import java.security.GeneralSecurityException;
import java.util.Date;
import java.util.GregorianCalendar;
+import java.util.Map;
import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.aaf.Defaults;
import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.client.Rcli;
import org.onap.aaf.cadi.client.Result;
import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.configure.Agent;
import org.onap.aaf.cadi.oauth.TimedToken;
import org.onap.aaf.cadi.oauth.TokenClient;
import org.onap.aaf.cadi.oauth.TokenClientFactory;
// Property Access
// This method will allow you to set "cadi_prop_files" (or any other property) on Command line
access = new PropAccess(args);
-
- // access = PropAccess();
// Note: This style will load "cadi_prop_files" from VM Args
-
- // Token aware Client Factory
+ // access = PropAccess();
try {
+ Map<String, String> aaf_urls = Agent.loadURLs(access);
+ Agent.fillMissing(access, aaf_urls);
+
+ // Token aware Client Factory
tcf = TokenClientFactory.instance(access);
} catch (APIException | GeneralSecurityException | IOException | CadiException e1) {
access.log(e1, "Unable to setup OAuth Client Factory, Fail Fast");
// tc.clearToken("org.onap.aaf","org.onap.test");
// Result Object can be queried for success
- if(rtt.isOK()) {
+ if (rtt.isOK()) {
TimedToken token = rtt.value;
print(token); // Take a look at what's in a Token
// Use this Token in your client calls with "Tokenized Client" (TzClient)
// These should NOT be used cross thread.
// Get Hello Service URL... roll your own in your own world.
- final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Defaults.HELLO_URL);
+ final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL);
TzClient helloClient = tcf.newTzClient(endServicesURL);
// The "future" calling method allows you to do other processing, such as call more than one backend
// client before picking up the result
// If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
- if(future.get(CALL_TIMEOUT)) {
+ if (future.get(CALL_TIMEOUT)) {
// Client Returned expected value
return future.value;
} else {
// As a Service, read Introspection information as proof of Authenticated Authorization
//////////////////////////////////////////////////////////////////////
// CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces (
- // i.e. if(isUserInRole("ns.perm|instance|action")) {...
+ // i.e. if (isUserInRole("ns.perm|instance|action")) {...
//
// Here, however, is a way to introspect via Java
//
// We need a Different Introspect TokenClient, because different Endpoint (and usually different Services)
TokenClient tci = tcf.newClient(Config.AAF_OAUTH2_INTROSPECT_URL);
Result<Introspect> is = tci.introspect(token.getAccessToken());
- if(is.isOK()) {
+ if (is.isOK()) {
// Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure
print(is.value); // do something with Introspect Object
} else {
}
private static void print(Introspect ti) {
- if(ti==null || ti.getClientId()==null) {
+ if (ti==null || ti.getClientId()==null) {
System.out.println("Empty Introspect");
return;
}
Code Review / aaf / authz.git / blobdiff