idmError = new IDMError();
idmError.setMessage(errorMessage);
}
Domain domain = null;
- User user = null;
- Role role = null;
- String roleId = null;
+ User user;
+ Role role;
+ String roleId;
// validate domain id
try {
domain = AAAIDMLightModule.getStore().readDomain(domainId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting domain");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (domain == null) {
try {
user = AAAIDMLightModule.getStore().readUser(userId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting user");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (user == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! User id :" + userId);
+ idmerror.setMessage("Not found! User id:" + userId);
return Response.status(404).entity(idmerror).build();
}
grant.setUserid(userId);
LOG.info("roleid = {}", roleId);
} catch (NumberFormatException nfe) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Invalid Role id :" + grant.getRoleid());
+ idmerror.setMessage("Invalid Role id:" + grant.getRoleid());
return Response.status(404).entity(idmerror).build();
}
try {
role = AAAIDMLightModule.getStore().readRole(roleId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting role");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (role == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! role :" + grant.getRoleid());
+ idmerror.setMessage("Not found! role:" + grant.getRoleid());
return Response.status(404).entity(idmerror).build();
}
Grant existingGrant = AAAIDMLightModule.getStore().readGrant(domainId, userId, roleId);
if (existingGrant != null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Grant already exists for did:" + domainId + " uid:" + userId
- + " rid:" + roleId);
+ idmerror.setMessage("Grant already exists for did:" + domainId + " uid:" + userId + " rid:" + roleId);
return Response.status(403).entity(idmerror).build();
}
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error creating grant");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
// create grant
try {
grant = AAAIDMLightModule.getStore().writeGrant(grant);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException: ", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error creating grant");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
/**
* Used to validate user access.
*
- * @param info passed from Jersey
- * @param domainId the domain in question
- * @param userpwd the password attempt
+ * @param info
+ * passed from Jersey
+ * @param domainId
+ * the domain in question
+ * @param userpwd
+ * the password attempt
* @return A response stating success or failure of user validation.
*/
@POST
@Path("/{did}/users/roles")
@Consumes("application/json")
@Produces("application/json")
- public Response validateUser(@Context UriInfo info, @PathParam("did") String domainId,
- UserPwd userpwd) {
-
+ public Response validateUser(@Context UriInfo info, @PathParam("did") String domainId, UserPwd userpwd) {
LOG.info("GET /domains/{}/users", domainId);
Domain domain = null;
Claim claim = new Claim();
- List<Role> roleList = new ArrayList<Role>();
+ List<Role> roleList = new ArrayList<>();
try {
domain = AAAIDMLightModule.getStore().readDomain(domainId);
}
if (domain == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! Domain id :" + domainId);
+ idmerror.setMessage("Not found! Domain id:" + domainId);
return Response.status(404).entity(idmerror).build();
}
Role role = AAAIDMLightModule.getStore().readRole(grant.getRoleid());
roleList.add(role);
}
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting Roles");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
claim.setRoles(roleList);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting user");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
/**
* Get the grants for a user on a domain.
*
- * @param info passed from Jersey
- * @param domainId the domain in question
- * @param userId the user in question
+ * @param info
+ * passed from Jersey
+ * @param domainId
+ * the domain in question
+ * @param userId
+ * the user in question
* @return A response containing the grants for a user on a domain.
*/
@GET
@PathParam("uid") String userId) {
LOG.info("GET /domains/{}/users/{}/roles", domainId, userId);
Domain domain = null;
- User user = null;
- Roles roles = new Roles();
- List<Role> roleList = new ArrayList<Role>();
+ User user;
+ List<Role> roleList = new ArrayList<>();
try {
domain = AAAIDMLightModule.getStore().readDomain(domainId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting domain");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (domain == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! Domain id :" + domainId);
+ idmerror.setMessage("Not found! Domain id:" + domainId);
return Response.status(404).entity(idmerror).build();
}
try {
user = AAAIDMLightModule.getStore().readUser(userId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting user");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (user == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! User id :" + userId);
+ idmerror.setMessage("Not found! User id:" + userId);
return Response.status(404).entity(idmerror).build();
}
Role role = AAAIDMLightModule.getStore().readRole(grant.getRoleid());
roleList.add(role);
}
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting Roles");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
-
+ Roles roles = new Roles();
roles.setRoles(roleList);
return Response.ok(roles).build();
}
/**
* Delete a grant.
*
- * @param info passed from Jersey
- * @param domainId the domain for the grant
- * @param userId the user for the grant
- * @param roleId the role for the grant
+ * @param info
+ * passed from Jersey
+ * @param domainId
+ * the domain for the grant
+ * @param userId
+ * the user for the grant
+ * @param roleId
+ * the role for the grant
* @return A response stating success or failure of the grant deletion.
*/
@DELETE
public Response deleteGrant(@Context UriInfo info, @PathParam("did") String domainId,
@PathParam("uid") String userId, @PathParam("rid") String roleId) {
Domain domain = null;
- User user = null;
- Role role = null;
+ User user;
+ Role role;
try {
domain = AAAIDMLightModule.getStore().readDomain(domainId);
- } catch (IDMStoreException se) {
- LOG.error("Error deleting Grant : ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("Error deleting Grant", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting domain");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (domain == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! Domain id :" + domainId);
+ idmerror.setMessage("Not found! Domain id:" + domainId);
return Response.status(404).entity(idmerror).build();
}
try {
user = AAAIDMLightModule.getStore().readUser(userId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException : ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting user");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (user == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! User id :" + userId);
+ idmerror.setMessage("Not found! User id:" + userId);
return Response.status(404).entity(idmerror).build();
}
try {
role = AAAIDMLightModule.getStore().readRole(roleId);
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error getting Role");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
if (role == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Not found! Role id :" + roleId);
+ idmerror.setMessage("Not found! Role id:" + roleId);
return Response.status(404).entity(idmerror).build();
}
Grant existingGrant = AAAIDMLightModule.getStore().readGrant(domainId, userId, roleId);
if (existingGrant == null) {
IDMError idmerror = new IDMError();
- idmerror.setMessage("Grant does not exist for did:" + domainId + " uid:" + userId
- + " rid:" + roleId);
+ idmerror.setMessage("Grant does not exist for did:" + domainId + " uid:" + userId + " rid:" + roleId);
return Response.status(404).entity(idmerror).build();
}
existingGrant = AAAIDMLightModule.getStore().deleteGrant(existingGrant.getGrantid());
- } catch (IDMStoreException se) {
- LOG.error("StoreException: ", se);
+ } catch (IDMStoreException e) {
+ LOG.error("StoreException", e);
IDMError idmerror = new IDMError();
idmerror.setMessage("Internal error creating grant");
- idmerror.setDetails(se.getMessage());
+ idmerror.setDetails(e.getMessage());
return Response.status(500).entity(idmerror).build();
}
IdmLightProxy.clearClaimCache();
return Response.status(204).build();
}
-
}
/*
- * Copyright (c) 2014, 2015 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
+ * Copyright (c) 2014, 2017 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* REST application used to manipulate the H2 database roles table. The REST
* endpoint is <code>/auth/v1/roles</code>.
*
- * A wrapper script called <code>idmtool</code> is provided to manipulate AAA data.
+ * <p>
+ * A wrapper script called <code>idmtool</code> is provided to manipulate AAA
+ * data.
*
* @author peter.mellquist@hp.com
* @author Ryan Goulding (ryandgoulding@gmail.com)
/**
* Extracts all roles.
*
- * @return A response with all roles in the H2 database, or internal error if one is encountered
+ * @return A response with all roles in the H2 database, or internal error
+ * if one is encountered
*/
@GET
@Produces("application/json")
Roles roles = null;
try {
roles = AAAIDMLightModule.getStore().getRoles();
- } catch (IDMStoreException se) {
- return new IDMError(500, "internal error getting roles", se.getMessage()).response();
+ } catch (IDMStoreException e) {
+ LOG.error("Internal error getting the roles", e);
+ return new IDMError(500, "internal error getting roles", e.getMessage()).response();
}
return Response.ok(roles).build();
}
/**
- * Extract a specific role identified by <code>id</code>
+ * Extract a specific role identified by <code>id</code>.
*
- * @param id the String id for the role
- * @return A response with the role identified by <code>id</code>, or internal error if one is encountered
+ * @param id
+ * the String id for the role
+ * @return A response with the role identified by <code>id</code>, or
+ * internal error if one is encountered
*/
@GET
@Path("/{id}")
try {
role = AAAIDMLightModule.getStore().readRole(id);
- } catch (IDMStoreException se) {
- return new IDMError(500, "internal error getting roles", se.getMessage()).response();
+ } catch (IDMStoreException e) {
+ LOG.error("Internal error getting the role", e);
+ return new IDMError(500, "internal error getting roles", e.getMessage()).response();
}
if (role == null) {
- return new IDMError(404, "role not found id :" + id, "").response();
+ return new IDMError(404, "role not found id:" + id, "").response();
}
return Response.ok(role).build();
}
/**
* Creates a role.
*
- * @param info passed from Jersey
- * @param role the role JSON payload
- * @return A response stating success or failure of role creation, or internal error if one is encountered
+ * @param info
+ * passed from Jersey
+ * @param role
+ * the role JSON payload
+ * @return A response stating success or failure of role creation, or
+ * internal error if one is encountered
*/
@POST
@Consumes("application/json")
LOG.info("Post /roles");
try {
- // Bug 8382: role id is an implementation detail and isn't specifiable
+ // Bug 8382: role id is an implementation detail and isn't
+ // specifiable
if (role.getRoleid() != null) {
- final String errorMessage =
- "do not specify roleId, it will be assigned automatically for you";
+ final String errorMessage = "do not specify roleId, it will be assigned automatically for you";
LOG.debug(errorMessage);
final IDMError idmError = new IDMError();
idmError.setMessage(errorMessage);
if (role.getName() == null) {
return new IDMError(404, "name must be defined on role create", "").response();
} else if (role.getName().length() > IdmLightApplication.MAX_FIELD_LEN) {
- return new IDMError(400, "role name max length is :"
- + IdmLightApplication.MAX_FIELD_LEN, "").response();
+ return new IDMError(400, "role name max length is :" + IdmLightApplication.MAX_FIELD_LEN, "")
+ .response();
}
// domain
if (role.getDomainid() == null) {
- return new IDMError(404,
- "The role's domain must be defined on role when creating a role.", "")
+ return new IDMError(404, "The role's domain must be defined on role when creating a role.", "")
.response();
} else if (role.getDomainid().length() > IdmLightApplication.MAX_FIELD_LEN) {
- return new IDMError(400, "role domain max length is :"
- + IdmLightApplication.MAX_FIELD_LEN, "").response();
+ return new IDMError(400, "role domain max length is :" + IdmLightApplication.MAX_FIELD_LEN, "")
+ .response();
}
// description
if (role.getDescription() == null) {
role.setDescription("");
} else if (role.getDescription().length() > IdmLightApplication.MAX_FIELD_LEN) {
- return new IDMError(400, "role description max length is :"
- + IdmLightApplication.MAX_FIELD_LEN, "").response();
+ return new IDMError(400, "role description max length is :" + IdmLightApplication.MAX_FIELD_LEN, "")
+ .response();
}
role = AAAIDMLightModule.getStore().writeRole(role);
- } catch (IDMStoreException se) {
- return new IDMError(500, "internal error creating role", se.getMessage()).response();
+ } catch (IDMStoreException e) {
+ LOG.error("Internal error creating role", e);
+ return new IDMError(500, "internal error creating role", e.getMessage()).response();
}
-
return Response.status(201).entity(role).build();
}
/**
* Updates a specific role identified by <code>id</code>.
*
- * @param info passed from Jersey
- * @param role the role JSON payload
- * @param id the String id for the role
- * @return A response stating success or failure of role update, or internal error if one occurs
+ * @param info
+ * passed from Jersey
+ * @param role
+ * the role JSON payload
+ * @param id
+ * the String id for the role
+ * @return A response stating success or failure of role update, or internal
+ * error if one occurs
*/
@PUT
@Path("/{id}")
// name
// TODO: names should be unique
- if ((role.getName() != null)
- && (role.getName().length() > IdmLightApplication.MAX_FIELD_LEN)) {
- return new IDMError(400, "role name max length is :"
- + IdmLightApplication.MAX_FIELD_LEN, "").response();
+ if ((role.getName() != null) && (role.getName().length() > IdmLightApplication.MAX_FIELD_LEN)) {
+ return new IDMError(400, "role name max length is :" + IdmLightApplication.MAX_FIELD_LEN, "")
+ .response();
}
// description
if ((role.getDescription() != null)
&& (role.getDescription().length() > IdmLightApplication.MAX_FIELD_LEN)) {
- return new IDMError(400, "role description max length is :"
- + IdmLightApplication.MAX_FIELD_LEN, "").response();
+ return new IDMError(400, "role description max length is :" + IdmLightApplication.MAX_FIELD_LEN, "")
+ .response();
}
role = AAAIDMLightModule.getStore().updateRole(role);
}
IdmLightProxy.clearClaimCache();
return Response.status(200).entity(role).build();
- } catch (IDMStoreException se) {
- return new IDMError(500, "internal error putting role", se.getMessage()).response();
+ } catch (IDMStoreException e) {
+ LOG.error("Internal error putting role", e);
+ return new IDMError(500, "internal error putting role", e.getMessage()).response();
}
}
/**
* Delete a role.
*
- * @param info passed from Jersey
- * @param id the String id for the role
- * @return A response stating success or failure of user deletion, or internal error if one occurs
+ * @param info
+ * passed from Jersey
+ * @param id
+ * the String id for the role
+ * @return A response stating success or failure of user deletion, or
+ * internal error if one occurs
*/
@DELETE
@Path("/{id}")
if (role == null) {
return new IDMError(404, "role id not found :" + id, "").response();
}
- } catch (IDMStoreException se) {
- return new IDMError(500, "internal error deleting role", se.getMessage()).response();
+ } catch (IDMStoreException e) {
+ LOG.error("Internal error deleting role", e);
+ return new IDMError(500, "internal error deleting role", e.getMessage()).response();
}
IdmLightProxy.clearClaimCache();
return Response.status(204).build();
}
-
}
/*
- * Copyright (c) 2014, 2015 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
+ * Copyright (c) 2014, 2017 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* REST application used to manipulate the H2 database users table. The REST
* endpoint is <code>/auth/v1/users</code>.
*
- * A wrapper script called <code>idmtool</code> is provided to manipulate AAA data.
+ * <p>
+ * A wrapper script called <code>idmtool</code> is provided to manipulate AAA
+ * data.
*
* @author peter.mellquist@hp.com
* @author Ryan Goulding (ryandgoulding@gmail.com)
* endpoint without a password, the default password is assigned to the
* user.
*/
- private final static String DEFAULT_PWD = "changeme";
+ private static final String DEFAULT_PWD = "changeme";
/**
* When an HTTP GET is performed on <code>/auth/v1/users</code>, the
* Extracts the user represented by <code>id</code>. The password and salt
* fields are redacted for security reasons.
*
- * @param id the unique id of representing the user account
- * @return A response with the user information, or internal error if one occurs
+ * @param id
+ * the unique id of representing the user account
+ * @return A response with the user information, or internal error if one
+ * occurs
*/
@GET
@Path("/{id}")
* <code>password</code>: <code>changeme</code> <code>enabled</code>:
* <code>true</code>
*
+ * <p>
* If a password is not provided, please ensure you change the default
* password ASAP for security reasons!
*
- * @param info passed from Jersey
- * @param user the user defined in the JSON payload
+ * @param info
+ * passed from Jersey
+ * @param user
+ * the user defined in the JSON payload
* @return A response stating success or failure of user creation
*/
@POST
public Response createUser(@Context UriInfo info, User user) {
LOG.info("POST /auth/v1/users (create a user with the specified payload");
- // Bug 8382: user id is an implementation detail and isn't specifiable
+ // Bug 8382: user id is an implementation detail and isn't specifiable
if (user.getUserid() != null) {
- final String errorMessage =
- "do not specify userId, it will be assigned automatically for you";
+ final String errorMessage = "do not specify userId, it will be assigned automatically for you";
LOG.debug(errorMessage);
final IDMError idmError = new IDMError();
idmError.setMessage(errorMessage);
}
// TODO add a check on email format here.
- // The "password" field is optional and defautls to "changeme".
+ // The "password" field is optional and defaults to "changeme".
final String userPassword = user.getPassword();
if (userPassword == null) {
user.setPassword(DEFAULT_PWD);
/**
* REST endpoint to update a user account.
*
- * @param info passed from Jersey
- * @param user the user defined in the JSON payload
- * @param id the unique id for the user that will be updated
+ * @param info
+ * passed from Jersey
+ * @param user
+ * the user defined in the JSON payload
+ * @param id
+ * the unique id for the user that will be updated
* @return A response stating success or failure of the user update
*/
@PUT
/**
* REST endpoint to delete a user account.
*
- * @param info passed from Jersey
- * @param id the unique id of the user which is being deleted
+ * @param info
+ * passed from Jersey
+ * @param id
+ * the unique id of the user which is being deleted
* @return A response stating success or failure of user deletion
*/
@DELETE
final User user = AAAIDMLightModule.getStore().deleteUser(id);
if (user == null) {
- return new IDMError(404,
- String.format("Error deleting user. " +
- "Couldn't find user with id %s", id),
- "").response();
+ return new IDMError(404, String.format("Error deleting user. " + "Couldn't find user with id %s", id),
+ "").response();
}
} catch (IDMStoreException se) {
return internalError("deleting", se);
/**
* Creates a <code>Response</code> related to an internal server error.
*
- * @param verbal such as "creating", "deleting", "updating"
- * @param e The exception, which is propagated in the response
+ * @param verbal
+ * such as "creating", "deleting", "updating"
+ * @param ex
+ * The exception, which is propagated in the response
* @return A response containing internal error with specific reasoning
*/
- private Response internalError(final String verbal, final Exception e) {
- LOG.error("There was an internal error {} the user", verbal, e);
- return new IDMError(500,
- String.format("There was an internal error %s the user", verbal),
- e.getMessage()).response();
+ private Response internalError(final String verbal, final Exception ex) {
+ LOG.error("There was an internal error {} the user", verbal, ex);
+ return new IDMError(500, String.format("There was an internal error %s the user", verbal), ex.getMessage())
+ .response();
}
/**
* Creates a <code>Response</code> related to the user not providing a
* required field.
*
- * @param fieldName the name of the field which is missing
+ * @param fieldName
+ * the name of the field which is missing
* @return A response explaining that the request is missing a field
*/
private Response missingRequiredField(final String fieldName) {
return new IDMError(400,
- String.format("%s is required to create the user account. " +
- "Please provide a %s in your payload.", fieldName, fieldName),
- "").response();
+ String.format("%s is required to create the user account. " + "Please provide a %s in your payload.",
+ fieldName, fieldName),
+ "").response();
}
/**
* Creates a <code>Response</code> related to the user providing a field
* that is too long.
*
- * @param fieldName the name of the field that is too long
- * @param maxFieldLength the maximum length of <code>fieldName</code>
+ * @param fieldName
+ * the name of the field that is too long
+ * @param maxFieldLength
+ * the maximum length of <code>fieldName</code>
* @return A response containing the bad field and the maximum field length
*/
private Response providedFieldTooLong(final String fieldName, final int maxFieldLength) {
-
- return new IDMError(400,
- getProvidedFieldTooLongMessage(fieldName, maxFieldLength),
- "").response();
+ return new IDMError(400, getProvidedFieldTooLongMessage(fieldName, maxFieldLength), "").response();
}
/**
* Creates the client-facing message related to the user providing a field
* that is too long.
*
- * @param fieldName the name of the field that is too long
- * @param maxFieldLength the maximum length of <code>fieldName</code>
- * @return
+ * @param fieldName
+ * the name of the field that is too long
+ * @param maxFieldLength
+ * the maximum length of <code>fieldName</code>
+ * @return a response containing the too long field and its length
*/
- private static String getProvidedFieldTooLongMessage(final String fieldName,
- final int maxFieldLength) {
+ private static String getProvidedFieldTooLongMessage(final String fieldName, final int maxFieldLength) {
- return String.format("The provided %s field is too long. " +
- "The max length is %s.", fieldName, maxFieldLength);
+ return String.format("The provided %s field is too long. " + "The max length is %s.", fieldName,
+ maxFieldLength);
}
/**
* Prepares a user account for output by redacting the appropriate fields.
* This method side-effects the <code>user</code> parameter.
*
- * @param user the user account which will have fields redacted
+ * @param user
+ * the user account which will have fields redacted
*/
private static void redactUserPasswordInfo(final User user) {
user.setPassword(REDACTED_PASSWORD);
}
/**
- * Validate the input field length
+ * Validate the input field length.
*
* @param inputField
+ * the field to check
* @return true if input field bigger than the MAX_FIELD_LEN
*/
private boolean checkInputFieldLength(final String inputField) {
/*
- * Copyright (c) 2015 Cisco Systems, Inc. and others. All rights reserved.
+ * Copyright (c) 2015, 2017 Cisco Systems, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
-
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
public class PasswordHashTest {
@Before
- public void before() throws IDMStoreException{
+ public void before() throws IDMStoreException {
IIDMStore store = Mockito.mock(IIDMStore.class);
AAAIDMLightModule.setStore(store);
Domain domain = new Domain();
domain.setDomainid("sdn");
Mockito.when(store.readDomain("sdn")).thenReturn(domain);
- Creds c = new Creds();
- Users users = new Users();
+ Creds creds = new Creds();
+
User user = new User();
user.setName("admin");
- user.setUserid(c.username());
+ user.setUserid(creds.username());
user.setDomainid("sdn");
user.setSalt("ABCD");
- user.setPassword(SHA256Calculator.getSHA256(c.password(),user.getSalt()));
+ user.setPassword(SHA256Calculator.getSHA256(creds.password(), user.getSalt()));
List<User> lu = new LinkedList<>();
lu.add(user);
+ Users users = new Users();
users.setUsers(lu);
- Grants grants = new Grants();
Grant grant = new Grant();
- List<Grant> g = new ArrayList<>();
- g.add(grant);
+ List<Grant> listOfGrants = new ArrayList<>();
+ listOfGrants.add(grant);
grant.setDomainid("sdn");
grant.setRoleid("admin");
grant.setUserid("admin");
- grants.setGrants(g);
+ Grants grants = new Grants();
+ grants.setGrants(listOfGrants);
Role role = new Role();
role.setRoleid("admin");
role.setName("admin");
Mockito.when(store.readRole("admin")).thenReturn(role);
- Mockito.when(store.getUsers(c.username(), c.domain())).thenReturn(users);
- Mockito.when(store.getGrants(c.domain(), c.username())).thenReturn(grants);
+ Mockito.when(store.getUsers(creds.username(), creds.domain())).thenReturn(users);
+ Mockito.when(store.getGrants(creds.domain(), creds.username())).thenReturn(grants);
}
@Test
- public void testPasswordHash(){
+ public void testPasswordHash() {
IdmLightProxy proxy = new IdmLightProxy();
proxy.authenticate(new Creds());
}
public String username() {
return "admin";
}
+
@Override
public String password() {
return "admin";
}
+
@Override
public String domain() {
return "sdn";
/*
- * Copyright (c) 2016 Inocybe Technologies and others. All rights reserved.
+ * Copyright (c) 2016, 2017 Inocybe Technologies and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.UniformInterfaceException;
import java.util.HashMap;
import org.opendaylight.aaa.api.model.IDMError;
import org.opendaylight.aaa.api.model.Roles;
-public class DomainHandlerTest extends HandlerTest{
+public class DomainHandlerTest extends HandlerTest {
@Test
public void testDomainHandler() {
- //check default domains
+ // check default domains
Domains domains = resource().path("/v1/domains").get(Domains.class);
assertNotNull(domains);
assertEquals(1, domains.getDomains().size());
assertTrue(domains.getDomains().get(0).getName().equals("sdn"));
- //check existing domain
+ // check existing domain
Domain domain = resource().path("/v1/domains/0").get(Domain.class);
assertNotNull(domain);
assertTrue(domain.getName().equals("sdn"));
- //check not exist domain
+ // check not exist domain
try {
resource().path("/v1/domains/5").get(IDMError.class);
fail("Should failed with 404!");
// check create domain
Map<String, String> domainData = new HashMap<String, String>();
- domainData.put("name","dom1");
- domainData.put("description","test dom");
- domainData.put("enabled","true");
- ClientResponse clientResponse = resource().path("/v1/domains").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, domainData);
+ domainData.put("name", "dom1");
+ domainData.put("description", "test dom");
+ domainData.put("enabled", "true");
+ ClientResponse clientResponse = resource().path("/v1/domains").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, domainData);
assertEquals(201, clientResponse.getStatus());
// check update domain data
- domainData.put("name","dom1Update");
- clientResponse = resource().path("/v1/domains/1").type(MediaType.APPLICATION_JSON).put(ClientResponse.class, domainData);
+ domainData.put("name", "dom1Update");
+ clientResponse = resource().path("/v1/domains/1").type(MediaType.APPLICATION_JSON).put(ClientResponse.class,
+ domainData);
assertEquals(200, clientResponse.getStatus());
domain = resource().path("/v1/domains/1").get(Domain.class);
assertNotNull(domain);
// check create grant
Map<String, String> grantData = new HashMap<String, String>();
- grantData.put("roleid","1");
- clientResponse = resource().path("/v1/domains/1/users/0/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, grantData);
+ grantData.put("roleid", "1");
+ clientResponse = resource().path("/v1/domains/1/users/0/roles").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, grantData);
assertEquals(201, clientResponse.getStatus());
// check create existing grant
- clientResponse = resource().path("/v1/domains/1/users/0/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, grantData);
+ clientResponse = resource().path("/v1/domains/1/users/0/roles").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, grantData);
assertEquals(403, clientResponse.getStatus());
// check create grant with invalid domain id
- clientResponse = resource().path("/v1/domains/5/users/0/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, grantData);
+ clientResponse = resource().path("/v1/domains/5/users/0/roles").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, grantData);
assertEquals(404, clientResponse.getStatus());
// check validate user (admin)
Map<String, String> usrPwdData = new HashMap<String, String>();
- usrPwdData.put("username","admin");
- usrPwdData.put("userpwd","admin");
- clientResponse = resource().path("/v1/domains/0/users/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, usrPwdData);
+ usrPwdData.put("username", "admin");
+ usrPwdData.put("userpwd", "admin");
+ clientResponse = resource().path("/v1/domains/0/users/roles").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, usrPwdData);
assertEquals(200, clientResponse.getStatus());
// check validate user (admin) with wrong password
- usrPwdData.put("userpwd","1234");
- clientResponse = resource().path("/v1/domains/0/users/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, usrPwdData);
+ usrPwdData.put("userpwd", "1234");
+ clientResponse = resource().path("/v1/domains/0/users/roles").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, usrPwdData);
assertEquals(401, clientResponse.getStatus());
// check get user (admin) roles
assertTrue(resp.getEntity(IDMError.class).getMessage().contains("Not found! Domain id"));
}
- // Bug 8382: if a domain id is specified, 400 is returned
+ // Bug 8382: if a domain id is specified, 400 is returned
domainData = new HashMap<>();
- domainData.put("name","dom1");
- domainData.put("description","test dom");
- domainData.put("domainid","dom1");
- domainData.put("enabled","true");
- clientResponse = resource().path("/v1/domains").
- type(MediaType.APPLICATION_JSON).
- post(ClientResponse.class, domainData);
+ domainData.put("name", "dom1");
+ domainData.put("description", "test dom");
+ domainData.put("domainid", "dom1");
+ domainData.put("enabled", "true");
+ clientResponse = resource().path("/v1/domains").type(MediaType.APPLICATION_JSON).post(ClientResponse.class,
+ domainData);
assertEquals(400, clientResponse.getStatus());
- // Bug 8382: if a grant id is specified, 400 is returned
+ // Bug 8382: if a grant id is specified, 400 is returned
grantData = new HashMap<>();
- grantData.put("roleid","1");
+ grantData.put("roleid", "1");
grantData.put("grantid", "grantid");
- clientResponse = resource().path("/v1/domains/1/users/0/roles").
- type(MediaType.APPLICATION_JSON).
- post(ClientResponse.class, grantData);
+ clientResponse = resource().path("/v1/domains/1/users/0/roles").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, grantData);
assertEquals(400, clientResponse.getStatus());
}
}
/*
- * Copyright (c) 2016 Inocybe Technologies and others. All rights reserved.
+ * Copyright (c) 2016, 2017 Inocybe Technologies and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
import org.opendaylight.yang.gen.v1.config.aaa.authn.idmlight.rev151204.AAAIDMLightModule;
import org.slf4j.bridge.SLF4JBridgeHandler;
-
public abstract class HandlerTest extends JerseyTest {
protected IDMTestStore testStore = new IDMTestStore();
@Override
protected AppDescriptor configure() {
return new WebAppDescriptor.Builder()
- .initParam(WebComponent.RESOURCE_CONFIG_CLASS, IdmLightApplication.class.getName())
- .initParam("com.sun.jersey.config.feature.Trace", "true")
- .initParam("com.sun.jersey.spi.container.ContainerResponseFilters", "com.sun.jersey.api.container.filter.LoggingFilter")
- .build();
+ .initParam(WebComponent.RESOURCE_CONFIG_CLASS, IdmLightApplication.class.getName())
+ .initParam("com.sun.jersey.config.feature.Trace", "true")
+ .initParam("com.sun.jersey.spi.container.ContainerResponseFilters",
+ "com.sun.jersey.api.container.filter.LoggingFilter")
+ .build();
}
@Before
/*
- * Copyright (c) 2016 Inocybe Technologies and others. All rights reserved.
+ * Copyright (c) 2016, 2017 Inocybe Technologies and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
import java.util.ArrayList;
import java.util.List;
-
import org.opendaylight.aaa.api.IDMStoreException;
import org.opendaylight.aaa.api.IIDMStore;
import org.opendaylight.aaa.api.model.Domain;
@Override
public Domain readDomain(String domainid) throws IDMStoreException {
- for(Domain dom : domains) {
+ for (Domain dom : domains) {
if (dom.getDomainid().equals(domainid)) {
return dom;
}
@Override
public Domain deleteDomain(String domainid) throws IDMStoreException {
- for(Domain dom : domains) {
+ for (Domain dom : domains) {
if (dom.getDomainid().equals(domainid)) {
domains.remove(dom);
return dom;
@Override
public Domain updateDomain(Domain domain) throws IDMStoreException {
- for(Domain dom : domains) {
+ for (Domain dom : domains) {
if (dom.getDomainid().equals(domain.getDomainid())) {
domains.remove(dom);
domains.add(domain);
@Override
public Domains getDomains() throws IDMStoreException {
- Domains doms = new Domains();
+ Domains doms = new Domains();
doms.setDomains(domains);
return doms;
}
@Override
public User readUser(String userid) throws IDMStoreException {
- for(User usr : users) {
+ for (User usr : users) {
if (usr.getUserid().equals(userid)) {
return usr;
}
@Override
public User deleteUser(String userid) throws IDMStoreException {
- for(User usr : users) {
+ for (User usr : users) {
if (usr.getUserid().equals(userid)) {
users.remove(usr);
return usr;
@Override
public User updateUser(User user) throws IDMStoreException {
- for(User usr : users) {
+ for (User usr : users) {
if (usr.getUserid().equals(user.getUserid())) {
users.remove(usr);
users.add(user);
Users usrs = new Users();
User user = null;
Domain domain = null;
- for(User usr : users) {
+ for (User usr : users) {
if (usr.getName().equals(username)) {
user = usr;
break;
}
}
- for(Domain dom : domains) {
+ for (Domain dom : domains) {
if (dom.getDomainid().equals(domainId)) {
domain = dom;
break;
}
}
- if (user == null || domain == null)
+ if (user == null || domain == null) {
return usrs;
+ }
for (Grant grant : grants) {
if (grant.getUserid().equals(user.getUserid()) && grant.getDomainid().equals(domain.getDomainid())) {
List<User> usrList = new ArrayList<User>();
return null;
}
+ @Override
+ public Grant readGrant(String domainid, String userid, String roleid) throws IDMStoreException {
+ for (Grant grant : grants) {
+ if (grant.getDomainid().equals(domainid) && grant.getUserid().equals(userid)
+ && grant.getRoleid().equals(roleid)) {
+ return grant;
+ }
+ }
+ return null;
+ }
+
@Override
public Grant deleteGrant(String grantid) throws IDMStoreException {
for (Grant grant : grants) {
return usrGrants;
}
- @Override
- public Grant readGrant(String domainid, String userid, String roleid) throws IDMStoreException {
- for (Grant grant : grants) {
- if (grant.getDomainid().equals(domainid) && grant.getUserid().equals(userid) && grant.getRoleid().equals(roleid)) {
- return grant;
- }
- }
- return null;
- }
-
@Override
public boolean isMainNodeInCluster() {
return true;
/*
- * Copyright (c) 2016 Inocybe Technologies and others. All rights reserved.
+ * Copyright (c) 2016, 2017 Inocybe Technologies and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.UniformInterfaceException;
import java.util.HashMap;
import org.opendaylight.aaa.api.model.Role;
import org.opendaylight.aaa.api.model.Roles;
-
-public class RoleHandlerTest extends HandlerTest{
+public class RoleHandlerTest extends HandlerTest {
@Test
public void testRoleHandler() {
- //check default roles
+ // check default roles
Roles roles = resource().path("/v1/roles").get(Roles.class);
assertNotNull(roles);
List<Role> roleList = roles.getRoles();
assertTrue(role.getName().equals("admin") || role.getName().equals("user"));
}
- //check existing role
+ // check existing role
Role role = resource().path("/v1/roles/0").get(Role.class);
assertNotNull(role);
assertTrue(role.getName().equals("admin"));
- //check not exist Role
+ // check not exist Role
try {
resource().path("/v1/roles/5").get(IDMError.class);
fail("Should failed with 404!");
// check create Role
Map<String, String> roleData = new HashMap<String, String>();
- roleData.put("name","role1");
- roleData.put("description","test Role");
- roleData.put("domainid","0");
- ClientResponse clientResponse = resource().path("/v1/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, roleData);
+ roleData.put("name", "role1");
+ roleData.put("description", "test Role");
+ roleData.put("domainid", "0");
+ ClientResponse clientResponse = resource().path("/v1/roles").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, roleData);
assertEquals(201, clientResponse.getStatus());
// check create Role missing name data
roleData.remove("name");
try {
- clientResponse = resource().path("/v1/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, roleData);
+ clientResponse = resource().path("/v1/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class,
+ roleData);
assertEquals(404, clientResponse.getStatus());
} catch (UniformInterfaceException e) {
ClientResponse resp = e.getResponse();
}
// check update Role data
- roleData.put("name","role1Update");
- clientResponse = resource().path("/v1/roles/2").type(MediaType.APPLICATION_JSON).put(ClientResponse.class, roleData);
+ roleData.put("name", "role1Update");
+ clientResponse = resource().path("/v1/roles/2").type(MediaType.APPLICATION_JSON).put(ClientResponse.class,
+ roleData);
assertEquals(200, clientResponse.getStatus());
role = resource().path("/v1/roles/2").get(Role.class);
assertNotNull(role);
assertTrue(resp.getEntity(IDMError.class).getMessage().contains("role id not found"));
}
- // Bug 8382: if a role id is specified, 400 is returned
+ // Bug 8382: if a role id is specified, 400 is returned
roleData = new HashMap<String, String>();
- roleData.put("name","role1");
- roleData.put("description","test Role");
- roleData.put("domainid","0");
+ roleData.put("name", "role1");
+ roleData.put("description", "test Role");
+ roleData.put("domainid", "0");
roleData.put("roleid", "roleid");
- clientResponse = resource().path("/v1/roles").
- type(MediaType.APPLICATION_JSON).
- post(ClientResponse.class, roleData);
+ clientResponse = resource().path("/v1/roles").type(MediaType.APPLICATION_JSON).post(ClientResponse.class,
+ roleData);
assertEquals(400, clientResponse.getStatus());
}
}
/*
- * Copyright (c) 2016 Inocybe Technologies and others. All rights reserved.
+ * Copyright (c) 2016, 2017 Inocybe Technologies and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
package org.opendaylight.aaa.idm.rest.test;
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.UniformInterfaceException;
@Test
public void testUserHandler() {
- //check default users
+ // check default users
Users users = resource().path("/v1/users").get(Users.class);
assertNotNull(users);
List<User> usrList = users.getUsers();
assertTrue(usr.getName().equals("admin") || usr.getName().equals("user"));
}
- //check existing user
+ // check existing user
User usr = resource().path("/v1/users/0").get(User.class);
assertNotNull(usr);
assertTrue(usr.getName().equals("admin"));
- //check not exist user
+ // check not exist user
try {
resource().path("/v1/users/5").get(IDMError.class);
fail("Should failed with 404!");
// check create user
Map<String, String> usrData = new HashMap<String, String>();
- usrData.put("name","usr1");
- usrData.put("description","test user");
- usrData.put("enabled","true");
- usrData.put("email","user1@usr.org");
- usrData.put("password","ChangeZbadPa$$w0rd");
- usrData.put("domainid","0");
- ClientResponse clientResponse = resource().path("/v1/users").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, usrData);
+ usrData.put("name", "usr1");
+ usrData.put("description", "test user");
+ usrData.put("enabled", "true");
+ usrData.put("email", "user1@usr.org");
+ usrData.put("password", "ChangeZbadPa$$w0rd");
+ usrData.put("domainid", "0");
+ ClientResponse clientResponse = resource().path("/v1/users").type(MediaType.APPLICATION_JSON)
+ .post(ClientResponse.class, usrData);
assertEquals(201, clientResponse.getStatus());
// check create user missing name data
usrData.remove("name");
try {
- clientResponse = resource().path("/v1/users").type(MediaType.APPLICATION_JSON).post(ClientResponse.class, usrData);
+ clientResponse = resource().path("/v1/users").type(MediaType.APPLICATION_JSON).post(ClientResponse.class,
+ usrData);
assertEquals(400, clientResponse.getStatus());
} catch (UniformInterfaceException e) {
ClientResponse resp = e.getResponse();
}
// check update user data
- usrData.put("name","usr1Update");
- clientResponse = resource().path("/v1/users/2").type(MediaType.APPLICATION_JSON).put(ClientResponse.class, usrData);
+ usrData.put("name", "usr1Update");
+ clientResponse = resource().path("/v1/users/2").type(MediaType.APPLICATION_JSON).put(ClientResponse.class,
+ usrData);
assertEquals(200, clientResponse.getStatus());
usr = resource().path("/v1/users/2").get(User.class);
assertNotNull(usr);
assertTrue(resp.getEntity(IDMError.class).getMessage().contains("Couldn't find user"));
}
- // Bug 8382: if a user id is specified, 400 is returned
+ // Bug 8382: if a user id is specified, 400 is returned
usrData = new HashMap<String, String>();
- usrData.put("name","usr1");
- usrData.put("description","test user");
- usrData.put("enabled","true");
- usrData.put("email","user1@usr.org");
- usrData.put("password","ChangeZbadPa$$w0rd");
+ usrData.put("name", "usr1");
+ usrData.put("description", "test user");
+ usrData.put("enabled", "true");
+ usrData.put("email", "user1@usr.org");
+ usrData.put("password", "ChangeZbadPa$$w0rd");
usrData.put("userid", "userid");
- usrData.put("domainid","0");
- clientResponse = resource().path("/v1/users").
- type(MediaType.APPLICATION_JSON).
- post(ClientResponse.class, usrData);
+ usrData.put("domainid", "0");
+ clientResponse = resource().path("/v1/users").type(MediaType.APPLICATION_JSON).post(ClientResponse.class,
+ usrData);
assertEquals(400, clientResponse.getStatus());
}
-
}
Code Review / aaa.git / commitdiff