Example 1 with SCRAM_SHA_256
use of org.apache.kafka.common.security.scram.internals.ScramMechanism.SCRAM_SHA_256 in project kafka by apache.
the class SaslServerAuthenticatorTest method testApiVersionsRequest.
private void testApiVersionsRequest(short version, String expectedSoftwareName, String expectedSoftwareVersion) throws IOException {
TransportLayer transportLayer = mock(TransportLayer.class, Answers.RETURNS_DEEP_STUBS);
Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
ChannelMetadataRegistry metadataRegistry = new DefaultChannelMetadataRegistry();
SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName(), metadataRegistry);
RequestHeader header = new RequestHeader(ApiKeys.API_VERSIONS, version, "clientId", 0);
ByteBuffer headerBuffer = RequestTestUtils.serializeRequestHeader(header);
ApiVersionsRequest request = new ApiVersionsRequest.Builder().build(version);
ByteBuffer requestBuffer = request.serialize();
requestBuffer.rewind();
when(transportLayer.socketChannel().socket().getInetAddress()).thenReturn(InetAddress.getLoopbackAddress());
when(transportLayer.read(any(ByteBuffer.class))).then(invocation -> {
invocation.<ByteBuffer>getArgument(0).putInt(headerBuffer.remaining() + requestBuffer.remaining());
return 4;
}).then(invocation -> {
invocation.<ByteBuffer>getArgument(0).put(headerBuffer.duplicate()).put(requestBuffer.duplicate());
return headerBuffer.remaining() + requestBuffer.remaining();
});
authenticator.authenticate();
assertEquals(expectedSoftwareName, metadataRegistry.clientInformation().softwareName());
assertEquals(expectedSoftwareVersion, metadataRegistry.clientInformation().softwareVersion());
verify(transportLayer, times(2)).read(any(ByteBuffer.class));
}
Also used :
Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows)
Assertions.fail(org.junit.jupiter.api.Assertions.fail)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
ApiVersionsRequest(org.apache.kafka.common.requests.ApiVersionsRequest)
AppInfoParser(org.apache.kafka.common.utils.AppInfoParser)
RequestTestUtils(org.apache.kafka.common.requests.RequestTestUtils)
HashMap(java.util.HashMap)
AuthenticateCallbackHandler(org.apache.kafka.common.security.auth.AuthenticateCallbackHandler)
ClientInformation(org.apache.kafka.common.network.ClientInformation)
SecurityProtocol(org.apache.kafka.common.security.auth.SecurityProtocol)
ByteBuffer(java.nio.ByteBuffer)
InetAddress(java.net.InetAddress)
ListenerName(org.apache.kafka.common.network.ListenerName)
RequestHeader(org.apache.kafka.common.requests.RequestHeader)
IllegalSaslStateException(org.apache.kafka.common.errors.IllegalSaslStateException)
ApiVersionsResponse(org.apache.kafka.common.requests.ApiVersionsResponse)
Map(java.util.Map)
PlainLoginModule(org.apache.kafka.common.security.plain.PlainLoginModule)
SCRAM_SHA_256(org.apache.kafka.common.security.scram.internals.ScramMechanism.SCRAM_SHA_256)
Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals)
DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry)
Answers(org.mockito.Answers)
Time(org.apache.kafka.common.utils.Time)
BrokerSecurityConfigs(org.apache.kafka.common.config.internals.BrokerSecurityConfigs)
TransportLayer(org.apache.kafka.common.network.TransportLayer)
IOException(java.io.IOException)
Mockito.times(org.mockito.Mockito.times)
InvalidReceiveException(org.apache.kafka.common.network.InvalidReceiveException)
Mockito.when(org.mockito.Mockito.when)
ApiKeys(org.apache.kafka.common.protocol.ApiKeys)
Subject(javax.security.auth.Subject)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
ApiMessageType(org.apache.kafka.common.message.ApiMessageType)
ChannelMetadataRegistry(org.apache.kafka.common.network.ChannelMetadataRegistry)
Collections(java.util.Collections)
Mockito.mock(org.mockito.Mockito.mock)
TransportLayer(org.apache.kafka.common.network.TransportLayer)
DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry)
ChannelMetadataRegistry(org.apache.kafka.common.network.ChannelMetadataRegistry)
RequestHeader(org.apache.kafka.common.requests.RequestHeader)
DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry)
ByteBuffer(java.nio.ByteBuffer)
ApiVersionsRequest(org.apache.kafka.common.requests.ApiVersionsRequest)
Example 2 with SCRAM_SHA_256
use of org.apache.kafka.common.security.scram.internals.ScramMechanism.SCRAM_SHA_256 in project kafka by apache.
the class SaslServerAuthenticatorTest method testUnexpectedRequestType.
@Test
public void testUnexpectedRequestType() throws IOException {
TransportLayer transportLayer = mock(TransportLayer.class);
Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName(), new DefaultChannelMetadataRegistry());
RequestHeader header = new RequestHeader(ApiKeys.METADATA, (short) 0, "clientId", 13243);
ByteBuffer headerBuffer = RequestTestUtils.serializeRequestHeader(header);
when(transportLayer.read(any(ByteBuffer.class))).then(invocation -> {
invocation.<ByteBuffer>getArgument(0).putInt(headerBuffer.remaining());
return 4;
}).then(invocation -> {
// serialize only the request header. the authenticator should not parse beyond this
invocation.<ByteBuffer>getArgument(0).put(headerBuffer.duplicate());
return headerBuffer.remaining();
});
try {
authenticator.authenticate();
fail("Expected authenticate() to raise an exception");
} catch (IllegalSaslStateException e) {
// expected exception
}
verify(transportLayer, times(2)).read(any(ByteBuffer.class));
}
Also used :
Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows)
Assertions.fail(org.junit.jupiter.api.Assertions.fail)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
ApiVersionsRequest(org.apache.kafka.common.requests.ApiVersionsRequest)
AppInfoParser(org.apache.kafka.common.utils.AppInfoParser)
RequestTestUtils(org.apache.kafka.common.requests.RequestTestUtils)
HashMap(java.util.HashMap)
AuthenticateCallbackHandler(org.apache.kafka.common.security.auth.AuthenticateCallbackHandler)
ClientInformation(org.apache.kafka.common.network.ClientInformation)
SecurityProtocol(org.apache.kafka.common.security.auth.SecurityProtocol)
ByteBuffer(java.nio.ByteBuffer)
InetAddress(java.net.InetAddress)
ListenerName(org.apache.kafka.common.network.ListenerName)
RequestHeader(org.apache.kafka.common.requests.RequestHeader)
IllegalSaslStateException(org.apache.kafka.common.errors.IllegalSaslStateException)
ApiVersionsResponse(org.apache.kafka.common.requests.ApiVersionsResponse)
Map(java.util.Map)
PlainLoginModule(org.apache.kafka.common.security.plain.PlainLoginModule)
SCRAM_SHA_256(org.apache.kafka.common.security.scram.internals.ScramMechanism.SCRAM_SHA_256)
Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals)
DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry)
Answers(org.mockito.Answers)
Time(org.apache.kafka.common.utils.Time)
BrokerSecurityConfigs(org.apache.kafka.common.config.internals.BrokerSecurityConfigs)
TransportLayer(org.apache.kafka.common.network.TransportLayer)
IOException(java.io.IOException)
Mockito.times(org.mockito.Mockito.times)
InvalidReceiveException(org.apache.kafka.common.network.InvalidReceiveException)
Mockito.when(org.mockito.Mockito.when)
ApiKeys(org.apache.kafka.common.protocol.ApiKeys)
Subject(javax.security.auth.Subject)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
ApiMessageType(org.apache.kafka.common.message.ApiMessageType)
ChannelMetadataRegistry(org.apache.kafka.common.network.ChannelMetadataRegistry)
Collections(java.util.Collections)
Mockito.mock(org.mockito.Mockito.mock)
TransportLayer(org.apache.kafka.common.network.TransportLayer)
RequestHeader(org.apache.kafka.common.requests.RequestHeader)
DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry)
IllegalSaslStateException(org.apache.kafka.common.errors.IllegalSaslStateException)
ByteBuffer(java.nio.ByteBuffer)
Test(org.junit.jupiter.api.Test)
Aggregations
IOException (java.io.IOException)2
InetAddress (java.net.InetAddress)2
ByteBuffer (java.nio.ByteBuffer)2
Collections (java.util.Collections)2
HashMap (java.util.HashMap)2
Map (java.util.Map)2
Subject (javax.security.auth.Subject)2
BrokerSecurityConfigs (org.apache.kafka.common.config.internals.BrokerSecurityConfigs)2
IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)2
ApiMessageType (org.apache.kafka.common.message.ApiMessageType)2
ChannelMetadataRegistry (org.apache.kafka.common.network.ChannelMetadataRegistry)2
ClientInformation (org.apache.kafka.common.network.ClientInformation)2
DefaultChannelMetadataRegistry (org.apache.kafka.common.network.DefaultChannelMetadataRegistry)2
InvalidReceiveException (org.apache.kafka.common.network.InvalidReceiveException)2
ListenerName (org.apache.kafka.common.network.ListenerName)2
TransportLayer (org.apache.kafka.common.network.TransportLayer)2
ApiKeys (org.apache.kafka.common.protocol.ApiKeys)2
ApiVersionsRequest (org.apache.kafka.common.requests.ApiVersionsRequest)2
ApiVersionsResponse (org.apache.kafka.common.requests.ApiVersionsResponse)2
RequestHeader (org.apache.kafka.common.requests.RequestHeader)2
