diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-05-22 15:04:46 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-05-22 15:06:10 -0500 |
commit | 3b9ce9945feec3b7f81860045931da4601b4891b (patch) | |
tree | 585cc8a95974965eccc7f85e4bd778f85b0c09b8 | |
parent | 8c6365116711469c74436141d63f046ef88b9023 (diff) |
Fix AAF Locator for ONAP
Issue-ID: AAF-317
Change-Id: I30b11efe8ad0bc1d817d640daae3fd8f630c7bc0
Signed-off-by: Instrumental <jonathan.gathman@att.com>
9 files changed, 71 insertions, 23 deletions
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java index e7e3ef35..7a983104 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java @@ -67,22 +67,32 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans> { int connectTimeout = Integer.parseInt(si.access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)); try { String[] path = Split.split('/',locatorURI.getPath()); - if(path.length>2 && "locate".equals(path[1])) { + String host = locatorURI.getHost(); + if(host==null) { + host = locatorURI.getAuthority(); // this happens when no port + } + if("AAF_LOCATE_URL".equals(host)) { + URI uri = new URI( + locatorURI.getScheme(), + locatorURI.getUserInfo(), + aaf_locator_uri.getHost(), + aaf_locator_uri.getPort(), + "/locate"+locatorURI.getPath(), + null, + null + ); + client = createClient(ss, uri, connectTimeout); + } else if(path.length>1 && "locate".equals(path[1])) { StringBuilder sb = new StringBuilder(); for(int i=3;i<path.length;++i) { sb.append('/'); sb.append(path[i]); } setPathInfo(sb.toString()); - String host = locatorURI.getHost(); - if(aaf_locator_host!=null && (host==null || "AAF_LOCATOR_URL".equals(host))) { - int slash = aaf_locator_host.lastIndexOf("//"); - host = aaf_locator_host.substring(slash+2); - } URI uri = new URI( locatorURI.getScheme(), locatorURI.getUserInfo(), - host, + locatorURI.getHost(), locatorURI.getPort(), "/locate/"+name + '/' + version, null, @@ -93,7 +103,6 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans> { client = new HClient(ss, locatorURI, connectTimeout); } epsDF = env.newDataFactory(Endpoints.class); - refresh(); } catch (APIException | URISyntaxException e) { throw new LocatorException(e); } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java index fc297606..312c58e9 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java @@ -58,12 +58,22 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> protected String myhostname; protected int myport; protected final String aaf_locator_host; + protected final URI aaf_locator_uri; private long earliest; private final long refreshWait; public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException { aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null); + if(aaf_locator_host==null) { + aaf_locator_uri = null; + } else { + try { + aaf_locator_uri = new URI(aaf_locator_host); + } catch (URISyntaxException e) { + throw new LocatorException(e); + } + } epList = new LinkedList<EP>(); refreshWait = refreshMin; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java index 616e2dc9..fb844518 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java @@ -44,9 +44,13 @@ public abstract class AbsOTafLur { protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException { this.access = access; - if((client_id = access.getProperty(Config.AAF_APPID,null))==null) { - throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2); + String ci; + if((ci = access.getProperty(Config.AAF_APPID,null))==null) { + if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) { + throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2); + } } + client_id = ci; synchronized(access) { if(tokenClientPool==null) { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java index 4b0c944c..0558e815 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java @@ -157,6 +157,18 @@ public class TokenClient { } catch(IOException | NoSuchAlgorithmException e) { throw new CadiException(e); } + } else { + ss = new GetSetter() { + @Override + public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException { + try { + return con.x509Alias(client_id);// no password, assume Cert + } catch (APIException e) { + throw new CadiException(e); + } + } + }; + authn_method = AUTHN_METHOD.client_credentials; } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java index 3f6fa599..e52df961 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java @@ -158,10 +158,8 @@ public class TokenClientFactory extends Persist<Token,TimedToken> { if(locatorURL==null) { throw new LocatorException("Cannot have a null locatorURL in bestLocator"); } - if(locatePattern.matcher(locatorURL).matches()) { + if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) { return new AAFLocator(hsi,new URI(locatorURL)); - } else if(locatorURL.contains("//DME2RESOLVE/")) { - throw new LocatorException("DME2Locator doesn't exist. Use DME2 specific Clients"); } else { return new PropertyLocator(locatorURL); } diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java index 7febf51f..bd2393e4 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java @@ -85,7 +85,12 @@ public class JU_TzHClient { @Test public void test() throws CadiException, LocatorException, APIException, IOException { - TzHClient client = new TzHClient(access, "tag"); + TzHClient client; + try { + client = new TzHClient(access, "tag"); + } catch (Exception e) { + throw e; + } try { client.best(retryableMock); fail("Should've thrown an exception"); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index d7c7526f..1f778ad6 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -532,7 +532,11 @@ public class Config { access.log(Level.INIT,"AAF/OAuth LUR plugin is not available."); } } catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - access.log(e,"AAF/OAuth LUR could not be constructed with given Constructors."); + String msg = e.getMessage(); + if(msg==null && e.getCause()!=null) { + msg = e.getCause().getMessage(); + } + access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg); } } else { access.log(Level.INIT, "OAuth2 Lur disabled"); diff --git a/cadi/oauth-enduser/.gitignore b/cadi/oauth-enduser/.gitignore index 6028f0a5..c14293bc 100644 --- a/cadi/oauth-enduser/.gitignore +++ b/cadi/oauth-enduser/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +tokens/ diff --git a/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java b/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java index 9cb4b4af..c79c2fe6 100644 --- a/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java +++ b/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java @@ -72,12 +72,13 @@ public class OAuthExample { // Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files" - String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL); - String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL); - - - // Get Properties - final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL); + String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL, + "https://AAF_LOCATE_URL/AAF_NS.token/2.0"); // Default to AAF + String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL, + "https://AAF_LOCATE_URL/AAF_NS.introspect/2.0"); // Default to AAF); + // Get Hello Service + final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL, + "https://AAF_LOCATE_URL/AAF_NS.hello/2.0"); final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF)); @@ -95,6 +96,10 @@ public class OAuthExample { // If AAF Token server, then its just the same as your other AAF MechID creds // If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures. String client_id = access.getProperty(Config.AAF_APPID); + if(client_id==null) { + // For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere + client_id = access.getProperty(Config.CADI_ALIAS); + } String client_secret = access.getProperty(Config.AAF_APPPASS); tc.client_creds(client_id, client_secret); @@ -140,7 +145,7 @@ public class OAuthExample { String rv = helloClient.best(new Retryable<String>() { @Override public String code(Rcli<?> client) throws CadiException, ConnectException, APIException { - Future<String> future = client.read(null,"text/plain"); + Future<String> future = client.read("hello","text/plain"); // The "future" calling method allows you to do other processing, such as call more than one backend // client before picking up the result // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then @@ -216,7 +221,7 @@ public class OAuthExample { + "\tUserName:\t%s\n" + "\tExpires: \t%d (%s)\n" + "\tScope:\t\t%s\n" - + "\tContent:\t\t%s\n", + + "\tContent:\t%s\n", ti.getAccessToken(), ti.getClientId(), ti.getClientType(), |