From: varun gudisena Date: Tue, 22 May 2018 20:34:44 +0000 (+0000) Subject: Merge "Fix AAF Locator for ONAP" X-Git-Tag: Beijing-2.1.1~10 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=467b962cbf1c78bf617f2dac70096b61f4af5003;hp=7a5a06cf41dde0577aecdaab37c59fcdb1a0dd46;p=aaf%2Fauthz.git Merge "Fix AAF Locator for ONAP" --- diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java index e7e3ef35..7a983104 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java @@ -67,22 +67,32 @@ public class AAFLocator extends AbsAAFLocator { int connectTimeout = Integer.parseInt(si.access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)); try { String[] path = Split.split('/',locatorURI.getPath()); - if(path.length>2 && "locate".equals(path[1])) { + String host = locatorURI.getHost(); + if(host==null) { + host = locatorURI.getAuthority(); // this happens when no port + } + if("AAF_LOCATE_URL".equals(host)) { + URI uri = new URI( + locatorURI.getScheme(), + locatorURI.getUserInfo(), + aaf_locator_uri.getHost(), + aaf_locator_uri.getPort(), + "/locate"+locatorURI.getPath(), + null, + null + ); + client = createClient(ss, uri, connectTimeout); + } else if(path.length>1 && "locate".equals(path[1])) { StringBuilder sb = new StringBuilder(); for(int i=3;i { client = new HClient(ss, locatorURI, connectTimeout); } epsDF = env.newDataFactory(Endpoints.class); - refresh(); } catch (APIException | URISyntaxException e) { throw new LocatorException(e); } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java index fc297606..312c58e9 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java @@ -58,12 +58,22 @@ public abstract class AbsAAFLocator implements Locator protected String myhostname; protected int myport; protected final String aaf_locator_host; + protected final URI aaf_locator_uri; private long earliest; private final long refreshWait; public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException { aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null); + if(aaf_locator_host==null) { + aaf_locator_uri = null; + } else { + try { + aaf_locator_uri = new URI(aaf_locator_host); + } catch (URISyntaxException e) { + throw new LocatorException(e); + } + } epList = new LinkedList(); refreshWait = refreshMin; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java index 616e2dc9..fb844518 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java @@ -44,9 +44,13 @@ public abstract class AbsOTafLur { protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException { this.access = access; - if((client_id = access.getProperty(Config.AAF_APPID,null))==null) { - throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2); + String ci; + if((ci = access.getProperty(Config.AAF_APPID,null))==null) { + if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) { + throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2); + } } + client_id = ci; synchronized(access) { if(tokenClientPool==null) { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java index 4b0c944c..0558e815 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java @@ -157,6 +157,18 @@ public class TokenClient { } catch(IOException | NoSuchAlgorithmException e) { throw new CadiException(e); } + } else { + ss = new GetSetter() { + @Override + public SecuritySetter get(AAFCon con) throws CadiException { + try { + return con.x509Alias(client_id);// no password, assume Cert + } catch (APIException e) { + throw new CadiException(e); + } + } + }; + authn_method = AUTHN_METHOD.client_credentials; } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java index 3f6fa599..e52df961 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java @@ -158,10 +158,8 @@ public class TokenClientFactory extends Persist { if(locatorURL==null) { throw new LocatorException("Cannot have a null locatorURL in bestLocator"); } - if(locatePattern.matcher(locatorURL).matches()) { + if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) { return new AAFLocator(hsi,new URI(locatorURL)); - } else if(locatorURL.contains("//DME2RESOLVE/")) { - throw new LocatorException("DME2Locator doesn't exist. Use DME2 specific Clients"); } else { return new PropertyLocator(locatorURL); } diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java index 7febf51f..bd2393e4 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java @@ -85,7 +85,12 @@ public class JU_TzHClient { @Test public void test() throws CadiException, LocatorException, APIException, IOException { - TzHClient client = new TzHClient(access, "tag"); + TzHClient client; + try { + client = new TzHClient(access, "tag"); + } catch (Exception e) { + throw e; + } try { client.best(retryableMock); fail("Should've thrown an exception"); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index d7c7526f..1f778ad6 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -532,7 +532,11 @@ public class Config { access.log(Level.INIT,"AAF/OAuth LUR plugin is not available."); } } catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - access.log(e,"AAF/OAuth LUR could not be constructed with given Constructors."); + String msg = e.getMessage(); + if(msg==null && e.getCause()!=null) { + msg = e.getCause().getMessage(); + } + access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg); } } else { access.log(Level.INIT, "OAuth2 Lur disabled"); diff --git a/cadi/oauth-enduser/.gitignore b/cadi/oauth-enduser/.gitignore index 6028f0a5..c14293bc 100644 --- a/cadi/oauth-enduser/.gitignore +++ b/cadi/oauth-enduser/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +tokens/ diff --git a/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java b/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java index 9cb4b4af..c79c2fe6 100644 --- a/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java +++ b/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java @@ -72,12 +72,13 @@ public class OAuthExample { // Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files" - String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL); - String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL); - - - // Get Properties - final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL); + String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL, + "https://AAF_LOCATE_URL/AAF_NS.token/2.0"); // Default to AAF + String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL, + "https://AAF_LOCATE_URL/AAF_NS.introspect/2.0"); // Default to AAF); + // Get Hello Service + final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL, + "https://AAF_LOCATE_URL/AAF_NS.hello/2.0"); final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF)); @@ -95,6 +96,10 @@ public class OAuthExample { // If AAF Token server, then its just the same as your other AAF MechID creds // If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures. String client_id = access.getProperty(Config.AAF_APPID); + if(client_id==null) { + // For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere + client_id = access.getProperty(Config.CADI_ALIAS); + } String client_secret = access.getProperty(Config.AAF_APPPASS); tc.client_creds(client_id, client_secret); @@ -140,7 +145,7 @@ public class OAuthExample { String rv = helloClient.best(new Retryable() { @Override public String code(Rcli client) throws CadiException, ConnectException, APIException { - Future future = client.read(null,"text/plain"); + Future future = client.read("hello","text/plain"); // The "future" calling method allows you to do other processing, such as call more than one backend // client before picking up the result // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then @@ -216,7 +221,7 @@ public class OAuthExample { + "\tUserName:\t%s\n" + "\tExpires: \t%d (%s)\n" + "\tScope:\t\t%s\n" - + "\tContent:\t\t%s\n", + + "\tContent:\t%s\n", ti.getAccessToken(), ti.getClientId(), ti.getClientType(),