Search in sources :

Example 21 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestAuthenticationFilter method _testDoFilterAuthentication.

private void _testDoFilterAuthentication(boolean withDomainPath, boolean invalidToken, boolean expired) throws Exception {
    AuthenticationFilter filter = new AuthenticationFilter();
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
    Mockito.when(config.getInitParameter("expired.token")).thenReturn(Boolean.toString(expired));
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn(new Long(TOKEN_VALIDITY_SEC).toString());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY, AuthenticationFilter.SIGNATURE_SECRET, "management.operation" + ".return", "expired.token")).elements());
    getMockedServletContextWithStringSigner(config);
    if (withDomainPath) {
        Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_DOMAIN)).thenReturn(".foo.com");
        Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH)).thenReturn("/bar");
        Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY, AuthenticationFilter.SIGNATURE_SECRET, AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter.COOKIE_PATH, "management.operation.return")).elements());
    }
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getParameter("authenticated")).thenReturn("true");
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
    Mockito.when(request.getQueryString()).thenReturn("authenticated=true");
    if (invalidToken) {
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { new Cookie(AuthenticatedURL.AUTH_COOKIE, "foo") });
    }
    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    FilterChain chain = Mockito.mock(FilterChain.class);
    final Map<String, String> cookieMap = new HashMap<String, String>();
    Mockito.doAnswer(new Answer<Object>() {

        @Override
        public Object answer(InvocationOnMock invocation) throws Throwable {
            String cookieHeader = (String) invocation.getArguments()[1];
            parseCookieMap(cookieHeader, cookieMap);
            return null;
        }
    }).when(response).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
    try {
        filter.init(config);
        filter.doFilter(request, response, chain);
        if (expired) {
            Mockito.verify(response, Mockito.never()).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
        } else {
            String v = cookieMap.get(AuthenticatedURL.AUTH_COOKIE);
            Assert.assertNotNull("cookie missing", v);
            Assert.assertTrue(v.contains("u=") && v.contains("p=") && v.contains("t=") && v.contains("e=") && v.contains("s="));
            Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class), Mockito.any(ServletResponse.class));
            SignerSecretProvider secretProvider = StringSignerSecretProviderCreator.newStringSignerSecretProvider();
            Properties secretProviderProps = new Properties();
            secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET, "secret");
            secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
            Signer signer = new Signer(secretProvider);
            String value = signer.verifyAndExtract(v);
            AuthenticationToken token = AuthenticationToken.parse(value);
            assertThat(token.getExpires(), not(0L));
            if (withDomainPath) {
                Assert.assertEquals(".foo.com", cookieMap.get("Domain"));
                Assert.assertEquals("/bar", cookieMap.get("Path"));
            } else {
                Assert.assertFalse(cookieMap.containsKey("Domain"));
                Assert.assertFalse(cookieMap.containsKey("Path"));
            }
        }
    } finally {
        filter.destroy();
    }
}
Also used : HttpCookie(java.net.HttpCookie) Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletResponse(javax.servlet.ServletResponse) SignerSecretProvider(org.apache.hadoop.security.authentication.util.SignerSecretProvider) HashMap(java.util.HashMap) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) Properties(java.util.Properties) HttpServletRequest(javax.servlet.http.HttpServletRequest) Signer(org.apache.hadoop.security.authentication.util.Signer) InvocationOnMock(org.mockito.invocation.InvocationOnMock) FilterConfig(javax.servlet.FilterConfig) Vector(java.util.Vector)

Example 22 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testNoPublicKeyJWT.

@Test
public void testNoPublicKeyJWT() throws Exception {
    try {
        Properties props = getProperties();
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        fail("alternateAuthentication should have thrown a ServletException");
    } catch (ServletException se) {
        assertTrue(se.getMessage().contains("Public key for signature validation must be provisioned"));
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 23 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testCustomCookieNameJWT.

@Test
public void testCustomCookieNameJWT() throws Exception {
    try {
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        props.put(JWTRedirectAuthenticationHandler.JWT_COOKIE_NAME, "jowt");
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("jowt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Assert.assertEquals("bob", token.getUserName());
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException: " + se.getMessage());
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown a AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 24 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testValidAudienceJWT.

@Test
public void testValidAudienceJWT() throws Exception {
    try {
        handler.setPublicKey(publicKey);
        Properties props = getProperties();
        props.put(JWTRedirectAuthenticationHandler.EXPECTED_JWT_AUDIENCES, "bar");
        handler.init(props);
        SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
        Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
        Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
        Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
        AuthenticationToken token = handler.alternateAuthenticate(request, response);
        Assert.assertEquals("bob", token.getUserName());
    } catch (ServletException se) {
        fail("alternateAuthentication should NOT have thrown a ServletException");
    } catch (AuthenticationException ae) {
        fail("alternateAuthentication should NOT have thrown an AuthenticationException");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 25 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestJWTRedirectAuthentictionHandler method testOrigURLWithQueryString.

@Test
public void testOrigURLWithQueryString() throws Exception {
    handler.setPublicKey(publicKey);
    Properties props = getProperties();
    handler.init(props);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
    Mockito.when(request.getQueryString()).thenReturn("name=value");
    String loginURL = ((TestJWTRedirectAuthenticationHandler) handler).testConstructLoginURL(request);
    Assert.assertNotNull("loginURL should not be null.", loginURL);
    Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL + "?name=value", loginURL);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Properties(java.util.Properties) Test(org.junit.Test)

Aggregations

HttpServletRequest (javax.servlet.http.HttpServletRequest)2488 HttpServletResponse (javax.servlet.http.HttpServletResponse)1308 Test (org.junit.Test)987 IOException (java.io.IOException)595 ServletException (javax.servlet.ServletException)498 AbstractHandler (org.eclipse.jetty.server.handler.AbstractHandler)223 FilterChain (javax.servlet.FilterChain)200 ContentResponse (org.eclipse.jetty.client.api.ContentResponse)196 Test (org.testng.annotations.Test)168 Request (org.eclipse.jetty.server.Request)164 CountDownLatch (java.util.concurrent.CountDownLatch)160 HttpServlet (javax.servlet.http.HttpServlet)156 HttpSession (javax.servlet.http.HttpSession)150 HashMap (java.util.HashMap)130 PrintWriter (java.io.PrintWriter)121 Map (java.util.Map)100 InterruptedIOException (java.io.InterruptedIOException)97 ServletRequest (javax.servlet.ServletRequest)95 ServletContext (javax.servlet.ServletContext)91 ServletOutputStream (javax.servlet.ServletOutputStream)90