Smoke Test: Identity REST Interface

import java.io.*;
import java.net.*;

public class OpenSSORest {
    private static String serverURL;
    private static String tokenId;
    private static String username;
    
    public static void main(String[] args) {
        if (args.length != 1) {
            System.err.println(
                "Usage: OpenSSORest server-instance\n");
            System.exit(1);
        }
        serverURL = args[0];
        
        try {
            authenticate();
            validateToken();
            search();
            showAttributes();
            read("demo", null);
            create();
            read("test", null);
            update();
            read("test", "mail");
            delete();
            logout();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
    
    private static void authenticate() 
        throws Exception {
        System.out.println();
        System.out.println("Authenticate to server");
        username = getUserInput("username: ");
        String password = getUserInput("password: ");
        
        String res = request(new URL(serverURL +
            "/identity/authenticate?" +
            "username=" + URLEncoder.encode(username, "UTF-8") +
            "&password=" + 
            URLEncoder.encode(password, "UTF-8")));

        tokenId = res.substring(9);
        tokenId = tokenId.substring(0, tokenId.length() -1);
        succeeded();
    }

    private static void logout() 
        throws Exception {
        System.out.println("Logout");
        
        String res = request(new URL(serverURL + 
            "/identity/logout?" +
            "subjectid=" + 
            URLEncoder.encode(tokenId, "UTF-8")));
        succeeded();
    }
    
    private static void validateToken() 
        throws Exception {
        System.out.println("Validate Token ID");
        String res = request(new URL(serverURL +
            "/identity/isTokenValid?" +
            "tokenid=" + URLEncoder.encode(tokenId, "UTF-8")));
        succeeded();
    }

    private static void search() 
        throws Exception {
        System.out.println("Search");
        String res = request(new URL(serverURL + 
            "/identity/search?" +
            "filter=*&admin=" + 
            URLEncoder.encode(tokenId, "UTF-8")));
        System.out.println(res);
        succeeded();
    }

    private static void showAttributes() 
        throws Exception {
        System.out.println("Show Attributes");
        String res = request(new URL(serverURL +
            "/identity/attributes?" +
            "subjectid=" +
            URLEncoder.encode(tokenId, "UTF-8")));
        System.out.println(res);
        succeeded();
    }    
    
    private static void read(String user, String attr) 
        throws Exception {
        System.out.println("Read attributes");
        String qattr = (attr != null) ? 
            "&attributes_names=" + attr : "";

        String res = request(new URL(serverURL +
            "/identity/read?" +
            "name=" + user + "&admin=" + 
            URLEncoder.encode(tokenId, "UTF-8") +
            qattr));
        System.out.println(res);
        succeeded();
    }
    
    private static void create() 
        throws Exception {
        System.out.println("Create user");
        String res = request(new URL(serverURL +
            "/identity/create?" +
            "identity_name=test&admin=" + 
            URLEncoder.encode(tokenId, "UTF-8") +
            "&identity_attribute_names=userpassword" +
            "&identity_attribute_values_userpassword=123" +
            "&identity_realm=" + URLEncoder.encode("/", "UTF-8") +
            "&identity_type=User"
            ));
        succeeded();
    }

    private static void update() 
        throws Exception {
        System.out.println("Change email address");
        String res = request(new URL(serverURL + 
            "/identity/update?" +
            "identity_name=test&admin=" + 
            URLEncoder.encode(tokenId, "UTF-8") +
            "&identity_attribute_names=mail" +
            "&identity_attribute_values_mail=test@example.com"
            ));
        succeeded();
    }

    private static void delete() 
        throws Exception {
        System.out.println("Delete user");
        String res = request(new URL(serverURL + 
            "/identity/delete?" +
            "identity_name=test&admin=" + 
            URLEncoder.encode(tokenId, "UTF-8") +
            "&identity_type=User"));
        succeeded();
    }

    private static void succeeded() {
        System.out.println("Succeeded");
        System.out.println();
        System.out.println();
    }
    
    public static String getUserInput(String message)
        throws IOException {
        String userInput = null;
        BufferedReader in = new BufferedReader(
            new InputStreamReader(System.in));
        System.out.print(message);
        userInput = in.readLine();
        return userInput;
    }

    public static String request(URL url)
        throws Exception {
        System.out.println(url.toString());
        URLConnection conn = url.openConnection();
        BufferedReader dis = new BufferedReader(
            new InputStreamReader(conn.getInputStream()));
        StringBuffer buff = new StringBuffer();
        String inputLine;

        while ((inputLine = dis.readLine()) != null) {
            buff.append(inputLine).append("\n");
        }
        dis.close();
        return buff.toString();
    }
}

Run it

[dennis@localhost rest]$ javac  OpenSSORest.java 
[dennis@localhost rest]$  OpenSSORest http://vanessa.red.iplanet.com:8080/opensso

Authenticate to server
username: amadmin
password: 11111111
http://vanessa.red.iplanet.com:8080/opensso/identity/authenticate?username=amadmin&password=11111111
Succeeded


Validate Token ID
http://vanessa.red.iplanet.com:8080/opensso/identity/isTokenValid?tokenid=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23
Succeeded


Search
http://vanessa.red.iplanet.com:8080/opensso/identity/search?filter=*&admin=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23
string=amAdmin
string=amldapuser
string=dsameuser
string=anonymous
string=amService-URLAccessAgent
string=demo

Succeeded


Show Attributes
http://vanessa.red.iplanet.com:8080/opensso/identity/attributes?subjectid=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23
userdetails.token.id=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw=@AAJTSQACMDE=#
userdetails.attribute.name=iplanet-am-user-alias-list
userdetails.attribute.name=sunIdentityMSISDNNumber
userdetails.attribute.name=employeeNumber
userdetails.attribute.name=telephoneNumber
userdetails.attribute.name=iplanet-am-user-success-url
userdetails.attribute.name=givenName
userdetails.attribute.value=amAdmin
userdetails.attribute.name=mail
userdetails.attribute.name=roles
userdetails.attribute.value=Top-level Admin Role
userdetails.attribute.name=sn
userdetails.attribute.value=amAdmin
userdetails.attribute.name=dn
userdetails.attribute.value=uid=amAdmin,ou=people,dc=opensso,dc=java,dc=net
userdetails.attribute.name=cn
userdetails.attribute.value=amAdmin
userdetails.attribute.name=postalAddress
userdetails.attribute.name=iplanet-am-user-failure-url
userdetails.attribute.name=inetUserStatus
userdetails.attribute.value=Active

Succeeded


Read attributes
http://vanessa.red.iplanet.com:8080/opensso/identity/read?name=demo&admin=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23
identitydetails.name=demo
identitydetails.type=user
identitydetails.realm=dc=opensso,dc=java,dc=net
identitydetails.attribute=
identitydetails.attribute.name=sn
identitydetails.attribute.value=demo
identitydetails.attribute=
identitydetails.attribute.name=universalid
identitydetails.attribute.value=id=demo,ou=user,dc=opensso,dc=java,dc=net
identitydetails.attribute=
identitydetails.attribute.name=objectclass
identitydetails.attribute.value=sunFederationManagerDataStore
identitydetails.attribute.value=iplanet-am-user-service
identitydetails.attribute.value=top
identitydetails.attribute.value=iplanet-am-managed-person
identitydetails.attribute.value=sunIdentityServerLibertyPPService
identitydetails.attribute.value=iPlanetPreferences
identitydetails.attribute.value=inetorgperson
identitydetails.attribute.value=person
identitydetails.attribute.value=organizationalPerson
identitydetails.attribute.value=inetuser
identitydetails.attribute.value=sunFMSAML2NameIdentifier
identitydetails.attribute=
identitydetails.attribute.name=cn
identitydetails.attribute.value=demo
identitydetails.attribute=
identitydetails.attribute.name=uid
identitydetails.attribute.value=demo
identitydetails.attribute=
identitydetails.attribute.name=userpassword
identitydetails.attribute.value={SSHA}rOG2r03XzcYHwAG4rABAz8FpDEle15FMSUcsAQ==
identitydetails.attribute=
identitydetails.attribute.name=inetuserstatus
identitydetails.attribute.value=Active

Succeeded


Create user
http://vanessa.red.iplanet.com:8080/opensso/identity/create?identity_name=test&admin=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23&identity_attribute_names=userpassword&identity_attribute_values_userpassword=123&identity_realm=%2F&identity_type=User
Succeeded


Read attributes
http://vanessa.red.iplanet.com:8080/opensso/identity/read?name=test&admin=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23
identitydetails.name=test
identitydetails.type=user
identitydetails.realm=dc=opensso,dc=java,dc=net
identitydetails.attribute=
identitydetails.attribute.name=sn
identitydetails.attribute.value=test
identitydetails.attribute=
identitydetails.attribute.name=universalid
identitydetails.attribute.value=id=test,ou=user,dc=opensso,dc=java,dc=net
identitydetails.attribute=
identitydetails.attribute.name=objectclass
identitydetails.attribute.value=sunFederationManagerDataStore
identitydetails.attribute.value=iplanet-am-user-service
identitydetails.attribute.value=top
identitydetails.attribute.value=iplanet-am-managed-person
identitydetails.attribute.value=sunIdentityServerLibertyPPService
identitydetails.attribute.value=iPlanetPreferences
identitydetails.attribute.value=inetorgperson
identitydetails.attribute.value=person
identitydetails.attribute.value=organizationalPerson
identitydetails.attribute.value=inetuser
identitydetails.attribute.value=sunFMSAML2NameIdentifier
identitydetails.attribute=
identitydetails.attribute.name=cn
identitydetails.attribute.value=test
identitydetails.attribute=
identitydetails.attribute.name=uid
identitydetails.attribute.value=test
identitydetails.attribute=
identitydetails.attribute.name=userpassword
identitydetails.attribute.value={SSHA}DsnALc8j11O9krdjfrId/xxCtv+qOM06zBc2CQ==
identitydetails.attribute=
identitydetails.attribute.name=inetuserstatus
identitydetails.attribute.value=Active

Succeeded


Change email address
http://vanessa.red.iplanet.com:8080/opensso/identity/update?identity_name=test&admin=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23&identity_attribute_names=mail&identity_attribute_values_mail=test@example.com
Succeeded


Read attributes
http://vanessa.red.iplanet.com:8080/opensso/identity/read?name=test&admin=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23&attributes_names=mail
identitydetails.name=test
identitydetails.type=user
identitydetails.realm=dc=opensso,dc=java,dc=net
identitydetails.attribute=
identitydetails.attribute.name=mail
identitydetails.attribute.value=test@example.com

Succeeded


Delete user
http://vanessa.red.iplanet.com:8080/opensso/identity/delete?identity_name=test&admin=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23&identity_type=User
Succeeded


Logout
http://vanessa.red.iplanet.com:8080/opensso/identity/logout?subjectid=AQIC5wM2LY4SfczAfhqbpbll3ldjGn3AU5ignOqmR82DzDw%3D%40AAJTSQACMDE%3D%23
Succeeded

Advertisements

4 Responses

  1. How I can call authenticate with realm?
    I create user in /default/customer realm and try to authenticate this user using this call.
    /opensso/identity/authenticate?username=user000000&password=pwd000000&&identity_realm=/default/customer
    I get error

  2. I am looking at the source code (If you have OpenSSO source code, check this out).
    opensso/products/amserver/
    source/com/sun/identity/idsvcs/opensso/IdentityServicesImpl.java
    Line 136

    if (uri != null) {
    // Parse the uri parameters for realm, module, etc
    // TODO
    }

    realm is supposed to be figured out from &uri query parameter,
    however the implementation is missing.

  3. FYI, there is an issue file on this
    https://opensso.dev.java.net/issues/show_bug.cgi?id=3775

  4. Maybe we will implement this feature and post code to OpenSSO

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: