Yaroslav Lastivka [Thu, 18 Jan 2024 12:47:13 +0000 (14:47 +0200)]
Create Unit Test for EncryptService's Failed Decryption
Added a unit test demonstrating that the decrypt method returns
the same password due to a failed decryption process,
resulting in an IllegalBlockSizeException.
JIRA: NETCONF-1216
Change-Id: I658a03d6dc81844c5e7f419c17dc13ca0602c85b
Signed-off-by: Yaroslav Lastivka <yaroslav.lastivka@pantheon.tech>
Robert Varga [Tue, 16 Jan 2024 09:27:18 +0000 (10:27 +0100)]
Bump upstreams
Adopt:
- yangtools-13.0.1
- mdsal-13.0.0
- controller-9.0.0
Change-Id: If209af390b1333bf8273bacff623cdd5a8f1ed28
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 16 Jan 2024 09:24:57 +0000 (10:24 +0100)]
Bump versions to 0.19.0-SNAPSHOT
This starts the next major development iteration.
Change-Id: I994a17f3cc1a0538f77da4a2016a2ccaa9cc1b7e
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 29 Dec 2023 07:58:20 +0000 (08:58 +0100)]
Use simple DataListener
Reuse the utility provided from mdsal-binding-api rather than rolling
our own -- making things a lot simpler.
Change-Id: I04a7deb174a362d89957211c63bd660af551ee40
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 29 Dec 2023 09:53:44 +0000 (10:53 +0100)]
Bump versions to 0.18.5-SNAPSHOT
This starts the next development iteration.
Change-Id: I33d5f0886fef3cec3fffd32a97ceb433d74e4051
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Fri, 29 Dec 2023 08:31:43 +0000 (08:31 +0000)]
Release aaa
Robert Varga [Fri, 29 Dec 2023 08:13:29 +0000 (08:13 +0000)]
Merge changes I81b53d0e,I15ff8bc4
* changes:
Bump upstreams
Use constructor injection in aaa-password-service
Robert Varga [Fri, 29 Dec 2023 06:13:54 +0000 (07:13 +0100)]
Bump upstreams
Adopt:
- odparent-13.0.10
- infrautils-6.0.5
- yangtools-11.0.5
- mdsal-12.0.4
- controller-8.0.4
Change-Id: I81b53d0ef52f396cc7066dc3654639da1187be83
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 29 Dec 2023 07:53:23 +0000 (08:53 +0100)]
Use constructor injection in aaa-password-service
Clean up OSGiPasswordServiceConfigBootstrap to not leak its
implementation details into the service registry and use constructor
injection to keep upgraded SpotBugs happy.
Change-Id: I15ff8bc4b4af6305bc30a95b71402919501d7164
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Anil Belur [Wed, 1 Nov 2023 10:07:59 +0000 (20:07 +1000)]
Fix: Set MVN_PHASES to clean and install
The defaults being set are "clean, deploy".
Pass additional opts "-Dkaraf.keep.unpack"
Change-Id: I672b44bba07709cd45a7e008b17769c0f28b8b08
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Sat, 16 Dec 2023 00:32:46 +0000 (10:32 +1000)]
CI: Add AAA CSIT workflow prototype
Add a workflow to test tje CSIT 1-Node for AAA
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: Ib1bb3610afbc143050505c841a01fdea2fe424df
Anil Belur [Wed, 1 Nov 2023 07:09:04 +0000 (17:09 +1000)]
Fix: Use mvn version 3.8.3
The version of mvn does not match what is required in pom file.
Error: Detected Maven Version: 3.8.2 is not in the allowed
range [3.8.3,).
Change-Id: Ie1133036b5ceb235cf7ce712ef762b70b3be21be
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Robert Varga [Tue, 31 Oct 2023 13:04:39 +0000 (14:04 +0100)]
Bump versions to 0.18.4-SNAPSHOT
This starts the next development iteration.
Change-Id: I35b42e04430dd8589484f772dda0f2ca0b56f80d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Tue, 31 Oct 2023 11:17:49 +0000 (11:17 +0000)]
Release aaa
Robert Varga [Tue, 31 Oct 2023 10:28:18 +0000 (11:28 +0100)]
Bump upstreams
Adopt:
- odlparent-13.0.7
- infrautils-6.0.4
- yangtools-11.0.4
- mdsal-12.0.3
- controller-8.0.3
Change-Id: I42b6715d24614bcbdce6c52d53d48062d2614531
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Yaroslav Lastivka [Fri, 21 Jul 2023 08:35:00 +0000 (11:35 +0300)]
Bump H2 database to 2.2.220
https://github.com/h2database/h2database/releases/tag/version-2.2.220
JIRA: AAA-262
Change-Id: I6400fb784899c178c538e355168a4f71e1a8668e
Signed-off-by: Yaroslav Lastivka <yaroslav.lastivka@pantheon.tech>
Anil Belur [Mon, 23 Oct 2023 23:54:39 +0000 (09:54 +1000)]
Fix: Invalid workflow file name
Error:
-> "lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-
required-maven-verify.yaml@main"
: failed to fetch workflow: workflow was not found.
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: I7b666579f767b8cee61389834ab18e4d55b6bb66
Anil Belur [Thu, 19 Oct 2023 01:45:51 +0000 (11:45 +1000)]
Fix: Set ODL Nexus proxy env variable through vars
The workflow is modified to take in extra vars which now allows
to set the env vars.
Change-Id: If93b1c49c86f1bde23f5c1536320bc7737876ce4
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Wed, 11 Oct 2023 22:50:54 +0000 (08:50 +1000)]
Fix: Set ODL Nexus proxy env in workflow
Change-Id: I0c9bd9c0b02902af9dad72eb8256c3be985624d7
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Tue, 10 Oct 2023 01:47:10 +0000 (11:47 +1000)]
CI: Add Github Actions maven verify aaa workflow
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Change-Id: Ibff5cf99b61b19dd5447757d863101c23a699fa6
Robert Varga [Mon, 18 Sep 2023 17:15:04 +0000 (19:15 +0200)]
Bump versions to 0.18.3-SNAPSHOT
This starts the next development iteration.
Change-Id: Ie361fd2c573de59dab2063bab2ba2befa14f6a43
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Mon, 18 Sep 2023 16:11:21 +0000 (16:11 +0000)]
Release aaa
Robert Varga [Mon, 18 Sep 2023 14:51:14 +0000 (16:51 +0200)]
Bump upstreams
Adopt:
- yangtools-11.0.2
- mdsal-12.0.2
- controller-8.0.2
Change-Id: If9c28789aa1e2866dc67687338b5c43a3be89fc6
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sat, 16 Sep 2023 06:31:31 +0000 (08:31 +0200)]
Disable invalidRequest.blockTraversal
Shiro's traversal filtering disallows escaped slashes, which are part of
RESTCONF spec. Disable traversal filtering by default.
JIRA: AAA-265
Change-Id: I17fce53bf9e8f34a81796fa476508f5dd5a5b7e1
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Sep 2023 14:22:44 +0000 (16:22 +0200)]
Migrate aaa-cert to simple RPCs
Do not use RpcService-based interfaces.
JIRA: AAA-263
Change-Id: Ic93ead576a11ff6b2dea0199309ff909b974b029
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 31 Aug 2023 20:03:49 +0000 (22:03 +0200)]
Fix odl-aaa-encryption-service
We should be referencing upstream features through a range, fix that.
Change-Id: Ie8b4e4de00acc7c8f06ffbfdc924248286526757
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 31 Aug 2023 09:35:00 +0000 (11:35 +0200)]
Bump versions to 0.18.2-SNAPSHOT
This starts the next development iteration.
Change-Id: I308800a1450d2ccd0a9cc64525d18cca3049d190
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Thu, 31 Aug 2023 09:00:12 +0000 (09:00 +0000)]
Release aaa
Robert Varga [Thu, 31 Aug 2023 07:23:01 +0000 (09:23 +0200)]
Bump shiro to 1.12.0
https://shiro.apache.org/blog/2023/07/18/apache-shiro-1120-released.html
JIRA: AAA-264
Change-Id: I2b8da8e1d85afe5f74a14b18d7d22cb336519e1f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 30 Aug 2023 16:32:27 +0000 (18:32 +0200)]
Bump upstreams
Adopt:
- odlparent-13.0.4
- infrautils-6.0.2
- yangtools-11.0.1
- mdsal-12.0.1
- controller-8.0.1
Change-Id: I070f0363a33db28c02c2529e4870c0a66590bece
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 30 Aug 2023 16:31:50 +0000 (18:31 +0200)]
Make nested classes final
This fixes checkstyle violations reported by upgraded checkstyle.
Change-Id: Icda2fed21a05615c6831a90471202b5dbdee2272
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Matej Sramcik [Tue, 1 Aug 2023 13:49:50 +0000 (15:49 +0200)]
Add sonarcloud badges to README
Add sonarcloud badges: Reliability Rating, Quality Gate Status,
Technical Debt, Coverage, Lines of Code, Code Smells, Maintainability
Rating, Security Rating, Vulnerabilities and Duplicated Lines.
JIRA: AAA-261
Change-Id: I5e0a8ed3025c444ff63d3229bd4f243e987502e9
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Matej Sramcik [Fri, 21 Jul 2023 09:05:47 +0000 (11:05 +0200)]
Add maven, javadoc and license badges to README
Add maven central, javadoc and license badges to README.
JIRA: AAA-261
Change-Id: Ifc1f98ddf1c5489a033b2bb1bd31456d4a1cb0d0
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Robert Varga [Thu, 3 Aug 2023 12:05:17 +0000 (14:05 +0200)]
Make getCipherSuites() static
This is a simple stateless method, make sure it is static.
Change-Id: Ib2294c1a6146e25430a04051a890c38a9d281ba5
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 2 Jul 2023 16:03:14 +0000 (18:03 +0200)]
Bump versions to 0.18.1-SNAPSHOT
This starts the next development iteration.
Change-Id: I5e2be76bfbd61f7e3907c80c2587a99233421e2e
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Sun, 2 Jul 2023 13:20:17 +0000 (13:20 +0000)]
Release aaa
Robert Varga [Sun, 2 Jul 2023 11:01:36 +0000 (13:01 +0200)]
Use controller released artifacts
Ditch snapshots, use the properly-released version.
Change-Id: Iadcc45ca93d789e3b97f1a29e79a0bcde810b87f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 30 Jun 2023 08:32:38 +0000 (10:32 +0200)]
Bump to mdsal-12.0.0
Use properly-release artifacts.
Change-Id: I106d95559193ca28d701407366929f3195256ab0
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 26 Jun 2023 13:31:04 +0000 (15:31 +0200)]
Bump upstreams
Adopt:
- odlparent-13.0.3
- infrautils-6.0.1
- yangtools-11.0.0
Change-Id: Id968ba10a647b7a614cdd85fa65056542c0f29be
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 26 Jun 2023 13:33:34 +0000 (15:33 +0200)]
Clean up javadoc links
Our dependencies have changed, adjust their links.
Change-Id: Icb36424d91749c3d90529463283a9959dc816228
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 20 Jun 2023 21:19:43 +0000 (23:19 +0200)]
Clean up dependencies a bit
Fixup warnings reported by depends-maven-plugin.
Change-Id: I77e17349c34b1cc8779df4dbb345abcea4ba6ccb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 20 Jun 2023 21:08:46 +0000 (21:08 +0000)]
Merge changes If4efc2c9,I8debbf74,Ied5296d8
* changes:
Cleanup AAA dev-guide
Cleanup AAA user-guide
Cleanup AAA readme
Robert Varga [Tue, 20 Jun 2023 21:04:39 +0000 (21:04 +0000)]
Merge "Remove API to validate user access"
Robert Varga [Mon, 19 Jun 2023 11:44:04 +0000 (13:44 +0200)]
Bump upstreams
Adopt:
- odlparent-13.0.1
- infrautils-6.0.0
- yangtools-11.0.0-SNAPSHOT
- mdsal-12.0.0-SNAPSHOT
- controller-8.0.0-SNAPSHOT
Also update aaa-cli-jar shading to string crypto signatures.
Change-Id: I331dda04333fae7c71d1ad403e073e9cf0974c5e
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Yaroslav Lastivka [Mon, 13 Mar 2023 12:36:56 +0000 (14:36 +0200)]
Remove API to validate user access
API to validate user access is not working and its not useful at all.
Its not desired that admin knows users' passwords as it is required
by this user validation API.
Admin users can retrieve information provided by this API by using:
list-users, list-roles and list-domains APIs which are working fine.
JIRA: AAA-252
Change-Id: I7e1c2b0cef93851d59c4367a578fa7758d6c449d
Signed-off-by: Yaroslav Lastivka <yaroslav.lastivka@pantheon.tech>
Robert Varga [Mon, 19 Jun 2023 16:03:23 +0000 (16:03 +0000)]
Merge "Bump conf.yaml versions to Potassium"
Robert Varga [Mon, 19 Jun 2023 11:50:57 +0000 (13:50 +0200)]
Bump versions to 0.18.0-SNAPSHOT
This starts the next major development iteration.
Change-Id: Ib2e58d52ec02aba6bea2ff6bc0a77119f0421c25
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 8 Jun 2023 18:06:25 +0000 (20:06 +0200)]
Bump versions to 0.17.11-SNAPSHOT
This starts the next development iteration.
Change-Id: Id7336b6fae78ebef049070541496ec64f9675568
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Thu, 8 Jun 2023 16:00:47 +0000 (16:00 +0000)]
Release aaa
Robert Varga [Thu, 8 Jun 2023 15:35:31 +0000 (17:35 +0200)]
Bump upstreams
Adopt:
- yangtools-10.0.8
- mdsal-11.0.11
- controller-7.0.8
Change-Id: Ibb690d229466c31c533f5e1f29c1dc4d065186fb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Matej.Sramcik [Wed, 31 May 2023 09:37:44 +0000 (11:37 +0200)]
Cleanup AAA dev-guide
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: If4efc2c96ad70578ab54feaeed98450b37156277
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Matej.Sramcik [Wed, 31 May 2023 09:35:47 +0000 (11:35 +0200)]
Cleanup AAA user-guide
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: I8debbf7402d3ddf8bc64f94c491c7946ba7bef6d
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Matej.Sramcik [Wed, 31 May 2023 08:37:22 +0000 (10:37 +0200)]
Cleanup AAA readme
Update Java, Maven and Python versions.
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: Ied5296d8338d330570f8679a64b10981f508c72d
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Robert Varga [Thu, 1 Jun 2023 11:26:45 +0000 (13:26 +0200)]
Bump versions to 0.17.10-SNAPSHOT
This starts the next development iteration.
Change-Id: I5b9f6d71e6d19623175bee86d3e187c38f208e84
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Thu, 1 Jun 2023 10:53:14 +0000 (10:53 +0000)]
Release aaa
Robert Varga [Thu, 1 Jun 2023 10:17:09 +0000 (12:17 +0200)]
Bump upstreams
Adopt:
- odlparent-12.0.6
- infrautils-5.0.5
- yangtools-10.0.7
- mdsal-11.0.10
- controller-7.0.7
Change-Id: Iba20e8db7222bd960df69013ea2614e8bfaf12eb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Matej.Sramcik [Mon, 29 May 2023 08:57:37 +0000 (10:57 +0200)]
Bump conf.yaml versions to Potassium
Change aaa configuration to Potassium
JIRA: AAA-259
Change-Id: I91ee76146e3b0c8b4ef7a763f30098c05d811d2f
Signed-off-by: Matej.Sramcik <matej.sramcik@pantheon.tech>
Matej.Sramcik [Fri, 26 May 2023 09:34:15 +0000 (11:34 +0200)]
Bump conf.yaml versions to Argon
Change aaa configuration to Argon
JIRA: AAA-259
Change-Id: I723f3a441108ca7edb792b046d4b97a7da35c0f1
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Robert Varga [Fri, 21 Apr 2023 08:59:29 +0000 (10:59 +0200)]
Bump versions to 0.17.9-SNAPSHOT
This starts the next development iteration.
Change-Id: I992e9239ae5afe6ffe34f7797d53e75a1d5cf479
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Fri, 21 Apr 2023 07:48:43 +0000 (07:48 +0000)]
Release aaa
Robert Varga [Wed, 19 Apr 2023 21:24:03 +0000 (23:24 +0200)]
Bump upstreams
Adopt:
- odlparent-12.0.5
- infrautils-5.0.4
- yangtools-10.0.6
- mdsal-11.0.9
- controller-7.0.6
Change-Id: I54dd1f1a0d3df8ca21accc25b26efb578a1cebef
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 19 Apr 2023 21:49:20 +0000 (23:49 +0200)]
Migrate callers of Optional.get()
Use Optional.orElseThrow() instead.
Change-Id: I0b12efb5a35fa3f5e56b219ee7c213f653eb0aad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 27 Mar 2023 08:04:44 +0000 (10:04 +0200)]
Bump versions to 0.17.8-SNAPSHOT
This starts the next development iteration.
Change-Id: I5a14b9ef8228d1f4026f8612558cd6c52cce6524
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 27 Mar 2023 07:41:21 +0000 (09:41 +0200)]
Use ClusteredDTCL in OSGiEncryptionServiceConfigurator
Plain DataTreeChangeListener is not being notified on non-leader nodes,
leading to a failure to start up. Fix that by using
ClusteredDataTreeChangeListener.
JIRA: AAA-258
Change-Id: I479fb5b0ec5fb4186de0f747839ee75c18d01609
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 21 Mar 2023 09:33:42 +0000 (09:33 +0000)]
Merge "Update dev-guide doc for H2 client"
OleksandrZharov [Mon, 20 Mar 2023 09:42:53 +0000 (10:42 +0100)]
Remove OAuth2 remnants
Removed code related to tokens and their validation from
TokenAuthRealm class - OAuth2 is gone so we don't need it.
JIRA: AAA-255
Change-Id: I67e1a155c70f6ea8a328676bd462acd97332d58b
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Ivan Hrasko [Mon, 6 Mar 2023 12:52:51 +0000 (13:52 +0100)]
Remove ODLHttpAuthenticationFilter
ODLHttpAuthenticationFilter is a remnant from times ODL
supported OAuth2.
Remove it and replace in AAA configuration with Shiro's
default BasicHttpAuthenticationFilter. Thus we do no need to
set used filter explicitly in configuration.
JIRA: AAA-255
Change-Id: I13fb22ff7c2c36e7a504eaf5baa5b7c069ee3f2a
Signed-off-by: Ivan Hrasko <ivan.hrasko@pantheon.tech>
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Peter Suna [Thu, 2 Mar 2023 14:55:48 +0000 (15:55 +0100)]
Update dev-guide doc for H2 client
The current documentation is missing information about
the credentials and the location where the H2 database is stored.
JIRA: AAA-253
Change-Id: Ifb01e9f1ea9583520bf09ce1dcb19770107feb4c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Robert Varga [Fri, 24 Feb 2023 18:57:24 +0000 (19:57 +0100)]
Bump versions to 0.17.7-SNAPSHOT
This starts the next development iteration.
Change-Id: Ib06169ea55cf4251bfd2462e04a2d94f6aabf6c0
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 23 Feb 2023 21:29:25 +0000 (22:29 +0100)]
Bump upstreams
Adopt:
- odlparent-12.0.3
- infrautils-5.0.3
- yangtools-10.0.4
- mdsal-11.0.7
- controller-7.0.4
Change-Id: Icecb33051294b1a1f402d848bca02e0e367a0050
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 23 Feb 2023 21:28:03 +0000 (21:28 +0000)]
Merge "Use {Key,Trust}ManagerFactory.getDefaultAlgorithm()"
Robert Varga [Thu, 23 Feb 2023 18:29:44 +0000 (18:29 +0000)]
Merge changes I405a2317,Ifbaf2447,Ief534eaa
* changes:
Remove oauth2 example from docs
Fix IdM examples in user-guide
Update AAA documentation
Peter Suna [Tue, 21 Feb 2023 10:03:26 +0000 (11:03 +0100)]
Remove oauth2 example from docs
oauth2 was removed as part of AAA-173, but the documentation
was not updated. Fix that up.
JIRA: AAA-249
Change-Id: I405a2317c9ec0a4dfd0b7550afe557255b4d69cf
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Peter Suna [Mon, 20 Feb 2023 16:08:11 +0000 (17:08 +0100)]
Fix IdM examples in user-guide
Update idmtool and fix REST requests.
Add more REST examples with domain and grants.
JIRA: AAA-249
Change-Id: Ifbaf244769744f6fc4fd60c3e9113e0ee34a937c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Peter Suna [Fri, 17 Feb 2023 13:02:28 +0000 (14:02 +0100)]
Update AAA documentation
Use only RFC8040 in RESTCONF requests.
Add missing mandatory "index" field to the policies request.
Fix wrong path for h2 database jar.
JIRA: AAA-249
Change-Id: Ief534eaa633a45321a1792cffc609f35413f0279
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Robert Varga [Thu, 23 Feb 2023 14:26:04 +0000 (14:26 +0000)]
Merge "Sort out docs that look similar at first glance"
Peter Suna [Thu, 16 Feb 2023 08:41:32 +0000 (09:41 +0100)]
Sort out docs that look similar at first glance
User guide and Developer guide are displayed at index page.
At the first glance it looks like a mistake with duplicate link.
JIRA: AAA-249
Change-Id: I0716ed83fc8ddef1208b5fb9a8f7de450cc99e4c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Robert Varga [Thu, 16 Feb 2023 12:24:22 +0000 (13:24 +0100)]
Use {Key,Trust}ManagerFactory.getDefaultAlgorithm()
Do not much with properties and magix strings -- use proper method to
acquire the algorithm.
Change-Id: I91b6a4f8fdaab1abf9bbaa665957f92d96e59663
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 14 Feb 2023 11:28:24 +0000 (12:28 +0100)]
Migrate aaa-encrypt-service to OSGi DS
This service is using clustered-app-config, hence the migration
is a bit more involved, but this gets rid of another blueprint.
The way this operates is it instantiates listens for datastore changes,
updates the configuration if needed, and then uses a ComponentFactory
to instantiate the service.
One notable change here is that we no longer provide an .xml which the
user can edit -- hence the datastore is only populated if it is empty
and we generate a new encryption key for every new deployment.
JIRA: AAA-204
Change-Id: I83a8f8fea8e272dc4b9c801be6799a15aa71f5ec
Signed-off-by: Tomas Cere <tomas.cere@pantheon.tech>
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 14 Feb 2023 09:15:40 +0000 (10:15 +0100)]
Use a switch expression to dispatch keys
This makes the code flow more obvious.
Change-Id: I112da7aa2d1950e45bad8bac3e87126c47300f86
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 22:30:36 +0000 (23:30 +0100)]
Bump versions to 0.17.6-SNAPSHOT
This starts the next development iteration.
Change-Id: I7ab7b61403f568cd09155141c66233c29dc212e9
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 22:04:16 +0000 (23:04 +0100)]
Improve impl-blueprint layout
We have two independent beans here, cluster their dependencies
accordingly.
JIRA: AAA-205
Change-Id: I58f6d1111023d8adea2455366c79568680542343
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:59:53 +0000 (22:59 +0100)]
Remove AAAWebEnvironment.create()
There is really no need to go through a factory method, just perform
all the initialization in constructor.
JIRA: AAA-205
Change-Id: I09fdef159ddd8f5437ac652bfe65f0ad48d7aa12
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:54:30 +0000 (22:54 +0100)]
Eliminate AAAShiroProvider.init()
The init method is used only to log information, integrate it into the
constructor, differentiating successful and empty startup.
Also implement AutoCloseable to specify close() method, which does only
logging, but perhaps will do more in the future.
JIRA: AAA-205
Change-Id: Ice5c0a150e4b361fc39ddca54f999a8d2e04c5d8
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:29:15 +0000 (22:29 +0100)]
Introduce ShiroIni
ShiroConfiguration is tied to a concrete datastore instance. Split its
contents into ShiroIni based on a grouping. This will allow us to
flexibly inject configuration from multiple sources.
JIRA: AAA-205
Change-Id: I918f5089cd48efa46009a97664afbea775cb8fbe
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:34:00 +0000 (22:34 +0100)]
Move aaa-app-config
The contract of this YANG is tied to a particular implementation, make
sure we are not part of the public API.
JIRA: AAA-205
Change-Id: I9d7edd389fcccd923a9ee5ded465d3f70b17ce70
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:36:36 +0000 (22:36 +0100)]
Clean up aaa-shiro/api/pom.xml
There's no need to specify groupId/version, clean that up.
Change-Id: I7901bffb3f1b35764252aff6608952bf6a834cc8
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 20:12:13 +0000 (21:12 +0100)]
Convert public services to OSGi DS
In order to unblock users, convert ODLAuthenticator and
ShiroWebContextSecurer into Declarative Services components.
Since we still rely on blueprint to pick up configuration and aaa-cert
services, bridge these two worlds by publishing WebEnvironment via an
implementation-specific AAAShiroWebEnvironment.
This also forces WebInitializer to be a proper component, as otherwise
we would have a circular dependency its WebContextSecurer dependency.
Since not all our services are SCR components, we need to explictly list
out our Provide-Capability entries.
JIRA: AAA-251
Change-Id: Ia5a0d28e10d7597a9c5fe90c3cf084c25da652a9
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 6 Feb 2023 14:34:16 +0000 (15:34 +0100)]
Bump versions to 0.17.5-SNAPSHOT
This starts the next development iteration.
Change-Id: Id769d887a15edea433ababb68cdae4896e455dad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 6 Feb 2023 11:32:24 +0000 (12:32 +0100)]
Eliminate org.opendaylight.aaa.cert.utils
A separate package does not make sense, and it is not used anywhere,
fold it into aaa.cert.impl.
Change-Id: I0177f7d4d988115ecbb31ad8210322660716ba6f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 18:17:21 +0000 (19:17 +0100)]
Instantiate AaaCertRpcService from code
As a first step, eliminate duplicate examination of configuration
and instantiate/register AaaCertRpcServiceImpl from
CertificateManagerService, where we have the backing IAaaCertProvider
available.
JIRA: AAA-206
Change-Id: Id8fbdf1c3fafa9c2388d46f0374baec88dc53382
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:57:30 +0000 (18:57 +0100)]
Clean up AaaCertRpcServiceImplTest
We have a ton of superfluous mocking (instead of builder use). Also
improve assertions by using Futures.getDone().
Change-Id: I5067792d2582db58467d21076c4316c4df2bb5e1
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:32:53 +0000 (18:32 +0100)]
Clean up KeyStoreConstant
We have two single-use constants and a few package-private ones. Make
sure to inline single-use callers and hide package-private strings.
Change-Id: I88ae2de4159efddeb9ee4a25381dc1f0711e686f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:23:46 +0000 (18:23 +0100)]
Clean up UT placement
Unit tests should be located in the same package as the class being
tested. Clean all that up.
Change-Id: I62fbc4ba67d28fcd4361f2a9ef32385d3880cb1f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:02:13 +0000 (18:02 +0100)]
Simplify AaaCertProvider.getTlsProtocols()
Supply an empty string to make the conversion logic less convoluted.
Change-Id: Ibb22c0a5c5ce37d46c8c6d50f694bcedd038dc4f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 16:58:04 +0000 (17:58 +0100)]
Simplify AaaCertProvider.getCipherSuites()
The API spec says we are allowed to return empty array, do that in a
very straightforward manner, eliminating a @SuppressFBWarnings.
Change-Id: Iab3b32df81772611233d77b462ba0ed4a0f30621
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 16:01:12 +0000 (17:01 +0100)]
Convert AAAEncryptionServiceImpl to OSGi DS
Inject the intended configuration to Service Registry and pick it up
from there, allowing users to rely on the service being provided by OSGi
DS.
Since the configuration is provided by Blueprint, we need to explicitly
mention it in Provide-Capability.
JIRA: AAA-250
Change-Id: Id6b33f8b0aa75e72321022ebf085bf89659cca42
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 15:10:40 +0000 (16:10 +0100)]
Further split out encrypt-service-config
We have two distinct services being configured -- one is the
configurator and the other one is the service. These two are distinct,
yet overlap. Model them accordingly.
JIRA: AAA-250
Change-Id: I6ec62a0e660ca551389fe3112a71079db9627b01
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 14:16:19 +0000 (15:16 +0100)]
Split out AAAEncryptionServiceConfigurator
The configuration update bits are quite independent from the actual
configuration. This splits out the configuration update handler from
the actual service.
JIRA: AAA-250
Change-Id: Id971a57cac68293a57fc0c21e863742b38980d77
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 13:09:41 +0000 (14:09 +0100)]
Clean up AAAEncryptionServiceImpl a bit
We have variable reuse and C-style forward declarations. Move them
around a bit.
JIRA: AAA-250
Change-Id: I5f42ee2607be09b4b933056bfb6ee71e692c8be5
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Code Review / aaa.git / log