From dc801c278bf82ed1cf52c0ae55ced765fa61f788 Mon Sep 17 00:00:00 2001
From: "CTFang@WireLab" <ctfang.cs12@nycu.edu.tw>
Date: Thu, 16 Nov 2023 03:32:52 +0000
Subject: [PATCH 1/7] Feature: Add NRF Consumer support OAuth2

---
 go.mod                                  |  2 +-
 go.sum                                  |  5 +++--
 internal/context/context.go             |  6 ++++++
 internal/sbi/consumer/nf_accesstoken.go | 25 +++++++++++++++++++++++++
 internal/sbi/consumer/nf_discovery.go   | 14 +++++++++-----
 internal/sbi/consumer/nf_mangement.go   | 24 +++++++++++++++++++-----
 pkg/factory/config.go                   |  1 +
 7 files changed, 64 insertions(+), 13 deletions(-)
 create mode 100644 internal/sbi/consumer/nf_accesstoken.go

diff --git a/go.mod b/go.mod
index fe3f97fd..44c28cbf 100644
--- a/go.mod
+++ b/go.mod
@@ -9,7 +9,7 @@ require (
 	github.com/free5gc/aper v1.0.5-0.20230614030933-c73735898582
 	github.com/free5gc/nas v1.1.2-0.20230828074825-175b09665828
 	github.com/free5gc/ngap v1.0.7-0.20230614061954-9c128114ab1f
-	github.com/free5gc/openapi v1.0.7-0.20230802173229-2b3ded4db293
+	github.com/free5gc/openapi v1.0.7-0.20231112094355-a96c3450377e
 	github.com/free5gc/sctp v0.0.0-20231121085449-400a702ea7f9
 	github.com/free5gc/util v1.0.5-0.20231001095115-433858e5be94
 	github.com/gin-contrib/cors v1.3.1
diff --git a/go.sum b/go.sum
index 7250855e..c3b26c75 100644
--- a/go.sum
+++ b/go.sum
@@ -70,8 +70,8 @@ github.com/free5gc/nas v1.1.2-0.20230828074825-175b09665828/go.mod h1:fjWwpyp7/w
 github.com/free5gc/ngap v1.0.7-0.20230614061954-9c128114ab1f h1:wgXjoknZ7JJoZ72J15g/f2/0DgdCpfcTg189lnhUPuY=
 github.com/free5gc/ngap v1.0.7-0.20230614061954-9c128114ab1f/go.mod h1:lKA1sLTYM3CGEBhZVxkGGJIkai5+Bvy2yHIMhb7Vx/k=
 github.com/free5gc/openapi v1.0.6/go.mod h1:iw/N0E+FlX44EEx24IBi2EdZW8v+bkj3ETWPGnlK9DI=
-github.com/free5gc/openapi v1.0.7-0.20230802173229-2b3ded4db293 h1:BSIvKCYu7646sE8J9R1L8v2R435otUik3wOFN33csfs=
-github.com/free5gc/openapi v1.0.7-0.20230802173229-2b3ded4db293/go.mod h1:iw/N0E+FlX44EEx24IBi2EdZW8v+bkj3ETWPGnlK9DI=
+github.com/free5gc/openapi v1.0.7-0.20231112094355-a96c3450377e h1:mXnoioq+fxpChliDl5Uy+m6+Hm7iWrJPZo9mi6BijHE=
+github.com/free5gc/openapi v1.0.7-0.20231112094355-a96c3450377e/go.mod h1:qv9KqEucoZSeENPRFGxfTe+33ZWYyiYFx1Rj+H0DoWA=
 github.com/free5gc/sctp v0.0.0-20231121085449-400a702ea7f9 h1:L02UI8oODfXgH1fGzWWuWF4zyze4IScEFm20q3PKZdE=
 github.com/free5gc/sctp v0.0.0-20231121085449-400a702ea7f9/go.mod h1:Nr81VlvMkBHZsCbWPXjosBh+SWLdeEyz8o0OrS110Ic=
 github.com/free5gc/util v1.0.5-0.20231001095115-433858e5be94 h1:tNylIqH/m5Kq+3KuC+jjXGl06Y6EmM8yq61ZUgNrPBY=
@@ -556,6 +556,7 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
diff --git a/internal/context/context.go b/internal/context/context.go
index 31906f90..0808a52f 100644
--- a/internal/context/context.go
+++ b/internal/context/context.go
@@ -66,6 +66,7 @@ type AMFContext struct {
 	SupportDnnLists              []string
 	AMFStatusSubscriptions       sync.Map // map[subscriptionID]models.SubscriptionData
 	NrfUri                       string
+	NrfCerPem                    string
 	SecurityAlgorithm            SecurityAlgorithm
 	NetworkName                  factory.NetworkName
 	NgapIpList                   []string // NGAP Server IP
@@ -83,6 +84,8 @@ type AMFContext struct {
 	T3570Cfg factory.TimerValue
 	T3555Cfg factory.TimerValue
 	Locality string
+
+	OAuth2Required bool
 }
 
 type AMFContextEventSubscription struct {
@@ -126,6 +129,9 @@ func InitAmfContext(context *AMFContext) {
 		context.LadnPool[ladn.Dnn] = ladn
 	}
 	context.NrfUri = config.GetNrfUri()
+	if configuration.NrfCerPem != "" {
+		context.NrfCerPem = configuration.NrfCerPem
+	}
 	security := configuration.Security
 	if security != nil {
 		context.SecurityAlgorithm.IntegrityOrder = getIntAlgOrder(security.IntegrityOrder)
diff --git a/internal/sbi/consumer/nf_accesstoken.go b/internal/sbi/consumer/nf_accesstoken.go
new file mode 100644
index 00000000..76c31b3c
--- /dev/null
+++ b/internal/sbi/consumer/nf_accesstoken.go
@@ -0,0 +1,25 @@
+package consumer
+
+import (
+	"context"
+
+	amf_context "github.com/free5gc/amf/internal/context"
+	"github.com/free5gc/amf/internal/logger"
+	"github.com/free5gc/openapi"
+	"github.com/free5gc/openapi/models"
+	"github.com/free5gc/openapi/oauth"
+)
+
+func GetTokenCtx(scope, targetNF string) (context.Context, *models.ProblemDetails, error) {
+	if amf_context.GetSelf().OAuth2Required {
+		logger.ConsumerLog.Debugln("GetToekenCtx")
+		udrSelf := amf_context.GetSelf()
+		tok, pd, err := oauth.SendAccTokenReq(udrSelf.NfId, models.NfType_AMF, scope, targetNF, udrSelf.NrfUri)
+		if err != nil {
+			return nil, pd, err
+		}
+		return context.WithValue(context.Background(),
+			openapi.ContextOAuth2, tok), pd, nil
+	}
+	return context.TODO(), nil, nil
+}
diff --git a/internal/sbi/consumer/nf_discovery.go b/internal/sbi/consumer/nf_discovery.go
index 421d4a0c..4f7c3a74 100644
--- a/internal/sbi/consumer/nf_discovery.go
+++ b/internal/sbi/consumer/nf_discovery.go
@@ -1,7 +1,6 @@
 package consumer
 
 import (
-	"context"
 	"fmt"
 	"net/http"
 
@@ -14,18 +13,23 @@ import (
 
 func SendSearchNFInstances(nrfUri string, targetNfType, requestNfType models.NfType,
 	param *Nnrf_NFDiscovery.SearchNFInstancesParamOpts,
-) (models.SearchResult, error) {
+) (*models.SearchResult, error) {
 	// Set client and set url
 	configuration := Nnrf_NFDiscovery.NewConfiguration()
 	configuration.SetBasePath(nrfUri)
 	client := Nnrf_NFDiscovery.NewAPIClient(configuration)
 
-	result, res, err := client.NFInstancesStoreApi.SearchNFInstances(context.TODO(), targetNfType, requestNfType, param)
+	ctx, _, err := GetTokenCtx("nnrf-nfm", "NRF")
+	if err != nil {
+		return nil, err
+	}
+
+	result, res, err := client.NFInstancesStoreApi.SearchNFInstances(ctx, targetNfType, requestNfType, param)
 	if res != nil && res.StatusCode == http.StatusTemporaryRedirect {
 		err = fmt.Errorf("Temporary Redirect For Non NRF Consumer")
 	}
 	if res == nil || res.Body == nil {
-		return result, err
+		return &result, err
 	}
 	defer func() {
 		if res != nil {
@@ -34,7 +38,7 @@ func SendSearchNFInstances(nrfUri string, targetNfType, requestNfType models.NfT
 			}
 		}
 	}()
-	return result, err
+	return &result, err
 }
 
 func SearchUdmSdmInstance(ue *amf_context.AmfUe, nrfUri string, targetNfType, requestNfType models.NfType,
diff --git a/internal/sbi/consumer/nf_mangement.go b/internal/sbi/consumer/nf_mangement.go
index f99c31a8..e351072c 100644
--- a/internal/sbi/consumer/nf_mangement.go
+++ b/internal/sbi/consumer/nf_mangement.go
@@ -80,8 +80,9 @@ func SendRegisterNFInstance(nrfUri, nfInstanceId string, profile models.NfProfil
 	client := Nnrf_NFManagement.NewAPIClient(configuration)
 
 	var res *http.Response
+	var nf models.NfProfile
 	for {
-		_, res, err = client.NFInstanceIDDocumentApi.RegisterNFInstance(context.TODO(), nfInstanceId, profile)
+		nf, res, err = client.NFInstanceIDDocumentApi.RegisterNFInstance(context.TODO(), nfInstanceId, profile)
 		if err != nil || res == nil {
 			// TODO : add log
 			fmt.Println(fmt.Errorf("AMF register to NRF Error[%s]", err.Error()))
@@ -104,6 +105,14 @@ func SendRegisterNFInstance(nrfUri, nfInstanceId string, profile models.NfProfil
 			resourceUri := res.Header.Get("Location")
 			resouceNrfUri = resourceUri[:strings.Index(resourceUri, "/nnrf-nfm/")]
 			retrieveNfInstanceId = resourceUri[strings.LastIndex(resourceUri, "/")+1:]
+
+			oauth2 := nf.CustomInfo["oauth2"].(bool)
+			amf_context.GetSelf().OAuth2Required = oauth2
+			logger.MainLog.Infoln("OAuth2 setting receive from NRF:", oauth2)
+			if oauth2 && amf_context.GetSelf().NrfCerPem == "" {
+				logger.CfgLog.Error("OAuth2 enable but no nrfCerPem provided in config.")
+			}
+
 			break
 		} else {
 			fmt.Println(fmt.Errorf("handler returned wrong status code %d", status))
@@ -116,6 +125,11 @@ func SendRegisterNFInstance(nrfUri, nfInstanceId string, profile models.NfProfil
 func SendDeregisterNFInstance() (problemDetails *models.ProblemDetails, err error) {
 	logger.ConsumerLog.Infof("[AMF] Send Deregister NFInstance")
 
+	ctx, pd, err := GetTokenCtx("nnrf-nfm", "NRF")
+	if err != nil {
+		return pd, err
+	}
+
 	amfSelf := amf_context.GetSelf()
 	// Set client and set url
 	configuration := Nnrf_NFManagement.NewConfiguration()
@@ -124,9 +138,9 @@ func SendDeregisterNFInstance() (problemDetails *models.ProblemDetails, err erro
 
 	var res *http.Response
 
-	res, err = client.NFInstanceIDDocumentApi.DeregisterNFInstance(context.Background(), amfSelf.NfId)
+	res, err = client.NFInstanceIDDocumentApi.DeregisterNFInstance(ctx, amfSelf.NfId)
 	if err == nil {
-		return
+		return problemDetails, err
 	} else if res != nil {
 		defer func() {
 			if bodyCloseErr := res.Body.Close(); bodyCloseErr != nil {
@@ -134,12 +148,12 @@ func SendDeregisterNFInstance() (problemDetails *models.ProblemDetails, err erro
 			}
 		}()
 		if res.Status != err.Error() {
-			return
+			return problemDetails, err
 		}
 		problem := err.(openapi.GenericOpenAPIError).Model().(models.ProblemDetails)
 		problemDetails = &problem
 	} else {
 		err = openapi.ReportError("server no response")
 	}
-	return
+	return problemDetails, err
 }
diff --git a/pkg/factory/config.go b/pkg/factory/config.go
index 51239e10..c7024841 100644
--- a/pkg/factory/config.go
+++ b/pkg/factory/config.go
@@ -75,6 +75,7 @@ type Configuration struct {
 	SupportDnnList         []string          `yaml:"supportDnnList,omitempty" valid:"required"`
 	SupportLadnList        []Ladn            `yaml:"supportLadnList,omitempty" valid:"optional"`
 	NrfUri                 string            `yaml:"nrfUri,omitempty" valid:"required, url"`
+	NrfCerPem              string            `yaml:"nrfCerPem,omitempty" valid:"type(string),minstringlength(1),optional"`
 	Security               *Security         `yaml:"security,omitempty" valid:"required"`
 	NetworkName            NetworkName       `yaml:"networkName,omitempty" valid:"required"`
 	NgapIE                 *NgapIE           `yaml:"ngapIE,omitempty" valid:"optional"`

From 2340e42913a237d66bba8d0106a28f4320b3bdfe Mon Sep 17 00:00:00 2001
From: "CTFang@WireLab" <ctfang.cs12@nycu.edu.tw>
Date: Thu, 16 Nov 2023 03:33:11 +0000
Subject: [PATCH 2/7] Fix lint error

---
 internal/sbi/consumer/subscriber_data_management.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/internal/sbi/consumer/subscriber_data_management.go b/internal/sbi/consumer/subscriber_data_management.go
index cf1a64e8..95a8e809 100644
--- a/internal/sbi/consumer/subscriber_data_management.go
+++ b/internal/sbi/consumer/subscriber_data_management.go
@@ -240,11 +240,11 @@ func SDMUnsubscribe(ue *amf_context.AmfUe) (problemDetails *models.ProblemDetail
 		}
 	}()
 	if localErr == nil {
-		return
+		return problemDetails, err
 	} else if httpResp != nil {
 		if httpResp.Status != localErr.Error() {
 			err = localErr
-			return
+			return problemDetails, err
 		}
 		problem := localErr.(openapi.GenericOpenAPIError).Model().(models.ProblemDetails)
 		problemDetails = &problem

From 8ab38eb50bac8fc9746de7f88f6ef550ccbaf2b4 Mon Sep 17 00:00:00 2001
From: "CTFang@WireLab" <ctfang.cs12@nycu.edu.tw>
Date: Thu, 16 Nov 2023 04:01:54 +0000
Subject: [PATCH 3/7] fix variable name

---
 internal/sbi/consumer/nf_accesstoken.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/internal/sbi/consumer/nf_accesstoken.go b/internal/sbi/consumer/nf_accesstoken.go
index 76c31b3c..2c03b9f0 100644
--- a/internal/sbi/consumer/nf_accesstoken.go
+++ b/internal/sbi/consumer/nf_accesstoken.go
@@ -13,8 +13,8 @@ import (
 func GetTokenCtx(scope, targetNF string) (context.Context, *models.ProblemDetails, error) {
 	if amf_context.GetSelf().OAuth2Required {
 		logger.ConsumerLog.Debugln("GetToekenCtx")
-		udrSelf := amf_context.GetSelf()
-		tok, pd, err := oauth.SendAccTokenReq(udrSelf.NfId, models.NfType_AMF, scope, targetNF, udrSelf.NrfUri)
+		amfSelf := amf_context.GetSelf()
+		tok, pd, err := oauth.SendAccTokenReq(amfSelf.NfId, models.NfType_AMF, scope, targetNF, amfSelf.NrfUri)
 		if err != nil {
 			return nil, pd, err
 		}

From 67b1afe82eb067935e0b0ed153449d9f26301c87 Mon Sep 17 00:00:00 2001
From: "CTFang@WireLab" <ctfang.cs12@nycu.edu.tw>
Date: Tue, 12 Dec 2023 05:35:21 +0000
Subject: [PATCH 4/7] Fix: minor changes

---
 internal/context/context.go           | 6 +++---
 internal/sbi/consumer/nf_mangement.go | 9 ++++++---
 pkg/factory/config.go                 | 2 +-
 3 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/internal/context/context.go b/internal/context/context.go
index 0808a52f..0e04debd 100644
--- a/internal/context/context.go
+++ b/internal/context/context.go
@@ -66,7 +66,7 @@ type AMFContext struct {
 	SupportDnnLists              []string
 	AMFStatusSubscriptions       sync.Map // map[subscriptionID]models.SubscriptionData
 	NrfUri                       string
-	NrfCerPem                    string
+	NrfCertPem                   string
 	SecurityAlgorithm            SecurityAlgorithm
 	NetworkName                  factory.NetworkName
 	NgapIpList                   []string // NGAP Server IP
@@ -129,8 +129,8 @@ func InitAmfContext(context *AMFContext) {
 		context.LadnPool[ladn.Dnn] = ladn
 	}
 	context.NrfUri = config.GetNrfUri()
-	if configuration.NrfCerPem != "" {
-		context.NrfCerPem = configuration.NrfCerPem
+	if configuration.NrfCertPem != "" {
+		context.NrfCertPem = configuration.NrfCertPem
 	}
 	security := configuration.Security
 	if security != nil {
diff --git a/internal/sbi/consumer/nf_mangement.go b/internal/sbi/consumer/nf_mangement.go
index e351072c..8d5b0436 100644
--- a/internal/sbi/consumer/nf_mangement.go
+++ b/internal/sbi/consumer/nf_mangement.go
@@ -106,11 +106,14 @@ func SendRegisterNFInstance(nrfUri, nfInstanceId string, profile models.NfProfil
 			resouceNrfUri = resourceUri[:strings.Index(resourceUri, "/nnrf-nfm/")]
 			retrieveNfInstanceId = resourceUri[strings.LastIndex(resourceUri, "/")+1:]
 
-			oauth2 := nf.CustomInfo["oauth2"].(bool)
+			oauth2 := false
+			if nf.CustomInfo != nil {
+				oauth2 = nf.CustomInfo["oauth2"].(bool)
+			}
 			amf_context.GetSelf().OAuth2Required = oauth2
 			logger.MainLog.Infoln("OAuth2 setting receive from NRF:", oauth2)
-			if oauth2 && amf_context.GetSelf().NrfCerPem == "" {
-				logger.CfgLog.Error("OAuth2 enable but no nrfCerPem provided in config.")
+			if oauth2 && amf_context.GetSelf().NrfCertPem == "" {
+				logger.CfgLog.Error("OAuth2 enable but no NrfCertPem provided in config.")
 			}
 
 			break
diff --git a/pkg/factory/config.go b/pkg/factory/config.go
index c7024841..21358276 100644
--- a/pkg/factory/config.go
+++ b/pkg/factory/config.go
@@ -75,7 +75,7 @@ type Configuration struct {
 	SupportDnnList         []string          `yaml:"supportDnnList,omitempty" valid:"required"`
 	SupportLadnList        []Ladn            `yaml:"supportLadnList,omitempty" valid:"optional"`
 	NrfUri                 string            `yaml:"nrfUri,omitempty" valid:"required, url"`
-	NrfCerPem              string            `yaml:"nrfCerPem,omitempty" valid:"type(string),minstringlength(1),optional"`
+	NrfCertPem             string            `yaml:"nrfCertPem,omitempty" valid:"type(string),optional"`
 	Security               *Security         `yaml:"security,omitempty" valid:"required"`
 	NetworkName            NetworkName       `yaml:"networkName,omitempty" valid:"required"`
 	NgapIE                 *NgapIE           `yaml:"ngapIE,omitempty" valid:"optional"`

From 2806eb551a1eaec1b8c27f371dc3b2a813377321 Mon Sep 17 00:00:00 2001
From: "CTFang@WireLab" <ctfang.cs12@nycu.edu.tw>
Date: Wed, 13 Dec 2023 03:19:09 +0000
Subject: [PATCH 5/7] Fix: prevent assertion and modify config setting

---
 internal/sbi/consumer/nf_mangement.go | 9 ++++++---
 pkg/factory/config.go                 | 2 +-
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/internal/sbi/consumer/nf_mangement.go b/internal/sbi/consumer/nf_mangement.go
index 8d5b0436..8339e44f 100644
--- a/internal/sbi/consumer/nf_mangement.go
+++ b/internal/sbi/consumer/nf_mangement.go
@@ -108,12 +108,15 @@ func SendRegisterNFInstance(nrfUri, nfInstanceId string, profile models.NfProfil
 
 			oauth2 := false
 			if nf.CustomInfo != nil {
-				oauth2 = nf.CustomInfo["oauth2"].(bool)
+				v, ok := nf.CustomInfo["oauth2"].(bool)
+				if ok {
+					oauth2 = v
+					logger.MainLog.Infoln("OAuth2 setting receive from NRF:", oauth2)
+				}
 			}
 			amf_context.GetSelf().OAuth2Required = oauth2
-			logger.MainLog.Infoln("OAuth2 setting receive from NRF:", oauth2)
 			if oauth2 && amf_context.GetSelf().NrfCertPem == "" {
-				logger.CfgLog.Error("OAuth2 enable but no NrfCertPem provided in config.")
+				logger.CfgLog.Error("OAuth2 enable but no nrfCertPem provided in config.")
 			}
 
 			break
diff --git a/pkg/factory/config.go b/pkg/factory/config.go
index 21358276..252a94bc 100644
--- a/pkg/factory/config.go
+++ b/pkg/factory/config.go
@@ -75,7 +75,7 @@ type Configuration struct {
 	SupportDnnList         []string          `yaml:"supportDnnList,omitempty" valid:"required"`
 	SupportLadnList        []Ladn            `yaml:"supportLadnList,omitempty" valid:"optional"`
 	NrfUri                 string            `yaml:"nrfUri,omitempty" valid:"required, url"`
-	NrfCertPem             string            `yaml:"nrfCertPem,omitempty" valid:"type(string),optional"`
+	NrfCertPem             string            `yaml:"nrfCertPem,omitempty" valid:"optional"`
 	Security               *Security         `yaml:"security,omitempty" valid:"required"`
 	NetworkName            NetworkName       `yaml:"networkName,omitempty" valid:"required"`
 	NgapIE                 *NgapIE           `yaml:"ngapIE,omitempty" valid:"optional"`

From 73f07653681a6c2052bf79c4415fbc5f9b9cec3e Mon Sep 17 00:00:00 2001
From: "CTFang@WireLab" <ctfang.cs12@nycu.edu.tw>
Date: Mon, 18 Dec 2023 05:08:45 +0000
Subject: [PATCH 6/7] Fix: move GetTokenCtx() and fix minor logic

---
 go.mod                                  |  2 +-
 go.sum                                  |  4 ++--
 internal/context/context.go             | 14 ++++++++++++++
 internal/sbi/consumer/nf_accesstoken.go | 25 -------------------------
 internal/sbi/consumer/nf_discovery.go   |  2 +-
 internal/sbi/consumer/nf_mangement.go   |  2 +-
 6 files changed, 19 insertions(+), 30 deletions(-)
 delete mode 100644 internal/sbi/consumer/nf_accesstoken.go

diff --git a/go.mod b/go.mod
index 44c28cbf..4190a571 100644
--- a/go.mod
+++ b/go.mod
@@ -9,7 +9,7 @@ require (
 	github.com/free5gc/aper v1.0.5-0.20230614030933-c73735898582
 	github.com/free5gc/nas v1.1.2-0.20230828074825-175b09665828
 	github.com/free5gc/ngap v1.0.7-0.20230614061954-9c128114ab1f
-	github.com/free5gc/openapi v1.0.7-0.20231112094355-a96c3450377e
+	github.com/free5gc/openapi v1.0.7-0.20231216094313-e15a4ff046f6
 	github.com/free5gc/sctp v0.0.0-20231121085449-400a702ea7f9
 	github.com/free5gc/util v1.0.5-0.20231001095115-433858e5be94
 	github.com/gin-contrib/cors v1.3.1
diff --git a/go.sum b/go.sum
index c3b26c75..ff48dde4 100644
--- a/go.sum
+++ b/go.sum
@@ -70,8 +70,8 @@ github.com/free5gc/nas v1.1.2-0.20230828074825-175b09665828/go.mod h1:fjWwpyp7/w
 github.com/free5gc/ngap v1.0.7-0.20230614061954-9c128114ab1f h1:wgXjoknZ7JJoZ72J15g/f2/0DgdCpfcTg189lnhUPuY=
 github.com/free5gc/ngap v1.0.7-0.20230614061954-9c128114ab1f/go.mod h1:lKA1sLTYM3CGEBhZVxkGGJIkai5+Bvy2yHIMhb7Vx/k=
 github.com/free5gc/openapi v1.0.6/go.mod h1:iw/N0E+FlX44EEx24IBi2EdZW8v+bkj3ETWPGnlK9DI=
-github.com/free5gc/openapi v1.0.7-0.20231112094355-a96c3450377e h1:mXnoioq+fxpChliDl5Uy+m6+Hm7iWrJPZo9mi6BijHE=
-github.com/free5gc/openapi v1.0.7-0.20231112094355-a96c3450377e/go.mod h1:qv9KqEucoZSeENPRFGxfTe+33ZWYyiYFx1Rj+H0DoWA=
+github.com/free5gc/openapi v1.0.7-0.20231216094313-e15a4ff046f6 h1:8P/wOkTAQMgZJe9pUUNSTE5PWeAdlMrsU9kLsI+VAVE=
+github.com/free5gc/openapi v1.0.7-0.20231216094313-e15a4ff046f6/go.mod h1:qv9KqEucoZSeENPRFGxfTe+33ZWYyiYFx1Rj+H0DoWA=
 github.com/free5gc/sctp v0.0.0-20231121085449-400a702ea7f9 h1:L02UI8oODfXgH1fGzWWuWF4zyze4IScEFm20q3PKZdE=
 github.com/free5gc/sctp v0.0.0-20231121085449-400a702ea7f9/go.mod h1:Nr81VlvMkBHZsCbWPXjosBh+SWLdeEyz8o0OrS110Ic=
 github.com/free5gc/util v1.0.5-0.20231001095115-433858e5be94 h1:tNylIqH/m5Kq+3KuC+jjXGl06Y6EmM8yq61ZUgNrPBY=
diff --git a/internal/context/context.go b/internal/context/context.go
index 0e04debd..236c29a2 100644
--- a/internal/context/context.go
+++ b/internal/context/context.go
@@ -1,6 +1,7 @@
 package context
 
 import (
+	"context"
 	"fmt"
 	"math"
 	"net"
@@ -18,6 +19,7 @@ import (
 	"github.com/free5gc/nas/security"
 	"github.com/free5gc/openapi"
 	"github.com/free5gc/openapi/models"
+	"github.com/free5gc/openapi/oauth"
 	"github.com/free5gc/util/idgenerator"
 )
 
@@ -542,9 +544,21 @@ func (context *AMFContext) Reset() {
 	context.HttpIPv6Address = ""
 	context.Name = "amf"
 	context.NrfUri = ""
+	context.NrfCertPem = ""
+	context.OAuth2Required = false
 }
 
 // Create new AMF context
 func GetSelf() *AMFContext {
 	return &amfContext
 }
+
+func (c *AMFContext) GetTokenCtx(scope, targetNF string) (
+	context.Context, *models.ProblemDetails, error,
+) {
+	if !c.OAuth2Required {
+		return context.TODO(), nil, nil
+	}
+	return oauth.GetTokenCtx(models.NfType_AMF,
+		c.NfId, c.NrfUri, scope, targetNF)
+}
diff --git a/internal/sbi/consumer/nf_accesstoken.go b/internal/sbi/consumer/nf_accesstoken.go
deleted file mode 100644
index 2c03b9f0..00000000
--- a/internal/sbi/consumer/nf_accesstoken.go
+++ /dev/null
@@ -1,25 +0,0 @@
-package consumer
-
-import (
-	"context"
-
-	amf_context "github.com/free5gc/amf/internal/context"
-	"github.com/free5gc/amf/internal/logger"
-	"github.com/free5gc/openapi"
-	"github.com/free5gc/openapi/models"
-	"github.com/free5gc/openapi/oauth"
-)
-
-func GetTokenCtx(scope, targetNF string) (context.Context, *models.ProblemDetails, error) {
-	if amf_context.GetSelf().OAuth2Required {
-		logger.ConsumerLog.Debugln("GetToekenCtx")
-		amfSelf := amf_context.GetSelf()
-		tok, pd, err := oauth.SendAccTokenReq(amfSelf.NfId, models.NfType_AMF, scope, targetNF, amfSelf.NrfUri)
-		if err != nil {
-			return nil, pd, err
-		}
-		return context.WithValue(context.Background(),
-			openapi.ContextOAuth2, tok), pd, nil
-	}
-	return context.TODO(), nil, nil
-}
diff --git a/internal/sbi/consumer/nf_discovery.go b/internal/sbi/consumer/nf_discovery.go
index 4f7c3a74..ada46d33 100644
--- a/internal/sbi/consumer/nf_discovery.go
+++ b/internal/sbi/consumer/nf_discovery.go
@@ -19,7 +19,7 @@ func SendSearchNFInstances(nrfUri string, targetNfType, requestNfType models.NfT
 	configuration.SetBasePath(nrfUri)
 	client := Nnrf_NFDiscovery.NewAPIClient(configuration)
 
-	ctx, _, err := GetTokenCtx("nnrf-nfm", "NRF")
+	ctx, _, err := amf_context.GetSelf().GetTokenCtx("nnrf-nfm", "NRF")
 	if err != nil {
 		return nil, err
 	}
diff --git a/internal/sbi/consumer/nf_mangement.go b/internal/sbi/consumer/nf_mangement.go
index 8339e44f..d5b8cc3d 100644
--- a/internal/sbi/consumer/nf_mangement.go
+++ b/internal/sbi/consumer/nf_mangement.go
@@ -131,7 +131,7 @@ func SendRegisterNFInstance(nrfUri, nfInstanceId string, profile models.NfProfil
 func SendDeregisterNFInstance() (problemDetails *models.ProblemDetails, err error) {
 	logger.ConsumerLog.Infof("[AMF] Send Deregister NFInstance")
 
-	ctx, pd, err := GetTokenCtx("nnrf-nfm", "NRF")
+	ctx, pd, err := amf_context.GetSelf().GetTokenCtx("nnrf-nfm", "NRF")
 	if err != nil {
 		return pd, err
 	}

From 07c38b38226e50eb51a49c43b9cccf93cdd3ff78 Mon Sep 17 00:00:00 2001
From: "CTFang@WireLab" <ctfang.cs12@nycu.edu.tw>
Date: Mon, 18 Dec 2023 11:05:45 +0000
Subject: [PATCH 7/7] Fix: Remove unused condition

---
 internal/context/context.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/internal/context/context.go b/internal/context/context.go
index 236c29a2..afc9391a 100644
--- a/internal/context/context.go
+++ b/internal/context/context.go
@@ -131,9 +131,7 @@ func InitAmfContext(context *AMFContext) {
 		context.LadnPool[ladn.Dnn] = ladn
 	}
 	context.NrfUri = config.GetNrfUri()
-	if configuration.NrfCertPem != "" {
-		context.NrfCertPem = configuration.NrfCertPem
-	}
+	context.NrfCertPem = configuration.NrfCertPem
 	security := configuration.Security
 	if security != nil {
 		context.SecurityAlgorithm.IntegrityOrder = getIntAlgOrder(security.IntegrityOrder)