Developer Doc and Video

Issue-ID: AAF-361
Change-Id: I14f559a122df892733e2c94c2aed158d56ef518f
Signed-off-by: Instrumental <jonathan.gathman@att.com>

2 files changed, 19 insertions, 190 deletions

diff --git a/docs/sections/development/index.rst b/docs/sections/development/index.rst
new file mode 100644
index 00000000..be962522
--- /dev/null
+++ b/docs/sections/development/index.rst
@@ -0,0 +1,19 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+
+
+Development
+============
+.. _Example RESTful Client: https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=blob;f=cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java;h=30344de521ae628221bdb54642a71733304a5656;hb=HEAD
+.. _Developer Video: https://wiki.onap.org/download/attachments/38111886/ONAPClient.mp4?version=1&modificationDate=1532378616000&api=v2
+
+============
+Resources
+============
+  * `Example RESTful Client`_ (Java Client)
+  * `Developer Video`_ (might be large)
+
+
+
+
diff --git a/docs/sections/installation/sample.rst b/docs/sections/installation/sample.rst
deleted file mode 100644
index 19ac6221..00000000
--- a/docs/sections/installation/sample.rst
+++ /dev/null
@@ -1,190 +0,0 @@
-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
-.. http://creativecommons.org/licenses/by/4.0
-.. Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-
-AAF From Source Code
-====================
-
-Example Source Code
--------------------
-Note the FULL class is available in the authz repo, cadi_aaf/org/onap/aaf/client/sample/Sample.java
-
-.. code-block:: java
-
-
-  /**
-   * ============LICENSE_START====================================================
-   * org.onap.aaf
-   * ===========================================================================
-   * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
-   * ===========================================================================
-   * Licensed under the Apache License, Version 2.0 (the "License");
-   * you may not use this file except in compliance with the License.
-   * You may obtain a copy of the License at
-   *
-   *      http://www.apache.org/licenses/LICENSE-2.0
-   *
-   * Unless required by applicable law or agreed to in writing, software
-   * distributed under the License is distributed on an "AS IS" BASIS,
-   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   * See the License for the specific language governing permissions and
-   * limitations under the License.
-   * ============LICENSE_END====================================================
-   *
-   */
- 
-  package org.onap.aaf.client.sample;
- 
-  import java.io.IOException;
-  import java.security.Principal;
-  import java.util.ArrayList;
-  import java.util.List;
- 
-  import org.onap.aaf.cadi.Access;
-  import org.onap.aaf.cadi.CadiException;
-  import org.onap.aaf.cadi.LocatorException;
-  import org.onap.aaf.cadi.Permission;
-  import org.onap.aaf.cadi.PropAccess;
-  import org.onap.aaf.cadi.aaf.AAFPermission;
-  import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
-  import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
-  import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
-  import org.onap.aaf.cadi.principal.UnAuthPrincipal;
-  import org.onap.aaf.cadi.util.Split;
-  import org.onap.aaf.misc.env.APIException;
- 
-  public class Sample {
-    private static Sample singleton;
-    final private AAFConHttp aafcon;
-    final private AAFLurPerm aafLur;
-    final private AAFAuthn<?> aafAuthn;
-     
-    /**
-     * This method is to emphasize the importance of not creating the AAFObjects over and over again.
-     * @return
-     */
-    public static Sample singleton() {
-        return singleton;
-    }
- 
-    public Sample(Access myAccess) throws APIException, CadiException, LocatorException {
-        aafcon = new AAFConHttp(myAccess);
-        aafLur = aafcon.newLur();
-        aafAuthn = aafcon.newAuthn(aafLur);
-    }
-     
-    /**
-     * Checking credentials outside of HTTP/S presents fewer options initially. There is not, for instance,
-     * the option of using 2-way TLS HTTP/S.
-     * 
-     *  However, Password Checks are still useful, and, if the Client Certificate could be obtained in other ways, the
-     *  Interface can be expanded in the future to include Certificates.
-     * @throws CadiException
-     * @throws IOException
-     */
-    public Principal checkUserPass(String fqi, String pass) throws IOException, CadiException {
-        String ok = aafAuthn.validate(fqi, pass);
-        if(ok==null) {
-            System.out.println("Success!");
-            /*
-             UnAuthPrincipal means that it is not coming from the official Authorization chain.
-             This is useful for Security Plugins which don't use Principal as the tie between
-             Authentication and Authorization
-             
-             You can also use this if you want to check Authorization without actually Authenticating, as may
-             be the case with certain Onboarding Tooling.
-            */
-            return new UnAuthPrincipal(fqi);
-        } else {
-            System.out.printf("Failure: %s\n",ok);
-            return null;
-        }
-         
- 
-    }
- 
-    /**
-     * An example of looking for One Permission within all the permissions user has.  CADI does cache these,
-     * so the call is not expensive.
-     *
-     * Note: If you are using "J2EE" (Servlets), CADI ties this function to the method:
-     *    HttpServletRequest.isUserInRole(String user)
-     *   
-     *  The J2EE user can expect that his servlet will NOT be called without a Validated Principal, and that
-     *  "isUserInRole()" will validate if the user has the Permission designated.
-     * 
-     */
-    public boolean oneAuthorization(Principal fqi, Permission p) {
-        return aafLur.fish(fqi, p);
-    }
-     
-    public List<Permission> allAuthorization(Principal fqi) {
-        List<Permission> pond = new ArrayList<Permission>();
-        aafLur.fishAll(fqi, pond);
-        return pond;
-    }
-     
-     
-    public static void main(String[] args) {
-        // Note: you can pick up Properties from Command line as well as VM Properties
-        // Code "user_fqi=... user_pass=..." (where user_pass can be encrypted) in the command line for this sample.
-        // Also code "perm=<perm type>|<instance>|<action>" to test a specific Permission
-        PropAccess myAccess = new PropAccess(args);
-        try {
-            /*
-             * NOTE:  Do NOT CREATE new aafcon, aafLur and aafAuthn each transaction.  They are built to be
-             * reused!
-             *
-             * This is why this code demonstrates "Sample" as a singleton.
-             */
-            singleton = new Sample(myAccess);
-            String user = myAccess.getProperty("user_fqi");
-            String pass= myAccess.getProperty("user_pass");
-             
-            if(user==null || pass==null) {
-                System.err.println("This Sample class requires properties user_fqi and user_pass");
-            } else {
-                pass =  myAccess.decrypt(pass, false); // Note, with "false", decryption will only happen if starts with "enc:"
-                // See the CODE for Java Methods used
-                Principal fqi = Sample.singleton().checkUserPass(user,pass);
-                 
-                if(fqi==null) {
-                    System.out.println("OK, normally, you would cease processing for an "
-                            + "unauthenticated user, but for the purpose of Sample, we'll keep going.\n");
-                    fqi=new UnAuthPrincipal(user);
-                }
-                 
-                // AGAIN, NOTE: If your client fails Authentication, the right behavior 99.9%
-                // of the time is to drop the transaction.  We continue for sample only.
-                 
-                // note, default String for perm
-                String permS = myAccess.getProperty("perm","org.osaaf.aaf.access|*|read");
-                String[] permA = Split.splitTrim('|', permS);
-                if(permA.length>2) {
-                    final Permission perm = new AAFPermission(permA[0],permA[1],permA[2]);
-                    // See the CODE for Java Methods used
-                    if(singleton().oneAuthorization(fqi, perm)) {
-                        System.out.printf("Success: %s has %s\n",fqi.getName(),permS);
-                    } else {
-                        System.out.printf("%s does NOT have %s\n",fqi.getName(),permS);
-                    }
-                }
-                 
-                 
-                // Another form, you can get ALL permissions in a list
-                // See the CODE for Java Methods used
-                List<Permission> permL = singleton().allAuthorization(fqi);
-                if(permL.size()==0) {
-                    System.out.printf("User %s has no Permissions THAT THE CALLER CAN SEE",fqi.getName());
-                } else {
-                    System.out.print("Success:\n");
-                    for(Permission p : permL) {
-                        System.out.printf("\t%s has %s\n",fqi.getName(),p.getKey());
-                    }
-                }
-            }
-        } catch (APIException | CadiException | LocatorException | IOException e) {
-            e.printStackTrace();
-        }
-    }
-  }
\ No newline at end of file