// Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files"
- String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,Defaults.OAUTH2_TOKEN_URL); // Default to AAF
- String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF);
+ String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,Config.OAUTH2_TOKEN_URL_DEF); // Default to AAF
+ String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,Config.OAUTH2_INTROSPECT_URL_DEF); // Default to AAF);
// Get Hello Service
- final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Defaults.HELLO_URL);
+ final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Config.HELLO_URL_DEF);
final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
// If AAF Token server, then its just the same as your other AAF MechID creds
// If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures.
String client_id = access.getProperty(Config.AAF_APPID);
- if(client_id==null) {
+ if (client_id==null) {
// For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere
client_id = access.getProperty(Config.CADI_ALIAS);
}
// tc.clearToken("org.onap.aaf","org.onap.test");
// Result Object can be queried for success
- if(rtt.isOK()) {
+ if (rtt.isOK()) {
TimedToken token = rtt.value;
print(token); // Take a look at what's in a Token
// The "future" calling method allows you to do other processing, such as call more than one backend
// client before picking up the result
// If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
- if(future.get(CALL_TIMEOUT)) {
+ if (future.get(CALL_TIMEOUT)) {
// Client Returned expected value
return future.value;
} else {
// As a Service, read Introspection information as proof of Authenticated Authorization
//////////////////////////////////////////////////////////////////////
// CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces (
- // i.e. if(isUserInRole("ns.perm|instance|action")) {...
+ // i.e. if (isUserInRole("ns.perm|instance|action")) {...
//
// Here, however, is a way to introspect via Java
//
TokenClient tci = tcf.newClient(tokenIntrospectURL);
tci.client_creds(client_id, client_secret);
Result<Introspect> is = tci.introspect(token.getAccessToken());
- if(is.isOK()) {
+ if (is.isOK()) {
// Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure
print(is.value); // do something with Introspect Object
} else {
}
private static void print(Introspect ti) {
- if(ti==null || ti.getClientId()==null) {
+ if (ti==null || ti.getClientId()==null) {
System.out.println("Empty Introspect");
return;
}