X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Faaf%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Foauth%2FTokenClientFactory.java;h=8c47b6cbd33bf1ea604dcdf8b816457eaa795976;hb=3d1706fcbe7f95830ff6fd23cf679ee55c6d0595;hp=e235b681e88d2372392dd60e70c3cfb7df0b0b03;hpb=047edb5a4312cc7dfb3172b7e11ab1a9e2315ba2;p=aaf%2Fauthz.git diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java index e235b681..8c47b6cb 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java @@ -29,6 +29,8 @@ import java.nio.file.Path; import java.security.GeneralSecurityException; import java.security.NoSuchAlgorithmException; import java.util.Map; +import java.util.Set; +import java.util.TreeSet; import java.util.concurrent.ConcurrentHashMap; import java.util.regex.Pattern; @@ -38,11 +40,11 @@ import org.onap.aaf.cadi.Hash; import org.onap.aaf.cadi.Locator; import org.onap.aaf.cadi.LocatorException; import org.onap.aaf.cadi.Symm; -import org.onap.aaf.cadi.aaf.Defaults; import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; import org.onap.aaf.cadi.aaf.v2_0.AAFLocator; import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.config.SecurityInfoC; +import org.onap.aaf.cadi.configure.Agent; import org.onap.aaf.cadi.locator.PropertyLocator; import org.onap.aaf.cadi.locator.SingleEndpointLocator; import org.onap.aaf.cadi.oauth.TokenClient.AUTHN_METHOD; @@ -54,132 +56,143 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv; import aafoauth.v2_0.Token; public class TokenClientFactory extends Persist { - private static TokenClientFactory instance; - private Map aafcons = new ConcurrentHashMap<>(); - private SecurityInfoC hsi; - // Package on purpose - final Symm symm; + private static TokenClientFactory instance; + private final Set alts; + private Map aafcons = new ConcurrentHashMap<>(); + private SecurityInfoC hsi; + // Package on purpose + final Symm symm; - private TokenClientFactory(Access pa) throws APIException, GeneralSecurityException, IOException, CadiException { - super(pa, new RosettaEnv(pa.getProperties()),Token.class,"outgoing"); - - if(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) { - access.getProperties().put(Config.AAF_OAUTH2_TOKEN_URL, Defaults.OAUTH2_TOKEN_URL); // Default to AAF - } - if(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) { - access.getProperties().put(Config.AAF_OAUTH2_INTROSPECT_URL, Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF); - } + private TokenClientFactory(Access pa) throws APIException, GeneralSecurityException, IOException, CadiException { + super(pa, new RosettaEnv(pa.getProperties()),Token.class,"outgoing"); + + Map aaf_urls = Agent.loadURLs(pa); + alts = new TreeSet<>(); + + if (access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) { + access.getProperties().put(Config.AAF_OAUTH2_TOKEN_URL, aaf_urls.get(Config.AAF_OAUTH2_TOKEN_URL)); // Default to AAF + } + + if (access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) { + access.getProperties().put(Config.AAF_OAUTH2_INTROSPECT_URL, aaf_urls.get(Config.AAF_OAUTH2_INTROSPECT_URL)); // Default to AAF); + } + + for(String tag : new String[] {Config.AAF_ALT_OAUTH2_TOKEN_URL, Config.AAF_ALT_OAUTH2_INTROSPECT_URL}) { + String value = access.getProperty(tag, null); + if(value!=null) { + alts.add(tag); + alts.add(value); + } + } + + symm = Symm.encrypt.obtain(); + hsi = SecurityInfoC.instance(access, HttpURLConnection.class); + } + + public synchronized static final TokenClientFactory instance(Access access) throws APIException, GeneralSecurityException, IOException, CadiException { + if (instance==null) { + instance = new TokenClientFactory(access); + } + return instance; + } + + /** + * Pickup Timeout from Properties + * + * @param tagOrURL + * @return + * @throws CadiException + * @throws LocatorException + * @throws APIException + */ + public TokenClient newClient(final String tagOrURL) throws CadiException, LocatorException, APIException { + return newClient(tagOrURL,Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF))); + } + + public TokenClient newClient(final String tagOrURL, final int timeout) throws CadiException, LocatorException, APIException { + AAFConHttp ach; + if (tagOrURL==null) { + throw new CadiException("parameter tagOrURL cannot be null."); + } else { + ach = aafcons.get(tagOrURL); + if (ach==null) { + aafcons.put(tagOrURL, ach=new AAFConHttp(access,tagOrURL)); + } + } + char okind; + if (alts.contains(tagOrURL)) { + okind = Kind.OAUTH; + } else { + okind = Kind.AAF_OAUTH; + } + TokenClient tci = new TokenClient( + okind, + this, + ach, + timeout, + AUTHN_METHOD.none); + tci.client_creds(access); + return tci; + } + + public TzClient newTzClient(final String locatorURL) throws CadiException, LocatorException { + try { + return new TzHClient(access,hsi,bestLocator(locatorURL)); + } catch (URISyntaxException e) { + throw new LocatorException(e); + } + } - symm = Symm.encrypt.obtain(); - hsi = SecurityInfoC.instance(access, HttpURLConnection.class); - } - - public synchronized static final TokenClientFactory instance(Access access) throws APIException, GeneralSecurityException, IOException, CadiException { - if(instance==null) { - instance = new TokenClientFactory(access); - } - return instance; - } - - /** - * Pickup Timeout from Properties - * - * @param tagOrURL - * @return - * @throws CadiException - * @throws LocatorException - * @throws APIException - */ - public TokenClient newClient(final String tagOrURL) throws CadiException, LocatorException, APIException { - return newClient(tagOrURL,Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF))); - } - - public TokenClient newClient(final String tagOrURL, final int timeout) throws CadiException, LocatorException, APIException { - AAFConHttp ach; - if(tagOrURL==null) { - throw new CadiException("parameter tagOrURL cannot be null."); - } else { - ach = aafcons.get(tagOrURL); - if(ach==null) { - aafcons.put(tagOrURL, ach=new AAFConHttp(access,tagOrURL)); - } - } - char okind; - if( Config.AAF_OAUTH2_TOKEN_URL.equals(tagOrURL) || - Config.AAF_OAUTH2_INTROSPECT_URL.equals(tagOrURL) || - tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL, null)) || - tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL, null)) - ) { - okind = Kind.AAF_OAUTH; - } else { - okind = Kind.OAUTH; - } - TokenClient tci = new TokenClient( - okind, - this, - ach, - timeout, - AUTHN_METHOD.none); - tci.client_creds(access); - return tci; - } - - public TzClient newTzClient(final String locatorURL) throws CadiException, LocatorException { - try { - return new TzHClient(access,hsi,bestLocator(locatorURL)); - } catch (URISyntaxException e) { - throw new LocatorException(e); - } - } + static String getKey(char tokenSource,String client_id, String username, byte[] hash, String scope) throws CadiException { + try { + StringBuilder sb = new StringBuilder(client_id); + sb.append('_'); + if (username!=null) { + sb.append(username); + } + sb.append('_'); + sb.append(tokenSource); + if (scope!=null) { + byte[] tohash=scope.getBytes(); + if (hash!=null && hash.length>0) { + byte temp[] = new byte[hash.length+tohash.length]; + System.arraycopy(tohash, 0, temp, 0, tohash.length); + System.arraycopy(hash, 0, temp, tohash.length, hash.length); + tohash = temp; + } + if (scope.length()>0) { + sb.append(Hash.toHexNo0x(Hash.hashSHA256(tohash))); + } + } + return sb.toString(); + } catch (NoSuchAlgorithmException e) { + throw new CadiException(e); + } + } - static String getKey(char tokenSource,String client_id, String username, byte[] hash, String scope) throws CadiException { - try { - StringBuilder sb = new StringBuilder(client_id); - sb.append('_'); - if(username!=null) { - sb.append(username); - } - sb.append('_'); - sb.append(tokenSource); - byte[] tohash=scope.getBytes(); - if(hash!=null && hash.length>0) { - byte temp[] = new byte[hash.length+tohash.length]; - System.arraycopy(tohash, 0, temp, 0, tohash.length); - System.arraycopy(hash, 0, temp, tohash.length, hash.length); - tohash = temp; - } - if(scope!=null && scope.length()>0) { - sb.append(Hash.toHexNo0x(Hash.hashSHA256(tohash))); - } - return sb.toString(); - } catch (NoSuchAlgorithmException e) { - throw new CadiException(e); - } - } + @Override + protected TimedToken newCacheable(Token t, long expires, byte[] hash, Path path) throws IOException { + return new TimedToken(this,t,expires,hash,path); + } - @Override - protected TimedToken newCacheable(Token t, long expires, byte[] hash, Path path) throws IOException { - return new TimedToken(this,t,expires,hash,path); - } - - public TimedToken putTimedToken(String key, Token token, byte[] hash) throws IOException, CadiException { - TimedToken tt = new TimedToken(this,token,token.getExpiresIn()+(System.currentTimeMillis()/1000),hash,getPath(key)); - put(key,tt); - return tt; - } - - private static final Pattern locatePattern = Pattern.compile("https://.*/locate/.*"); - public Locator bestLocator(final String locatorURL ) throws LocatorException, URISyntaxException { - if(locatorURL==null) { - throw new LocatorException("Cannot have a null locatorURL in bestLocator"); - } - if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) { - return new AAFLocator(hsi,new URI(locatorURL)); - } else if(locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator - return new PropertyLocator(locatorURL); - } else { - return new SingleEndpointLocator(locatorURL); - } - // Note: Removed DME2Locator... If DME2 client is needed, use DME2Clients - } + public TimedToken putTimedToken(String key, Token token, byte[] hash) throws IOException, CadiException { + TimedToken tt = new TimedToken(this,token,token.getExpiresIn()+(System.currentTimeMillis()/1000),hash,getPath(key)); + put(key,tt); + return tt; + } + + private static final Pattern locatePattern = Pattern.compile("https://.*/locate/.*"); + public Locator bestLocator(final String locatorURL ) throws LocatorException, URISyntaxException { + if (locatorURL==null) { + throw new LocatorException("Cannot have a null locatorURL in bestLocator"); + } + if (locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) { + return new AAFLocator(hsi,new URI(locatorURL)); + } else if (locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator + return new PropertyLocator(locatorURL); + } else { + return new SingleEndpointLocator(locatorURL); + } + // Note: Removed DME2Locator... If DME2 client is needed, use DME2Clients + } }