public void client_creds(Access access) throws CadiException {
if(okind=='A') {
- client_creds(access.getProperty(Config.AAF_APPID, null),access.getProperty(Config.AAF_APPPASS, null));
+ String alias = access.getProperty(Config.CADI_ALIAS, null);
+ if(alias == null) {
+ client_creds(access.getProperty(Config.AAF_APPID, null),access.getProperty(Config.AAF_APPPASS, null));
+ } else {
+ client_creds(alias,null);
+ }
} else {
client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID, null),access.getProperty(Config.AAF_ALT_CLIENT_SECRET, null));
}
*/
public void client_creds(final String client_id, final String client_secret) throws CadiException {
if(client_id==null) {
- throw new CadiException(Config.AAF_ALT_CLIENT_ID + " is null");
+ throw new CadiException("client_creds:client_id is null");
}
this.client_id = client_id;
default_scope = FQI.reverseDomain(client_id);
} catch(IOException | NoSuchAlgorithmException e) {
throw new CadiException(e);
}
+ } else {
+ ss = new GetSetter() {
+ @Override
+ public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+ try {
+ return con.x509Alias(client_id);// no password, assume Cert
+ } catch (APIException e) {
+ throw new CadiException(e);
+ }
+ }
+ };
+ authn_method = AUTHN_METHOD.client_credentials;
}
}
Result<TimedToken> rtt = factory.get(key,hash,new Loader<TimedToken>() {
@Override
public Result<TimedToken> load(final String key) throws APIException, CadiException, LocatorException {
- final List<String> params = new ArrayList<String>();
+ final List<String> params = new ArrayList<>();
params.add(scope);
addSecurity(params,authn_method);
if(ss==null) {
throw new APIException("client_creds(...) must be set before obtaining Access Tokens");
}
- final List<String> params = new ArrayList<String>();
+ final List<String> params = new ArrayList<>();
params.add("refresh_token="+token.getRefreshToken());
addSecurity(params,AUTHN_METHOD.refresh_token);
final String scope="scope="+token.getScope().replace(' ', '+');
return tkCon.best(new Retryable<Result<Introspect>>() {
@Override
public Result<Introspect> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- final List<String> params = new ArrayList<String>();
+ final List<String> params = new ArrayList<>();
params.add("token="+token);
addSecurity(params,AUTHN_METHOD.client_credentials);
final String paramsa[] = new String[params.size()];
throw new APIException("Error Decrypting Password",e);
}
}
+
+ if(username!=null) {
+ params.add("username="+username);
+ }
+
break;
case refresh_token:
if(client_id!=null) {