From 7ff4d4001de8cddee013350e18fb74cd31051b81 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Thu, 24 May 2018 15:50:33 -0700 Subject: [PATCH] Add ONAP truststore and comment example client Add ONAP truststore with certificate only in jks format Add comments to the client example illustrating various use cases Support error message read from returned error body Issue-ID: AAF-92 Change-Id: I9709005c13d739883621eed09ce34fcb4715f1fd Signed-off-by: Kiran Kamineni --- sms-client/java/src/main/example/README.md | 7 + .../java/src/main/example/SmsClientExample.java | 183 +++++++++++++-------- .../java/src/main/example/truststoreONAP.jks | Bin 0 -> 1408 bytes .../src/main/java/org/onap/aaf/sms/SmsClient.java | 13 +- 4 files changed, 130 insertions(+), 73 deletions(-) create mode 100644 sms-client/java/src/main/example/README.md create mode 100644 sms-client/java/src/main/example/truststoreONAP.jks diff --git a/sms-client/java/src/main/example/README.md b/sms-client/java/src/main/example/README.md new file mode 100644 index 0000000..e96cefc --- /dev/null +++ b/sms-client/java/src/main/example/README.md @@ -0,0 +1,7 @@ +### Running the Sample Application +Make sure you run in the example folder as it looks for the truststore here + +``` +$ javac -cp ".:" SmsClientExample.java +$ java -cp ".:" SmsClientExample +``` diff --git a/sms-client/java/src/main/example/SmsClientExample.java b/sms-client/java/src/main/example/SmsClientExample.java index ca38adb..88956c5 100644 --- a/sms-client/java/src/main/example/SmsClientExample.java +++ b/sms-client/java/src/main/example/SmsClientExample.java @@ -39,84 +39,129 @@ import org.onap.aaf.sms.SmsResponse; */ public class SmsClientExample { - public static void main(String[] args) throws Exception { - // Set up the Sun PKCS 11 provider - Provider p = Security.getProvider("SunPKCS11-pkcs11Test"); - if (p==null) { - throw new RuntimeException("could not get security provider"); + + public static SSLSocketFactory getSSLSocketFactory(String castore) { + + try { + // Load the CA certificate + // There are no private keys in the truststore + FileInputStream tst = new FileInputStream("truststoreONAP.jks"); + KeyStore trustStore = KeyStore.getInstance("JKS"); + char[] password = "password".toCharArray(); + trustStore.load(tst, password); + TrustManagerFactory trustManagerFactory = + TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); + trustManagerFactory.init(trustStore); + + //Create the context + SSLContext context = SSLContext.getInstance("TLSv1.2"); + context.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom()); + //Create a socket factory + SSLSocketFactory ssf = context.getSocketFactory(); + return ssf; + } catch (Exception e) { + e.printStackTrace(); + return null; } - // Load the key store - char[] pin = "45789654".toCharArray(); - KeyStore keyStore = KeyStore.getInstance("PKCS11", p); - keyStore.load(null, pin); - - // Load the CA certificate - FileInputStream tst = new FileInputStream("/ca.jks"); - KeyStore trustStore = KeyStore.getInstance("JKS"); - trustStore.load(tst, pin); - - KeyManagerFactory keyManagerFactory = - KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); - //Add to keystore to key manager - keyManagerFactory.init(keyStore, pin); - - TrustManagerFactory trustManagerFactory = - TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - trustManagerFactory.init(trustStore); - - //Create the context - SSLContext context = SSLContext.getInstance("TLS"); - context.init(keyManagerFactory.getKeyManagers(), - trustManagerFactory.getTrustManagers(), new SecureRandom()); - //Create a socket factory - SSLSocketFactory ssf = context.getSocketFactory(); - SmsClient sms = new SmsClient("onap.mydomain.com", 10443, ssf); - SmsResponse resp1 = sms.createDomain("onap.new.test.sms0"); - if ( resp1.getSuccess() ) { - System.out.println(resp1.getResponse()); - System.out.println(resp1.getResponseCode()); + } + + public static void main(String[] args) throws Exception { + + SSLSocketFactory ssf = SmsClientExample.getSSLSocketFactory("truststoreONAP.jks"); + + // Create the SMSClient + SmsClient sms = new SmsClient("aaf-sms.onap", 30243, ssf); + + // Create a test domain + System.out.println("CREATE DOMAIN: "); + SmsResponse resp = sms.createDomain("sms_test_domain"); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println("-- Return Data: " + resp.getResponse()); + System.out.println(""); + } else { + System.out.println("-- Error String: " + resp.getErrorMessage()); + System.out.println(""); } - Map m1 = new HashMap(); - m1.put("passwd", "gax6ChD0yft"); - SmsResponse resp2 = sms.storeSecret("onap.new.test.sms0", "testsec", m1); - if ( resp2.getSuccess() ) { - System.out.println(resp2.getResponse()); - System.out.println(resp2.getResponseCode()); + + // Create secret data here + Map data_1 = new HashMap(); + data_1.put("passwd", "gax6ChD0yft"); + + // Store them in previously created domain + System.out.println("STORE SECRET: " + "test_secret"); + resp = sms.storeSecret("sms_test_domain", "test_secret", data_1); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println(""); } - Map m2 = new HashMap(); - m2.put("username", "dbuser"); - m2.put("isadmin", new Boolean(true)); - m2.put("age", new Integer(40)); - m2.put("secretkey", "asjdhkuhioeukadfjsadnfkjhsdukfhaskdjhfasdf"); - m2.put("token", "2139084553458973452349230849234234908234342"); - SmsResponse resp3 = sms.storeSecret("onap.new.test.sms0","credentials", m2); - if ( resp3.getSuccess() ) { - System.out.println(resp3.getResponse()); - System.out.println(resp3.getResponseCode()); + + // A more complex data example on the same domain + Map data_2 = new HashMap(); + data_2.put("username", "dbuser"); + data_2.put("isadmin", new Boolean(true)); + data_2.put("age", new Integer(40)); + data_2.put("secretkey", "asjdhkuhioeukadfjsadnfkjhsdukfhaskdjhfasdf"); + data_2.put("token", "2139084553458973452349230849234234908234342"); + + // Store the secret + System.out.println("STORE SECRET: " + "test_credentials"); + resp = sms.storeSecret("sms_test_domain", "test_credentials", data_2); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println(""); } - SmsResponse resp4 = sms.getSecretNames("onap.new.test.sms0"); - if ( resp4.getSuccess() ) { - System.out.println(resp4.getResponse()); - System.out.println(resp4.getResponseCode()); + + // List all secret names stored in domain + System.out.println("LIST SECRETS: "); + resp = sms.getSecretNames("sms_test_domain"); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println("-- Return Data: " + resp.getResponse()); + System.out.println(""); } - SmsResponse resp5= sms.getSecret("onap.new.test.sms0", "testsec"); - if ( resp5.getSuccess() ) { - System.out.println(resp5.getResponse()); - System.out.println(resp5.getResponseCode()); + + // Retrieve a secret from stored domain + System.out.println("GET SECRET: " + "test_secret"); + resp= sms.getSecret("sms_test_domain", "test_secret"); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println("-- Return Data: " + resp.getResponse()); + System.out.println(""); } - SmsResponse resp6= sms.getSecret("onap.new.test.sms0", "credentials"); - if ( resp6.getSuccess() ) { - Boolean b = (Boolean)resp6.getResponse().get("isadmin"); + + // Retrieve the second secret from stored domain + // getResponse() on the return value retrieves the + // map containing the key, values for the secret + System.out.println("GET SECRET: " + "test_credentials"); + resp= sms.getSecret("sms_test_domain", "test_credentials"); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println("-- Return Data: " + resp.getResponse()); + + //conditional processing of returned data + Boolean b = (Boolean)resp.getResponse().get("isadmin"); + System.out.println("-- isadmin: " + b); if ( b ) - System.out.println("Age=" + (Integer)resp6.getResponse().get("age")); - System.out.println(resp6.getResponse()); - System.out.println(resp6.getResponseCode()); + System.out.println("-- age: " + (Integer)resp.getResponse().get("age")); + System.out.println(""); } - SmsResponse resp7=sms.deleteDomain("onap.new.test.sms0"); - if ( resp7.getSuccess() ) { - System.out.println(resp7.getResponse()); - System.out.println(resp7.getResponseCode()); + + // Delete the secret + System.out.println("DELETE SECRET: " + "test_credentials"); + resp=sms.deleteSecret("sms_test_domain", "test_credentials"); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println(""); + } + + // Delete the domain + System.out.println("DELETE DOMAIN: " + "sms_test_domain"); + resp=sms.deleteDomain("sms_test_domain"); + if ( resp.getSuccess() ) { + System.out.println("-- Return Code: " + resp.getResponseCode()); + System.out.println(""); } } } diff --git a/sms-client/java/src/main/example/truststoreONAP.jks b/sms-client/java/src/main/example/truststoreONAP.jks new file mode 100644 index 0000000000000000000000000000000000000000..a05bf47301247bcc3a32e1121c5642e0e8812c8e GIT binary patch literal 1408 zcmb7DSyYk<7-erxC=I5j4tMpivva^B0ksXTst$8KZs&$q15`FBLK8ys0Cs30@g!g` zK*aCG6D>*JT1Wy3AQ15X(*Jpl4cYnQJ772n%7&mp02`tTVMD;6POEZ9jk-DpHgw06 zOy*Hdv%>)w zC}(hkjk#?%p3eBE$;>DP{@LbU(v;s1?3)!BwW6uM&HO~Ij5OC80d97mpq)Fef!h$S9AyU;VBu3LpW)82*Y>2T-WieK}@O-yH8UTk_~fBkrp zXGNPRCgny~<{H{xB!BHTD!ge>@x-=u&}qdaE=e&n?bETKt_TM^ zZ<{Poep^!KdUbIdqxI!}4a9`+r5f%M`}_NY>&7ZZ>2F-20n`y9X{LSg%|bal|Eso} zI2a+FfaGrFjej2Q8}7>`3ghLP^slG_DWN)E?JkOL%s_Tmn^o0beqHZ0MDm5TVfs_Z z5g3Mg74lbMwk`G|%VtbrO7{vcoG4ChYjE(^0wh_bOZ$apea_TPE2je`kugk~Otk0O zRJJ3nXdvF^T;25tWk#bH%mJ~l=y`wg;ngW#p-bZJkB3pFH(LQ&`X4sZ%_KAJ)K4{- z1A=VyxDB=gzxm-v2P4|^TfEAk-sL!7#9`9yG$D^Q_ce z*cElB3x|(Ye3&~1=x?lzU|0Z?@ZSdXhCveyUW35_=sEzX4FSC&z}5@G{V|5?tyqsC z7(~|ZW!6L$xzv)i0~yxs7AJapHeFIW)DkC?LX8M}BujZC(7Z@Q$clz48I`G1oXB$S zIV;Z8rt^aGgjpQQZl9cv`4y$9VT(a1vu&PS;1>3L#B%Y%F}X(Aasy(vpG=DcxB)gVU|7nLtcUPi^v1oft2t6vFt{7BK09WlwK zG^d*8Hs_;*mkq%mdm9`^a#6C#+OT@+y`meJ;AU~L2Zt=X2@E;myqusC*}roVg~T#iT=Y{iB0IA=l>=h)h^6#cdP z6_psmQ#ITYZX#5gS-uv`veFi25K?veBb%&o27i|3AJr5Q_Dl!J{K(cv%I{Sg(lv+M z11WEr#o)^2{^>DtL+7q<66fOAUO6X9__N0+Kza{K7Owd<&S05r-Qm##bOqlwJpaqd zcY}bz1XpydSzSJYG{GO@ OAu+3CVNlon=Dz{Z%wG2Z literal 0 HcmV?d00001 diff --git a/sms-client/java/src/main/java/org/onap/aaf/sms/SmsClient.java b/sms-client/java/src/main/java/org/onap/aaf/sms/SmsClient.java index 8bc88fe..f2d4923 100644 --- a/sms-client/java/src/main/java/org/onap/aaf/sms/SmsClient.java +++ b/sms-client/java/src/main/java/org/onap/aaf/sms/SmsClient.java @@ -139,8 +139,14 @@ public class SmsClient implements SmsInterface { // An implicit connection happens here errorcode = conn.getResponseCode(); if ( output && errorcode > 0 ) { - InputStream inputstream = conn.getInputStream(); - InputStreamReader inputstreamreader = new InputStreamReader(inputstream); + InputStream inputStream; + if ( errorcode/100 == 2) { + inputStream = conn.getInputStream(); + } else { + inputStream = conn.getErrorStream(); + } + + InputStreamReader inputstreamreader = new InputStreamReader(inputStream); BufferedReader bufferedreader = new BufferedReader(inputstreamreader); String response; @@ -149,7 +155,7 @@ public class SmsClient implements SmsInterface { save = save + response; } if ( !save.isEmpty() ) { - if ( errorcode/100 == 2 ) { + if ( errorcode/100 == 2) { resp.setResponse(strtomap(save)); } else { resp.setErrorMessage(save); @@ -157,7 +163,6 @@ public class SmsClient implements SmsInterface { } } } catch ( Exception e ) { - e.printStackTrace(); resp.setResponseCode(errorcode); return(resp); } -- 2.16.6