| Table of Contents |
|---|
...
Prerequisites
| Seq | Name | Source | Target | Actor | REST write | REST callsread |
|---|---|---|---|---|---|---|
Config
| Seq | Name | Source | Target | Actor | REST write | REST callsread | ||
|---|---|---|---|---|---|---|---|---|
| create customer | robot | aai | ./demo.sh init | create service model | robot | aai | ./demo.sh init |
Service Deployment
...
...
VNF Creation
| Seq | Name | Source | Target | Actor | REST calls |
|---|---|---|---|---|---|
| robot | https://{{aai_ip}}:8443/aai/v8/business/customers/customer { "global-customer-id": "Demonstration","subscriber-name": "Demonstration", | ||||
| create service model | robot | aai | ./demo.sh init |
VFModule Preload
...
VFModule Creation
...
Closed Loop
https://{{aai_ip}}:8443/aai/v8/service-design-and-creation/models "model-name-version-id": "dcb40136-9cec-45be-b080-2a36b31c2f06", | ||||||
Service Deployment
Running an https rest target using this certificate - if the cert is in a default keystore - you dont need to define it.
// require: cert, username, password, headers(X-FromAppId,Accept), Authenticator
public String run(boolean isSSL, String url, String port, String path) {String record = null;
Client client = null;
WebTarget latestTarget = null;
WebTarget rootTarget = null;
if(isSSL) {
SslConfigurator sslConfig = SslConfigurator.newInstance();
SSLContext sslContext = sslConfig.createSSLContext();
HostnameVerifier verifier = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession sslSession) {
return true; // TODO: security breach
}};
client = ClientBuilder.newBuilder().sslContext(sslContext).hostnameVerifier(verifier).build();
client.register(new Authenticator("AAI","AAI"));
} else {
client = ClientBuilder.newClient();
}
rootTarget = client.target(url);
latestTarget = rootTarget.path(path);
try {
try { Thread.sleep(1); } catch (InterruptedException ie) { Thread.currentThread().interrupt(); }
record = finalTarget.request()
.header("X-FromAppId", "AAI").header("Accept", "application/json")
.get(String.class);
private final String user;
private final String pass;
public Authenticator(String user, String password) {
this.user = user; this.pass = password;
}
public void filter(ClientRequestContext requestContext) throws IOException {
MultivaluedMap<String, Object> headMap = requestContext.getHeaders();
String basicAuth = null;
try {
String aToken = user + ":" + pass;
basicAuth = "BASIC " + DatatypeConverter.printBase64Binary(aToken.getBytes("UTF-8"));
} catch (UnsupportedEncodingException uee) { throw new IllegalStateException("Encoding with UTF-8 failed", uee);}
headMap.add("Authorization", basicAuth);
}
}
| Seq | Name | Source | Target | Actor | REST callswrite | appc | robot | ./demo.sh appc <DemoModule> |
|---|
see also
Design Issues
DI 1: 20170719: AAI Cert required for HTTPS REST calls
Calls to AAI such as the following require both the authentication header and an imported certificate. When running Postman - because it is a Chrome app - this is a simple case of loading a REST url in the browser and importing the certificate after an authentication challenge (AAI:AAI). However for a java client like a JAX-RS 2.0 client we need the certificate in a keystore (the default or a specially defined one).
Below we import the cert into the default keystore. Where did I get the cert? by extracting it from Firefox - however it is in the code base - looking it up
...
obrienbiometrics:onap michaelobrien$ ls $JAVA_HOME/jre/lib/security/cacerts
/Library/Java/JavaVirtualMachines/jdk1.8.0_121.jdk/Contents/Home/jre/lib/security/cacerts
sudo keytool -import -trustcacerts -alias aai -file /Users/michaelobrien/Dropbox/_amdocs/config/certs/aai/aaiapisimpledemoopenecomporg.cer -keystore $JAVA_HOME/jre/lib/security/cacerts
| REST read | ||||||
|---|---|---|---|---|---|---|
| deploy service model | vid | demo user | ||||
| create service instance | vid | demo user | https://{{aai_ip}}:8443/aai/v8/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vFW/service-instances/ { "service-instance": [{ | |||
VNF Creation
| Seq | Name | Source | Target | Actor | REST write | REST read |
|---|---|---|---|---|---|---|
| robot | ./demo.sh init | |||||
VFModule Preload
| Seq | Name | Source | Target | Actor | REST write | REST read |
|---|---|---|---|---|---|---|
| preload vnf | robot | ./demo.sh preload <DemoVNF> <DemoModule> | ||||
VFModule Creation
| Seq | Name | Source | Target | Actor | REST write | REST read |
|---|---|---|---|---|---|---|
| create vf module <DemoModule> | vid | demo user | ||||
Closed Loop
| Seq | Name | Source | Target | Actor | REST write | REST read |
|---|---|---|---|---|---|---|
| appc | robot | ./demo.sh appc <DemoModule> | ||||
see also
Design Issues
DI 1: 20170712: AAI Cert required for HTTPS REST calls
Use postman for adhoc rest calls - but if you want to code up call chains or hammer an endpoint use Spring RestController or the Rest client in JAX-RS 2.0
Calls to AAI such as the following require both the authentication header and an imported certificate. When running Postman - because it is a Chrome app - this is a simple case of loading a REST url in the browser and importing the certificate after an authentication challenge (AAI:AAI). However for a java client like a JAX-RS 2.0 client we need the certificate in a keystore (the default or a specially defined one).
Below we import the cert into the default keystore. Where did I get the cert? by extracting it from Firefox - however it is in the code base - looking it up
obrienbiometrics:onap michaelobrien$ ls $JAVA_HOME/jre/lib/security/cacerts /Library/Java/JavaVirtualMachines/jdk1.8.0_121.jdk/Contents/Home/jre/lib/security/cacerts sudo keytool -import -trustcacerts -alias aai -file /Users/michaelobrien/Dropbox/_amdocs/config/certs/aai/aaiapisimpledemoopenecomporg.cer -keystore $JAVA_HOME/jre/lib/security/cacerts |
|---|
Running an https rest target using this certificate - if the cert is in a default keystore - you dont need to define it.
// require: cert, username, password, headers(X-FromAppId,Accept), Authenticator public String run(boolean isSSL, String url, String port, String path) {String record = null; client = ClientBuilder.newClient(); |
|---|
public class Authenticator implements ClientRequestFilter { |
|---|
DI 2: 20170712: Spring Boot Backend Framework
Instead of using a full Tomcat deployment server - we will use an embedded Jetty container.
pom.xml <parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>1.5.3.RELEASE</version></parent> <dependencies> <!-- avoid restarts --><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-devtools</artifactId><optional>true</optional></dependency> <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-actuator</artifactId></dependency> <build><plugins><plugin><groupId>org.springframework.boot</groupId><artifactId>spring-boot-maven-plugin</artifactId> |
|---|