summaryrefslogtreecommitdiffstats
path: root/docs/authentication.rst
blob: 3c6f48a41d64bb6ec57b35cf8f8b78cf07851d24 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
 `For Single install:`_

 `Multi-Site Install:`_

 `Headers:`_

 `AAF Authentication`_

 `AID Authentication Non-AAF`_

`Onboarding API`_

`Add Application`_

`Get Application`_

`Edit Application`_

`Delete Application`_


Steps to test AAF MUSIC has been enhanced to support applications which are already authenticated using AAF and applications which are not authenticated using AAF.

If an application has already been using AAF, it should have required namespace, userId and password.

**Non AAF applications (AID)** Works just like AAF but Namespace is an app name and MUSIC manages the User instead of AAF

All the required params should be sent as headers.

Changed in Cassandra: Admin needs to create the following keyspace and table.

In the cassandra bin dir run ./cqlsh and log in to db then:

If you want to save the following in a file you can then run ./cqlsh -f <file.cql>

For Single install:
^^^^^^^^^^^^^^^^^^^
::

  //Create Admin Keyspace
   
  CREATE KEYSPACE admin
    WITH REPLICATION = {
      'class' : 'SimpleStrategy',
      'replication_factor': 1
    } 
  AND DURABLE_WRITES = true;
 
    CREATE TABLE admin.keyspace_master (
     uuid uuid,
     keyspace_name text,
     application_name text,
     is_api boolean,
     password text,
     username text,
     is_aaf boolean,
     PRIMARY KEY (uuid)
    );


Multi-Site Install:
^^^^^^^^^^^^^^^^^^^

::

  //Create Admin Keyspace
 
  CREATE KEYSPACE admin
  WITH REPLICATION = {
    'class' : 'NetworkTopologyStrategy',
    'DC1':2
  }
  AND DURABLE_WRITES = true;
 
  CREATE TABLE admin.keyspace_master (
   uuid uuid,
   keyspace_name text,
   application_name text,
   is_api boolean,
   password text,
   username text,
   is_aaf boolean,
   PRIMARY KEY (uuid)
 );

Headers:
^^^^^^^^

For AAF applications all the 3 headers ns, userId and password are mandatory.

For Non AAF applications if aid is not provided MUSIC creates new random unique UUID and returns to caller.

Caller application then need to save the UUID and need to pass the UUID to further modify/access the keyspace.

Required Headers

AAF Authentication
^^^^^^^^^^^^^^^^^^
::

  Key     : Value        : Description 
  ns      : org.onap.aaf : AAF Namespace
  userId  : username     : USer Id
  password: password     : Password of User

AID Authentication Non-AAF
^^^^^^^^^^^^^^^^^^^^^^^^^^

::

  Key     : Value        : Description 
  ns      : App Name     : App Name
  userId  : username     : Username for this user (Required during Create keyspace Only)
  password: password     : Password for this user (Required during Create keyspace Only)

Onboarding API
^^^^^^^^^^^^^^

Add Application
^^^^^^^^^^^^^^^

::

  POST URL: /MUSIC/rest/v2/admin/onboardAppWithMusic  with JSON as follows:

  {
   "appname": "<the Namespace for aaf or the Identifier for the specific app using AID access",
   "userId" : "<userid>",
   "isAAF"  : true/false,
   "password" : ""
 }
  
Get Application
^^^^^^^^^^^^^^^

::

  POST URL: /MUSIC/rest/v2/admin/search  with JSON as follows:

  {
   "appname": "<the Namespace for aaf or the Identifier for the specific app using AID access",
   "isAAF"  : true/false,
   "aid" : "Unique ID for this user"
  }
  
Edit Application
^^^^^^^^^^^^^^^^

::

  PUT URL: /MUSIC/rest/v2/admin/onboardAppWithMusic  with JSON as follows: 

  {
  "aid" : "Unique ID for this user",
  "appname": "<the Namespace for aaf or the Identifier for the specific app using AID access",
  "userId" : "<userid>",
  "isAAF"  : true/false,
  "password" : ""
  }
  
Delete Application
^^^^^^^^^^^^^^^^^^

::

  DELETE URL: /MUSIC/rest/v2/admin/onboardAppWithMusic  with JSON as follows:

 {
 "aid" : "Unique ID for this app"
 }