Examples with PasswordProvider org.apache.druid.metadata.PasswordProvider used on opensource projects

Example 1 with PasswordProvider

use of org.apache.druid.metadata.PasswordProvider in project druid by druid-io.

the class JettyTest method setupInjector.

@Override
protected Injector setupInjector() {
    TLSServerConfig tlsConfig;
    try {
        File keyStore = new File(JettyTest.class.getClassLoader().getResource("server.jks").getFile());
        Path tmpKeyStore = Files.copy(keyStore.toPath(), new File(folder.newFolder(), "server.jks").toPath());
        File trustStore = new File(JettyTest.class.getClassLoader().getResource("truststore.jks").getFile());
        Path tmpTrustStore = Files.copy(trustStore.toPath(), new File(folder.newFolder(), "truststore.jks").toPath());
        PasswordProvider pp = () -> "druid123";
        tlsConfig = new TLSServerConfig() {

            @Override
            public String getKeyStorePath() {
                return tmpKeyStore.toString();
            }

            @Override
            public String getKeyStoreType() {
                return "jks";
            }

            @Override
            public PasswordProvider getKeyStorePasswordProvider() {
                return pp;
            }

            @Override
            public PasswordProvider getKeyManagerPasswordProvider() {
                return pp;
            }

            @Override
            public String getTrustStorePath() {
                return tmpTrustStore.toString();
            }

            @Override
            public String getTrustStoreAlgorithm() {
                return "PKIX";
            }

            @Override
            public PasswordProvider getTrustStorePasswordProvider() {
                return pp;
            }

            @Override
            public String getCertAlias() {
                return "druid";
            }

            @Override
            public boolean isRequireClientCertificate() {
                return false;
            }

            @Override
            public boolean isRequestClientCertificate() {
                return false;
            }

            @Override
            public boolean isValidateHostnames() {
                return false;
            }
        };
        sslConfig = HttpClientConfig.builder().withSslContext(HttpClientInit.sslContextWithTrustedKeyStore(tmpTrustStore.toString(), pp.getPassword())).withWorkerCount(1).withReadTimeout(Duration.ZERO).build();
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
    final int ephemeralPort = ThreadLocalRandom.current().nextInt(49152, 65535);
    latchedRequestState = new LatchedRequestStateHolder();
    injector = Initialization.makeInjectorWithModules(GuiceInjectors.makeStartupInjector(), ImmutableList.<Module>of(new Module() {

        @Override
        public void configure(Binder binder) {
            JsonConfigProvider.bindInstance(binder, Key.get(DruidNode.class, Self.class), new DruidNode("test", "localhost", false, ephemeralPort, ephemeralPort + 1, true, true));
            binder.bind(TLSServerConfig.class).toInstance(tlsConfig);
            binder.bind(JettyServerInitializer.class).to(JettyServerInit.class).in(LazySingleton.class);
            binder.bind(LatchedRequestStateHolder.class).toInstance(latchedRequestState);
            Multibinder<ServletFilterHolder> multibinder = Multibinder.newSetBinder(binder, ServletFilterHolder.class);
            multibinder.addBinding().toInstance(new ServletFilterHolder() {

                @Override
                public String getPath() {
                    return "/*";
                }

                @Override
                public Map<String, String> getInitParameters() {
                    return null;
                }

                @Override
                public Class<? extends Filter> getFilterClass() {
                    return DummyAuthFilter.class;
                }

                @Override
                public Filter getFilter() {
                    return null;
                }

                @Override
                public EnumSet<DispatcherType> getDispatcherType() {
                    return null;
                }
            });
            Jerseys.addResource(binder, SlowResource.class);
            Jerseys.addResource(binder, LatchedResource.class);
            Jerseys.addResource(binder, ExceptionResource.class);
            Jerseys.addResource(binder, DefaultResource.class);
            Jerseys.addResource(binder, DirectlyReturnResource.class);
            binder.bind(AuthorizerMapper.class).toInstance(AuthTestUtils.TEST_AUTHORIZER_MAPPER);
            LifecycleModule.register(binder, Server.class);
        }
    }));
    return injector;
}

Example 2 with PasswordProvider

use of org.apache.druid.metadata.PasswordProvider in project druid by druid-io.

the class AWSRDSTokenPasswordProviderTest method testSerde.

@Test
public void testSerde() throws IOException {
    ObjectMapper jsonMapper = new ObjectMapper();
    for (Module module : new AWSRDSModule().getJacksonModules()) {
        jsonMapper.registerModule(module);
    }
    jsonMapper.setInjectableValues(new InjectableValues.Std().addValue(AWSCredentialsProvider.class, new AWSCredentialsProvider() {

        @Override
        public AWSCredentials getCredentials() {
            return null;
        }

        @Override
        public void refresh() {
        }
    }));
    String jsonStr = "{\n" + "  \"type\": \"aws-rds-token\",\n" + "  \"user\": \"testuser\",\n" + "  \"host\": \"testhost\",\n" + "  \"port\": 5273,\n" + "  \"region\": \"testregion\"\n" + "}\n";
    PasswordProvider pp = jsonMapper.readValue(jsonMapper.writeValueAsString(jsonMapper.readValue(jsonStr, PasswordProvider.class)), PasswordProvider.class);
    AWSRDSTokenPasswordProvider awsPwdProvider = (AWSRDSTokenPasswordProvider) pp;
    Assert.assertEquals("testuser", awsPwdProvider.getUser());
    Assert.assertEquals("testhost", awsPwdProvider.getHost());
    Assert.assertEquals(5273, awsPwdProvider.getPort());
    Assert.assertEquals("testregion", awsPwdProvider.getRegion());
}

Example 3 with PasswordProvider

use of org.apache.druid.metadata.PasswordProvider in project druid by druid-io.

the class KafkaRecordSupplier method addConsumerPropertiesFromConfig.

public static void addConsumerPropertiesFromConfig(Properties properties, ObjectMapper configMapper, Map<String, Object> consumerProperties) {
    // Extract passwords before SSL connection to Kafka
    for (Map.Entry<String, Object> entry : consumerProperties.entrySet()) {
        String propertyKey = entry.getKey();
        if (!KafkaSupervisorIOConfig.DRUID_DYNAMIC_CONFIG_PROVIDER_KEY.equals(propertyKey)) {
            if (propertyKey.equals(KafkaSupervisorIOConfig.TRUST_STORE_PASSWORD_KEY) || propertyKey.equals(KafkaSupervisorIOConfig.KEY_STORE_PASSWORD_KEY) || propertyKey.equals(KafkaSupervisorIOConfig.KEY_PASSWORD_KEY)) {
                PasswordProvider configPasswordProvider = configMapper.convertValue(entry.getValue(), PasswordProvider.class);
                properties.setProperty(propertyKey, configPasswordProvider.getPassword());
            } else {
                properties.setProperty(propertyKey, String.valueOf(entry.getValue()));
            }
        }
    }
    // Additional DynamicConfigProvider based extensible support for all consumer properties
    Object dynamicConfigProviderJson = consumerProperties.get(KafkaSupervisorIOConfig.DRUID_DYNAMIC_CONFIG_PROVIDER_KEY);
    if (dynamicConfigProviderJson != null) {
        DynamicConfigProvider dynamicConfigProvider = configMapper.convertValue(dynamicConfigProviderJson, DynamicConfigProvider.class);
        Map<String, String> dynamicConfig = dynamicConfigProvider.getConfig();
        for (Map.Entry<String, String> e : dynamicConfig.entrySet()) {
            properties.setProperty(e.getKey(), e.getValue());
        }
    }
}