Search in sources :

Example 1 with DefaultChannelMetadataRegistry

use of org.apache.kafka.common.network.DefaultChannelMetadataRegistry in project kafka by apache.

the class SaslServerAuthenticatorTest method testOversizeRequest.

@Test
public void testOversizeRequest() throws IOException {
    TransportLayer transportLayer = mock(TransportLayer.class);
    Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
    SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName(), new DefaultChannelMetadataRegistry());
    when(transportLayer.read(any(ByteBuffer.class))).then(invocation -> {
        invocation.<ByteBuffer>getArgument(0).putInt(SaslServerAuthenticator.MAX_RECEIVE_SIZE + 1);
        return 4;
    });
    assertThrows(InvalidReceiveException.class, authenticator::authenticate);
    verify(transportLayer).read(any(ByteBuffer.class));
}
Also used : TransportLayer(org.apache.kafka.common.network.TransportLayer) DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.jupiter.api.Test)

Example 2 with DefaultChannelMetadataRegistry

use of org.apache.kafka.common.network.DefaultChannelMetadataRegistry in project kafka by apache.

the class SaslServerAuthenticatorTest method testApiVersionsRequest.

private void testApiVersionsRequest(short version, String expectedSoftwareName, String expectedSoftwareVersion) throws IOException {
    TransportLayer transportLayer = mock(TransportLayer.class, Answers.RETURNS_DEEP_STUBS);
    Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
    ChannelMetadataRegistry metadataRegistry = new DefaultChannelMetadataRegistry();
    SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName(), metadataRegistry);
    RequestHeader header = new RequestHeader(ApiKeys.API_VERSIONS, version, "clientId", 0);
    ByteBuffer headerBuffer = RequestTestUtils.serializeRequestHeader(header);
    ApiVersionsRequest request = new ApiVersionsRequest.Builder().build(version);
    ByteBuffer requestBuffer = request.serialize();
    requestBuffer.rewind();
    when(transportLayer.socketChannel().socket().getInetAddress()).thenReturn(InetAddress.getLoopbackAddress());
    when(transportLayer.read(any(ByteBuffer.class))).then(invocation -> {
        invocation.<ByteBuffer>getArgument(0).putInt(headerBuffer.remaining() + requestBuffer.remaining());
        return 4;
    }).then(invocation -> {
        invocation.<ByteBuffer>getArgument(0).put(headerBuffer.duplicate()).put(requestBuffer.duplicate());
        return headerBuffer.remaining() + requestBuffer.remaining();
    });
    authenticator.authenticate();
    assertEquals(expectedSoftwareName, metadataRegistry.clientInformation().softwareName());
    assertEquals(expectedSoftwareVersion, metadataRegistry.clientInformation().softwareVersion());
    verify(transportLayer, times(2)).read(any(ByteBuffer.class));
}
Also used : Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) Assertions.fail(org.junit.jupiter.api.Assertions.fail) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) ApiVersionsRequest(org.apache.kafka.common.requests.ApiVersionsRequest) AppInfoParser(org.apache.kafka.common.utils.AppInfoParser) RequestTestUtils(org.apache.kafka.common.requests.RequestTestUtils) HashMap(java.util.HashMap) AuthenticateCallbackHandler(org.apache.kafka.common.security.auth.AuthenticateCallbackHandler) ClientInformation(org.apache.kafka.common.network.ClientInformation) SecurityProtocol(org.apache.kafka.common.security.auth.SecurityProtocol) ByteBuffer(java.nio.ByteBuffer) InetAddress(java.net.InetAddress) ListenerName(org.apache.kafka.common.network.ListenerName) RequestHeader(org.apache.kafka.common.requests.RequestHeader) IllegalSaslStateException(org.apache.kafka.common.errors.IllegalSaslStateException) ApiVersionsResponse(org.apache.kafka.common.requests.ApiVersionsResponse) Map(java.util.Map) PlainLoginModule(org.apache.kafka.common.security.plain.PlainLoginModule) SCRAM_SHA_256(org.apache.kafka.common.security.scram.internals.ScramMechanism.SCRAM_SHA_256) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry) Answers(org.mockito.Answers) Time(org.apache.kafka.common.utils.Time) BrokerSecurityConfigs(org.apache.kafka.common.config.internals.BrokerSecurityConfigs) TransportLayer(org.apache.kafka.common.network.TransportLayer) IOException(java.io.IOException) Mockito.times(org.mockito.Mockito.times) InvalidReceiveException(org.apache.kafka.common.network.InvalidReceiveException) Mockito.when(org.mockito.Mockito.when) ApiKeys(org.apache.kafka.common.protocol.ApiKeys) Subject(javax.security.auth.Subject) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) ApiMessageType(org.apache.kafka.common.message.ApiMessageType) ChannelMetadataRegistry(org.apache.kafka.common.network.ChannelMetadataRegistry) Collections(java.util.Collections) Mockito.mock(org.mockito.Mockito.mock) TransportLayer(org.apache.kafka.common.network.TransportLayer) DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry) ChannelMetadataRegistry(org.apache.kafka.common.network.ChannelMetadataRegistry) RequestHeader(org.apache.kafka.common.requests.RequestHeader) DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry) ByteBuffer(java.nio.ByteBuffer) ApiVersionsRequest(org.apache.kafka.common.requests.ApiVersionsRequest)

Example 3 with DefaultChannelMetadataRegistry

use of org.apache.kafka.common.network.DefaultChannelMetadataRegistry in project kafka by apache.

the class SaslServerAuthenticatorTest method testUnexpectedRequestType.

@Test
public void testUnexpectedRequestType() throws IOException {
    TransportLayer transportLayer = mock(TransportLayer.class);
    Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
    SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName(), new DefaultChannelMetadataRegistry());
    RequestHeader header = new RequestHeader(ApiKeys.METADATA, (short) 0, "clientId", 13243);
    ByteBuffer headerBuffer = RequestTestUtils.serializeRequestHeader(header);
    when(transportLayer.read(any(ByteBuffer.class))).then(invocation -> {
        invocation.<ByteBuffer>getArgument(0).putInt(headerBuffer.remaining());
        return 4;
    }).then(invocation -> {
        // serialize only the request header. the authenticator should not parse beyond this
        invocation.<ByteBuffer>getArgument(0).put(headerBuffer.duplicate());
        return headerBuffer.remaining();
    });
    try {
        authenticator.authenticate();
        fail("Expected authenticate() to raise an exception");
    } catch (IllegalSaslStateException e) {
    // expected exception
    }
    verify(transportLayer, times(2)).read(any(ByteBuffer.class));
}
Also used : Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) Assertions.fail(org.junit.jupiter.api.Assertions.fail) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) ApiVersionsRequest(org.apache.kafka.common.requests.ApiVersionsRequest) AppInfoParser(org.apache.kafka.common.utils.AppInfoParser) RequestTestUtils(org.apache.kafka.common.requests.RequestTestUtils) HashMap(java.util.HashMap) AuthenticateCallbackHandler(org.apache.kafka.common.security.auth.AuthenticateCallbackHandler) ClientInformation(org.apache.kafka.common.network.ClientInformation) SecurityProtocol(org.apache.kafka.common.security.auth.SecurityProtocol) ByteBuffer(java.nio.ByteBuffer) InetAddress(java.net.InetAddress) ListenerName(org.apache.kafka.common.network.ListenerName) RequestHeader(org.apache.kafka.common.requests.RequestHeader) IllegalSaslStateException(org.apache.kafka.common.errors.IllegalSaslStateException) ApiVersionsResponse(org.apache.kafka.common.requests.ApiVersionsResponse) Map(java.util.Map) PlainLoginModule(org.apache.kafka.common.security.plain.PlainLoginModule) SCRAM_SHA_256(org.apache.kafka.common.security.scram.internals.ScramMechanism.SCRAM_SHA_256) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry) Answers(org.mockito.Answers) Time(org.apache.kafka.common.utils.Time) BrokerSecurityConfigs(org.apache.kafka.common.config.internals.BrokerSecurityConfigs) TransportLayer(org.apache.kafka.common.network.TransportLayer) IOException(java.io.IOException) Mockito.times(org.mockito.Mockito.times) InvalidReceiveException(org.apache.kafka.common.network.InvalidReceiveException) Mockito.when(org.mockito.Mockito.when) ApiKeys(org.apache.kafka.common.protocol.ApiKeys) Subject(javax.security.auth.Subject) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) ApiMessageType(org.apache.kafka.common.message.ApiMessageType) ChannelMetadataRegistry(org.apache.kafka.common.network.ChannelMetadataRegistry) Collections(java.util.Collections) Mockito.mock(org.mockito.Mockito.mock) TransportLayer(org.apache.kafka.common.network.TransportLayer) RequestHeader(org.apache.kafka.common.requests.RequestHeader) DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry) IllegalSaslStateException(org.apache.kafka.common.errors.IllegalSaslStateException) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.jupiter.api.Test)

Aggregations

ByteBuffer (java.nio.ByteBuffer)3 DefaultChannelMetadataRegistry (org.apache.kafka.common.network.DefaultChannelMetadataRegistry)3 TransportLayer (org.apache.kafka.common.network.TransportLayer)3 Test (org.junit.jupiter.api.Test)3 IOException (java.io.IOException)2 InetAddress (java.net.InetAddress)2 Collections (java.util.Collections)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 Subject (javax.security.auth.Subject)2 BrokerSecurityConfigs (org.apache.kafka.common.config.internals.BrokerSecurityConfigs)2 IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)2 ApiMessageType (org.apache.kafka.common.message.ApiMessageType)2 ChannelMetadataRegistry (org.apache.kafka.common.network.ChannelMetadataRegistry)2 ClientInformation (org.apache.kafka.common.network.ClientInformation)2 InvalidReceiveException (org.apache.kafka.common.network.InvalidReceiveException)2 ListenerName (org.apache.kafka.common.network.ListenerName)2 ApiKeys (org.apache.kafka.common.protocol.ApiKeys)2 ApiVersionsRequest (org.apache.kafka.common.requests.ApiVersionsRequest)2 ApiVersionsResponse (org.apache.kafka.common.requests.ApiVersionsResponse)2