import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
+import java.util.Set;
+import java.util.TreeSet;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Pattern;
import org.onap.aaf.cadi.Locator;
import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.aaf.Defaults;
import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
import org.onap.aaf.cadi.aaf.v2_0.AAFLocator;
import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.config.SecurityInfoC;
+import org.onap.aaf.cadi.configure.Agent;
import org.onap.aaf.cadi.locator.PropertyLocator;
import org.onap.aaf.cadi.locator.SingleEndpointLocator;
import org.onap.aaf.cadi.oauth.TokenClient.AUTHN_METHOD;
public class TokenClientFactory extends Persist<Token,TimedToken> {
private static TokenClientFactory instance;
+ private final Set<String> alts;
private Map<String,AAFConHttp> aafcons = new ConcurrentHashMap<>();
private SecurityInfoC<HttpURLConnection> hsi;
// Package on purpose
private TokenClientFactory(Access pa) throws APIException, GeneralSecurityException, IOException, CadiException {
super(pa, new RosettaEnv(pa.getProperties()),Token.class,"outgoing");
- if(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) {
- access.getProperties().put(Config.AAF_OAUTH2_TOKEN_URL, Defaults.OAUTH2_TOKEN_URL); // Default to AAF
+ Map<String, String> aaf_urls = Agent.loadURLs(pa);
+ alts = new TreeSet<>();
+
+ if (access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) {
+ access.getProperties().put(Config.AAF_OAUTH2_TOKEN_URL, aaf_urls.get(Config.AAF_OAUTH2_TOKEN_URL)); // Default to AAF
}
- if(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) {
- access.getProperties().put(Config.AAF_OAUTH2_INTROSPECT_URL, Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF);
+
+ if (access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) {
+ access.getProperties().put(Config.AAF_OAUTH2_INTROSPECT_URL, aaf_urls.get(Config.AAF_OAUTH2_INTROSPECT_URL)); // Default to AAF);
}
-
+
+ for(String tag : new String[] {Config.AAF_ALT_OAUTH2_TOKEN_URL, Config.AAF_ALT_OAUTH2_INTROSPECT_URL}) {
+ String value = access.getProperty(tag, null);
+ if(value!=null) {
+ alts.add(tag);
+ alts.add(value);
+ }
+ }
+
symm = Symm.encrypt.obtain();
hsi = SecurityInfoC.instance(access, HttpURLConnection.class);
}
public synchronized static final TokenClientFactory instance(Access access) throws APIException, GeneralSecurityException, IOException, CadiException {
- if(instance==null) {
+ if (instance==null) {
instance = new TokenClientFactory(access);
}
return instance;
public<INTR> TokenClient newClient(final String tagOrURL, final int timeout) throws CadiException, LocatorException, APIException {
AAFConHttp ach;
- if(tagOrURL==null) {
+ if (tagOrURL==null) {
throw new CadiException("parameter tagOrURL cannot be null.");
} else {
ach = aafcons.get(tagOrURL);
- if(ach==null) {
+ if (ach==null) {
aafcons.put(tagOrURL, ach=new AAFConHttp(access,tagOrURL));
}
}
char okind;
- if( Config.AAF_OAUTH2_TOKEN_URL.equals(tagOrURL) ||
- Config.AAF_OAUTH2_INTROSPECT_URL.equals(tagOrURL) ||
- tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL, null)) ||
- tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL, null))
- ) {
- okind = Kind.AAF_OAUTH;
- } else {
- okind = Kind.OAUTH;
- }
+ if (alts.contains(tagOrURL)) {
+ okind = Kind.OAUTH;
+ } else {
+ okind = Kind.AAF_OAUTH;
+ }
TokenClient tci = new TokenClient(
okind,
this,
try {
StringBuilder sb = new StringBuilder(client_id);
sb.append('_');
- if(username!=null) {
+ if (username!=null) {
sb.append(username);
}
sb.append('_');
sb.append(tokenSource);
- byte[] tohash=scope.getBytes();
- if(hash!=null && hash.length>0) {
- byte temp[] = new byte[hash.length+tohash.length];
- System.arraycopy(tohash, 0, temp, 0, tohash.length);
- System.arraycopy(hash, 0, temp, tohash.length, hash.length);
- tohash = temp;
- }
- if(scope!=null && scope.length()>0) {
- sb.append(Hash.toHexNo0x(Hash.hashSHA256(tohash)));
+ if (scope!=null) {
+ byte[] tohash=scope.getBytes();
+ if (hash!=null && hash.length>0) {
+ byte temp[] = new byte[hash.length+tohash.length];
+ System.arraycopy(tohash, 0, temp, 0, tohash.length);
+ System.arraycopy(hash, 0, temp, tohash.length, hash.length);
+ tohash = temp;
+ }
+ if (scope.length()>0) {
+ sb.append(Hash.toHexNo0x(Hash.hashSHA256(tohash)));
+ }
}
return sb.toString();
} catch (NoSuchAlgorithmException e) {
private static final Pattern locatePattern = Pattern.compile("https://.*/locate/.*");
public Locator<URI> bestLocator(final String locatorURL ) throws LocatorException, URISyntaxException {
- if(locatorURL==null) {
+ if (locatorURL==null) {
throw new LocatorException("Cannot have a null locatorURL in bestLocator");
}
- if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) {
+ if (locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) {
return new AAFLocator(hsi,new URI(locatorURL));
- } else if(locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator
+ } else if (locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator
return new PropertyLocator(locatorURL);
} else {
return new SingleEndpointLocator(locatorURL);
Code Review / aaf / authz.git / blobdiff