int connectTimeout = Integer.parseInt(si.access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
try {
String[] path = Split.split('/',locatorURI.getPath());
- if(path.length>2 && "locate".equals(path[1])) {
+ String host = locatorURI.getHost();
+ if(host==null) {
+ host = locatorURI.getAuthority(); // this happens when no port
+ }
+ if("AAF_LOCATE_URL".equals(host)) {
+ URI uri = new URI(
+ locatorURI.getScheme(),
+ locatorURI.getUserInfo(),
+ aaf_locator_uri.getHost(),
+ aaf_locator_uri.getPort(),
+ "/locate"+locatorURI.getPath(),
+ null,
+ null
+ );
+ client = createClient(ss, uri, connectTimeout);
+ } else if(path.length>1 && "locate".equals(path[1])) {
StringBuilder sb = new StringBuilder();
for(int i=3;i<path.length;++i) {
sb.append('/');
sb.append(path[i]);
}
setPathInfo(sb.toString());
- String host = locatorURI.getHost();
- if(aaf_locator_host!=null && (host==null || "AAF_LOCATOR_URL".equals(host))) {
- int slash = aaf_locator_host.lastIndexOf("//");
- host = aaf_locator_host.substring(slash+2);
- }
URI uri = new URI(
locatorURI.getScheme(),
locatorURI.getUserInfo(),
- host,
+ locatorURI.getHost(),
locatorURI.getPort(),
"/locate/"+name + '/' + version,
null,
client = new HClient(ss, locatorURI, connectTimeout);
}
epsDF = env.newDataFactory(Endpoints.class);
- refresh();
} catch (APIException | URISyntaxException e) {
throw new LocatorException(e);
}
protected String myhostname;
protected int myport;
protected final String aaf_locator_host;
+ protected final URI aaf_locator_uri;
private long earliest;
private final long refreshWait;
public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException {
aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null);
+ if(aaf_locator_host==null) {
+ aaf_locator_uri = null;
+ } else {
+ try {
+ aaf_locator_uri = new URI(aaf_locator_host);
+ } catch (URISyntaxException e) {
+ throw new LocatorException(e);
+ }
+ }
epList = new LinkedList<EP>();
refreshWait = refreshMin;
protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException {
this.access = access;
- if((client_id = access.getProperty(Config.AAF_APPID,null))==null) {
- throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2);
+ String ci;
+ if((ci = access.getProperty(Config.AAF_APPID,null))==null) {
+ if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) {
+ throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2);
+ }
}
+ client_id = ci;
synchronized(access) {
if(tokenClientPool==null) {
} catch(IOException | NoSuchAlgorithmException e) {
throw new CadiException(e);
}
+ } else {
+ ss = new GetSetter() {
+ @Override
+ public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+ try {
+ return con.x509Alias(client_id);// no password, assume Cert
+ } catch (APIException e) {
+ throw new CadiException(e);
+ }
+ }
+ };
+ authn_method = AUTHN_METHOD.client_credentials;
}
}
if(locatorURL==null) {
throw new LocatorException("Cannot have a null locatorURL in bestLocator");
}
- if(locatePattern.matcher(locatorURL).matches()) {
+ if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) {
return new AAFLocator(hsi,new URI(locatorURL));
- } else if(locatorURL.contains("//DME2RESOLVE/")) {
- throw new LocatorException("DME2Locator doesn't exist. Use DME2 specific Clients");
} else {
return new PropertyLocator(locatorURL);
}
@Test
public void test() throws CadiException, LocatorException, APIException, IOException {
- TzHClient client = new TzHClient(access, "tag");
+ TzHClient client;
+ try {
+ client = new TzHClient(access, "tag");
+ } catch (Exception e) {
+ throw e;
+ }
try {
client.best(retryableMock);
fail("Should've thrown an exception");
access.log(Level.INIT,"AAF/OAuth LUR plugin is not available.");
}
} catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- access.log(e,"AAF/OAuth LUR could not be constructed with given Constructors.");
+ String msg = e.getMessage();
+ if(msg==null && e.getCause()!=null) {
+ msg = e.getCause().getMessage();
+ }
+ access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg);
}
} else {
access.log(Level.INIT, "OAuth2 Lur disabled");
/.settings/
/target/
/.project
+tokens/
// Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files"
- String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL);
- String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL);
-
-
- // Get Properties
- final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL);
+ String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,
+ "https://AAF_LOCATE_URL/AAF_NS.token/2.0"); // Default to AAF
+ String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,
+ "https://AAF_LOCATE_URL/AAF_NS.introspect/2.0"); // Default to AAF);
+ // Get Hello Service
+ final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,
+ "https://AAF_LOCATE_URL/AAF_NS.hello/2.0");
final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
// If AAF Token server, then its just the same as your other AAF MechID creds
// If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures.
String client_id = access.getProperty(Config.AAF_APPID);
+ if(client_id==null) {
+ // For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere
+ client_id = access.getProperty(Config.CADI_ALIAS);
+ }
String client_secret = access.getProperty(Config.AAF_APPPASS);
tc.client_creds(client_id, client_secret);
String rv = helloClient.best(new Retryable<String>() {
@Override
public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<String> future = client.read(null,"text/plain");
+ Future<String> future = client.read("hello","text/plain");
// The "future" calling method allows you to do other processing, such as call more than one backend
// client before picking up the result
// If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
+ "\tUserName:\t%s\n"
+ "\tExpires: \t%d (%s)\n"
+ "\tScope:\t\t%s\n"
- + "\tContent:\t\t%s\n",
+ + "\tContent:\t%s\n",
ti.getAccessToken(),
ti.getClientId(),
ti.getClientType(),