-
Notifications
You must be signed in to change notification settings - Fork 165
/
Copy pathSessionTokenExample.java
98 lines (88 loc) · 4.63 KB
/
SessionTokenExample.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
/**
* Copyright (c) 2016, 2025, Oracle and/or its affiliates. All rights reserved.
* This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license.
*/
import com.oracle.bmc.auth.AuthenticationDetailsProvider;
import com.oracle.bmc.auth.SessionTokenAuthenticationDetailsProvider;
import com.oracle.bmc.identity.Identity;
import com.oracle.bmc.identity.IdentityClient;
import com.oracle.bmc.identity.requests.GetAuthenticationPolicyRequest;
import com.oracle.bmc.identity.responses.GetAuthenticationPolicyResponse;
import java.io.IOException;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
/**
* An example for using session token authentication which uses the Authentication Policy api to
* repeatedly get the Authentication-Policy for your tenant.
*
* <p>A valid session token is required to run this example otherwise a `401 - Not Authenticated`
* error will occur.
*
* <p>Use the OCI CLI to authenticate with a browser and create a token, see
* https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/clitoken.htm
*/
public class SessionTokenExample {
public static void main(String[] args) throws IOException {
/**
* This portion assumes that a valid session token in the file specified by the
* "security_token_file" field for the profile being used in the config file. See
* https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm#File_Entries
*/
// The following creates a session token auth provider with default behavior,
// which includes default config file parsing and a refresh schedule
// that keeps a session valid for 24 hours.
SessionTokenAuthenticationDetailsProvider provider =
new SessionTokenAuthenticationDetailsProvider();
queryAuthenticationPolicy(provider);
// Close the provider to stop the token refresh schedule
provider.close();
// The session token auth provider builder can be used to create the
// SessionTokenAuthenticationDetailsProvider with default refresh schedule
// without parsing a config file or session token file.
provider =
SessionTokenAuthenticationDetailsProvider.builder()
.region("us-phoenix-1")
.tenantId("ocid1.tenancy.oc...")
.privateKeyFilePath("~/.oci/sessions/mySession/oci_api_key.pem")
.sessionToken("<token>")
.build();
queryAuthenticationPolicy(provider);
provider.close();
// Provide custom refresh timing.
provider =
SessionTokenAuthenticationDetailsProvider.builder()
.refreshPeriod(4)
.timeUnit(TimeUnit.MINUTES)
.sessionLifetimeHours(2)
.build();
queryAuthenticationPolicy(provider);
provider.close();
// Default parsing with disabled automatic token refreshing.
provider =
SessionTokenAuthenticationDetailsProvider.builder()
.disableScheduledRefresh()
.build();
queryAuthenticationPolicy(provider);
// Provide a custom scheduler
ScheduledExecutorService scheduler = Executors.newScheduledThreadPool(5);
provider = SessionTokenAuthenticationDetailsProvider.builder().scheduler(scheduler).build();
queryAuthenticationPolicy(provider);
provider.close();
}
private static void queryAuthenticationPolicy(AuthenticationDetailsProvider provider) {
Identity identityClient = IdentityClient.builder().build(provider);
final String tenantId = provider.getTenantId();
System.out.printf("Getting the authentication policy of your tenant %s\n", tenantId);
GetAuthenticationPolicyResponse getAuthenticationPolicyResponse =
identityClient.getAuthenticationPolicy(
GetAuthenticationPolicyRequest.builder()
// currently only the tenant (ie the root compartment) can have an
// authentication policy
.compartmentId(tenantId)
.build());
System.out.printf(
"The Authentication Policy is: %s\n",
getAuthenticationPolicyResponse.getAuthenticationPolicy().toString());
}
}