Examples with DefaultCredentials - io.pravega.shared.security.auth.DefaultCredentials

Example 21 with DefaultCredentials

use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.

the class SetupUtils method startAllServices.

/**
 * Start all pravega related services required for the test deployment.
 *
 * @param numThreads the number of threads for the internal client threadpool.
 * @param enableAuth set to enale authentication
 * @param enableTls set to enable tls
 * @throws Exception on any errors.
 */
public void startAllServices(Integer numThreads, boolean enableAuth, boolean enableTls) throws Exception {
    if (!this.started.compareAndSet(false, true)) {
        log.warn("Services already started, not attempting to start again");
        return;
    }
    if (enableAuth) {
        clientConfigBuilder = clientConfigBuilder.credentials(new DefaultCredentials(SecurityConfigDefaults.AUTH_ADMIN_PASSWORD, SecurityConfigDefaults.AUTH_ADMIN_USERNAME));
    }
    if (enableTls) {
        clientConfigBuilder = clientConfigBuilder.trustStore(pathToConfig() + SecurityConfigDefaults.TLS_CA_CERT_FILE_NAME).controllerURI(URI.create("tls://localhost:" + controllerRPCPort)).validateHostName(false);
    } else {
        clientConfigBuilder = clientConfigBuilder.controllerURI(URI.create("tcp://localhost:" + controllerRPCPort));
    }
    this.executor = ExecutorServiceHelpers.newScheduledThreadPool(2, "Controller pool");
    this.controller = new ControllerImpl(ControllerImplConfig.builder().clientConfig(getClientConfig()).build(), executor);
    this.clientFactory = new ClientFactoryImpl(scope, controller, getClientConfig());
    // Start zookeeper.
    this.zkTestServer = new TestingServerStarter().start();
    this.zkTestServer.start();
    // Start Pravega Service.
    this.serviceBuilder = ServiceBuilder.newInMemoryBuilder(ServiceBuilderConfig.getDefaultConfig());
    this.serviceBuilder.initialize();
    StreamSegmentStore store = serviceBuilder.createStreamSegmentService();
    TableStore tableStore = serviceBuilder.createTableStoreService();
    this.server = new PravegaConnectionListener(enableTls, false, "localhost", servicePort, store, tableStore, SegmentStatsRecorder.noOp(), TableSegmentStatsRecorder.noOp(), new PassingTokenVerifier(), pathToConfig() + SecurityConfigDefaults.TLS_SERVER_CERT_FILE_NAME, pathToConfig() + SecurityConfigDefaults.TLS_SERVER_PRIVATE_KEY_FILE_NAME, true, serviceBuilder.getLowPriorityExecutor(), SecurityConfigDefaults.TLS_PROTOCOL_VERSION);
    this.server.startListening();
    log.info("Started Pravega Service");
    this.adminListener = new AdminConnectionListener(enableTls, false, "localhost", adminPort, store, tableStore, new PassingTokenVerifier(), pathToConfig() + SecurityConfigDefaults.TLS_SERVER_CERT_FILE_NAME, pathToConfig() + SecurityConfigDefaults.TLS_SERVER_PRIVATE_KEY_FILE_NAME, SecurityConfigDefaults.TLS_PROTOCOL_VERSION);
    this.adminListener.startListening();
    log.info("AdminConnectionListener started successfully.");
    // Start Controller.
    this.controllerWrapper = new ControllerWrapper(this.zkTestServer.getConnectString(), false, true, controllerRPCPort, "localhost", servicePort, Config.HOST_STORE_CONTAINER_COUNT, controllerRESTPort, enableAuth, pathToConfig() + SecurityConfigDefaults.AUTH_HANDLER_INPUT_FILE_NAME, "secret", true, 600, enableTls, SecurityConfigDefaults.TLS_PROTOCOL_VERSION, pathToConfig() + SecurityConfigDefaults.TLS_SERVER_CERT_FILE_NAME, pathToConfig() + SecurityConfigDefaults.TLS_SERVER_PRIVATE_KEY_FILE_NAME, pathToConfig() + SecurityConfigDefaults.TLS_SERVER_KEYSTORE_NAME, pathToConfig() + SecurityConfigDefaults.TLS_PASSWORD_FILE_NAME);
    this.controllerWrapper.awaitRunning();
    this.controllerWrapper.getController().createScope(scope).get();
    log.info("Initialized Pravega Controller");
}

Also used : DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials) StreamSegmentStore(io.pravega.segmentstore.contracts.StreamSegmentStore) ClientFactoryImpl(io.pravega.client.stream.impl.ClientFactoryImpl) TestingServerStarter(io.pravega.test.common.TestingServerStarter) AdminConnectionListener(io.pravega.segmentstore.server.host.handler.AdminConnectionListener) PassingTokenVerifier(io.pravega.segmentstore.server.host.delegationtoken.PassingTokenVerifier) ControllerImpl(io.pravega.client.control.impl.ControllerImpl) PravegaConnectionListener(io.pravega.segmentstore.server.host.handler.PravegaConnectionListener) ControllerWrapper(io.pravega.test.integration.demo.ControllerWrapper) TableStore(io.pravega.segmentstore.contracts.tables.TableStore)

Example 22 with DefaultCredentials

use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.

the class AuthEnabledInProcPravegaClusterTest method testCreateStreamFailsWithInvalidClientConfig.

/**
 * This test verifies that create stream fails when the client config is invalid.
 *
 * Note: The timeout being used for the test is kept rather large so that there is ample time for the expected
 * exception to be raised even in case of abnormal delays in test environments.
 */
@Test(timeout = 50000)
public void testCreateStreamFailsWithInvalidClientConfig() {
    ClientConfig clientConfig = ClientConfig.builder().credentials(new DefaultCredentials("", "")).controllerURI(URI.create(EMULATOR.pravega.getInProcPravegaCluster().getControllerURI())).build();
    @Cleanup StreamManager streamManager = StreamManager.create(clientConfig);
    AssertExtensions.assertThrows("Auth exception did not occur.", () -> streamManager.createScope(scope), e -> hasAuthExceptionAsRootCause(e));
}

Also used : DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials) StreamManager(io.pravega.client.admin.StreamManager) ClientConfig(io.pravega.client.ClientConfig) Cleanup(lombok.Cleanup) Test(org.junit.Test)

Example 23 with DefaultCredentials

use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.

the class ControllerServiceStarterTest method testStartStop.

@Test(timeout = 30000)
public void testStartStop() throws URISyntaxException {
    Assert.assertNotNull(storeClient);
    @Cleanup ControllerServiceStarter starter = new ControllerServiceStarter(createControllerServiceConfig(), storeClient, SegmentHelperMock.getSegmentHelperMockForTables(executor));
    starter.startAsync();
    starter.awaitRunning();
    // Now, that starter has started, perform some rpc operations.
    URI uri = new URI((enableAuth ? "tls" : "tcp") + "://localhost:" + grpcPort);
    final String testScope = "testScope";
    StreamManager streamManager = new StreamManagerImpl(ClientConfig.builder().controllerURI(uri).credentials(new DefaultCredentials(SecurityConfigDefaults.AUTH_ADMIN_PASSWORD, SecurityConfigDefaults.AUTH_ADMIN_USERNAME)).trustStore(SecurityConfigDefaults.TLS_CA_CERT_PATH).build());
    streamManager.createScope(testScope);
    streamManager.deleteScope(testScope);
    streamManager.close();
    starter.stopAsync();
    starter.awaitTerminated();
}

Also used : DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials) StreamManager(io.pravega.client.admin.StreamManager) StreamManagerImpl(io.pravega.client.admin.impl.StreamManagerImpl) Cleanup(lombok.Cleanup) URI(java.net.URI) Test(org.junit.Test)

Example 24 with DefaultCredentials

use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.

the class DelegationTokenTest method writeAnEvent.

private void writeAnEvent(int tokenTtlInSeconds) throws ExecutionException, InterruptedException {
    ClusterWrapper pravegaCluster = ClusterWrapper.builder().authEnabled(true).tokenTtlInSeconds(600).build();
    try {
        pravegaCluster.start();
        String scope = "testscope";
        String streamName = "teststream";
        int numSegments = 1;
        String message = "test message";
        ClientConfig clientConfig = ClientConfig.builder().controllerURI(URI.create(pravegaCluster.controllerUri())).credentials(new DefaultCredentials("1111_aaaa", "admin")).build();
        log.debug("Done creating client config.");
        createScopeStream(scope, streamName, numSegments, clientConfig);
        @Cleanup EventStreamClientFactory clientFactory = EventStreamClientFactory.withScope(scope, clientConfig);
        @Cleanup EventStreamWriter<String> writer = clientFactory.createEventWriter(streamName, new JavaSerializer<String>(), EventWriterConfig.builder().build());
        // Note: A TokenException is thrown here if token verification fails on the server.
        writer.writeEvent(message).get();
        log.debug("Done writing message '{}' to stream '{} / {}'", message, scope, streamName);
    } finally {
        pravegaCluster.close();
    }
}

Also used : DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials) ClusterWrapper(io.pravega.test.integration.demo.ClusterWrapper) EventStreamClientFactory(io.pravega.client.EventStreamClientFactory) ClientConfig(io.pravega.client.ClientConfig) Cleanup(lombok.Cleanup)

Example 25 with DefaultCredentials

use of io.pravega.shared.security.auth.DefaultCredentials in project pravega by pravega.

the class ControllerGrpcListStreamsTest method testListStreamsReturnsAuthorizedStreamsForCustomPlugin.

@Test
public void testListStreamsReturnsAuthorizedStreamsForCustomPlugin() {
    ClusterWrapper cluster = null;
    try {
        // Arrange
        cluster = ClusterWrapper.builder().authEnabled(true).build();
        cluster.start();
        String scopeName = "test-scope";
        this.createStreams(ClientConfig.builder().controllerURI(URI.create(cluster.controllerUri())).credentials(new DefaultCredentials("1111_aaaa", "admin")).build(), scopeName, Arrays.asList("stream1", "stream2"));
        // Act
        System.setProperty("pravega.client.auth.loadDynamic", "true");
        System.setProperty("pravega.client.auth.method", TestAuthHandler.METHOD);
        System.setProperty("pravega.client.auth.token", TestAuthHandler.TOKEN);
        Set<Stream> streams = listStreams(ClientConfig.builder().controllerURI(URI.create(cluster.controllerUri())).build(), scopeName);
        // Assert
        assertEquals(4, streams.size());
    } finally {
        System.clearProperty("pravega.client.auth.loadDynamic");
        System.clearProperty("pravega.client.auth.method");
        System.clearProperty("pravega.client.auth.token");
        if (cluster != null) {
            cluster.close();
        }
    }
}

Also used : DefaultCredentials(io.pravega.shared.security.auth.DefaultCredentials) ClusterWrapper(io.pravega.test.integration.demo.ClusterWrapper) Stream(io.pravega.client.stream.Stream) Test(org.junit.Test)

Aggregations

DefaultCredentials (io.pravega.shared.security.auth.DefaultCredentials)27 ClientConfig (io.pravega.client.ClientConfig)17 Test (org.junit.Test)14 Cleanup (lombok.Cleanup)12 ClusterWrapper (io.pravega.test.integration.demo.ClusterWrapper)9 HashMap (java.util.HashMap)5 EventStreamClientFactory (io.pravega.client.EventStreamClientFactory)4 StreamManager (io.pravega.client.admin.StreamManager)4 ReaderGroupConfig (io.pravega.client.stream.ReaderGroupConfig)4 Stream (io.pravega.client.stream.Stream)4 StreamConfiguration (io.pravega.client.stream.StreamConfiguration)4 Credentials (io.pravega.shared.security.auth.Credentials)4 MoreCallCredentials (io.grpc.auth.MoreCallCredentials)3 NettyChannelBuilder (io.grpc.netty.shaded.io.grpc.netty.NettyChannelBuilder)3 AdminCommandState (io.pravega.cli.admin.AdminCommandState)3 ReaderGroupManager (io.pravega.client.admin.ReaderGroupManager)3 PravegaCredentialsWrapper (io.pravega.client.control.impl.PravegaCredentialsWrapper)3 URI (java.net.URI)3 Properties (java.util.Properties)3 ImmutableMap (com.google.common.collect.ImmutableMap)2