auth: moves db-conn params into authpolicy.properties (was in cuout.properties)

data-access/servlet/src/main/java/auth/authz/AuthPolicy.java

@@ -40,9 +40,9 @@ public class AuthPolicy
    private String[] userGroups;
    private boolean userGroupsValid;
 
-   private String dbConnUrl;
-   private String dbUserName;
-   private String dbPassword;
+//   private String dbConnUrl;
+//   private String dbUserName;
+//   private String dbPassword;
 
 
    public AuthPolicy(String userName, String[] userGroups)
@@ -158,27 +158,27 @@ public class AuthPolicy
 
 
 
-   public String[] filterAuthorized(String[] pubdidArr, String dbConnUrl, String dbUserName, String dbPassword)
+   public String[] filterAuthorized(String[] pubdidArr)
    {
       //this.dbConnUrl = dbConnUrl;
-      this.dbUserName = dbUserName;
-      this.dbPassword = dbPassword;
+      //this.dbUserName = dbUserName;
+      //this.dbPassword = dbPassword;
 
       LOGGER.finer("with String[] trace");
-      return filterAuthorized(new ArrayList<String>(Arrays.asList(pubdidArr)), dbConnUrl);
+      return filterAuthorized(new ArrayList<String>(Arrays.asList(pubdidArr)));
    }
 
-   private String[] filterAuthorized(ArrayList<String> pubdidList, String dbConnUrl)
+   private String[] filterAuthorized(ArrayList<String> pubdidList)
    {
       LOGGER.fine("with List <String> trace");
       switch(access)
       {
          case PUBLIC_ONLY :
-            filterNotPublic(pubdidList, dbConnUrl);
+            filterNotPublic(pubdidList);
             break;
 
          case PUBLIC_AND_AUTHORIZED_PRIVATE :
-            filterNotAuthorized(pubdidList, dbConnUrl);
+            filterNotAuthorized(pubdidList);
             break;
 
          default :
@@ -188,13 +188,13 @@ public class AuthPolicy
    }
 
 
-   private void filterNotPublic(ArrayList<String> pubdids, String dbConnUrl)
+   private void filterNotPublic(ArrayList<String> pubdids)
    {
       LOGGER.fine("trace");
       assert pubdids != null;
       LOGGER.finer("PublisherDID list original : " + String.join(" ", pubdids));
 
-      List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(dbConnUrl, pubdids);
+      List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(pubdids);
       List<String> notAuthorizedUniqPubdids = pubdidsNotPublic(privateUniqPubdids, userGroups);
 
       LOGGER.finest("AuthZ removes: " + String.join(" ", notAuthorizedUniqPubdids));
@@ -230,13 +230,13 @@ public class AuthPolicy
 
 
 
-   private void filterNotAuthorized(ArrayList<String> pubdids, String dbConnUrl)
+   private void filterNotAuthorized(ArrayList<String> pubdids)
    {
       LOGGER.fine("trace");
       assert pubdids != null;
       LOGGER.finer("PublisherDID list original : " + String.join(" ", pubdids));
 
-      List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(dbConnUrl, pubdids);
+      List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(pubdids);
       List<String> notAuthorizedUniqPubdids = pubdidsNotAuthorized(privateUniqPubdids, userGroups);
 
       LOGGER.finest("AuthZ removes: " + String.join(" ", notAuthorizedUniqPubdids));
@@ -266,14 +266,14 @@ public class AuthPolicy
 
 
 
-   private List<AuthPolicyDb.PubdidGroups> db_queryPrivateUniqPubdidGroups(String dbConnUrl, List<String> pubdids)
+   private List<AuthPolicyDb.PubdidGroups> db_queryPrivateUniqPubdidGroups(List<String> pubdids)
    {
       AuthPolicyDb adb;
       synchronized(AuthPolicyDb.class)
       {
          //AuthPolicyDb.dbConnUrl  = this.dbConnUrl;
-         AuthPolicyDb.dbUserName = this.dbUserName;
-         AuthPolicyDb.dbPassword = this.dbPassword;
+         //AuthPolicyDb.dbUserName = this.dbUserName;
+         //AuthPolicyDb.dbPassword = this.dbPassword;
 
          adb = new AuthPolicyDb();
       }

data-access/servlet/src/main/java/auth/authz/AuthPolicyDb.java

@@ -32,11 +32,8 @@ public class AuthPolicyDb
    private static final Logger LOGGER = Logger.getLogger(AuthPolicyDb.class.getName());
 
    private static final String DB_DRIVER = "org.postgresql.Driver";
-   private static final Settings settings = Settings.getInstance();
-   static public Settings.DBConn dbconn = settings.dbConn;
-//   static public String dbConnUrl;
-   static public String dbUserName;
-   static public String dbPassword;
+   private static final AuthZSettings settings = AuthZSettings.getInstance("authpolicy.properties");
+   static public AuthZSettings.DBConn dbconn = settings.dbConn;
 
    private Connection conn;
    private Statement  st;

data-access/servlet/src/main/java/auth/authz/webapi/AuthZFilter.java

@@ -95,7 +95,7 @@ class AuthZ
       }
       String[] pubdidArr = pubdidList.toArray(new String[pubdidList.size()]);
       String[] authorized_pubdids;
-      authorized_pubdids = auth.filterAuthorized(pubdidArr, settings.dbConn.uri(), settings.dbConn.userName(), settings.dbConn.password());
+      authorized_pubdids = auth.filterAuthorized(pubdidArr);
 
       /* If multiplicity allowed (and in mcutout/merge):
        * if one or more of pubdids not-authorized -> all request not authorized

docker/start-soda.sh.soda

@@ -114,7 +114,7 @@ else
       echo "db_schema=$AUTHZ_DB_SCHEMA"
       echo "db_user_name=$AUTHZ_DB_USERNAME"
       echo "db_password=$AUTHZ_DB_PASSWORD"
-   } >> $WEBAPP_DIR/WEB-INF/classes/cutout.properties
+   } > $WEBAPP_DIR/WEB-INF/classes/authpolicy.properties
    #cp $WEBAPP_DIR/WEB-INF/web-cutout-ia2token.xml $WEBAPP_DIR/WEB-INF/web.xml
 fi