Example 16 with DefaultCredentials
use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.
the class ControllerGrpcListStreamsTest method testListStreamsReturnsAuthorizedStreamsOnly.
@Test
public void testListStreamsReturnsAuthorizedStreamsOnly() {
// Arrange
Map<String, String> passwordInputFileEntries = new HashMap<>();
passwordInputFileEntries.put("admin", "prn::*,READ_UPDATE");
passwordInputFileEntries.put("user", "prn::/scope:scope1,READ;prn::/scope:scope1/stream:stream1,READ");
@Cleanup ClusterWrapper cluster = ClusterWrapper.builder().authEnabled(true).passwordAuthHandlerEntries(this.preparePasswordInputFileEntries(passwordInputFileEntries)).build();
cluster.start();
String scopeName = "scope1";
this.createStreams(ClientConfig.builder().controllerURI(URI.create(cluster.controllerUri())).credentials(new DefaultCredentials("1111_aaaa", "admin")).build(), scopeName, Arrays.asList("stream1", "stream2", "stream3"));
// Act
Set<Stream> streams = listStreams(ClientConfig.builder().controllerURI(URI.create(cluster.controllerUri())).credentials(new DefaultCredentials("1111_aaaa", "user")).build(), scopeName);
// Assert
assertEquals(1, streams.size());
}
Also used :
DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials)
HashMap(java.util.HashMap)
ClusterWrapper(io.pravega.test.integration.demo.ClusterWrapper)
Stream(io.pravega.client.stream.Stream)
Cleanup(lombok.Cleanup)
Test(org.junit.Test)
Example 17 with DefaultCredentials
use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.
the class AdminCommand method getClientConfig.
private ClientConfig getClientConfig() {
ClientConfig.ClientConfigBuilder clientConfigBuilder = ClientConfig.builder().controllerURI(URI.create(getCLIControllerConfig().getControllerGrpcURI()));
if (getCLIControllerConfig().isAuthEnabled()) {
clientConfigBuilder.credentials(new DefaultCredentials(getCLIControllerConfig().getPassword(), getCLIControllerConfig().getUserName()));
}
if (getCLIControllerConfig().isTlsEnabled()) {
clientConfigBuilder.trustStore(getCLIControllerConfig().getTruststore()).validateHostName(false);
}
ClientConfig clientConfig = clientConfigBuilder.build();
return clientConfig;
}
Also used :
DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials)
ClientConfig(io.pravega.client.ClientConfig)
Example 18 with DefaultCredentials
use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.
the class ControllerImplTest method testCredPluginException.
@Test
public void testCredPluginException() throws Exception {
NettyChannelBuilder builder = spy(NettyChannelBuilder.forAddress("localhost", serverPort).keepAliveTime(10, TimeUnit.SECONDS));
final NettyChannelBuilder channelBuilder;
if (testSecure) {
channelBuilder = builder.sslContext(GrpcSslContexts.forClient().trustManager(new File(SecurityConfigDefaults.TLS_CA_CERT_PATH)).build());
} else {
channelBuilder = builder.usePlaintext();
}
// Setup mocks.
ClientConfig cfg = spy(ClientConfig.builder().credentials(new DefaultCredentials("pass", "user")).trustStore(SecurityConfigDefaults.TLS_CA_CERT_PATH).controllerURI(URI.create((testSecure ? "tls://" : "tcp://") + "localhost:" + serverPort)).build());
doThrow(new IllegalStateException("Exception thrown by cred plugin")).when(cfg).getCredentials();
ManagedChannel channel = mock(ManagedChannel.class);
doReturn(channel).when(builder).build();
ControllerImplConfig controllerCfg = new ControllerImplConfig(1, 1, 1, 1, 1000, cfg);
// Verify exception scenario.
assertThrows(IllegalStateException.class, () -> new ControllerImpl(channelBuilder, controllerCfg, this.executor));
verify(channel, times(1)).shutdownNow();
verify(channel, times(1)).awaitTermination(anyLong(), any(TimeUnit.class));
}
Also used :
DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials)
NettyChannelBuilder(io.grpc.netty.shaded.io.grpc.netty.NettyChannelBuilder)
ManagedChannel(io.grpc.ManagedChannel)
TimeUnit(java.util.concurrent.TimeUnit)
ClientConfig(io.pravega.client.ClientConfig)
File(java.io.File)
Test(org.junit.Test)
Example 19 with DefaultCredentials
use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.
the class ControllerGrpcAuthFocusedTest method prepareNonBlockingCallStub.
private ControllerServiceStub prepareNonBlockingCallStub(String username, String password) {
Exceptions.checkNotNullOrEmpty(username, "username");
Exceptions.checkNotNullOrEmpty(password, "password");
ControllerServiceGrpc.ControllerServiceStub stub = ControllerServiceGrpc.newStub(inProcessChannel);
// Set call credentials
Credentials credentials = new DefaultCredentials(password, username);
if (credentials != null) {
PravegaCredentialsWrapper wrapper = new PravegaCredentialsWrapper(credentials);
stub = stub.withCallCredentials(MoreCallCredentials.from(wrapper));
}
return stub;
}
Also used :
DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials)
ControllerServiceStub(io.pravega.controller.stream.api.grpc.v1.ControllerServiceGrpc.ControllerServiceStub)
PravegaCredentialsWrapper(io.pravega.client.control.impl.PravegaCredentialsWrapper)
ControllerServiceGrpc(io.pravega.controller.stream.api.grpc.v1.ControllerServiceGrpc)
MoreCallCredentials(io.grpc.auth.MoreCallCredentials)
DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials)
Credentials(io.pravega.shared.security.auth.Credentials)
Example 20 with DefaultCredentials
use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.
the class ExternalAdapter method startUp.
// endregion
// region ClientAdapterBase and StorageAdapter Implementation
@Override
protected void startUp() throws Exception {
try {
URI controllerUri = new URI(getControllerUrl());
// Create Stream Manager, Scope and Client Factory.
this.streamManager.set(StreamManager.create(ClientConfig.builder().trustStore(String.format("../../config/%s", SecurityConfigDefaults.TLS_CA_CERT_FILE_NAME)).credentials(new DefaultCredentials("1111_aaaa", "admin")).validateHostName(false).controllerURI(controllerUri).build()));
Retry.withExpBackoff(500, 2, 10).retryWhen(ex -> true).run(() -> this.streamManager.get().createScope(SCOPE));
// Create Client Factory.
this.clientFactory.set(EventStreamClientFactory.withScope(SCOPE, ClientConfig.builder().trustStore(String.format("../../config/%s", SecurityConfigDefaults.TLS_CA_CERT_FILE_NAME)).credentials(new DefaultCredentials("1111_aaaa", "admin")).validateHostName(false).controllerURI(controllerUri).build()));
// Create, Seal and Delete a dummy segment - this verifies that the client is properly setup and that all the
// components are running properly.
String testStreamName = "Ping" + Long.toHexString(System.currentTimeMillis());
this.streamManager.get().createStream(SCOPE, testStreamName, StreamConfiguration.builder().build());
this.streamManager.get().sealStream(SCOPE, testStreamName);
this.streamManager.get().deleteStream(SCOPE, testStreamName);
log("Client initialized; using scope '%s'.", SCOPE);
} catch (Throwable ex) {
if (!Exceptions.mustRethrow(ex)) {
close();
}
throw ex;
}
super.startUp();
}
Also used :
DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials)
SneakyThrows(lombok.SneakyThrows)
Retry(io.pravega.common.util.Retry)
KeyValueTableFactory(io.pravega.client.KeyValueTableFactory)
StreamManager(io.pravega.client.admin.StreamManager)
Exceptions(io.pravega.common.Exceptions)
StreamConfiguration(io.pravega.client.stream.StreamConfiguration)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
TestConfig(io.pravega.test.integration.selftest.TestConfig)
KeyValueTableManager(io.pravega.client.admin.KeyValueTableManager)
SecurityConfigDefaults(io.pravega.test.common.SecurityConfigDefaults)
DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials)
ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService)
EventStreamClientFactory(io.pravega.client.EventStreamClientFactory)
URI(java.net.URI)
ClientConfig(io.pravega.client.ClientConfig)
URI(java.net.URI)
Aggregations
DefaultCredentials (io.pravega.shared.security.auth.DefaultCredentials)27
ClientConfig (io.pravega.client.ClientConfig)17
Test (org.junit.Test)14
Cleanup (lombok.Cleanup)12
ClusterWrapper (io.pravega.test.integration.demo.ClusterWrapper)9
HashMap (java.util.HashMap)5
EventStreamClientFactory (io.pravega.client.EventStreamClientFactory)4
StreamManager (io.pravega.client.admin.StreamManager)4
ReaderGroupConfig (io.pravega.client.stream.ReaderGroupConfig)4
Stream (io.pravega.client.stream.Stream)4
StreamConfiguration (io.pravega.client.stream.StreamConfiguration)4
Credentials (io.pravega.shared.security.auth.Credentials)4
MoreCallCredentials (io.grpc.auth.MoreCallCredentials)3
NettyChannelBuilder (io.grpc.netty.shaded.io.grpc.netty.NettyChannelBuilder)3
AdminCommandState (io.pravega.cli.admin.AdminCommandState)3
ReaderGroupManager (io.pravega.client.admin.ReaderGroupManager)3
PravegaCredentialsWrapper (io.pravega.client.control.impl.PravegaCredentialsWrapper)3
URI (java.net.URI)3
Properties (java.util.Properties)3
ImmutableMap (com.google.common.collect.ImmutableMap)2
