Search in sources :

Example 71 with GatewayConfig

use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.

the class GatewayFilterTest method testNoopFilter.

@Test
public void testNoopFilter() throws ServletException, IOException, URISyntaxException {
    FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
    EasyMock.replay(config);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    GatewayConfig gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(request.getPathInfo()).andReturn("source").anyTimes();
    EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
    EasyMock.expect(context.getAttribute(GatewayConfig.GATEWAY_CONFIG_ATTRIBUTE)).andReturn(gatewayConfig).anyTimes();
    EasyMock.expect(gatewayConfig.getHeaderNameForRemoteAddress()).andReturn("Custom-Forwarded-For").anyTimes();
    EasyMock.replay(request);
    EasyMock.replay(context);
    EasyMock.replay(gatewayConfig);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    EasyMock.replay(response);
    FilterChain chain = EasyMock.createNiceMock(FilterChain.class);
    EasyMock.replay(chain);
    Filter filter = EasyMock.createNiceMock(Filter.class);
    EasyMock.replay(filter);
    GatewayFilter gateway = new GatewayFilter();
    gateway.addFilter("path", "filter", filter, null, null);
    gateway.init(config);
    gateway.doFilter(request, response, chain);
    gateway.destroy();
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AbstractGatewayFilter(org.apache.knox.gateway.filter.AbstractGatewayFilter) HttpServletResponse(javax.servlet.http.HttpServletResponse) AbstractGatewayFilter(org.apache.knox.gateway.filter.AbstractGatewayFilter) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Example 72 with GatewayConfig

use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.

the class CryptoServiceTest method testCryptoServiceAES.

@Test
public void testCryptoServiceAES() throws Exception {
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(config.getAlgorithm()).andReturn("AES");
    EasyMock.expect(config.getPBEAlgorithm()).andReturn("PBKDF2WithHmacSHA1");
    EasyMock.expect(config.getSaltSize()).andReturn("16");
    EasyMock.expect(config.getIterationCount()).andReturn("65536");
    EasyMock.expect(config.getKeyLength()).andReturn("128");
    EasyMock.expect(config.getTransformation()).andReturn("AES/CBC/PKCS5Padding");
    EasyMock.replay(config);
    // password to create key - same Encryptor
    String queryString = "url=http://localhost:50070/api/v1/blahblah";
    ConfigurableEncryptor aes0 = new ConfigurableEncryptor("password");
    aes0.init(config);
    cs.init(config, new HashMap<String, String>());
    EncryptionResult result0 = cs.encryptForCluster("Test", "encrypt_url", queryString.getBytes("UTF8"));
    byte[] decrypted0 = cs.decryptForCluster("Test", "encrypt_url", result0.cipher, result0.iv, result0.salt);
    assertEquals(queryString, new String(decrypted0, "UTF8"));
    assertEquals(queryString.getBytes("UTF8").length, decrypted0.length);
    assertEquals(queryString.getBytes("UTF8").length, new String(decrypted0, "UTF8").toCharArray().length);
}
Also used : GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) ConfigurableEncryptor(org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor) Test(org.junit.Test)

Example 73 with GatewayConfig

use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.

the class CryptoServiceTest method setupSuite.

@BeforeClass
public static void setupSuite() throws Exception {
    as = new AliasService() {

        @Override
        public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
        }

        @Override
        public void start() throws ServiceLifecycleException {
        }

        @Override
        public void stop() throws ServiceLifecycleException {
        }

        @Override
        public void addAliasForCluster(String clusterName, String alias, String value) {
        }

        @Override
        public char[] getPasswordFromAliasForCluster(String clusterName, String alias) {
            return "password".toCharArray();
        }

        @Override
        public char[] getPasswordFromAliasForCluster(String clusterName, String alias, boolean generate) {
            return null;
        }

        @Override
        public void generateAliasForCluster(String clusterName, String alias) {
        }

        @Override
        public char[] getPasswordFromAliasForGateway(String alias) {
            // TODO Auto-generated method stub
            return null;
        }

        @Override
        public void generateAliasForGateway(String alias) {
        // TODO Auto-generated method stub
        }

        @Override
        public Certificate getCertificateForGateway(String alias) {
            // TODO Auto-generated method stub
            return null;
        }

        @Override
        public void removeAliasForCluster(String clusterName, String alias) {
        }

        @Override
        public List<String> getAliasesForCluster(String clusterName) {
            // TODO Auto-generated method stub
            return null;
        }

        @Override
        public char[] getGatewayIdentityPassphrase() throws AliasServiceException {
            // TODO Auto-generated method stub
            return null;
        }
    };
    cs = new DefaultCryptoService();
    ((DefaultCryptoService) cs).setAliasService(as);
}
Also used : ServiceLifecycleException(org.apache.knox.gateway.services.ServiceLifecycleException) List(java.util.List) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Certificate(java.security.cert.Certificate) BeforeClass(org.junit.BeforeClass)

Example 74 with GatewayConfig

use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.

the class DefaultTokenAuthorityServiceTest method testTokenCreationSignatureAlgorithm.

@Test
public void testTokenCreationSignatureAlgorithm() throws Exception {
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    String basedir = System.getProperty("basedir");
    if (basedir == null) {
        basedir = new File(".").getCanonicalPath();
    }
    EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
    EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
    EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
    MasterService ms = EasyMock.createNiceMock(MasterService.class);
    EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
    EasyMock.replay(principal, config, ms, as);
    KeystoreService ks = new DefaultKeystoreService();
    ((DefaultKeystoreService) ks).setMasterService(ms);
    ((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
    JWTokenAuthority ta = new DefaultTokenAuthorityService();
    ((DefaultTokenAuthorityService) ta).setAliasService(as);
    ((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
    ((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
    JWT token = ta.issueToken(principal, "RS512");
    assertEquals("KNOXSSO", token.getIssuer());
    assertEquals("john.doe@example.com", token.getSubject());
    assertTrue(token.getHeader().contains("RS512"));
    assertTrue(ta.verifyToken(token));
}
Also used : AliasService(org.apache.knox.gateway.services.security.AliasService) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) JWT(org.apache.knox.gateway.services.security.token.impl.JWT) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) KeystoreService(org.apache.knox.gateway.services.security.KeystoreService) File(java.io.File) MasterService(org.apache.knox.gateway.services.security.MasterService) Principal(java.security.Principal) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Example 75 with GatewayConfig

use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.

the class DefaultTokenAuthorityServiceTest method testTokenCreationBadSignatureAlgorithm.

@Test
public void testTokenCreationBadSignatureAlgorithm() throws Exception {
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    String basedir = System.getProperty("basedir");
    if (basedir == null) {
        basedir = new File(".").getCanonicalPath();
    }
    EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
    EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
    EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
    MasterService ms = EasyMock.createNiceMock(MasterService.class);
    EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
    EasyMock.replay(principal, config, ms, as);
    KeystoreService ks = new DefaultKeystoreService();
    ((DefaultKeystoreService) ks).setMasterService(ms);
    ((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
    JWTokenAuthority ta = new DefaultTokenAuthorityService();
    ((DefaultTokenAuthorityService) ta).setAliasService(as);
    ((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
    ((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
    try {
        ta.issueToken(principal, "none");
        fail("Failure expected on a bad signature algorithm");
    } catch (TokenServiceException ex) {
    // expected
    }
}
Also used : AliasService(org.apache.knox.gateway.services.security.AliasService) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) KeystoreService(org.apache.knox.gateway.services.security.KeystoreService) File(java.io.File) MasterService(org.apache.knox.gateway.services.security.MasterService) Principal(java.security.Principal) TokenServiceException(org.apache.knox.gateway.services.security.token.TokenServiceException) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Aggregations

GatewayConfig (org.apache.knox.gateway.config.GatewayConfig)90 Test (org.junit.Test)67 File (java.io.File)31 HashMap (java.util.HashMap)24 GatewayConfigImpl (org.apache.knox.gateway.config.impl.GatewayConfigImpl)19 Topology (org.apache.knox.gateway.topology.Topology)17 ServiceLifecycleException (org.apache.knox.gateway.services.ServiceLifecycleException)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)12 AliasService (org.apache.knox.gateway.services.security.AliasService)12 DefaultGatewayServices (org.apache.knox.gateway.services.DefaultGatewayServices)11 IOException (java.io.IOException)9 Service (org.apache.knox.gateway.topology.Service)9 Document (org.w3c.dom.Document)9 ArrayList (java.util.ArrayList)8 GatewayTestConfig (org.apache.knox.gateway.GatewayTestConfig)8 MasterService (org.apache.knox.gateway.services.security.MasterService)8 TopologyService (org.apache.knox.gateway.services.topology.TopologyService)8 KeystoreService (org.apache.knox.gateway.services.security.KeystoreService)7 EnterpriseArchive (org.jboss.shrinkwrap.api.spec.EnterpriseArchive)7 List (java.util.List)6