X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Foauth-enduser%2Fsrc%2Ftest%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Fenduser%2Ftest%2FOAuthExample.java;h=0dec0999c4031ea92b7cca0d39f820a48c3d5b98;hb=1296352d8eafee57f982a4342ad79ada4aa56d28;hp=10bcdcc28c3e39b614aa270e451c34ff4a57334f;hpb=d9c0bb04b77f6a637f1fc07b69c90898d672bd34;p=aaf%2Fauthz.git diff --git a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java index 10bcdcc2..0dec0999 100644 --- a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java +++ b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -26,17 +26,18 @@ import java.net.ConnectException; import java.security.GeneralSecurityException; import java.util.Date; import java.util.GregorianCalendar; +import java.util.Map; import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.LocatorException; import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.Defaults; import org.onap.aaf.cadi.client.Future; import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Result; import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.configure.Agent; import org.onap.aaf.cadi.oauth.TimedToken; import org.onap.aaf.cadi.oauth.TokenClient; import org.onap.aaf.cadi.oauth.TokenClientFactory; @@ -55,14 +56,14 @@ public class OAuthExample { public final static void main(final String args[]) { // These Objects are expected to be Long-Lived... Construct once - + // Property Access - // This method will allow you to set "cadi_prop_files" (or any other property) on Command line + // This method will allow you to set "cadi_prop_files" (or any other property) on Command line access = new PropAccess(args); - + // access = PropAccess(); // Note: This style will load "cadi_prop_files" from VM Args - + // Token aware Client Factory try { tcf = TokenClientFactory.instance(access); @@ -70,17 +71,19 @@ public class OAuthExample { access.log(e1, "Unable to setup OAuth Client Factory, Fail Fast"); System.exit(1); } - - - // Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files" - String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,Config.OAUTH2_TOKEN_URL_DEF); // Default to AAF - String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,Config.OAUTH2_INTROSPECT_URL_DEF); // Default to AAF); - // Get Hello Service - final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Config.HELLO_URL_DEF); - final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF)); - + + // Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files" try { + Map aaf_urls = Agent.loadURLs(access); + Agent.fillMissing(access, aaf_urls); + String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL); // Default to AAF + String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL); // Default to AAF); + // Get Hello Service + final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL); + + final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF)); + ////////////////////////////////////////////////////////////////////// // Scenario 1: // Get and use an OAuth Client, which understands Token Management @@ -90,7 +93,7 @@ public class OAuthExample { TokenClient tc = tcf.newClient(tokenServiceURL); // can set your own timeout here (url, timeoutMilliseconds) // Set your Application (MicroService, whatever) Credentials here - // These are how your Application is known, particularly to the OAuth Server. + // These are how your Application is known, particularly to the OAuth Server. // If AAF Token server, then its just the same as your other AAF MechID creds // If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures. String client_id = access.getProperty(Config.AAF_APPID); @@ -100,7 +103,7 @@ public class OAuthExample { } String client_secret = access.getProperty(Config.AAF_APPPASS); tc.client_creds(client_id, client_secret); - + // If you are working with Credentials the End User, set username/password as appropriate to the OAuth Server // tc.password(end_user_id, end_user_password); // IMPORTANT: @@ -111,7 +114,7 @@ public class OAuthExample { // With AAF, the Scopes you put in are the AAF Namespaces you want access to. Your Token will contain the // AAF Permissions of the Namespaces (you can put in more than one), the user name (or client_id if no user_name), // is allowed to see. - + // Here's a trick to get the namespace out of a Fully Qualified AAF Identity (your MechID) String ns = FQI.reverseDomain(client_id); System.out.printf("\nNote: The AAF Namespace of FQI (Fully Qualified Identity) %s is %s\n\n",client_id, ns); @@ -119,23 +122,23 @@ public class OAuthExample { // Now, we can get a Token. Note: for "scope", use AAF Namespaces to get AAF Permissions embedded in // Note: getToken checks if Token is expired, if so, then refreshes before handing back. Result rtt = tc.getToken(ns,"org.onap.test"); - + // Note: you can clear a Token's Disk/Memory presence by // 1) removing the Token from the "token/outgoing" directory on the O/S // 2) programmatically by calling "clearToken" with exact params as "getToken", when it has the same credentials set // tc.clearToken("org.onap.aaf","org.onap.test"); - + // Result Object can be queried for success if (rtt.isOK()) { TimedToken token = rtt.value; print(token); // Take a look at what's in a Token - + // Use this Token in your client calls with "Tokenized Client" (TzClient) // These should NOT be used cross thread. TzClient helloClient = tcf.newTzClient(endServicesURL); helloClient.setToken(client_id, token); - - // This client call style, "best" call with "Retryable" inner class covers finding an available Service + + // This client call style, "best" call with "Retryable" inner class covers finding an available Service // (when Multi-services exist) for the best service, based (currently) on distance. // // the "Generic" in Type gives a Return Value for the Code, which you can set on the "best" method @@ -146,20 +149,20 @@ public class OAuthExample { Future future = client.read("hello","text/plain"); // The "future" calling method allows you to do other processing, such as call more than one backend // client before picking up the result - // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then + // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then if (future.get(CALL_TIMEOUT)) { // Client Returned expected value return future.value; } else { throw new APIException(future.code() + future.body()); - } + } } }); - + // You want to do something with returned value. Here, we say "hello" System.out.printf("\nPositive Response from Hello: %s\n",rv); - - + + ////////////////////////////////////////////////////////////////////// // Scenario 2: // As a Service, read Introspection information as proof of Authenticated Authorization @@ -184,12 +187,12 @@ public class OAuthExample { } else { access.printf(Level.ERROR, "Unable to obtain OAuth Token: %d %s\n",rtt.code,rtt.error); } - + } catch (CadiException | LocatorException | APIException | IOException e) { e.printStackTrace(); } } - + ///////////////////////////////////////////////////////////// // Examples of Object Access ///////////////////////////////////////////////////////////// @@ -204,7 +207,7 @@ public class OAuthExample { t.getScope(), t.getRefreshToken()); } - + private static void print(Introspect ti) { if (ti==null || ti.getClientId()==null) { System.out.println("Empty Introspect"); @@ -229,7 +232,7 @@ public class OAuthExample { Chrono.timeStamp(exp), ti.getScope(), ti.getContent()==null?"":ti.getContent()); - + System.out.println(); }