use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreationAudience.
@Test
public void testTokenCreationAudience() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, "https://login.example.com", "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertEquals("https://login.example.com", token.getAudience());
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreation.
@Test
public void testTokenCreation() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreationNullAudience.
@Test
public void testTokenCreationNullAudience() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, null, "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultTopologyServiceTest method testGetTopologies.
@Test
public void testGetTopologies() throws Exception {
File dir = createDir();
File topologyDir = new File(dir, "topologies");
File descriptorsDir = new File(dir, "descriptors");
descriptorsDir.mkdirs();
File sharedProvidersDir = new File(dir, "shared-providers");
sharedProvidersDir.mkdirs();
long time = topologyDir.lastModified();
try {
createFile(topologyDir, "one.xml", "org/apache/knox/gateway/topology/file/topology-one.xml", time);
TestTopologyListener topoListener = new TestTopologyListener();
FileAlterationMonitor monitor = new FileAlterationMonitor(Long.MAX_VALUE);
TopologyService provider = new DefaultTopologyService();
Map<String, String> c = new HashMap<>();
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
EasyMock.expect(config.getGatewayTopologyDir()).andReturn(topologyDir.getAbsolutePath()).anyTimes();
EasyMock.expect(config.getGatewayConfDir()).andReturn(descriptorsDir.getParentFile().getAbsolutePath()).anyTimes();
EasyMock.expect(config.getGatewayProvidersConfigDir()).andReturn(sharedProvidersDir.getAbsolutePath()).anyTimes();
EasyMock.expect(config.getGatewayDescriptorsDir()).andReturn(descriptorsDir.getAbsolutePath()).anyTimes();
EasyMock.replay(config);
provider.init(config, c);
provider.addTopologyChangeListener(topoListener);
provider.reloadTopologies();
Collection<Topology> topologies = provider.getTopologies();
assertThat(topologies, notNullValue());
assertThat(topologies.size(), is(1));
Topology topology = topologies.iterator().next();
assertThat(topology.getName(), is("one"));
assertThat(topology.getTimestamp(), is(time));
assertThat(topoListener.events.size(), is(1));
topoListener.events.clear();
// Add a file to the directory.
File two = createFile(topologyDir, "two.xml", "org/apache/knox/gateway/topology/file/topology-two.xml", 1L);
provider.reloadTopologies();
topologies = provider.getTopologies();
assertThat(topologies.size(), is(2));
Set<String> names = new HashSet<>(Arrays.asList("one", "two"));
Iterator<Topology> iterator = topologies.iterator();
topology = iterator.next();
assertThat(names, hasItem(topology.getName()));
names.remove(topology.getName());
topology = iterator.next();
assertThat(names, hasItem(topology.getName()));
names.remove(topology.getName());
assertThat(names.size(), is(0));
assertThat(topoListener.events.size(), is(1));
List<TopologyEvent> events = topoListener.events.get(0);
assertThat(events.size(), is(1));
TopologyEvent event = events.get(0);
assertThat(event.getType(), is(TopologyEvent.Type.CREATED));
assertThat(event.getTopology(), notNullValue());
// Update a file in the directory.
two = createFile(topologyDir, "two.xml", "org/apache/knox/gateway/topology/file/topology-three.xml", 2L);
provider.reloadTopologies();
topologies = provider.getTopologies();
assertThat(topologies.size(), is(2));
names = new HashSet<>(Arrays.asList("one", "two"));
iterator = topologies.iterator();
topology = iterator.next();
assertThat(names, hasItem(topology.getName()));
names.remove(topology.getName());
topology = iterator.next();
assertThat(names, hasItem(topology.getName()));
names.remove(topology.getName());
assertThat(names.size(), is(0));
// Remove a file from the directory.
two.delete();
provider.reloadTopologies();
topologies = provider.getTopologies();
assertThat(topologies.size(), is(1));
topology = topologies.iterator().next();
assertThat(topology.getName(), is("one"));
assertThat(topology.getTimestamp(), is(time));
} finally {
FileUtils.deleteQuietly(dir);
}
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultTopologyServiceTest method testSimpleDescriptorsTopologyGeneration.
/**
* KNOX-1014
*
* Test the lifecycle relationship between simple descriptors and topology files.
*
* N.B. This test depends on the DummyServiceDiscovery extension being configured:
* org.apache.knox.gateway.topology.discovery.test.extension.DummyServiceDiscovery
*/
@Test
public void testSimpleDescriptorsTopologyGeneration() throws Exception {
File dir = createDir();
File topologyDir = new File(dir, "topologies");
topologyDir.mkdirs();
File descriptorsDir = new File(dir, "descriptors");
descriptorsDir.mkdirs();
File sharedProvidersDir = new File(dir, "shared-providers");
sharedProvidersDir.mkdirs();
try {
TestTopologyListener topoListener = new TestTopologyListener();
FileAlterationMonitor monitor = new FileAlterationMonitor(Long.MAX_VALUE);
TopologyService provider = new DefaultTopologyService();
Map<String, String> c = new HashMap<>();
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
EasyMock.expect(config.getGatewayTopologyDir()).andReturn(topologyDir.getAbsolutePath()).anyTimes();
EasyMock.expect(config.getGatewayConfDir()).andReturn(descriptorsDir.getParentFile().getAbsolutePath()).anyTimes();
EasyMock.replay(config);
provider.init(config, c);
provider.addTopologyChangeListener(topoListener);
provider.reloadTopologies();
// Add a simple descriptor to the descriptors dir to verify topology generation and loading (KNOX-1006)
AliasService aliasService = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(aliasService.getPasswordFromAliasForGateway(anyObject(String.class))).andReturn(null).anyTimes();
EasyMock.replay(aliasService);
DefaultTopologyService.DescriptorsMonitor dm = new DefaultTopologyService.DescriptorsMonitor(config, topologyDir, aliasService);
// Listener to simulate the topologies directory monitor, to notice when a topology has been deleted
provider.addTopologyChangeListener(new TestTopologyDeleteListener((DefaultTopologyService) provider));
// Write out the referenced provider config first
File provCfgFile = createFile(sharedProvidersDir, "ambari-cluster-policy.xml", "org/apache/knox/gateway/topology/file/ambari-cluster-policy.xml", System.currentTimeMillis());
try {
// Create the simple descriptor in the descriptors dir
File simpleDesc = createFile(descriptorsDir, "four.json", "org/apache/knox/gateway/topology/file/simple-topology-four.json", System.currentTimeMillis());
// Trigger the topology generation by noticing the simple descriptor
dm.onFileChange(simpleDesc);
// Load the generated topology
provider.reloadTopologies();
Collection<Topology> topologies = provider.getTopologies();
assertThat(topologies.size(), is(1));
Iterator<Topology> iterator = topologies.iterator();
Topology topology = iterator.next();
assertThat("four", is(topology.getName()));
int serviceCount = topology.getServices().size();
assertEquals("Expected the same number of services as are declared in the simple dscriptor.", 10, serviceCount);
// Overwrite the simple descriptor with a different set of services, and check that the changes are
// propagated to the associated topology
simpleDesc = createFile(descriptorsDir, "four.json", "org/apache/knox/gateway/topology/file/simple-descriptor-five.json", System.currentTimeMillis());
dm.onFileChange(simpleDesc);
provider.reloadTopologies();
topologies = provider.getTopologies();
topology = topologies.iterator().next();
assertNotEquals(serviceCount, topology.getServices().size());
assertEquals(6, topology.getServices().size());
// Delete the simple descriptor, and make sure that the associated topology file is deleted
simpleDesc.delete();
dm.onFileDelete(simpleDesc);
provider.reloadTopologies();
topologies = provider.getTopologies();
assertTrue(topologies.isEmpty());
// Delete a topology file, and make sure that the associated simple descriptor is deleted
// Overwrite the simple descriptor with a different set of services, and check that the changes are
// propagated to the associated topology
simpleDesc = createFile(descriptorsDir, "deleteme.json", "org/apache/knox/gateway/topology/file/simple-descriptor-five.json", System.currentTimeMillis());
dm.onFileChange(simpleDesc);
provider.reloadTopologies();
topologies = provider.getTopologies();
assertFalse(topologies.isEmpty());
topology = topologies.iterator().next();
assertEquals("deleteme", topology.getName());
File topologyFile = new File(topologyDir, topology.getName() + ".xml");
assertTrue(topologyFile.exists());
topologyFile.delete();
provider.reloadTopologies();
assertFalse("Simple descriptor should have been deleted because the associated topology was.", simpleDesc.exists());
} finally {
provCfgFile.delete();
}
} finally {
FileUtils.deleteQuietly(dir);
}
}
Aggregations