Examples with Credentials io.pravega.client.stream.impl.Credentials used on opensource projects

Example 1 with Credentials

use of io.pravega.client.stream.impl.Credentials in project pravega by pravega.

the class PravegaAuthManagerTest method registerInterceptors.

@Test
public void registerInterceptors() throws Exception {
    // Test the registration method.
    GRPCServerConfig config = GRPCServerConfigImpl.builder().authorizationEnabled(true).userPasswordFile(file.getAbsolutePath()).port(1000).build();
    PravegaAuthManager manager = new PravegaAuthManager(config);
    int port = TestUtils.getAvailableListenPort();
    ServerBuilder<?> server = ServerBuilder.forPort(port).useTransportSecurity(new File("../config/cert.pem"), new File("../config/key.pem"));
    server.addService(serviceImpl);
    manager.registerInterceptors(server);
    server.build().start();
    InlineExecutor executor = new InlineExecutor();
    Credentials creds = new DefaultCredentials("1111_aaaa", "admin");
    final ControllerImpl controllerClient = new ControllerImpl(ControllerImplConfig.builder().clientConfig(ClientConfig.builder().controllerURI(URI.create("tcp://localhost:" + port)).build()).retryAttempts(1).build(), executor);
    MultivaluedMap<String, String> map = new MultivaluedHashMap();
    // Without specifying a valid handler.
    assertThrows(AuthenticationException.class, () -> manager.authenticate("hi", map, AuthHandler.Permissions.READ));
    // Non existent interceptor method.
    map.add("method", "invalid");
    assertThrows(AuthenticationException.class, () -> manager.authenticate("hi", map, AuthHandler.Permissions.READ));
    // Specify a valid method but no parameters for default interceptor.
    map.putSingle("method", "Pravega-Default");
    assertThrows(AuthenticationException.class, () -> manager.authenticate("hi", map, AuthHandler.Permissions.READ));
    // Specify a valid method but no password for default interceptor.
    map.putSingle("username", "dummy3");
    assertThrows(AuthenticationException.class, () -> manager.authenticate("hi", map, AuthHandler.Permissions.READ));
    // Specify a valid method and parameters but invalid resource for default interceptor.
    map.putSingle("password", "password");
    assertFalse("Not existent resource should return false", manager.authenticate("invalid", map, AuthHandler.Permissions.READ));
    // Valid parameters for default interceptor
    map.putSingle("username", "dummy3");
    map.putSingle("password", "password");
    assertTrue("Read access for read resource should return true", manager.authenticate("readresource", map, AuthHandler.Permissions.READ));
    // Stream/scope access should be extended to segment.
    assertTrue("Read access for read resource should return true", manager.authenticate("readresource/segment", map, AuthHandler.Permissions.READ));
    // Levels of access
    assertFalse("Write access for read resource should return false", manager.authenticate("readresource", map, AuthHandler.Permissions.READ_UPDATE));
    assertTrue("Read access for write resource should return true", manager.authenticate("totalaccess", map, AuthHandler.Permissions.READ));
    assertTrue("Write access for write resource should return true", manager.authenticate("totalaccess", map, AuthHandler.Permissions.READ_UPDATE));
    // Check the wildcard access
    map.putSingle("username", "dummy4");
    assertTrue("Write access for write resource should return true", manager.authenticate("totalaccess", map, AuthHandler.Permissions.READ_UPDATE));
    map.putSingle("method", "testHandler");
    assertTrue("Test handler should be called", manager.authenticate("any", map, AuthHandler.Permissions.READ));
    assertThrows(RetriesExhaustedException.class, () -> controllerClient.createScope("hi").join());
}