diff --git a/config/nefcfg.yaml b/config/nefcfg.yaml index 2f1d71f..36e90a1 100644 --- a/config/nefcfg.yaml +++ b/config/nefcfg.yaml @@ -12,6 +12,7 @@ configuration: pem: cert/nef.pem # NEF TLS Certificate key: cert/nef.key # NEF TLS Private key nrfUri: http://127.0.0.10:8000 # A valid URI of NRF + nrfCertPem: cert/nrf.pem # NRF Certificate serviceList: # the SBI services provided by this NEF - serviceName: nnef-pfdmanagement # Nnef_PFDManagement Service - serviceName: nnef-oam # OAM service diff --git a/go.mod b/go.mod index 29507eb..30387a0 100644 --- a/go.mod +++ b/go.mod @@ -6,8 +6,8 @@ require ( github.com/antihax/optional v1.0.0 github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d github.com/davecgh/go-spew v1.1.1 - github.com/free5gc/openapi v1.0.7-0.20231216094313-e15a4ff046f6 - github.com/free5gc/util v1.0.5-0.20231001095115-433858e5be94 + github.com/free5gc/openapi v1.0.8 + github.com/free5gc/util v1.0.6 github.com/gin-contrib/cors v1.3.1 github.com/gin-gonic/gin v1.9.1 github.com/google/uuid v1.3.0 @@ -47,12 +47,12 @@ require ( github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.14.0 // indirect + golang.org/x/crypto v0.17.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.0.0-20210810183815-faf39c7919d5 // indirect - golang.org/x/sys v0.13.0 // indirect - golang.org/x/text v0.13.0 // indirect + golang.org/x/sys v0.15.0 // indirect + golang.org/x/text v0.14.0 // indirect google.golang.org/appengine v1.6.6 // indirect - google.golang.org/protobuf v1.30.0 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index d35ae66..271e124 100644 --- a/go.sum +++ b/go.sum @@ -58,10 +58,10 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/free5gc/openapi v1.0.7-0.20231216094313-e15a4ff046f6 h1:8P/wOkTAQMgZJe9pUUNSTE5PWeAdlMrsU9kLsI+VAVE= -github.com/free5gc/openapi v1.0.7-0.20231216094313-e15a4ff046f6/go.mod h1:qv9KqEucoZSeENPRFGxfTe+33ZWYyiYFx1Rj+H0DoWA= -github.com/free5gc/util v1.0.5-0.20231001095115-433858e5be94 h1:tNylIqH/m5Kq+3KuC+jjXGl06Y6EmM8yq61ZUgNrPBY= -github.com/free5gc/util v1.0.5-0.20231001095115-433858e5be94/go.mod h1:aMszJZbCkcg5xaGgzya+55jz+OPMsJqPLq5Z3fWDFPE= +github.com/free5gc/openapi v1.0.8 h1:QjfQdB6VVA1GRnzOJ7nILzrI7gMiY0lH64JHVW7vF34= +github.com/free5gc/openapi v1.0.8/go.mod h1:w6y9P/uySczc1d9OJZAEuB2FImR/z60Wg2BekPAVt3M= +github.com/free5gc/util v1.0.6 h1:dBt9drcXtYKE/cY5XuQcuffgsYclPIpIArhSeS6M+DQ= +github.com/free5gc/util v1.0.6/go.mod h1:eSGN7POUM8LNTvg/E591XR6447a6/w1jFWGKNZPHcXw= github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= github.com/gin-contrib/cors v1.3.1 h1:doAsuITavI4IOcd0Y19U4B+O0dNWihRyX//nn4sEmgA= @@ -227,8 +227,8 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= +golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -331,15 +331,15 @@ golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -463,8 +463,8 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/internal/context/nef_context.go b/internal/context/nef_context.go index 4b2eaa9..d907ada 100644 --- a/internal/context/nef_context.go +++ b/internal/context/nef_context.go @@ -1,11 +1,14 @@ package context import ( + "context" "fmt" "sync" "github.com/free5gc/nef/internal/logger" "github.com/free5gc/nef/pkg/factory" + "github.com/free5gc/openapi/models" + "github.com/free5gc/openapi/oauth" "github.com/google/uuid" ) @@ -16,12 +19,13 @@ type nef interface { type NefContext struct { nef - nfInstID string // NF Instance ID - pcfPaUri string - udrDrUri string - numCorreID uint64 - afs map[string]*AfData - mu sync.RWMutex + nfInstID string // NF Instance ID + pcfPaUri string + udrDrUri string + numCorreID uint64 + OAuth2Required bool + afs map[string]*AfData + mu sync.RWMutex } func NewContext(nef nef) (*NefContext, error) { @@ -146,3 +150,13 @@ func (c *NefContext) FindAfSub(CorrID string) (*AfData, *AfSubscription) { } return nil, nil } + +func (c *NefContext) GetTokenCtx(serviceName models.ServiceName, targetNF models.NfType) ( + context.Context, *models.ProblemDetails, error, +) { + if !c.OAuth2Required { + return context.TODO(), nil, nil + } + return oauth.GetTokenCtx(models.NfType_NEF, targetNF, + c.nfInstID, c.Config().NrfUri(), string(serviceName)) +} diff --git a/internal/sbi/consumer/nrf_service.go b/internal/sbi/consumer/nrf_service.go index 1a25eba..4748a9d 100644 --- a/internal/sbi/consumer/nrf_service.go +++ b/internal/sbi/consumer/nrf_service.go @@ -110,6 +110,7 @@ func (s *nnrfService) getNFManagementClient(uri string) *Nnrf_NFManagement.APICl func (s *nnrfService) RegisterNFInstance() error { var rsp *http.Response + var nf models.NfProfile var err error client := s.getNFManagementClient(s.consumer.Config().NrfUri()) @@ -119,7 +120,7 @@ func (s *nnrfService) RegisterNFInstance() error { } for { - _, rsp, err = client.NFInstanceIDDocumentApi.RegisterNFInstance( + nf, rsp, err = client.NFInstanceIDDocumentApi.RegisterNFInstance( context.TODO(), s.consumer.Context().NfInstID(), *nfProfile) if rsp != nil && rsp.Body != nil { if bodyCloseErr := rsp.Body.Close(); bodyCloseErr != nil { @@ -143,6 +144,20 @@ func (s *nnrfService) RegisterNFInstance() error { resourceUri := rsp.Header.Get("Location") // resouceNrfUri := resourceUri[:strings.Index(resourceUri, "/nnrf-nfm/")] s.consumer.Context().SetNfInstID(resourceUri[strings.LastIndex(resourceUri, "/")+1:]) + + oauth2 := false + if nf.CustomInfo != nil { + v, ok := nf.CustomInfo["oauth2"].(bool) + if ok { + oauth2 = v + logger.MainLog.Infoln("OAuth2 setting receive from NRF:", oauth2) + } + } + s.consumer.Context().OAuth2Required = oauth2 + if oauth2 && s.consumer.Context().Config().NrfCertPem() == "" { + logger.CfgLog.Error("OAuth2 enable but no nrfCertPem provided in config.") + } + logger.ConsumerLog.Infof("NFRegister Created") break } else { @@ -172,10 +187,15 @@ func (s *nnrfService) buildNfProfile() (*models.NfProfile, error) { func (s *nnrfService) DeregisterNFInstance() error { logger.ConsumerLog.Infof("DeregisterNFInstance") + ctx, _, err := s.consumer.Context().GetTokenCtx(models.ServiceName_NNRF_NFM, models.NfType_NRF) + if err != nil { + return nil + } + client := s.getNFManagementClient(s.consumer.Config().NrfUri()) rsp, err := client.NFInstanceIDDocumentApi.DeregisterNFInstance( - context.Background(), s.consumer.Context().NfInstID()) + ctx, s.consumer.Context().NfInstID()) if rsp != nil && rsp.Body != nil { if bodyCloseErr := rsp.Body.Close(); bodyCloseErr != nil { logger.ConsumerLog.Errorf("response body cannot close: %+v", bodyCloseErr) @@ -205,7 +225,12 @@ func (s *nnrfService) SearchNFInstances( client := s.getNFDiscoveryClient(nrfUri) - res, rsp, err := client.NFInstancesStoreApi.SearchNFInstances(context.Background(), + ctx, _, err := s.consumer.Context().GetTokenCtx(models.ServiceName_NNRF_NFM, models.NfType_NRF) + if err != nil { + return nil, "", err + } + + res, rsp, err := client.NFInstancesStoreApi.SearchNFInstances(ctx, serviceNfType[srvName], models.NfType_NEF, param) if rsp != nil && rsp.Body != nil { if bodyCloseErr := rsp.Body.Close(); bodyCloseErr != nil { diff --git a/pkg/factory/config.go b/pkg/factory/config.go index dbfeb57..3787e31 100644 --- a/pkg/factory/config.go +++ b/pkg/factory/config.go @@ -76,6 +76,7 @@ type Info struct { type Configuration struct { Sbi *Sbi `yaml:"sbi,omitempty" valid:"required"` NrfUri string `yaml:"nrfUri,omitempty" valid:"required"` + NrfCertPem string `yaml:"nrfCertPem,omitempty" valid:"optional"` ServiceList []Service `yaml:"serviceList,omitempty" valid:"required"` } @@ -322,6 +323,16 @@ func (c *Config) NrfUri() string { return NefDefaultNrfUri } +func (c *Config) NrfCertPem() string { + c.RLock() + defer c.RUnlock() + + if c.Configuration.NrfCertPem != "" { + return c.Configuration.NrfCertPem + } + return "" // havn't setup in config +} + func (c *Config) ServiceList() []Service { c.RLock() defer c.RUnlock()