import java.security.GeneralSecurityException;
import java.util.Date;
import java.util.GregorianCalendar;
+import java.util.Map;
import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.Defaults;
import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.client.Rcli;
import org.onap.aaf.cadi.client.Result;
import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.configure.Agent;
import org.onap.aaf.cadi.oauth.TimedToken;
import org.onap.aaf.cadi.oauth.TokenClient;
import org.onap.aaf.cadi.oauth.TokenClientFactory;
// Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files"
- String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,Defaults.OAUTH2_TOKEN_URL); // Default to AAF
- String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF);
- // Get Hello Service
- final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Defaults.HELLO_URL);
-
- final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
-
try {
+ Map<String, String> aaf_urls = Agent.loadURLs(access);
+ Agent.fillMissing(access, aaf_urls);
+ String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL); // Default to AAF
+ String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL); // Default to AAF);
+ // Get Hello Service
+ final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL);
+
+ final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
+
//////////////////////////////////////////////////////////////////////
// Scenario 1:
// Get and use an OAuth Client, which understands Token Management
// If AAF Token server, then its just the same as your other AAF MechID creds
// If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures.
String client_id = access.getProperty(Config.AAF_APPID);
- if(client_id==null) {
+ if (client_id==null) {
// For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere
client_id = access.getProperty(Config.CADI_ALIAS);
}
// tc.clearToken("org.onap.aaf","org.onap.test");
// Result Object can be queried for success
- if(rtt.isOK()) {
+ if (rtt.isOK()) {
TimedToken token = rtt.value;
print(token); // Take a look at what's in a Token
// The "future" calling method allows you to do other processing, such as call more than one backend
// client before picking up the result
// If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
- if(future.get(CALL_TIMEOUT)) {
+ if (future.get(CALL_TIMEOUT)) {
// Client Returned expected value
return future.value;
} else {
// As a Service, read Introspection information as proof of Authenticated Authorization
//////////////////////////////////////////////////////////////////////
// CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces (
- // i.e. if(isUserInRole("ns.perm|instance|action")) {...
+ // i.e. if (isUserInRole("ns.perm|instance|action")) {...
//
// Here, however, is a way to introspect via Java
//
TokenClient tci = tcf.newClient(tokenIntrospectURL);
tci.client_creds(client_id, client_secret);
Result<Introspect> is = tci.introspect(token.getAccessToken());
- if(is.isOK()) {
+ if (is.isOK()) {
// Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure
print(is.value); // do something with Introspect Object
} else {
}
private static void print(Introspect ti) {
- if(ti==null || ti.getClientId()==null) {
+ if (ti==null || ti.getClientId()==null) {
System.out.println("Empty Introspect");
return;
}
Code Review / aaf / authz.git / blobdiff