Commit 37b47321 authored by Tien-Thinh Nguyen's avatar Tien-Thinh Nguyen
Browse files

update token request procedure

parent cfb25c3a
......@@ -81,7 +81,7 @@ nrf_app::nrf_app(const std::string &config_file, nrf_event &ev)
//------------------------------------------------------------------------------
void nrf_app::generate_uuid() {
instance_id = to_string(boost::uuids::random_generator()());
nrf_instance_id = to_string(boost::uuids::random_generator()());
}
//------------------------------------------------------------------------------
......@@ -572,6 +572,7 @@ void nrf_app::handle_access_token_request(const std::string &request_body,
"Handle a request to request an OAuth2 access token from NRF (HTTP "
"version %d)",
http_version);
std::map<std::string, std::string> access_token_req;
// Process request_body
std::vector<std::string> key_values;
......@@ -602,10 +603,30 @@ void nrf_app::handle_access_token_request(const std::string &request_body,
return;
}
// TODO: authorize NF service consumer
// Generate signature
std::string signature = {};
if (!nrf_jwt_inst->generate_signature(access_token_req.at("nfInstanceId"),
signature)) {
bool result = false;
if ((access_token_req.count("nfType") > 0) and
(access_token_req.count("targetNfType") > 0)) {
nf_type_t nf_type =
api_conv::string_to_nf_type(access_token_req.at("nfType"));
nf_type_t target_nf_type =
api_conv::string_to_nf_type(access_token_req.at("targetNfType"));
result = nrf_jwt_inst->generate_signature(
access_token_req.at("nfInstanceId"), access_token_req.at("scope"),
access_token_req.at("nfType"), access_token_req.at("targetNfType"),
nrf_instance_id, signature);
} else if (access_token_req.count("targetNfInstanceId") > 0) {
result = nrf_jwt_inst->generate_signature(
access_token_req.at("nfInstanceId"), access_token_req.at("scope"),
access_token_req.at("targetNfInstanceId"), nrf_instance_id, signature);
}
if (!result) {
http_code = HTTP_STATUS_CODE_400_BAD_REQUEST;
problem_details.setCause(
protocol_application_error_e2str[MANDATORY_QUERY_PARAM_INCORRECT]);
......
......@@ -441,7 +441,7 @@ class nrf_app {
std::shared_ptr<nrf_search_result> &p) const;
private:
std::string instance_id; // NRF instance id
std::string nrf_instance_id; // NRF instance id
std::map<std::string, std::shared_ptr<nrf_profile>> instance_id2nrf_profile;
mutable std::shared_mutex m_instance_id2nrf_profile;
......
......@@ -37,17 +37,21 @@ using namespace oai::nrf::app;
//------------------------------------------------------------------------------
bool nrf_jwt::generate_signature(const std::string &nf_consumer_id,
const std::string &scope,
const std::string &nf_type,
const std::string &target_nf_type,
const std::string &nrf_instance_id,
std::string &signature) const {
std::string key;
get_secret_key(nf_consumer_id, key);
get_secret_key(scope, nf_type, target_nf_type, key);
// Create JWT object
//TODO
// TODO
jwt::jwt_object obj{jwt::params::algorithm("HS256"),
jwt::params::payload({{"iss", "nrf_instance_id"},
{"sub", "nf_consumer_id"},
{"aud", "nf_producer_id"},
{"scope", "nf_producer_name"},
{"exp", "100"}}),
jwt::params::payload({{"iss", nrf_instance_id},
{"sub", nf_consumer_id},
{"aud", target_nf_type},
{"scope", scope},
{"exp", "1000"}}), // in second
jwt::params::secret(key)};
// Get the encoded string/assertion
......@@ -55,7 +59,39 @@ bool nrf_jwt::generate_signature(const std::string &nf_consumer_id,
}
//------------------------------------------------------------------------------
bool nrf_jwt::get_secret_key(const std::string &nf_consumer_id,
bool nrf_jwt::generate_signature(const std::string &nf_consumer_id,
const std::string &scope,
const std::string &target_nf_instance_Id,
const std::string &nrf_instance_id,
std::string &signature) const {
std::string key;
get_secret_key(scope, target_nf_instance_Id, key);
// Create JWT object
// TODO
jwt::jwt_object obj{jwt::params::algorithm("HS256"),
jwt::params::payload({{"iss", nrf_instance_id},
{"sub", nf_consumer_id},
{"aud", target_nf_instance_Id},
{"scope", scope},
{"exp", "1000"}}), // in second
jwt::params::secret(key)};
// Get the encoded string/assertion
signature = obj.signature();
}
//------------------------------------------------------------------------------
bool nrf_jwt::get_secret_key(const std::string &scope,
const std::string &nf_type,
const std::string &target_nf_type,
std::string &key) const {
// TODO:
key = "secret";
}
//------------------------------------------------------------------------------
bool nrf_jwt::get_secret_key(const std::string &scope,
const std::string &target_nf_instance_Id,
std::string &key) const {
// TODO:
key = "secret";
......
......@@ -40,9 +40,66 @@ class nrf_jwt {
private:
public:
void test_jwt();
/*
* Generate signature for the requested consumer
* @param [const std::string &] nf_consumer_id: Consumer ID
* @param [const std::string &] scope: names of the NF Services that the NF
* Service Consumer is trying to access
* @param [const std::string &] nf_type: NF type of the NF service consumer
* @param [const std::string &] target_nf_type: NF type of the NF service
* producer
* @param [const std::string &] nrf_instance_id: NRF instance ID
* @param [std::string &] signature: generated signature
* @return void
*/
bool generate_signature(const std::string &nf_consumer_id,
const std::string &scope, const std::string &nf_type,
const std::string &target_nf_type,
const std::string &nrf_instance_id,
std::string &signature) const;
/*
* Generate signature for the requested consumer
* @param [const std::string &] nf_consumer_id: Consumer ID
* @param [const std::string &] scope: names of the NF Services that the NF
* Service Consumer is trying to access
* @param [const std::string &] target_nf_instance_Id: Instance ID the NF
* service producer
* @param [const std::string &] nrf_instance_id: NRF instance ID
* @param [std::string &] signature: generated signature
* @return void
*/
bool generate_signature(const std::string &nf_consumer_id,
const std::string &scope,
const std::string &target_nf_instance_Id,
const std::string &nrf_instance_id,
std::string &signature) const;
bool get_secret_key(const std::string &nf_consumer_id,
/*
* Get the secret key
* @param [const std::string &] scope: names of the NF Services that the NF
* Service Consumer is trying to access
* @param [const std::string &] nf_type: NF type of the NF service consumer
* @param [const std::string &] target_nf_type: NF type of the NF service
* @param [std::string &] key: secret key
* @return void
*/
bool get_secret_key(const std::string &scope, const std::string &nf_type,
const std::string &target_nf_type,
std::string &key) const;
/*
* Get the secret key
* @param [const std::string &] scope: names of the NF Services that the NF
* Service Consumer is trying to access
* @param [const std::string &] target_nf_instance_Id: Instance ID the NF
* service producer
* @param [std::string &] key: secret key
* @return void
*/
bool get_secret_key(const std::string &scope,
const std::string &target_nf_instance_Id,
std::string &key) const;
};
......
......@@ -18,4 +18,4 @@ curl -X PATCH -H "Content-Type: application/json" http://192.168.1.23/nnrf-nfm/v
curl -X GET "http://192.168.1.23/nnrf-disc/v1//nf-instances?target-nf-type="AMF"&requester-nf-type="AMF""
#Access Token
curl -d "grant_type=client_credentials&nfInstanceId=343a924e-6494-4927-860b-d45692c95c2d&scope=nf_name" -H "Content-Type: application/x-www-form-urlencoded" -X POST http://192.168.1.23/oauth2/token
curl -d "grant_type=client_credentials&nfInstanceId=343a924e-6494-4927-860b-d45692c95c2d&scope=nsmf-pdusession" -H "Content-Type: application/x-www-form-urlencoded" -X POST http://192.168.1.23/oauth2/token
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment