Fix AAF Locator for ONAP

Issue-ID: AAF-317 Change-Id: I30b11efe8ad0bc1d817d640daae3fd8f630c7bc0 Signed-off-by: Instrumental <jonathan.gathman@att.com>
author: Instrumental <jonathan.gathman@att.com> 2018-05-22 15:04:46 -0500
committer: Instrumental <jonathan.gathman@att.com> 2018-05-22 15:06:10 -0500
commit: 3b9ce9945feec3b7f81860045931da4601b4891b (patch)
tree: 585cc8a95974965eccc7f85e4bd778f85b0c09b8
parent: 8c6365116711469c74436141d63f046ef88b9023 (diff)
9 files changed, 71 insertions, 23 deletions
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java
index e7e3ef35..7a983104 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java
@@ -67,22 +67,32 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans>  {
 		int connectTimeout = Integer.parseInt(si.access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
 		try {
 			String[] path = Split.split('/',locatorURI.getPath());
-			if(path.length>2 && "locate".equals(path[1])) {
+			String host = locatorURI.getHost();
+			if(host==null) {
+				host = locatorURI.getAuthority(); // this happens when no port
+			}
+			if("AAF_LOCATE_URL".equals(host)) {
+				URI uri = new URI(
+						locatorURI.getScheme(),
+						locatorURI.getUserInfo(),
+						aaf_locator_uri.getHost(),
+						aaf_locator_uri.getPort(),
+						"/locate"+locatorURI.getPath(),
+						null,
+						null
+						);
+				client = createClient(ss, uri, connectTimeout);
+			} else if(path.length>1 && "locate".equals(path[1])) {
 				StringBuilder sb = new StringBuilder();
 				for(int i=3;i<path.length;++i) {
 					sb.append('/');
 					sb.append(path[i]);
 				}
 				setPathInfo(sb.toString());
-				String host = locatorURI.getHost();
-				if(aaf_locator_host!=null && (host==null || "AAF_LOCATOR_URL".equals(host))) {
-					int slash = aaf_locator_host.lastIndexOf("//");
-					host = aaf_locator_host.substring(slash+2);
-				}
 				URI uri = new URI(
 							locatorURI.getScheme(),
 							locatorURI.getUserInfo(),
-							host,
+							locatorURI.getHost(),
 							locatorURI.getPort(),
 							"/locate/"+name + '/' + version,
 							null,
@@ -93,7 +103,6 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans>  {
 				client = new HClient(ss, locatorURI, connectTimeout);
 			}
 			epsDF = env.newDataFactory(Endpoints.class);
-			refresh();
 		} catch (APIException | URISyntaxException e) {
 			throw new LocatorException(e);
 		}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
index fc297606..312c58e9 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
@@ -58,12 +58,22 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI>
 	protected String myhostname;
 	protected int myport;
 	protected final String aaf_locator_host;
+	protected final URI aaf_locator_uri;
 	private long earliest;
 	private final long refreshWait;
 
 
 	public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException {
 		aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null);
+		if(aaf_locator_host==null) {
+			aaf_locator_uri = null;
+		} else {
+			try {
+				aaf_locator_uri = new URI(aaf_locator_host);
+			} catch (URISyntaxException e) {
+				throw new LocatorException(e);
+			}
+		}
 
 		epList = new LinkedList<EP>();
 		refreshWait = refreshMin;
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java
index 616e2dc9..fb844518 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java
@@ -44,9 +44,13 @@ public abstract class AbsOTafLur {
 	
 	protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException {
 		this.access = access;
-		if((client_id = access.getProperty(Config.AAF_APPID,null))==null) {
-			throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2);
+		String ci;
+		if((ci = access.getProperty(Config.AAF_APPID,null))==null) {
+			if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) {
+				throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2);
+			}
 		}
+		client_id = ci;
 
 		synchronized(access) {
 			if(tokenClientPool==null) {
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java
index 4b0c944c..0558e815 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java
@@ -157,6 +157,18 @@ public class TokenClient {
 			} catch(IOException | NoSuchAlgorithmException e) {
 				throw new CadiException(e);
 			}
+		} else {
+			ss = new GetSetter() {
+				@Override
+				public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+					try {
+						return con.x509Alias(client_id);// no password, assume Cert
+					} catch (APIException e) {
+						throw new CadiException(e);
+					} 
+				}				
+			};
+			authn_method = AUTHN_METHOD.client_credentials;
 		}
 	}
 	
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java
index 3f6fa599..e52df961 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java
@@ -158,10 +158,8 @@ public class TokenClientFactory extends Persist<Token,TimedToken> {
 		if(locatorURL==null) {
 			throw new LocatorException("Cannot have a null locatorURL in bestLocator");
 		}
-		if(locatePattern.matcher(locatorURL).matches()) {
+		if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) {
 			return new AAFLocator(hsi,new URI(locatorURL));
-		} else if(locatorURL.contains("//DME2RESOLVE/")) {
-			throw new LocatorException("DME2Locator doesn't exist.  Use DME2 specific Clients");
 		} else {
 			return new PropertyLocator(locatorURL);
 		}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java
index 7febf51f..bd2393e4 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java
@@ -85,7 +85,12 @@ public class JU_TzHClient {
 
 	@Test
 	public void test() throws CadiException, LocatorException, APIException, IOException {
-		TzHClient client = new TzHClient(access, "tag");
+		TzHClient client;
+		try {
+			client = new TzHClient(access, "tag");
+		} catch (Exception e) {
+			throw e;
+		}
 		try {
 			client.best(retryableMock);
 			fail("Should've thrown an exception");
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index d7c7526f..1f778ad6 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -532,7 +532,11 @@ public class Config {
 					access.log(Level.INIT,"AAF/OAuth LUR plugin is not available.");
 				}
 			} catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
-				access.log(e,"AAF/OAuth LUR could not be constructed with given Constructors.");
+				String msg = e.getMessage();
+				if(msg==null && e.getCause()!=null) {
+					msg = e.getCause().getMessage();
+				}
+				access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg);
 			} 
 		} else {
 			access.log(Level.INIT, "OAuth2 Lur disabled");
diff --git a/cadi/oauth-enduser/.gitignore b/cadi/oauth-enduser/.gitignore
index 6028f0a5..c14293bc 100644
--- a/cadi/oauth-enduser/.gitignore
+++ b/cadi/oauth-enduser/.gitignore
@@ -2,3 +2,4 @@
 /.settings/
 /target/
 /.project
+tokens/
diff --git a/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java b/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java
index 9cb4b4af..c79c2fe6 100644
--- a/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java
+++ b/cadi/oauth-enduser/src/test/java/com/att/cadi/enduser/OAuthExample.java
@@ -72,12 +72,13 @@ public class OAuthExample {
 		
 		
 		// Obtain Endpoints for OAuth2 from Properties.  Expected is "cadi.properties" file, pointed to by "cadi_prop_files"
-		String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL);
-		String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL);
-
-		
-		// Get Properties
-		final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL);
+		String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,
+				"https://AAF_LOCATE_URL/AAF_NS.token/2.0"); // Default to AAF
+		String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,
+				"https://AAF_LOCATE_URL/AAF_NS.introspect/2.0"); // Default to AAF);
+		// Get Hello Service
+		final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL, 
+				"https://AAF_LOCATE_URL/AAF_NS.hello/2.0");
 
 		final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
 		
@@ -95,6 +96,10 @@ public class OAuthExample {
 			//   If AAF Token server, then its just the same as your other AAF MechID creds
 			//   If it is the Alternate OAUTH, you'll need THOSE credentials.  See that tool's Onboarding procedures.
 			String client_id = access.getProperty(Config.AAF_APPID);
+			if(client_id==null) {
+				// For AAF, client_id CAN be Certificate.  This is not necessarily true elsewhere
+				client_id = access.getProperty(Config.CADI_ALIAS);
+			}
 			String client_secret = access.getProperty(Config.AAF_APPPASS);
 			tc.client_creds(client_id, client_secret);
 			
@@ -140,7 +145,7 @@ public class OAuthExample {
 				String rv = helloClient.best(new Retryable<String>() {
 					@Override
 					public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
-						Future<String> future = client.read(null,"text/plain");
+						Future<String> future = client.read("hello","text/plain");
 						// The "future" calling method allows you to do other processing, such as call more than one backend
 						// client before picking up the result
 						// If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then 
@@ -216,7 +221,7 @@ public class OAuthExample {
 				+ "\tUserName:\t%s\n"
 				+ "\tExpires: \t%d (%s)\n"
 				+ "\tScope:\t\t%s\n"
-				+ "\tContent:\t\t%s\n",
+				+ "\tContent:\t%s\n",
 		ti.getAccessToken(),
 		ti.getClientId(),
 		ti.getClientType(),
author	Instrumental <jonathan.gathman@att.com>	2018-05-22 15:04:46 -0500
committer	Instrumental <jonathan.gathman@att.com>	2018-05-22 15:06:10 -0500
commit	3b9ce9945feec3b7f81860045931da4601b4891b (patch)
tree	585cc8a95974965eccc7f85e4bd778f85b0c09b8
parent	8c6365116711469c74436141d63f046ef88b9023 (diff)