From 6d469611d86642bc0b74ce51af72cc36d2af962d Mon Sep 17 00:00:00 2001 From: Instrumental Date: Mon, 26 Mar 2018 12:04:27 -0700 Subject: Remove Code from cadi, it is now in authz Issue-ID: AAF-193 Change-Id: Ib7abdb15ba8a7445a3875cf8c6bb48b7d563f424 Signed-off-by: Instrumental --- .../java/org/onap/aaf/example/JU_CadiTest.java | 58 ----------- .../org/onap/aaf/example/JU_ExampleAuthCheck.java | 57 ----------- .../org/onap/aaf/example/JU_ExamplePerm2_0.java | 113 --------------------- .../onap/aaf/example/JU_ExamplePerm2_0_DME2.java | 113 --------------------- .../java/org/onap/aaf/example/JU_X509Test.java | 89 ---------------- 5 files changed, 430 deletions(-) delete mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java (limited to 'aaf/src/test/java/org/onap/aaf/example') diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java b/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java deleted file mode 100644 index 17fd827..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java +++ /dev/null @@ -1,58 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import java.net.HttpURLConnection; -import java.net.URI; - -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.client.Future; -import org.onap.aaf.cadi.config.SecurityInfoC; -import org.onap.aaf.cadi.http.HClient; -import org.onap.aaf.cadi.http.HX509SS; - -public class JU_CadiTest { - public static void main(String args[]) { - Access access = new PropAccess(); - try { - SecurityInfoC si = new SecurityInfoC(access); - HClient hclient = new HClient( - new HX509SS(si), - new URI("https://mithrilcsp.sbc.com:8085"),3000); - hclient.setMethod("OPTIONS"); - hclient.setPathInfo("/gui/cadi/log/toggle/INFO"); - hclient.send(); - Future future = hclient.futureReadString(); - if(future.get(5000)) { - System.out.println(future.value); - } else { - System.out.printf("Error: %d-%s", future.code(),future.body()); - } - - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java deleted file mode 100644 index cb4e48f..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java +++ /dev/null @@ -1,57 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.locator.DNSLocator; - -public class JU_ExampleAuthCheck { - public static void main(String args[]) { - // Link or reuse to your Logging mechanism - PropAccess myAccess = new PropAccess(); // - - try { - AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator( - myAccess,"https","localhost","8100")); - AAFAuthn authn = acon.newAuthn(); - long start; - for (int i=0;i<10;++i) { - start = System.nanoTime(); - String err = authn.validate("", "gritty"); - if(err!=null) System.err.println(err); - else System.out.println("I'm ok"); - - err = authn.validate("bogus", "gritty"); - if(err!=null) System.err.println(err + " (correct error)"); - else System.out.println("I'm ok"); - - System.out.println((System.nanoTime()-start)/1000000f + " ms"); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java deleted file mode 100644 index 652cadb..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java +++ /dev/null @@ -1,113 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; - -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFCon; -import org.onap.aaf.cadi.aaf.v2_0.AAFConDME2; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; - -public class JU_ExamplePerm2_0 { - public static void main(String args[]) { - - // Link or reuse to your Logging mechanism - PropAccess myAccess = new PropAccess(); - - // - try { - AAFCon acon = new AAFConDME2(myAccess); - - // AAFLur has pool of DME clients as needed, and Caches Client lookups - AAFLurPerm aafLur = acon.newLur(); - - // Note: If you need both Authn and Authz construct the following: - AAFAuthn aafAuthn = acon.newAuthn(aafLur); - - // Do not set Mech ID until after you construct AAFAuthn, - // because we initiate "401" info to determine the Realm of - // of the service we're after. - acon.basicAuth("mc0897@aaf.att.com", "XXXXXX"); - - try { - - // Normally, you obtain Principal from Authentication System. - // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() - // If you use CADI as Authenticator, it will get you these Principals from - // CSP or BasicAuth mechanisms. - String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com"; - - // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - String ok = aafAuthn.validate(id, "XXXXXX"); - if(ok!=null)System.out.println(ok); - - ok = aafAuthn.validate(id, "wrongPass"); - if(ok!=null)System.out.println(ok); - - - // AAF Style permissions are in the form - // Type, Instance, Action - AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE"); - - // Now you can ask the LUR (Local Representative of the User Repository about Authorization - // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object - // instead of creating your own LUR - System.out.println("Does " + id + " have " + perm); - if(aafLur.fish(id, perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - System.out.println("Does Bogus have " + perm); - if(aafLur.fish("Bogus", perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - // Or you can all for all the Permissions available - List perms = new ArrayList(); - - aafLur.fishAll(id,perms); - for(Permission prm : perms) { - System.out.println(prm.getKey()); - } - - // It might be helpful in some cases to clear the User's identity from the Cache - aafLur.remove(id); - } finally { - aafLur.destroy(); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java deleted file mode 100644 index 88e2936..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java +++ /dev/null @@ -1,113 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; - -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; -import org.onap.aaf.cadi.locator.DNSLocator; - -public class JU_ExamplePerm2_0_DME2 { - public static void main(String args[]) { - // Link or reuse to your Logging mechanism - PropAccess myAccess = new PropAccess(); - - // - try { - AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator( - myAccess,"https","localhost","8100")); - - // AAFLur has pool of DME clients as needed, and Caches Client lookups - AAFLurPerm aafLur = acon.newLur(); - - // Note: If you need both Authn and Authz construct the following: - AAFAuthn aafAuthn = acon.newAuthn(aafLur); - - // Do not set Mech ID until after you construct AAFAuthn, - // because we initiate "401" info to determine the Realm of - // of the service we're after. - acon.basicAuth("mc0897@aaf.att.com", "XXXXXX"); - - try { - - // Normally, you obtain Principal from Authentication System. - // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() - // If you use CADI as Authenticator, it will get you these Principals from - // CSP or BasicAuth mechanisms. - String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com"; - - // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - String ok = aafAuthn.validate(id, "XXXXXX"); - if(ok!=null)System.out.println(ok); - - ok = aafAuthn.validate(id, "wrongPass"); - if(ok!=null)System.out.println(ok); - - - // AAF Style permissions are in the form - // Type, Instance, Action - AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE"); - - // Now you can ask the LUR (Local Representative of the User Repository about Authorization - // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object - // instead of creating your own LUR - System.out.println("Does " + id + " have " + perm); - if(aafLur.fish(id, perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - System.out.println("Does Bogus have " + perm); - if(aafLur.fish("Bogus", perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - // Or you can all for all the Permissions available - List perms = new ArrayList(); - - aafLur.fishAll(id,perms); - for(Permission prm : perms) { - System.out.println(prm.getKey()); - } - - // It might be helpful in some cases to clear the User's identity from the Cache - aafLur.remove(id); - } finally { - aafLur.destroy(); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java b/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java deleted file mode 100644 index e756f6d..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java +++ /dev/null @@ -1,89 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import java.security.Principal; - -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; -import org.onap.aaf.cadi.client.Future; -import org.onap.aaf.cadi.locator.DNSLocator; -import org.onap.aaf.cadi.lur.LocalPermission; - -public class JU_X509Test { - public static void main(String args[]) { - // Link or reuse to your Logging mechanism - - PropAccess myAccess = new PropAccess(); - - // - try { - AAFConHttp con = new AAFConHttp(myAccess, - new DNSLocator(myAccess,"https","mithrilcsp.sbc.com","8100")); - - // AAFLur has pool of DME clients as needed, and Caches Client lookups - AAFLurPerm aafLur = con.newLur(); - - // Note: If you need both Authn and Authz construct the following: -// AAFAuthn aafAuthn = con.newAuthn(aafLur); - - // con.x509Alias("aaf.att"); // alias in keystore - - try { - - // Normally, you obtain Principal from Authentication System. -// // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() -// // If you use CADI as Authenticator, it will get you these Principals from -// // CSP or BasicAuth mechanisms. -// String id = "cluster_admin@gridcore.att.com"; -// -// // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - Future fs = - con.client("2.0").read("/authz/perms/com.att.aaf.ca","application/Perms+json"); - if(fs.get(3000)) { - System.out.println(fs.value); - } else { - System.out.println("Error: " + fs.code() + ':' + fs.body()); - } - - // Check on Perms with LUR - if(aafLur.fish(new Principal() { - @Override - public String getName() { - return "m12345@aaf.att.com"; - } - }, new LocalPermission("com.att.aaf.ca|aaf|request"))) { - System.out.println("Has Perm"); - } else { - System.out.println("Does NOT Have Perm"); - } - } finally { - aafLur.destroy(); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} -- cgit 1.2.3-korg