X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=service-exposure%2Frapps-jwt.go;h=ae00432777e83aab2ca2fc053ef1999465493927;hb=df61b02070956cac9ec7429281dc78ba853b46ed;hp=d220458b816ae14f23836bb153c37465ef368646;hpb=2513eea5c9c4a1685ab6cbf0c2727d21399de5c7;p=nonrtric.git diff --git a/service-exposure/rapps-jwt.go b/service-exposure/rapps-jwt.go index d220458b..ae004327 100644 --- a/service-exposure/rapps-jwt.go +++ b/service-exposure/rapps-jwt.go @@ -2,7 +2,7 @@ // ========================LICENSE_START================================= // O-RAN-SC // %% -// Copyright (C) 2022: Nordix Foundation +// Copyright (C) 2022-2023: Nordix Foundation // %% // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -70,7 +70,7 @@ func getToken(res http.ResponseWriter, req *http.Request) { clientId = req.Header.Get("client") realmName = req.Header.Get("realm") namespace = req.Header.Get("ns") - keycloakUrl := "http://" + keycloakHost + ":" + keycloakPort + "/auth/realms/" + realmName + "/protocol/openid-connect/token" + keycloakUrl := "http://" + keycloakHost + ":" + keycloakPort + "/realms/" + realmName + "/protocol/openid-connect/token" fmt.Printf("Making token request to %s\n", keycloakUrl) res.Header().Set("Content-type", "application/json") res.Header().Set("Authorization", "") @@ -78,6 +78,8 @@ func getToken(res http.ResponseWriter, req *http.Request) { if authenticator == "client-jwt" { resp, err = getJwtToken(keycloakUrl, clientId) } else if authenticator == "client-x509" { + keycloakPort = "443" + keycloakUrl := "https://" + keycloakAlias + ":" + keycloakPort + "/realms/" + realmName + "/protocol/openid-connect/token" resp, err = getx509Token(keycloakUrl, clientId) } else { resp, err = getSecretToken(keycloakUrl, clientId) @@ -119,8 +121,10 @@ func getJwtToken(keycloakUrl, clientId string) (*http.Response, error) { } func getClientAssertion() string { - realm := "http://" + keycloakHost + ":" + keycloakPort + "/auth/realms/" + realmName - clientAssertion := generatejwt.CreateJWT("/certs/client.key", "", clientId, realm) + //aud := "http://" + keycloakHost + ":" + keycloakPort + "/auth/realms/" + realmName + //aud := "http://keycloak/auth/realms/" + realmName + aud := "https://keycloak:8443/realms/" + realmName + clientAssertion := generatejwt.CreateJWT("/certs/client.key", "", clientId, aud) return clientAssertion } @@ -214,7 +218,7 @@ func health(res http.ResponseWriter, req *http.Request) { func main() { flag.StringVar(&keycloakHost, "keycloakHost", "istio-ingressgateway.istio-system", "Keycloak Host") flag.StringVar(&keycloakPort, "keycloakPort", "80", "Keycloak Port") - flag.StringVar(&keycloakAlias, "keycloakAlias", "keycloak.oran.org", "Keycloak URL Alias") + flag.StringVar(&keycloakAlias, "keycloakAlias", "keycloak.est.tech", "Keycloak URL Alias") flag.Parse() healthHandler := http.HandlerFunc(health)