Example 56 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project cdap by cdapio.
the class GCPRemoteAuthenticatorTest method testRemoteAuthenticatorRefreshesExpiredAccessToken.
@Test
public void testRemoteAuthenticatorRefreshesExpiredAccessToken() throws Exception {
String expiredAccessTokenValue = "expired-access-token";
String accessTokenValue = "access-token";
// This is just an arbitrary fixed point in time.
Instant fixedInstant = Instant.ofEpochSecond(1646358109);
Clock fixedClock = Clock.fixed(fixedInstant, ZoneId.systemDefault());
GoogleCredentials mockGoogleCredentials = mock(GoogleCredentials.class);
AccessToken expiredAccessToken = new AccessToken(expiredAccessTokenValue, Date.from(fixedInstant.minus(Duration.ofHours(1))));
AccessToken accessToken = new AccessToken(accessTokenValue, Date.from(fixedInstant.plus(Duration.ofHours(1))));
when(mockGoogleCredentials.refreshAccessToken()).thenReturn(accessToken);
GCPRemoteAuthenticator gcpRemoteAuthenticator = new GCPRemoteAuthenticator(mockGoogleCredentials, fixedClock, expiredAccessToken);
// Verify expected credential value and that refresh was called exactly once.
Credential credential = gcpRemoteAuthenticator.getCredentials();
Assert.assertEquals(accessTokenValue, credential.getValue());
verify(mockGoogleCredentials, times(1)).refreshAccessToken();
}
Also used :
Credential(io.cdap.cdap.proto.security.Credential)
AccessToken(com.google.auth.oauth2.AccessToken)
Instant(java.time.Instant)
GoogleCredentials(com.google.auth.oauth2.GoogleCredentials)
Clock(java.time.Clock)
Test(org.junit.Test)
Example 57 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project helios by spotify.
the class AuthenticatingHttpConnector method connect.
@Override
public HttpURLConnection connect(final URI uri, final String method, final byte[] entity, final Map<String, List<String>> headers) throws HeliosException {
final Endpoint endpoint = endpointIterator.next();
// convert the URI whose hostname portion is a domain name into a URI where the host is an IP
// as we expect there to be several different IP addresses besides a common domain name
final URI ipUri;
try {
ipUri = toIpUri(endpoint, uri);
} catch (URISyntaxException e) {
throw new HeliosException(e);
}
try {
log.debug("connecting to {}", ipUri);
final Optional<AccessToken> accessTokenOpt = accessTokenSupplier.get();
if (accessTokenOpt.isPresent()) {
final String token = accessTokenOpt.get().getTokenValue();
headers.put("Authorization", singletonList("Bearer " + token));
log.debug("Add Authorization header with bearer token");
}
if (clientCertificatePath.isPresent()) {
// prioritize using the certificate file if set
return connectWithCertificateFile(ipUri, method, entity, headers);
} else if (agentProxy.isPresent() && !identities.isEmpty()) {
// ssh-agent based authentication
return connectWithIdentities(identities, ipUri, method, entity, headers);
} else {
// no authentication
return doConnect(ipUri, method, entity, headers);
}
} catch (ConnectException | SocketTimeoutException | UnknownHostException e) {
// UnknownHostException happens if we can't resolve hostname into IP address.
// UnknownHostException's getMessage method returns just the hostname which is a
// useless message, so log the exception class name to provide more info.
log.debug(e.toString());
throw new HeliosException("Unable to connect to master: " + ipUri, e);
} catch (IOException e) {
throw new HeliosException("Unexpected error connecting to " + ipUri, e);
}
}
Also used :
HeliosException(com.spotify.helios.common.HeliosException)
SocketTimeoutException(java.net.SocketTimeoutException)
UnknownHostException(java.net.UnknownHostException)
AccessToken(com.google.auth.oauth2.AccessToken)
URISyntaxException(java.net.URISyntaxException)
IOException(java.io.IOException)
URI(java.net.URI)
ConnectException(java.net.ConnectException)
Example 58 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project helios by spotify.
the class AuthenticatingHttpConnectorTest method createAuthenticatingConnectorWithAccessToken.
private AuthenticatingHttpConnector createAuthenticatingConnectorWithAccessToken(final Optional<AgentProxy> proxy, final List<Identity> identities) {
final EndpointIterator endpointIterator = EndpointIterator.of(endpoints);
final AccessToken accessToken = new AccessToken("<token>", null);
return new AuthenticatingHttpConnector(USER, Suppliers.ofInstance(Optional.of(accessToken)), proxy, Optional.<CertKeyPaths>absent(), endpointIterator, connector, identities);
}
Also used :
AccessToken(com.google.auth.oauth2.AccessToken)
Example 59 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project helios by spotify.
the class GoogleCredentialsAccessTokenSupplierTest method testGetWithStaticToken.
@Test
public void testGetWithStaticToken() {
final AccessToken token = new AccessToken("token", null);
final GoogleCredentialsAccessTokenSupplier supplier = new GoogleCredentialsAccessTokenSupplier(true, token, null);
assertThat(supplier.get(), equalTo(Optional.of(token)));
}
Also used :
AccessToken(com.google.auth.oauth2.AccessToken)
Test(org.junit.Test)
Example 60 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project java by kubernetes-client.
the class KubeConfigTest method testGCPAuthProviderExpiredTokenWithoutGCloud.
@Test
public void testGCPAuthProviderExpiredTokenWithoutGCloud() {
String gcpConfigExpiredToken = "apiVersion: v1\n" + "contexts:\n" + "- context:\n" + " user: gke-cluster\n" + " name: foo-context\n" + "current-context: foo-context\n" + "users:\n" + "- name: gke-cluster\n" + " user:\n" + " auth-provider:\n" + " config:\n" + " access-token: fake-token\n" + " expiry: 1970-01-01T00:00:00Z\n" + " name: gcp";
String fakeToken = "new-fake-token";
String fakeTokenExpiry = "2121-08-05T02:30:24Z";
GoogleCredentials mockGC = Mockito.mock(GoogleCredentials.class);
Mockito.when(mockGC.getAccessToken()).thenReturn(new AccessToken(fakeToken, Date.from(Instant.parse(fakeTokenExpiry))));
KubeConfig.registerAuthenticator(new GCPAuthenticator(null, mockGC));
try {
KubeConfig kc = KubeConfig.loadKubeConfig(new StringReader(gcpConfigExpiredToken));
assertEquals(fakeToken, kc.getAccessToken());
} catch (Exception ex) {
ex.printStackTrace();
fail("Unexpected exception: " + ex);
}
}
Also used :
GCPAuthenticator(io.kubernetes.client.util.authenticators.GCPAuthenticator)
AccessToken(com.google.auth.oauth2.AccessToken)
StringReader(java.io.StringReader)
GoogleCredentials(com.google.auth.oauth2.GoogleCredentials)
IOException(java.io.IOException)
Test(org.junit.Test)
Aggregations
AccessToken (com.google.auth.oauth2.AccessToken)78
Test (org.junit.Test)44
GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)33
Date (java.util.Date)23
IOException (java.io.IOException)20
AccessToken (io.vertx.ext.auth.oauth2.AccessToken)16
Instant (java.time.Instant)10
Client (javax.ws.rs.client.Client)10
AccessToken (org.glassfish.jersey.client.oauth1.AccessToken)10
ConsumerCredentials (org.glassfish.jersey.client.oauth1.ConsumerCredentials)10
JsonObject (io.vertx.core.json.JsonObject)9
URI (java.net.URI)9
Feature (javax.ws.rs.core.Feature)8
JerseyTest (org.glassfish.jersey.test.JerseyTest)8
MockHttpTransport (com.google.api.client.testing.http.MockHttpTransport)6
ServiceAccountCredentials (com.google.auth.oauth2.ServiceAccountCredentials)6
Credential (io.cdap.cdap.proto.security.Credential)6
InputStreamReader (java.io.InputStreamReader)6
Clock (java.time.Clock)6
WebTarget (javax.ws.rs.client.WebTarget)6
