use of io.pravega.auth.InvalidTokenException in project pravega by pravega.
the class SegmentOutputStreamImpl method reconnect.
@VisibleForTesting
void reconnect() {
if (state.isClosed()) {
return;
}
log.debug("(Re)connect invoked, Segment: {}, writerID: {}", segmentName, writerId);
state.setupConnection.registerAndRunReleaser(() -> {
// retry on all exceptions.
retrySchedule.retryWhen(t -> t instanceof Exception).runAsync(() -> {
log.debug("Running reconnect for segment {} writer {}", segmentName, writerId);
if (state.isClosed() || state.needSuccessors.get()) {
// stop reconnect when writer is closed or resend inflight to successors has been triggered.
return CompletableFuture.completedFuture(null);
}
Preconditions.checkState(state.getConnection() == null);
log.info("Fetching endpoint for segment {}, writer {}", segmentName, writerId);
return controller.getEndpointForSegment(segmentName).thenComposeAsync((PravegaNodeUri uri) -> {
log.info("Establishing connection to {} for {}, writerID: {}", uri, segmentName, writerId);
return establishConnection(uri);
}, connectionPool.getInternalExecutor()).thenCombineAsync(tokenProvider.retrieveToken(), AbstractMap.SimpleEntry<ClientConnection, String>::new, connectionPool.getInternalExecutor()).thenComposeAsync(pair -> {
ClientConnection connection = pair.getKey();
String token = pair.getValue();
CompletableFuture<Void> connectionSetupFuture = state.newConnection(connection);
SetupAppend cmd = new SetupAppend(requestId, writerId, segmentName, token);
try {
connection.send(cmd);
} catch (ConnectionFailedException e1) {
// This needs to be invoked here because call to failConnection from netty may occur before state.newConnection above.
state.failConnection(e1);
throw Exceptions.sneakyThrow(e1);
}
return connectionSetupFuture.exceptionally(t1 -> {
Throwable exception = Exceptions.unwrap(t1);
if (exception instanceof InvalidTokenException) {
log.info("Ending reconnect attempts on writer {} to {} because token verification failed due to invalid token", writerId, segmentName);
return null;
}
if (exception instanceof SegmentSealedException) {
log.info("Ending reconnect attempts on writer {} to {} because segment is sealed", writerId, segmentName);
return null;
}
if (exception instanceof NoSuchSegmentException) {
log.info("Ending reconnect attempts on writer {} to {} because segment is truncated", writerId, segmentName);
return null;
}
throw Exceptions.sneakyThrow(t1);
});
}, connectionPool.getInternalExecutor());
}, connectionPool.getInternalExecutor()).exceptionally(t -> {
log.error("Error while attempting to establish connection for writer {}", writerId, t);
failAndRemoveUnackedEvents(t);
return null;
});
}, new CompletableFuture<ClientConnection>());
}
use of io.pravega.auth.InvalidTokenException in project pravega by pravega.
the class SegmentMetadataClientTest method testTokenCheckFailure.
@Test(timeout = 10000)
public void testTokenCheckFailure() throws ConnectionFailedException {
Segment segment = new Segment("scope", "testRetry", 4);
PravegaNodeUri endpoint = new PravegaNodeUri("localhost", 0);
@Cleanup MockConnectionFactoryImpl cf = new MockConnectionFactoryImpl();
@Cleanup MockController controller = new MockController(endpoint.getEndpoint(), endpoint.getPort(), cf, true);
@Cleanup ClientConnection connection = mock(ClientConnection.class);
cf.provideConnection(endpoint, connection);
@Cleanup SegmentMetadataClientImpl client = new SegmentMetadataClientImpl(segment, controller, cf, "");
client.getConnection();
ReplyProcessor processor = cf.getProcessor(endpoint);
Mockito.doAnswer(new Answer<Void>() {
@Override
public Void answer(InvocationOnMock invocation) throws Throwable {
WireCommands.GetStreamSegmentInfo getStreamInfo = invocation.getArgument(0);
processor.process(new WireCommands.AuthTokenCheckFailed(getStreamInfo.getRequestId(), "server-stacktrace", WireCommands.AuthTokenCheckFailed.ErrorCode.TOKEN_CHECK_FAILED));
return null;
}
}).when(connection).send(any(WireCommands.GetStreamSegmentInfo.class));
AssertExtensions.assertThrows("TokenException was not thrown or server stacktrace contained unexpected content.", () -> client.fetchCurrentSegmentLength().join(), e -> e instanceof InvalidTokenException && e.getMessage().contains("serverStackTrace=server-stacktrace"));
}
use of io.pravega.auth.InvalidTokenException in project pravega by pravega.
the class SegmentMetadataClientTest method testTokenCheckFailed.
@Test(timeout = 10000)
public void testTokenCheckFailed() throws ConnectionFailedException {
Segment segment = new Segment("scope", "testRetry", 4);
PravegaNodeUri endpoint = new PravegaNodeUri("localhost", 0);
@Cleanup MockConnectionFactoryImpl cf = new MockConnectionFactoryImpl();
@Cleanup MockController controller = new MockController(endpoint.getEndpoint(), endpoint.getPort(), cf, true);
@Cleanup ClientConnection connection = mock(ClientConnection.class);
cf.provideConnection(endpoint, connection);
@Cleanup SegmentMetadataClientImpl client = new SegmentMetadataClientImpl(segment, controller, cf, "");
client.getConnection();
ReplyProcessor processor = cf.getProcessor(endpoint);
Mockito.doAnswer(new Answer<Void>() {
@Override
public Void answer(InvocationOnMock invocation) throws Throwable {
WireCommands.GetStreamSegmentInfo getStreamInfo = invocation.getArgument(0);
processor.process(new WireCommands.AuthTokenCheckFailed(getStreamInfo.getRequestId(), "server-stacktrace", WireCommands.AuthTokenCheckFailed.ErrorCode.TOKEN_CHECK_FAILED));
return null;
}
}).when(connection).send(any(WireCommands.GetStreamSegmentInfo.class));
AssertExtensions.assertThrows("TokenException was not thrown or server stacktrace contained unexpected content.", () -> client.fetchCurrentSegmentLength().join(), e -> e instanceof InvalidTokenException && e.getMessage().contains("serverStackTrace=server-stacktrace"));
}
use of io.pravega.auth.InvalidTokenException in project pravega by pravega.
the class PravegaRequestProcessorAuthFailedTest method setUp.
@Before
public void setUp() throws Exception {
StreamSegmentStore store = mock(StreamSegmentStore.class);
connection = mock(ServerConnection.class);
processor = new PravegaRequestProcessor(store, mock(TableStore.class), new TrackedConnection(connection), SegmentStatsRecorder.noOp(), TableSegmentStatsRecorder.noOp(), (resource, token, expectedLevel) -> {
throw new InvalidTokenException("Token verification failed.");
}, false);
}
use of io.pravega.auth.InvalidTokenException in project pravega by pravega.
the class JwtParser method parseClaims.
@VisibleForTesting
static Claims parseClaims(String token, byte[] signingKey) throws TokenExpiredException, InvalidTokenException {
if (Strings.isNullOrEmpty(token)) {
throw new InvalidTokenException("Token is null or empty");
}
try {
Jws<Claims> claimsJws = Jwts.parser().setSigningKey(signingKey).parseClaimsJws(token);
log.debug("Successfully parsed JWT token.");
return claimsJws.getBody();
} catch (ExpiredJwtException e) {
throw new TokenExpiredException(e);
} catch (JwtException e) {
throw new InvalidTokenException(e);
}
}
Aggregations