Robert Varga [Sun, 2 Jul 2023 11:01:36 +0000 (13:01 +0200)]
Use controller released artifacts
Ditch snapshots, use the properly-released version.
Change-Id: Iadcc45ca93d789e3b97f1a29e79a0bcde810b87f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 30 Jun 2023 08:32:38 +0000 (10:32 +0200)]
Bump to mdsal-12.0.0
Use properly-release artifacts.
Change-Id: I106d95559193ca28d701407366929f3195256ab0
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 26 Jun 2023 13:31:04 +0000 (15:31 +0200)]
Bump upstreams
Adopt:
- odlparent-13.0.3
- infrautils-6.0.1
- yangtools-11.0.0
Change-Id: Id968ba10a647b7a614cdd85fa65056542c0f29be
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 26 Jun 2023 13:33:34 +0000 (15:33 +0200)]
Clean up javadoc links
Our dependencies have changed, adjust their links.
Change-Id: Icb36424d91749c3d90529463283a9959dc816228
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 20 Jun 2023 21:19:43 +0000 (23:19 +0200)]
Clean up dependencies a bit
Fixup warnings reported by depends-maven-plugin.
Change-Id: I77e17349c34b1cc8779df4dbb345abcea4ba6ccb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 20 Jun 2023 21:08:46 +0000 (21:08 +0000)]
Merge changes If4efc2c9,I8debbf74,Ied5296d8
* changes:
Cleanup AAA dev-guide
Cleanup AAA user-guide
Cleanup AAA readme
Robert Varga [Tue, 20 Jun 2023 21:04:39 +0000 (21:04 +0000)]
Merge "Remove API to validate user access"
Robert Varga [Mon, 19 Jun 2023 11:44:04 +0000 (13:44 +0200)]
Bump upstreams
Adopt:
- odlparent-13.0.1
- infrautils-6.0.0
- yangtools-11.0.0-SNAPSHOT
- mdsal-12.0.0-SNAPSHOT
- controller-8.0.0-SNAPSHOT
Also update aaa-cli-jar shading to string crypto signatures.
Change-Id: I331dda04333fae7c71d1ad403e073e9cf0974c5e
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Yaroslav Lastivka [Mon, 13 Mar 2023 12:36:56 +0000 (14:36 +0200)]
Remove API to validate user access
API to validate user access is not working and its not useful at all.
Its not desired that admin knows users' passwords as it is required
by this user validation API.
Admin users can retrieve information provided by this API by using:
list-users, list-roles and list-domains APIs which are working fine.
JIRA: AAA-252
Change-Id: I7e1c2b0cef93851d59c4367a578fa7758d6c449d
Signed-off-by: Yaroslav Lastivka <yaroslav.lastivka@pantheon.tech>
Robert Varga [Mon, 19 Jun 2023 16:03:23 +0000 (16:03 +0000)]
Merge "Bump conf.yaml versions to Potassium"
Robert Varga [Mon, 19 Jun 2023 11:50:57 +0000 (13:50 +0200)]
Bump versions to 0.18.0-SNAPSHOT
This starts the next major development iteration.
Change-Id: Ib2e58d52ec02aba6bea2ff6bc0a77119f0421c25
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 8 Jun 2023 18:06:25 +0000 (20:06 +0200)]
Bump versions to 0.17.11-SNAPSHOT
This starts the next development iteration.
Change-Id: Id7336b6fae78ebef049070541496ec64f9675568
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Thu, 8 Jun 2023 16:00:47 +0000 (16:00 +0000)]
Release aaa
Robert Varga [Thu, 8 Jun 2023 15:35:31 +0000 (17:35 +0200)]
Bump upstreams
Adopt:
- yangtools-10.0.8
- mdsal-11.0.11
- controller-7.0.8
Change-Id: Ibb690d229466c31c533f5e1f29c1dc4d065186fb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Matej.Sramcik [Wed, 31 May 2023 09:37:44 +0000 (11:37 +0200)]
Cleanup AAA dev-guide
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: If4efc2c96ad70578ab54feaeed98450b37156277
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Matej.Sramcik [Wed, 31 May 2023 09:35:47 +0000 (11:35 +0200)]
Cleanup AAA user-guide
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: I8debbf7402d3ddf8bc64f94c491c7946ba7bef6d
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Matej.Sramcik [Wed, 31 May 2023 08:37:22 +0000 (10:37 +0200)]
Cleanup AAA readme
Update Java, Maven and Python versions.
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: Ied5296d8338d330570f8679a64b10981f508c72d
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Robert Varga [Thu, 1 Jun 2023 11:26:45 +0000 (13:26 +0200)]
Bump versions to 0.17.10-SNAPSHOT
This starts the next development iteration.
Change-Id: I5b9f6d71e6d19623175bee86d3e187c38f208e84
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Thu, 1 Jun 2023 10:53:14 +0000 (10:53 +0000)]
Release aaa
Robert Varga [Thu, 1 Jun 2023 10:17:09 +0000 (12:17 +0200)]
Bump upstreams
Adopt:
- odlparent-12.0.6
- infrautils-5.0.5
- yangtools-10.0.7
- mdsal-11.0.10
- controller-7.0.7
Change-Id: Iba20e8db7222bd960df69013ea2614e8bfaf12eb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Matej.Sramcik [Mon, 29 May 2023 08:57:37 +0000 (10:57 +0200)]
Bump conf.yaml versions to Potassium
Change aaa configuration to Potassium
JIRA: AAA-259
Change-Id: I91ee76146e3b0c8b4ef7a763f30098c05d811d2f
Signed-off-by: Matej.Sramcik <matej.sramcik@pantheon.tech>
Matej.Sramcik [Fri, 26 May 2023 09:34:15 +0000 (11:34 +0200)]
Bump conf.yaml versions to Argon
Change aaa configuration to Argon
JIRA: AAA-259
Change-Id: I723f3a441108ca7edb792b046d4b97a7da35c0f1
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Robert Varga [Fri, 21 Apr 2023 08:59:29 +0000 (10:59 +0200)]
Bump versions to 0.17.9-SNAPSHOT
This starts the next development iteration.
Change-Id: I992e9239ae5afe6ffe34f7797d53e75a1d5cf479
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Fri, 21 Apr 2023 07:48:43 +0000 (07:48 +0000)]
Release aaa
Robert Varga [Wed, 19 Apr 2023 21:24:03 +0000 (23:24 +0200)]
Bump upstreams
Adopt:
- odlparent-12.0.5
- infrautils-5.0.4
- yangtools-10.0.6
- mdsal-11.0.9
- controller-7.0.6
Change-Id: I54dd1f1a0d3df8ca21accc25b26efb578a1cebef
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 19 Apr 2023 21:49:20 +0000 (23:49 +0200)]
Migrate callers of Optional.get()
Use Optional.orElseThrow() instead.
Change-Id: I0b12efb5a35fa3f5e56b219ee7c213f653eb0aad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 27 Mar 2023 08:04:44 +0000 (10:04 +0200)]
Bump versions to 0.17.8-SNAPSHOT
This starts the next development iteration.
Change-Id: I5a14b9ef8228d1f4026f8612558cd6c52cce6524
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 27 Mar 2023 07:41:21 +0000 (09:41 +0200)]
Use ClusteredDTCL in OSGiEncryptionServiceConfigurator
Plain DataTreeChangeListener is not being notified on non-leader nodes,
leading to a failure to start up. Fix that by using
ClusteredDataTreeChangeListener.
JIRA: AAA-258
Change-Id: I479fb5b0ec5fb4186de0f747839ee75c18d01609
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 21 Mar 2023 09:33:42 +0000 (09:33 +0000)]
Merge "Update dev-guide doc for H2 client"
OleksandrZharov [Mon, 20 Mar 2023 09:42:53 +0000 (10:42 +0100)]
Remove OAuth2 remnants
Removed code related to tokens and their validation from
TokenAuthRealm class - OAuth2 is gone so we don't need it.
JIRA: AAA-255
Change-Id: I67e1a155c70f6ea8a328676bd462acd97332d58b
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Ivan Hrasko [Mon, 6 Mar 2023 12:52:51 +0000 (13:52 +0100)]
Remove ODLHttpAuthenticationFilter
ODLHttpAuthenticationFilter is a remnant from times ODL
supported OAuth2.
Remove it and replace in AAA configuration with Shiro's
default BasicHttpAuthenticationFilter. Thus we do no need to
set used filter explicitly in configuration.
JIRA: AAA-255
Change-Id: I13fb22ff7c2c36e7a504eaf5baa5b7c069ee3f2a
Signed-off-by: Ivan Hrasko <ivan.hrasko@pantheon.tech>
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Peter Suna [Thu, 2 Mar 2023 14:55:48 +0000 (15:55 +0100)]
Update dev-guide doc for H2 client
The current documentation is missing information about
the credentials and the location where the H2 database is stored.
JIRA: AAA-253
Change-Id: Ifb01e9f1ea9583520bf09ce1dcb19770107feb4c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Robert Varga [Fri, 24 Feb 2023 18:57:24 +0000 (19:57 +0100)]
Bump versions to 0.17.7-SNAPSHOT
This starts the next development iteration.
Change-Id: Ib06169ea55cf4251bfd2462e04a2d94f6aabf6c0
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 23 Feb 2023 21:29:25 +0000 (22:29 +0100)]
Bump upstreams
Adopt:
- odlparent-12.0.3
- infrautils-5.0.3
- yangtools-10.0.4
- mdsal-11.0.7
- controller-7.0.4
Change-Id: Icecb33051294b1a1f402d848bca02e0e367a0050
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 23 Feb 2023 21:28:03 +0000 (21:28 +0000)]
Merge "Use {Key,Trust}ManagerFactory.getDefaultAlgorithm()"
Robert Varga [Thu, 23 Feb 2023 18:29:44 +0000 (18:29 +0000)]
Merge changes I405a2317,Ifbaf2447,Ief534eaa
* changes:
Remove oauth2 example from docs
Fix IdM examples in user-guide
Update AAA documentation
Peter Suna [Tue, 21 Feb 2023 10:03:26 +0000 (11:03 +0100)]
Remove oauth2 example from docs
oauth2 was removed as part of AAA-173, but the documentation
was not updated. Fix that up.
JIRA: AAA-249
Change-Id: I405a2317c9ec0a4dfd0b7550afe557255b4d69cf
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Peter Suna [Mon, 20 Feb 2023 16:08:11 +0000 (17:08 +0100)]
Fix IdM examples in user-guide
Update idmtool and fix REST requests.
Add more REST examples with domain and grants.
JIRA: AAA-249
Change-Id: Ifbaf244769744f6fc4fd60c3e9113e0ee34a937c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Peter Suna [Fri, 17 Feb 2023 13:02:28 +0000 (14:02 +0100)]
Update AAA documentation
Use only RFC8040 in RESTCONF requests.
Add missing mandatory "index" field to the policies request.
Fix wrong path for h2 database jar.
JIRA: AAA-249
Change-Id: Ief534eaa633a45321a1792cffc609f35413f0279
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Robert Varga [Thu, 23 Feb 2023 14:26:04 +0000 (14:26 +0000)]
Merge "Sort out docs that look similar at first glance"
Peter Suna [Thu, 16 Feb 2023 08:41:32 +0000 (09:41 +0100)]
Sort out docs that look similar at first glance
User guide and Developer guide are displayed at index page.
At the first glance it looks like a mistake with duplicate link.
JIRA: AAA-249
Change-Id: I0716ed83fc8ddef1208b5fb9a8f7de450cc99e4c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Robert Varga [Thu, 16 Feb 2023 12:24:22 +0000 (13:24 +0100)]
Use {Key,Trust}ManagerFactory.getDefaultAlgorithm()
Do not much with properties and magix strings -- use proper method to
acquire the algorithm.
Change-Id: I91b6a4f8fdaab1abf9bbaa665957f92d96e59663
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 14 Feb 2023 11:28:24 +0000 (12:28 +0100)]
Migrate aaa-encrypt-service to OSGi DS
This service is using clustered-app-config, hence the migration
is a bit more involved, but this gets rid of another blueprint.
The way this operates is it instantiates listens for datastore changes,
updates the configuration if needed, and then uses a ComponentFactory
to instantiate the service.
One notable change here is that we no longer provide an .xml which the
user can edit -- hence the datastore is only populated if it is empty
and we generate a new encryption key for every new deployment.
JIRA: AAA-204
Change-Id: I83a8f8fea8e272dc4b9c801be6799a15aa71f5ec
Signed-off-by: Tomas Cere <tomas.cere@pantheon.tech>
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 14 Feb 2023 09:15:40 +0000 (10:15 +0100)]
Use a switch expression to dispatch keys
This makes the code flow more obvious.
Change-Id: I112da7aa2d1950e45bad8bac3e87126c47300f86
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 22:30:36 +0000 (23:30 +0100)]
Bump versions to 0.17.6-SNAPSHOT
This starts the next development iteration.
Change-Id: I7ab7b61403f568cd09155141c66233c29dc212e9
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 22:04:16 +0000 (23:04 +0100)]
Improve impl-blueprint layout
We have two independent beans here, cluster their dependencies
accordingly.
JIRA: AAA-205
Change-Id: I58f6d1111023d8adea2455366c79568680542343
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:59:53 +0000 (22:59 +0100)]
Remove AAAWebEnvironment.create()
There is really no need to go through a factory method, just perform
all the initialization in constructor.
JIRA: AAA-205
Change-Id: I09fdef159ddd8f5437ac652bfe65f0ad48d7aa12
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:54:30 +0000 (22:54 +0100)]
Eliminate AAAShiroProvider.init()
The init method is used only to log information, integrate it into the
constructor, differentiating successful and empty startup.
Also implement AutoCloseable to specify close() method, which does only
logging, but perhaps will do more in the future.
JIRA: AAA-205
Change-Id: Ice5c0a150e4b361fc39ddca54f999a8d2e04c5d8
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:29:15 +0000 (22:29 +0100)]
Introduce ShiroIni
ShiroConfiguration is tied to a concrete datastore instance. Split its
contents into ShiroIni based on a grouping. This will allow us to
flexibly inject configuration from multiple sources.
JIRA: AAA-205
Change-Id: I918f5089cd48efa46009a97664afbea775cb8fbe
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:34:00 +0000 (22:34 +0100)]
Move aaa-app-config
The contract of this YANG is tied to a particular implementation, make
sure we are not part of the public API.
JIRA: AAA-205
Change-Id: I9d7edd389fcccd923a9ee5ded465d3f70b17ce70
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 21:36:36 +0000 (22:36 +0100)]
Clean up aaa-shiro/api/pom.xml
There's no need to specify groupId/version, clean that up.
Change-Id: I7901bffb3f1b35764252aff6608952bf6a834cc8
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 8 Feb 2023 20:12:13 +0000 (21:12 +0100)]
Convert public services to OSGi DS
In order to unblock users, convert ODLAuthenticator and
ShiroWebContextSecurer into Declarative Services components.
Since we still rely on blueprint to pick up configuration and aaa-cert
services, bridge these two worlds by publishing WebEnvironment via an
implementation-specific AAAShiroWebEnvironment.
This also forces WebInitializer to be a proper component, as otherwise
we would have a circular dependency its WebContextSecurer dependency.
Since not all our services are SCR components, we need to explictly list
out our Provide-Capability entries.
JIRA: AAA-251
Change-Id: Ia5a0d28e10d7597a9c5fe90c3cf084c25da652a9
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 6 Feb 2023 14:34:16 +0000 (15:34 +0100)]
Bump versions to 0.17.5-SNAPSHOT
This starts the next development iteration.
Change-Id: Id769d887a15edea433ababb68cdae4896e455dad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 6 Feb 2023 11:32:24 +0000 (12:32 +0100)]
Eliminate org.opendaylight.aaa.cert.utils
A separate package does not make sense, and it is not used anywhere,
fold it into aaa.cert.impl.
Change-Id: I0177f7d4d988115ecbb31ad8210322660716ba6f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 18:17:21 +0000 (19:17 +0100)]
Instantiate AaaCertRpcService from code
As a first step, eliminate duplicate examination of configuration
and instantiate/register AaaCertRpcServiceImpl from
CertificateManagerService, where we have the backing IAaaCertProvider
available.
JIRA: AAA-206
Change-Id: Id8fbdf1c3fafa9c2388d46f0374baec88dc53382
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:57:30 +0000 (18:57 +0100)]
Clean up AaaCertRpcServiceImplTest
We have a ton of superfluous mocking (instead of builder use). Also
improve assertions by using Futures.getDone().
Change-Id: I5067792d2582db58467d21076c4316c4df2bb5e1
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:32:53 +0000 (18:32 +0100)]
Clean up KeyStoreConstant
We have two single-use constants and a few package-private ones. Make
sure to inline single-use callers and hide package-private strings.
Change-Id: I88ae2de4159efddeb9ee4a25381dc1f0711e686f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:23:46 +0000 (18:23 +0100)]
Clean up UT placement
Unit tests should be located in the same package as the class being
tested. Clean all that up.
Change-Id: I62fbc4ba67d28fcd4361f2a9ef32385d3880cb1f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 17:02:13 +0000 (18:02 +0100)]
Simplify AaaCertProvider.getTlsProtocols()
Supply an empty string to make the conversion logic less convoluted.
Change-Id: Ibb22c0a5c5ce37d46c8c6d50f694bcedd038dc4f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 16:58:04 +0000 (17:58 +0100)]
Simplify AaaCertProvider.getCipherSuites()
The API spec says we are allowed to return empty array, do that in a
very straightforward manner, eliminating a @SuppressFBWarnings.
Change-Id: Iab3b32df81772611233d77b462ba0ed4a0f30621
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 16:01:12 +0000 (17:01 +0100)]
Convert AAAEncryptionServiceImpl to OSGi DS
Inject the intended configuration to Service Registry and pick it up
from there, allowing users to rely on the service being provided by OSGi
DS.
Since the configuration is provided by Blueprint, we need to explicitly
mention it in Provide-Capability.
JIRA: AAA-250
Change-Id: Id6b33f8b0aa75e72321022ebf085bf89659cca42
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 15:10:40 +0000 (16:10 +0100)]
Further split out encrypt-service-config
We have two distinct services being configured -- one is the
configurator and the other one is the service. These two are distinct,
yet overlap. Model them accordingly.
JIRA: AAA-250
Change-Id: I6ec62a0e660ca551389fe3112a71079db9627b01
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 14:16:19 +0000 (15:16 +0100)]
Split out AAAEncryptionServiceConfigurator
The configuration update bits are quite independent from the actual
configuration. This splits out the configuration update handler from
the actual service.
JIRA: AAA-250
Change-Id: Id971a57cac68293a57fc0c21e863742b38980d77
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 13:09:41 +0000 (14:09 +0100)]
Clean up AAAEncryptionServiceImpl a bit
We have variable reuse and C-style forward declarations. Move them
around a bit.
JIRA: AAA-250
Change-Id: I5f42ee2607be09b4b933056bfb6ee71e692c8be5
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 6 Feb 2023 09:14:49 +0000 (09:14 +0000)]
Merge "Bump upstreams"
Robert Varga [Mon, 6 Feb 2023 08:53:17 +0000 (09:53 +0100)]
Bump upstreams
Adopt:
- odlparent-12.0.2
- intrautils-5.0.2
- yangtools-10.0.3
- mdsal-11.0.6
- controller-7.0.3
Change-Id: I47c653ada9eaf300a9b4439a50996906434d9fa4
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 12:51:03 +0000 (13:51 +0100)]
Move aaa-encrypt-service-config
The configuration is an implementation contract, move it to impl
artifact. Also disconnect the actual instantiation and layout by
introducing an intermediate grouping.
JIRA: AAA-250
Change-Id: Ib28b3c984020b2a0b7be7271ec0493993504bf53
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2023 15:09:07 +0000 (16:09 +0100)]
Remove groupId
The groupId is a duplicate of parent, remove it to fix an Eclipse
warning.
Change-Id: I411862719e74bc40ecd1240c1163c792240b0f69
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 23 Jan 2023 19:44:29 +0000 (20:44 +0100)]
Remove unneeded service declaration
OSGiPasswordHashService implements only a single interface, hence the
service can easily be discovered. Remove explicit declaration.
Change-Id: I9892a79df5e7dc2fe6c6c41c66c4cdbda36bdfa9
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 23 Jan 2023 19:39:17 +0000 (20:39 +0100)]
Clean up aaa-password-service
Add proper @Override annotations and simplify declarations via local
variable type inference.
Change-Id: I5f732535236947951379885efb1ff683fd25e2a5
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 23 Jan 2023 18:45:59 +0000 (19:45 +0100)]
Bump versions to 0.17.4-SNAPSHOT
This starts the next development iteration.
Change-Id: Ief42ebd05ea86a26126cbbd069c88c8913b49d5e
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 23 Jan 2023 18:54:34 +0000 (19:54 +0100)]
Bump Shiro to 1.11.0
https://shiro.apache.org/blog/2023/01/13/apache-shiro-1110-released.html
From now on we can integrate with Jakarta namespace via web-jakarta.
JIRA: AAA-247
Change-Id: I5cf22c967f82c661a5e9c91830348bf821392f1c
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 23 Jan 2023 18:38:01 +0000 (19:38 +0100)]
Update mdsal/controller
Adopt:
- mdsal-11.0.4
- controller-7.0.2
Change-Id: Icc4bb49f1e5046ae1444370aff5c9c5eba8ca6bf
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 11 Jan 2023 01:12:52 +0000 (02:12 +0100)]
Bump versions to 0.17.3-SNAPSHOT
This starts the next development iteration.
Change-Id: I0d8b5547365f789673d70d3227d4d99481a04686
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 8 Jan 2023 00:34:36 +0000 (01:34 +0100)]
Add descriptive name for /auth
/auth routes to OpenDaylight IDM authentication. Add a descriptive name
to ease debugging.
JIRA: AAA-244
Change-Id: I1a048fd7d477a4e933fb095aa0e241eebb455621
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 8 Jan 2023 00:14:30 +0000 (01:14 +0100)]
Add support for descriptive WebContext name
OSGi allows for web context having a descriptive name, which does not
have a servlet equivalent. Allow users to provide it, but fall back to
'.id' suffix when they do not.
JIRA: AAA-243
Change-Id: I2ccef515df4d6aa3e44651be7edf6e4cc7373515
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 18 Dec 2022 19:32:51 +0000 (20:32 +0100)]
Bump versions to 0.17.2-SNAPSHOT
This starts the next development iteration.
Change-Id: I4244dc824fb623c689987120085673986612f529
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 18 Dec 2022 19:28:13 +0000 (20:28 +0100)]
Bump upstreams
Adopt:
- mdsal-11.0.3
- controller-7.0.1
Change-Id: I263c31675d15042861712eec74c4d976c2010e77
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 5 Dec 2022 08:10:51 +0000 (09:10 +0100)]
Bump versions to 0.17.1-SNAPSHOT
This starts the next development iteration.
Change-Id: Id645fb074555eece29a57412567569bb34d34f66
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 4 Dec 2022 23:01:30 +0000 (00:01 +0100)]
Bump upstreams
Adopt:
- yangtools-10.0.2
- mdsal-11.0.2
- infrautils-5.0.1
- controller-7.0.0
Change-Id: I01af3bbe7d16d40615b27ee0534645e02b1b8068
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
yaroslav.lastivka [Fri, 25 Nov 2022 12:44:18 +0000 (14:44 +0200)]
Revisit aaa-cli-jar H2 contents
Audit current H2 contents for what is being excluded and turn
'include' into 'exclude' with explicit justifications.
JIRA: AAA-228
Change-Id: Idb7fca87cd04918fa2de079a98456305f67d7574
Signed-off-by: yaroslav.lastivka <yaroslav.lastivka@pantheon.tech>
Signed-off-by: Ivan Hrasko <ivan.hrasko@pantheon.tech>
Robert Varga [Sat, 26 Nov 2022 08:24:21 +0000 (09:24 +0100)]
Bump upstreams
Adopt:
- odlparent-12.0.1
- yangtools-10.0.1
- mdsal-11.0.1
Change-Id: I17c5b8695ef9d4e1eef02d292831b3f39e556597
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Stephen Kitt [Mon, 21 Nov 2022 08:26:06 +0000 (09:26 +0100)]
Bump shiro to 1.10.1
Changes:
https://shiro.apache.org/blog/2022/11/19/apache-shiro-1101-released.html
JIRA: AAA-242
Change-Id: I294d2a3e50abfff46486811bce97c2d192e9e3a7
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Wed, 16 Nov 2022 17:58:35 +0000 (18:58 +0100)]
Drop an old FIXME
This FIXME has been addressed, remove it.
Change-Id: I929a0359b7f71adfa043eb0ff55831e8231b3f7b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 16 Nov 2022 17:34:10 +0000 (18:34 +0100)]
Fix aaa-idm-store-h2 dependencies
We should depend on aaa-password-service-impl and aaa-tokenauthrealm
only for tests. Fix this up, improving packaging in the process.
Change-Id: I65f9093c7d3cf00dcbe19b336030ae86db33b38a
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 16 Nov 2022 17:28:58 +0000 (18:28 +0100)]
Drop dependency on commons-text
Fix the final SQL injection issue in GrantStore, which means we no
longer need to escape strings. This allows us to drop dependency on
common-text and fixup a warning by mentioning guava in our dependencies.
Change-Id: I3665a42fd81c7e07ea708d352c784f2bb75a86ad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 16 Nov 2022 17:27:12 +0000 (18:27 +0100)]
Use prepareStatement() in UserStore.deleteUser()
The conversion to prepared statements has not dealt with the delete
function, leaving the ability to wipe the entire UserStore with SQL
injection. Fix this by using a proper prepared statement.
JIRA: AAA-241
Change-Id: Ie3d9a8eae815fab457809f3d2cd3577d38bd0207
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 16 Nov 2022 17:24:46 +0000 (18:24 +0100)]
Use prepareStatement() in DomainStore.deleteDomain()
The conversion to prepared statements has not dealt with the delete
function, leaving the ability to wipe the entire DomainStore with SQL
injection. Fix this by using a proper prepared statement.
JIRA: AAA-240
Change-Id: I4650e4561482864c90df737e964dcc5514221a15
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 16 Nov 2022 17:20:59 +0000 (18:20 +0100)]
Use prepareStatement() in RoleStore.deleteRole()
The conversion to prepared statements has not dealt with the delete
function, leaving the ability to wipe the entire RoleStore with SQL
injection. Fix this by using a proper prepared statement.
JIRA: AAA-239
Change-Id: If46a900951b4f1769239bd5f38516b299284f88b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 8 Nov 2022 19:12:00 +0000 (20:12 +0100)]
Bump upstreams
Adopt:
- odlparent-12.0.0
- infrautils-5.0.0
- yangtools-10.0.0
- mdsal-11.0.0-SNAPSHOT
- controller-7.0.0-SNAPSHOT
Change-Id: If07553504aa1cdf7144bacafbbd984ecb2f60894
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 2 Nov 2022 11:32:33 +0000 (11:32 +0000)]
Merge "Document and validate web-api constructs"
OleksandrZharov [Tue, 27 Sep 2022 10:42:49 +0000 (12:42 +0200)]
Document and validate web-api constructs
We ditch immutables.org and use interface/builder/record to provide
minimal API footprint change. Any violations are flagged by builder
setter methods.
This forces a rather more thorough change in APIs, but the result is
more worth the churn.
The urlPatterns are check for compliance with Java Servlet
Specification, version 3.1.
JIRA: AAA-233
Change-Id: If65aa0fac7ee7040e89d926bf115b4f124c5b4e2
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Signed-off-by: Ivan Hrasko <ivan.hrasko@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
OleksandrZharov [Tue, 18 Oct 2022 16:00:44 +0000 (18:00 +0200)]
Ignore untagged Filters
We want to ignore all filters for HTTP whiteboard and allow
only those comming from 'odl.aaa.filterchain.filter'.
Instead of not-allowing filters we do NOT want to use lets just
specify filters we DO want to use.
JIRA: AAA-237
Change-Id: I657396dc0f7295b4d492fb64bf5f4e5c4b34c548
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 28 Oct 2022 21:30:57 +0000 (23:30 +0200)]
Bump h2database to 2.1.214
https://github.com/h2database/h2database/releases/tag/version-2.1.212
https://github.com/h2database/h2database/releases/tag/version-2.1.214
Change-Id: Ia731330d2b452868438b3b9595a2c86a7c8d6ccc
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 28 Oct 2022 20:16:32 +0000 (22:16 +0200)]
Bump shiro to 1.10.0
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=
12310950&version=
12351946
Change-Id: I2e11329f33a18283d941a33d29f47bee4d24bd94
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 20 Oct 2022 16:25:36 +0000 (18:25 +0200)]
Bump versions to 0.17.0-SNAPSHOT
This starts the next major development iteration.
Change-Id: I13beb539d905af7f197dcb6be13fb06e28545757
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 12:55:31 +0000 (14:55 +0200)]
Use faster lastIndexOf()
Searching for a char index is faster than searching for a string, use
the former.
Change-Id: I528499247d6361cfeadb49b9d9d05df3ac12078a
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 10:25:27 +0000 (12:25 +0200)]
Bump versions to 0.16.4-SNAPSHOT
This starts the next development iteration.
Change-Id: I9f3bdc47994bc9fa912464376798f96c354d42ea
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 11:02:46 +0000 (13:02 +0200)]
Clean up filter loading
Reduce the size of try/catch block and use Class.asSubclass() to
remove an unchecked cast.
Change-Id: Ib2c90a3df761f7a8436a56ea37078ea94feb2084
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 10:59:28 +0000 (12:59 +0200)]
Simplify FilterDTO hierarchy
Only NamedFilterDTO needs initialization parameters, make sure we clean
up the hierarchy appropriately.
Change-Id: I8d9b2af086195e2ce567fb6725e5018a96a784a9
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Code Review / aaa.git / log