use of io.airlift.http.server.HttpServerInfo in project trino by trinodb.
the class TestWebUi method testCustomPrincipalField.
@Test
public void testCustomPrincipalField() throws Exception {
String accessToken = createTokenBuilder().setSubject("unknown").addClaims(ImmutableMap.of("preferred_username", "test-user@email.com")).compact();
TestingHttpServer jwkServer = createTestingJwkServer();
jwkServer.start();
try (TestingTrinoServer server = TestingTrinoServer.builder().setProperties(ImmutableMap.<String, String>builder().putAll(OAUTH2_PROPERTIES).put("http-server.authentication.oauth2.jwks-url", jwkServer.getBaseUrl().toString()).put("http-server.authentication.oauth2.principal-field", "preferred_username").put("http-server.authentication.oauth2.user-mapping.pattern", "(.*)@.*").buildOrThrow()).setAdditionalModule(binder -> {
newOptionalBinder(binder, OAuth2Client.class).setBinding().toInstance(new OAuth2ClientStub(accessToken));
jaxrsBinder(binder).bind(AuthenticatedIdentityCapturingFilter.class);
}).build()) {
HttpServerInfo httpServerInfo = server.getInstance(Key.get(HttpServerInfo.class));
assertAuth2Authentication(httpServerInfo, accessToken);
Identity identity = server.getInstance(Key.get(AuthenticatedIdentityCapturingFilter.class)).getAuthenticatedIdentity();
assertThat(identity.getUser()).isEqualTo("test-user");
assertThat(identity.getPrincipal()).isEqualTo(Optional.of(new BasicPrincipal("test-user@email.com")));
} finally {
jwkServer.stop();
}
}
use of io.airlift.http.server.HttpServerInfo in project trino by trinodb.
the class TestWebUi method testOAuth2Authenticator.
@Test
public void testOAuth2Authenticator() throws Exception {
String accessToken = createTokenBuilder().compact();
TestingHttpServer jwkServer = createTestingJwkServer();
jwkServer.start();
try (TestingTrinoServer server = TestingTrinoServer.builder().setProperties(ImmutableMap.<String, String>builder().putAll(OAUTH2_PROPERTIES).put("http-server.authentication.oauth2.jwks-url", jwkServer.getBaseUrl().toString()).buildOrThrow()).setAdditionalModule(binder -> newOptionalBinder(binder, OAuth2Client.class).setBinding().toInstance(new OAuth2ClientStub(accessToken))).build()) {
HttpServerInfo httpServerInfo = server.getInstance(Key.get(HttpServerInfo.class));
assertAuth2Authentication(httpServerInfo, accessToken);
} finally {
jwkServer.stop();
}
}
use of io.airlift.http.server.HttpServerInfo in project trino by trinodb.
the class TestWebUi method testCertAuthenticator.
@Test
public void testCertAuthenticator() throws Exception {
try (TestingTrinoServer server = TestingTrinoServer.builder().setProperties(ImmutableMap.<String, String>builder().putAll(SECURE_PROPERTIES).put("http-server.authentication.type", "certificate").put("http-server.https.truststore.path", LOCALHOST_KEYSTORE).put("http-server.https.truststore.key", "").buildOrThrow()).build()) {
HttpServerInfo httpServerInfo = server.getInstance(Key.get(HttpServerInfo.class));
String nodeId = server.getInstance(Key.get(NodeInfo.class)).getNodeId();
testLogIn(httpServerInfo.getHttpUri(), FORM_LOGIN_USER, TEST_PASSWORD, false);
testNeverAuthorized(httpServerInfo.getHttpsUri(), client);
OkHttpClient.Builder clientBuilder = client.newBuilder();
setupSsl(clientBuilder, Optional.of(LOCALHOST_KEYSTORE), Optional.empty(), Optional.empty(), Optional.of(LOCALHOST_KEYSTORE), Optional.empty(), Optional.empty());
OkHttpClient clientWithCert = clientBuilder.build();
testAlwaysAuthorized(httpServerInfo.getHttpsUri(), clientWithCert, nodeId);
}
}
use of io.airlift.http.server.HttpServerInfo in project trino by trinodb.
the class TestWebUi method testDisabled.
@Test
public void testDisabled() throws Exception {
try (TestingTrinoServer server = TestingTrinoServer.builder().setProperties(ImmutableMap.<String, String>builder().putAll(SECURE_PROPERTIES).put("web-ui.enabled", "false").buildOrThrow()).build()) {
HttpServerInfo httpServerInfo = server.getInstance(Key.get(HttpServerInfo.class));
testDisabled(httpServerInfo.getHttpUri());
testDisabled(httpServerInfo.getHttpsUri());
}
}
use of io.airlift.http.server.HttpServerInfo in project trino by trinodb.
the class TestResourceSecurity method testPasswordAuthenticator.
@Test
public void testPasswordAuthenticator() throws Exception {
try (TestingTrinoServer server = TestingTrinoServer.builder().setProperties(ImmutableMap.<String, String>builder().putAll(SECURE_PROPERTIES).put("password-authenticator.config-files", passwordConfigDummy.toString()).put("http-server.authentication.type", "password").put("http-server.authentication.password.user-mapping.pattern", ALLOWED_USER_MAPPING_PATTERN).buildOrThrow()).build()) {
server.getInstance(Key.get(PasswordAuthenticatorManager.class)).setAuthenticators(TestResourceSecurity::authenticate);
server.getInstance(Key.get(AccessControlManager.class)).addSystemAccessControl(TestSystemAccessControl.WITH_IMPERSONATION);
HttpServerInfo httpServerInfo = server.getInstance(Key.get(HttpServerInfo.class));
assertAuthenticationDisabled(httpServerInfo.getHttpUri());
assertPasswordAuthentication(httpServerInfo.getHttpsUri());
}
}
Aggregations