2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.oauth;
24 import java.io.IOException;
25 import java.security.GeneralSecurityException;
26 import java.security.Principal;
28 import org.onap.aaf.cadi.CadiException;
29 import org.onap.aaf.cadi.LocatorException;
30 import org.onap.aaf.cadi.PropAccess;
31 import org.onap.aaf.cadi.config.Config;
32 import org.onap.aaf.misc.env.APIException;
33 import org.onap.aaf.misc.env.util.Pool;
34 import org.onap.aaf.misc.env.util.Pool.Creator;
36 public abstract class AbsOTafLur {
37 protected static final String ERROR_GETTING_TOKEN_CLIENT = "Error getting TokenClient";
38 protected static final String REQUIRED_FOR_OAUTH2 = " is required for OAuth Access";
40 protected final TokenMgr tkMgr;
41 protected final PropAccess access;
42 protected final String client_id;
43 protected static Pool<TokenClient> tokenClientPool;
45 protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException {
48 if((ci = access.getProperty(Config.AAF_APPID,null))==null) {
49 if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) {
50 throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2);
55 synchronized(access) {
56 if(tokenClientPool==null) {
57 tokenClientPool = new Pool<TokenClient>(new TCCreator(access));
60 tkMgr = TokenMgr.getInstance(access, token_url, introspect_url);
61 } catch (APIException e) {
62 throw new CadiException("Unable to create TokenManager",e);
67 private class TCCreator implements Creator<TokenClient> {
68 private TokenClientFactory tcf;
69 private final int timeout;
70 private final String url,enc_secret;
72 public TCCreator(PropAccess access) throws CadiException {
74 tcf = TokenClientFactory.instance(access);
75 } catch (APIException | GeneralSecurityException | IOException e1) {
76 throw new CadiException(e1);
79 if((url = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null))==null) {
80 throw new CadiException(Config.AAF_OAUTH2_TOKEN_URL + REQUIRED_FOR_OAUTH2);
84 timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
85 } catch (NumberFormatException e) {
86 throw new CadiException("Bad format for " + Config.AAF_CONN_TIMEOUT, e);
88 if((enc_secret= access.getProperty(Config.AAF_APPPASS,null))==null) {
89 throw new CadiException(Config.AAF_APPPASS + REQUIRED_FOR_OAUTH2);
94 public TokenClient create() throws APIException {
96 TokenClient tc = tcf.newClient(url, timeout);
97 tc.client_creds(client_id, access.decrypt(enc_secret, true));
99 } catch (CadiException | LocatorException | IOException e) {
100 throw new APIException(e);
105 public void destroy(TokenClient t) {
109 public boolean isValid(TokenClient t) {
110 return t!=null && t.client_id()!=null;
114 public void reuse(TokenClient t) {
119 * @see org.onap.aaf.cadi.Lur#destroy()
121 public void destroy() {
126 * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
128 public void clear(Principal p, StringBuilder report) {
129 tkMgr.clear(p, report);
Code Review / aaf / authz.git / blob