aaf/src/test/java/com/att/aaf/example/X509Test.java

   1 /*******************************************************************************\r
   2  * ============LICENSE_START====================================================\r
   3  * * org.onap.aai\r
   4  * * ===========================================================================\r
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * * Copyright © 2017 Amdocs\r
   7  * * ===========================================================================\r
   8  * * Licensed under the Apache License, Version 2.0 (the "License");\r
   9  * * you may not use this file except in compliance with the License.\r
  10  * * You may obtain a copy of the License at\r
  11  * * \r
  12  *  *      http://www.apache.org/licenses/LICENSE-2.0\r
  13  * * \r
  14  *  * Unless required by applicable law or agreed to in writing, software\r
  15  * * distributed under the License is distributed on an "AS IS" BASIS,\r
  16  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  17  * * See the License for the specific language governing permissions and\r
  18  * * limitations under the License.\r
  19  * * ============LICENSE_END====================================================\r
  20  * *\r
  21  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
  22  * *\r
  23  ******************************************************************************/\r
  24 package com.att.aaf.example;\r
  25 \r
  26 import java.security.Principal;\r
  27 \r
  28 import com.att.cadi.PropAccess;\r
  29 import com.att.cadi.aaf.v2_0.AAFConHttp;\r
  30 import com.att.cadi.aaf.v2_0.AAFLurPerm;\r
  31 import com.att.cadi.client.Future;\r
  32 import com.att.cadi.locator.DNSLocator;\r
  33 import com.att.cadi.lur.LocalPermission;\r
  34 \r
  35 public class X509Test {\r
  36         public static void main(String args[]) {\r
  37                 // Link or reuse to your Logging mechanism\r
  38                 \r
  39                 PropAccess myAccess = new PropAccess();\r
  40                 \r
  41                 // \r
  42                 try {\r
  43                         AAFConHttp con = new AAFConHttp(myAccess, \r
  44                                         new DNSLocator(myAccess,"https","mithrilcsp.sbc.com","8100"));\r
  45                         \r
  46                         // AAFLur has pool of DME clients as needed, and Caches Client lookups\r
  47                         AAFLurPerm aafLur = con.newLur();\r
  48                         \r
  49                         // Note: If you need both Authn and Authz construct the following:\r
  50 //                      AAFAuthn<?> aafAuthn = con.newAuthn(aafLur);\r
  51                         \r
  52                         // con.x509Alias("aaf.att"); // alias in keystore\r
  53 \r
  54                         try {\r
  55                                 \r
  56                                 // Normally, you obtain Principal from Authentication System.\r
  57 //                              // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()\r
  58 //                              // If you use CADI as Authenticator, it will get you these Principals from\r
  59 //                              // CSP or BasicAuth mechanisms.\r
  60 //                              String id = "cluster_admin@gridcore.att.com";\r
  61 //\r
  62 //                              // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.\r
  63                                 Future<String> fs = \r
  64                                                 con.client("2.0").read("/authz/perms/com.att.aaf.ca","application/Perms+json");\r
  65                                 if(fs.get(3000)) {\r
  66                                         System.out.println(fs.value);\r
  67                                 } else {\r
  68                                         System.out.println("Error: "  + fs.code() + ':' + fs.body());\r
  69                                 }\r
  70                                 \r
  71                                 // Check on Perms with LUR\r
  72                                 if(aafLur.fish(new Principal() {\r
  73                                         @Override\r
  74                                         public String getName() {\r
  75                                                 return "m12345@aaf.att.com";\r
  76                                         }\r
  77                                 }, new LocalPermission("com.att.aaf.ca|aaf|request"))) {\r
  78                                         System.out.println("Has Perm");\r
  79                                 } else {\r
  80                                         System.out.println("Does NOT Have Perm");\r
  81                                 }\r
  82                         } finally {\r
  83                                 aafLur.destroy();\r
  84                         }\r
  85                 } catch (Exception e) {\r
  86                         e.printStackTrace();\r
  87                 }\r
  88 \r
  89         }\r
  90 }\r