Update to the Safeguard 7.0 code and update packages

README.md

@@ -14,6 +14,23 @@ Note that SafeguardJava 6.8.0 is no longer compatible with versions of Safeguard
 
 One Identity open source projects are supported through [One Identity GitHub issues](https://github.com/OneIdentity/SafeguardJava/issues) and the [One Identity Community](https://www.oneidentity.com/community/). This includes all scripts, plugins, SDKs, modules, code snippets or other solutions. For assistance with any One Identity GitHub project, please raise a new Issue on the [One Identity GitHub project](https://github.com/OneIdentity/SafeguardJava/issues) page. You may also visit the [One Identity Community](https://www.oneidentity.com/community/) to ask questions.  Requests for assistance made through official One Identity Support will be referred back to GitHub and the One Identity Community forums where those requests can benefit all users.
 
+## Default API Update
+
+SafeguardDotNet will use v4 API by default starting with version 7.0. It is
+possible to continue using the v3 API by passing in the apiVersion parameter
+when creating a connection or A2A context.
+
+Safeguard for Privileged Passwords 7.X hosts both the v3 and v4 APIs. New coding
+projects should target the v4 API, and existing projects can be migrated over time.
+Notification will be given to customers many releases in advance of any plans to
+remove the v3 API. There are currently no plans to remove the v3 API.
+
+```java
+// Use v3 instead of v4
+var connection = Safeguard.Connect("safeguard.sample.corp", "local", "Admin", password, 3, true);
+var a2aContext = Safeguard.A2A.GetContext("safeguard.sample.corp", thumbprint, 3, true);
+```
+
 ## Introduction
 
 All functionality in Safeguard is available via the Safeguard API. There is

azure-pipelines.yml

@@ -12,7 +12,7 @@ pool:
 
 # Maven Build Variables:
 variables:
-  version: '6.12.0.$(Build.BuildId)-SNAPSHOT'
+  version: '7.0.0.$(Build.BuildId)-SNAPSHOT'
   targetDir: 'target'
   codeSigningCertFileName: 'OneIdentityCodeSigning.pfx'
   issuerKeyStorePath: 'settings/signingstore.jks'

pom.xml

@@ -13,7 +13,7 @@
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <revision>6.12.0-SNAPSHOT</revision>
+        <revision>7.0.0-SNAPSHOT</revision>
         <signingcertpath>./signingcert.pfx</signingcertpath>
         <signingcertaliasname>1</signingcertaliasname>
         <signingkeystorepassword>secret</signingkeystorepassword>
@@ -42,12 +42,12 @@
         <dependency>
             <groupId>com.squareup.okhttp3</groupId>
             <artifactId>okhttp</artifactId>
-            <version>4.9.1</version>
+            <version>4.10.0</version>
         </dependency>
         <dependency>
             <groupId>com.microsoft.signalr</groupId>
             <artifactId>signalr</artifactId>
-            <version>5.0.10</version>
+            <version>5.0.17</version>
         </dependency>
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
@@ -62,18 +62,18 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.12.5</version>
+            <version>2.12.7</version>
             <type>jar</type>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
-            <version>1.7.32</version>
+            <version>1.7.36</version>
         </dependency>
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>
-            <version>2.8.8</version>
+            <version>2.8.9</version>
         </dependency>
     </dependencies>
 

src/main/java/com/oneidentity/safeguard/safeguardjava/ISpsStreamingRequest.java

@@ -2,6 +2,8 @@
 
 import com.oneidentity.safeguard.safeguardjava.exceptions.ArgumentException;
 import com.oneidentity.safeguard.safeguardjava.exceptions.SafeguardForJavaException;
+import java.io.InputStream;
+import java.io.OutputStream;
 import java.util.Map;
 
 /**
@@ -19,10 +21,8 @@ public interface ISpsStreamingRequest {
      * @param parameters Additional parameters to add to the URL.
      * @param additionalHeaders Additional headers to add to the request.
      * @return Response body as a string.
-     * @throws
-     * com.oneidentity.safeguard.safeguardjava.exceptions.SafeguardForJavaException
-     * @throws
-     * com.oneidentity.safeguard.safeguardjava.exceptions.ArgumentException
+     * @throws SafeguardForJavaException General Safeguard for Java exception.
+     * @throws ArgumentException Invalid argument.
      */
     String uploadStream(String relativeUrl, byte[] stream, IProgressCallback progressCallback,
             Map<String, String> parameters, Map<String, String> additionalHeaders)
@@ -37,13 +37,42 @@ String uploadStream(String relativeUrl, byte[] stream, IProgressCallback progres
      * @param parameters Additional parameters to add to the URL.
      * @param additionalHeaders Additional headers to add to the request.
      * @return Response body as a string.
-     * @throws
-     * com.oneidentity.safeguard.safeguardjava.exceptions.SafeguardForJavaException
-     * @throws
-     * com.oneidentity.safeguard.safeguardjava.exceptions.ArgumentException
+     * @throws SafeguardForJavaException General Safeguard for Java exception.
+     * @throws ArgumentException Invalid argument.
      */
     String uploadStream(String relativeUrl, String fileName, 
             Map<String, String> parameters, Map<String, String> additionalHeaders)
             throws SafeguardForJavaException, ArgumentException;
+
+    /**
+     * Call a Safeguard Sps GET API returning output as a stream. The caller takes ownership of the
+     * StreamResponse and should dispose it when finished. 
+     * If there is a failure a SafeguardDotNetException will be thrown.
+     * 
+     * @param relativeUrl Relative URL of the service to use.
+     * @param parameters Additional parameters to add to the URL.
+     * @param additionalHeaders Additional headers to add to the request.
+     * @return A StreamResponse.
+     * @throws SafeguardForJavaException General Safeguard for Java exception.
+     * @throws ArgumentException Invalid argument.
+     */
+    StreamResponse downloadStream(String relativeUrl, Map<String, String> parameters, Map<String, String> additionalHeaders)
+            throws SafeguardForJavaException, ArgumentException;
+
+    /**
+     * Call a Safeguard GET API providing an output file path to which streaming download data will
+     * be written. If there is a failure a SafeguardDotNetException will be thrown.
+     * 
+     * @param relativeUrl       Relative URL of the service to use.
+     * @param outputFilePath    Full path to the file where download will be written.
+     * @param progressCallback  Optionally report upload progress.
+     * @param parameters        Additional parameters to add to the URL.
+     * @param additionalHeaders Additional headers to add to the request.
+     * @throws SafeguardForJavaException General Safeguard for Java exception.
+     * @throws ArgumentException Invalid argument.
+     */
+    void downloadStream(String relativeUrl, String outputFilePath, IProgressCallback progressCallback, 
+            Map<String, String> parameters, Map<String, String> additionalHeaders)
+            throws SafeguardForJavaException, ArgumentException;
 
 }

src/main/java/com/oneidentity/safeguard/safeguardjava/Safeguard.java

@@ -20,7 +20,7 @@
  */
 public final class Safeguard {
 
-    private static final int DEFAULTAPIVERSION = 3;
+    private static final int DEFAULTAPIVERSION = 4;
 
     private Safeguard() {
 

src/main/java/com/oneidentity/safeguard/safeguardjava/SafeguardA2AContext.java

@@ -131,8 +131,8 @@ public List<A2ARetrievableAccount> getRetrievableAccounts()  throws ObjectDispos
                 account.setDisabled(registration.isDisabled() || retrieval.isAccountDisabled());
                 account.setAccountId(retrieval.getAccountId());
                 account.setApiKey(retrieval.getApiKey().toCharArray());
-                account.setAssetId(retrieval.getSystemId());
-                account.setAssetName(retrieval.getSystemName());
+                account.setAssetId(retrieval.getAssetId());
+                account.setAssetName(retrieval.getAssetName());
                 account.setAssetNetworkAddress(retrieval.getAssetNetworkAddress());
                 account.setAssetDescription(retrieval.getAssetDescription());
                 account.setAccountId(retrieval.getAccountId());
@@ -301,6 +301,7 @@ public String brokerAccessRequest(char[] apiKey, BrokeredAccessRequest accessReq
         if (accessRequest.getAssetId() == null && accessRequest.getAssetName() == null) {
             throw new SafeguardForJavaException("You must specify an asset to create an access request for");
         }
+        accessRequest.setVersion(apiVersion);
 
         Map<String, String> headers = new HashMap<>();
         headers.put(HttpHeaders.ACCEPT, "application/json");

src/main/java/com/oneidentity/safeguard/safeguardjava/SafeguardSessionsConnection.java

@@ -25,7 +25,6 @@ class SafeguardSessionsConnection implements ISafeguardSessionsConnection {
     private boolean disposed;
 
     private RestClient client;
-    private final Header authCookie = null;
 
     public SafeguardSessionsConnection(String networkAddress, String username,
             char[] password, boolean ignoreSsl, HostnameVerifier validationCallback)

src/main/java/com/oneidentity/safeguard/safeguardjava/SpsStreamingRequest.java

@@ -4,12 +4,18 @@
 import com.oneidentity.safeguard.safeguardjava.data.Method;
 import com.oneidentity.safeguard.safeguardjava.exceptions.ArgumentException;
 import com.oneidentity.safeguard.safeguardjava.exceptions.SafeguardForJavaException;
+import com.oneidentity.safeguard.safeguardjava.restclient.OutputStreamProgress;
 import com.oneidentity.safeguard.safeguardjava.restclient.RestClient;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
 import java.util.Map;
 import org.apache.http.client.methods.CloseableHttpResponse;
 
 class SpsStreamingRequest implements ISpsStreamingRequest {
 
+    private final Integer DefaultBufferSize = 81920;
     private RestClient client;
 
     SpsStreamingRequest(RestClient client) {
@@ -88,4 +94,64 @@ public String uploadStream(String relativeUrl, String fileName,
         return fullResponse.getBody();
     }
 
+
+    @Override
+    public StreamResponse downloadStream(String relativeUrl, Map<String, String> parameters, Map<String, String> additionalHeaders) 
+            throws SafeguardForJavaException, ArgumentException {
+
+        if (Utils.isNullOrEmpty(relativeUrl)) {
+            throw new ArgumentException("Parameter relativeUrl cannot be null or empty");
+        }
+        if (client == null) {
+            throw new ArgumentException("Invalid or unauthenticated SPS connection");
+        }
+
+        CloseableHttpResponse response = null;
+
+        SafeguardConnection.logRequestDetails(Method.Get, client.getBaseURL() + "/" + relativeUrl, parameters, additionalHeaders);
+
+        response = client.execGETBytes(relativeUrl, parameters, additionalHeaders, null, null);
+
+        if (response == null) {
+            throw new SafeguardForJavaException(String.format("Unable to connect to SPS service %s", client.getBaseURL()));
+        }
+
+        if (!Utils.isSuccessful(response.getStatusLine().getStatusCode())) {
+            String reply = Utils.getResponse(response);
+            throw new SafeguardForJavaException("Error returned from SPS API, Error: "
+                    + String.format("%d %s", response.getStatusLine().getStatusCode(), reply));
+        }
+
+        FullResponse fullResponse = new FullResponse(response.getStatusLine().getStatusCode(), response.getAllHeaders(), null);
+        SafeguardConnection.logResponseDetails(fullResponse);
+
+        return new StreamResponse(response);
+    }
+
+    @Override
+    public void downloadStream(String relativeUrl, String outputFilePath, IProgressCallback progressCallback, 
+            Map<String, String> parameters, Map<String, String> additionalHeaders)
+            throws SafeguardForJavaException, ArgumentException {
+
+        StreamResponse streamResponse = null;
+        InputStream input = null;
+        OutputStream output = null;
+        byte[] buffer = new byte[DefaultBufferSize];
+
+        try {
+            streamResponse = downloadStream(relativeUrl, parameters, additionalHeaders);
+            input = streamResponse.getStream();
+            output = new OutputStreamProgress(new FileOutputStream(outputFilePath), progressCallback, streamResponse.getContentLength());
+
+            for (int length; (length = input.read(buffer)) > 0;) {
+                output.write(buffer, 0, length);
+            }
+        } catch (Exception ex) {
+            throw new SafeguardForJavaException(String.format("Unable to download %s", outputFilePath), ex);
+        } finally {
+            if (output != null) try { output.close(); } catch (IOException logOrIgnore) {}
+            if (streamResponse != null) streamResponse.dispose();
+        }
+    }
+
 }

src/main/java/com/oneidentity/safeguard/safeguardjava/StreamResponse.java

@@ -0,0 +1,61 @@
+package com.oneidentity.safeguard.safeguardjava;
+
+import com.oneidentity.safeguard.safeguardjava.exceptions.SafeguardForJavaException;
+import java.io.IOException;
+import java.io.InputStream;
+import org.apache.http.client.methods.CloseableHttpResponse;
+
+/** 
+ * Represents a streamed response
+ */
+public class StreamResponse {
+    private boolean disposed;
+
+    public StreamResponse(CloseableHttpResponse resp) {
+        response = resp;
+    }
+
+    private final CloseableHttpResponse response;
+    private InputStream stream = null;
+    private Long contentLength = 0L;
+
+    /**
+     * Get the response stream object
+     *
+     * @return The HTTP response body content as an inputstream
+     */
+    public InputStream getStream() throws SafeguardForJavaException
+    {
+        if (stream == null) {
+            try {
+                stream = response.getEntity().getContent();
+            } catch (Exception ex) {
+                throw new SafeguardForJavaException("Unable to read the download stream", ex);
+            }
+        }
+        return stream;
+    }
+
+    /**
+     * Get the response content length
+     *
+     * @return The HTTP response body content length
+     */
+    public Long getContentLength() {
+        if (contentLength == 0) {
+            contentLength = response.getEntity().getContentLength();
+        }
+        return contentLength;
+    }
+
+    public void dispose() {
+        if (!disposed) {
+            disposed = true;
+            if (stream != null) {
+                try { 
+                    stream.close(); 
+                } catch (IOException logOrIgnore) {}
+            }
+        }
+    }
+}

src/main/java/com/oneidentity/safeguard/safeguardjava/data/A2ARetrievableAccountInternal.java

@@ -13,8 +13,12 @@ public class A2ARetrievableAccountInternal {
     private String apiKey;
     @JsonProperty("SystemId")
     private int systemId;
+    @JsonProperty("AssetId")
+    private int assetId;
     @JsonProperty("SystemName")
     private String systemName;
+    @JsonProperty("AssetName")
+    private String assetName;
     @JsonProperty("AccountId")
     private int accountId;
     @JsonProperty("AccountName")
@@ -24,6 +28,8 @@ public class A2ARetrievableAccountInternal {
     @JsonProperty("AccountType")
     private String accountType;
     @JsonProperty("SystemDescription")
+    private String systemDescription;
+    @JsonProperty("AssetDescription")
     private String assetDescription;
     @JsonProperty("AccountDescription")
     private String accountDescription;
@@ -49,20 +55,28 @@ public void setApiKey(String apiKey) {
         this.apiKey = apiKey;
     }
 
-    public int getSystemId() {
-        return systemId;
+    public int getAssetId() {
+        return assetId;
     }
 
     public void setSystemId(int systemId) {
-        this.systemId = systemId;
+        this.assetId = systemId;
+    }
+
+    public void setAssetId(int assetId) {
+        this.assetId = assetId;
     }
 
-    public String getSystemName() {
-        return systemName;
+    public String getAssetName() {
+        return assetName;
     }
 
     public void setSystemName(String systemName) {
-        this.systemName = systemName;
+        this.assetName = systemName;
+    }
+
+    public void setAssetName(String assetName) {
+        this.assetName = assetName;
     }
 
     public int getAccountId() {
@@ -101,6 +115,10 @@ public String getAssetDescription() {
         return assetDescription;
     }
 
+    public void setSystemDescription(String systemDescription) {
+        this.assetDescription = systemDescription;
+    }
+
     public void setAssetDescription(String assetDescription) {
         this.assetDescription = assetDescription;
     }