aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java

   1 /*******************************************************************************\r
   2  * ============LICENSE_START====================================================\r
   3  * * org.onap.aaf\r
   4  * * ===========================================================================\r
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * * ===========================================================================\r
   7  * * Licensed under the Apache License, Version 2.0 (the "License");\r
   8  * * you may not use this file except in compliance with the License.\r
   9  * * You may obtain a copy of the License at\r
  10  * * \r
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0\r
  12  * * \r
  13  *  * Unless required by applicable law or agreed to in writing, software\r
  14  * * distributed under the License is distributed on an "AS IS" BASIS,\r
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  16  * * See the License for the specific language governing permissions and\r
  17  * * limitations under the License.\r
  18  * * ============LICENSE_END====================================================\r
  19  * *\r
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
  21  * *\r
  22  ******************************************************************************/\r
  23 package org.onap.aaf.example;\r
  24 \r
  25 import java.security.Principal;\r
  26 \r
  27 import org.onap.aaf.cadi.PropAccess;\r
  28 import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;\r
  29 import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;\r
  30 import org.onap.aaf.cadi.client.Future;\r
  31 import org.onap.aaf.cadi.locator.DNSLocator;\r
  32 import org.onap.aaf.cadi.lur.LocalPermission;\r
  33 \r
  34 public class JU_X509Test {\r
  35         public static void main(String args[]) {\r
  36                 // Link or reuse to your Logging mechanism\r
  37                 \r
  38                 PropAccess myAccess = new PropAccess();\r
  39                 \r
  40                 // \r
  41                 try {\r
  42                         AAFConHttp con = new AAFConHttp(myAccess, \r
  43                                         new DNSLocator(myAccess,"https","mithrilcsp.sbc.com","8100"));\r
  44                         \r
  45                         // AAFLur has pool of DME clients as needed, and Caches Client lookups\r
  46                         AAFLurPerm aafLur = con.newLur();\r
  47                         \r
  48                         // Note: If you need both Authn and Authz construct the following:\r
  49 //                      AAFAuthn<?> aafAuthn = con.newAuthn(aafLur);\r
  50                         \r
  51                         // con.x509Alias("aaf.att"); // alias in keystore\r
  52 \r
  53                         try {\r
  54                                 \r
  55                                 // Normally, you obtain Principal from Authentication System.\r
  56 //                              // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()\r
  57 //                              // If you use CADI as Authenticator, it will get you these Principals from\r
  58 //                              // CSP or BasicAuth mechanisms.\r
  59 //                              String id = "cluster_admin@gridcore.att.com";\r
  60 //\r
  61 //                              // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.\r
  62                                 Future<String> fs = \r
  63                                                 con.client("2.0").read("/authz/perms/com.att.aaf.ca","application/Perms+json");\r
  64                                 if(fs.get(3000)) {\r
  65                                         System.out.println(fs.value);\r
  66                                 } else {\r
  67                                         System.out.println("Error: "  + fs.code() + ':' + fs.body());\r
  68                                 }\r
  69                                 \r
  70                                 // Check on Perms with LUR\r
  71                                 if(aafLur.fish(new Principal() {\r
  72                                         @Override\r
  73                                         public String getName() {\r
  74                                                 return "m12345@aaf.att.com";\r
  75                                         }\r
  76                                 }, new LocalPermission("com.att.aaf.ca|aaf|request"))) {\r
  77                                         System.out.println("Has Perm");\r
  78                                 } else {\r
  79                                         System.out.println("Does NOT Have Perm");\r
  80                                 }\r
  81                         } finally {\r
  82                                 aafLur.destroy();\r
  83                         }\r
  84                 } catch (Exception e) {\r
  85                         e.printStackTrace();\r
  86                 }\r
  87 \r
  88         }\r
  89 }\r