* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
import org.onap.aaf.cadi.User;
import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.client.Rcli;
import org.onap.aaf.cadi.lur.ConfigPrincipal;
+import aaf.v2_0.CredRequest;
+
public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> {
private AAFCon<CLIENT> con;
private String realm;
-
+
/**
* Configure with Standard AAF properties, Stand alone
* @param con
/**
* Configure with Standard AAF properties, but share the Cache (with AAF Lur)
* @param con
- * @throws Exception
+ * @throws Exception
*/
// Package on purpose
AAFAuthn(AAFCon<CLIENT> con, AbsUserCache<AAFPermission> cache) {
super(cache);
this.con = con;
}
-
+
/**
* Return Native Realm of AAF Instance.
- *
+ *
* @return
*/
public String getRealm() {
/**
* Returns null if ok, or an Error String;
- *
+ *
* Convenience function. Passes "null" for State object
*/
public String validate(String user, String password) throws IOException {
return validate(user,password,null);
}
-
+
/**
* Returns null if ok, or an Error String;
- *
+ *
* For State Object, you may put in HTTPServletRequest or AuthzTrans, if available. Otherwise,
* leave null
- *
+ *
* @param user
* @param password
* @return
- * @throws IOException
- * @throws CadiException
+ * @throws IOException
+ * @throws CadiException
* @throws Exception
*/
public String validate(String user, String password, Object state) throws IOException {
return "user/pass combo invalid for " + user;
case DENIED:
return "AAF denies API for " + user;
- default:
+ default:
return "AAFAuthn doesn't handle Principal " + user;
}
}
-
+
private class AAFCachedPrincipal extends ConfigPrincipal implements CachedPrincipal {
private long expires;
private long timeToLive;
try {
Miss missed = missed(getName(),getCred());
if (missed==null || missed.mayContinue()) {
- Rcli<CLIENT> client = con.client().forUser(con.basicAuth(getName(), new String(getCred())));
- Future<String> fp = client.read(
- "/authn/basicAuth",
- "text/plain"
- );
- if (fp.get(con.timeout)) {
+ CredRequest cr = new CredRequest();
+ cr.setId(getName());
+ cr.setPassword(new String(getCred()));
+ Future<String> fp = con.client().readPost("/authn/validate", con.credReqDF, cr);
+ //Rcli<CLIENT> client = con.client().forUser(con.basicAuth(getName(), new String(getCred())));
+ //Future<String> fp = client.read(
+ // "/authn/basicAuth",
+ // "text/plain"
+ // );
+ if (fp.get(con.timeout)) {
expires = System.currentTimeMillis() + timeToLive;
addUser(new User<AAFPermission>(this, expires));
return Resp.REVALIDATED;