Examples with FilterDescriptor org.apache.knox.gateway.descriptor.FilterDescriptor used on opensource projects

Example 1 with FilterDescriptor

use of org.apache.knox.gateway.descriptor.FilterDescriptor in project knox by apache.

the class UrlRewriteDeploymentContributor method contributeFilter.

@Override
public void contributeFilter(DeploymentContext context, Provider provider, Service service, ResourceDescriptor resource, List<FilterParamDescriptor> params) {
    FilterDescriptor filterDescriptor = resource.addFilter();
    filterDescriptor.role(getRole()).name(getName()).impl(UrlRewriteServletFilter.class).params(params);
    filterDescriptor.param().name(PARAM_SERVICE_ROLE).value(service.getRole());
}

Example 2 with FilterDescriptor

use of org.apache.knox.gateway.descriptor.FilterDescriptor in project knox by apache.

the class ServiceDefinitionDeploymentContributor method addDefaultHaDispatchFilter.

private void addDefaultHaDispatchFilter(DeploymentContext context, Service service, ResourceDescriptor resource) {
    FilterDescriptor filter = addDispatchFilterForClass(context, service, resource, DEFAULT_HA_DISPATCH_CLASS, null);
    filter.param().name(SERVICE_ROLE_PARAM).value(service.getRole());
}

Example 3 with FilterDescriptor

use of org.apache.knox.gateway.descriptor.FilterDescriptor in project knox by apache.

the class ServiceDefinitionDeploymentContributor method contributeResource.

private void contributeResource(DeploymentContext context, Service service, Route binding, Map<String, String> filterParams) throws URISyntaxException {
    List<FilterParamDescriptor> params = new ArrayList<FilterParamDescriptor>();
    ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
    resource.role(service.getRole());
    resource.pattern(binding.getPath());
    // add x-forwarded filter if enabled in config
    if (context.getGatewayConfig().isXForwardedEnabled()) {
        resource.addFilter().name(XFORWARDED_FILTER_NAME).role(XFORWARDED_FILTER_ROLE).impl(XForwardedHeaderFilter.class);
    }
    if (context.getGatewayConfig().isCookieScopingToPathEnabled()) {
        FilterDescriptor filter = resource.addFilter().name(COOKIE_SCOPING_FILTER_NAME).role(COOKIE_SCOPING_FILTER_ROLE).impl(CookieScopeServletFilter.class);
        filter.param().name(GatewayConfigImpl.HTTP_PATH).value(context.getGatewayConfig().getGatewayPath());
    }
    List<Policy> policyBindings = binding.getPolicies();
    if (policyBindings == null) {
        policyBindings = serviceDefinition.getPolicies();
    }
    if (policyBindings == null) {
        // add default set
        addDefaultPolicies(context, service, filterParams, params, resource);
    } else {
        addPolicies(context, service, filterParams, params, resource, policyBindings);
    }
    addDispatchFilter(context, service, resource, binding);
}

Example 4 with FilterDescriptor

use of org.apache.knox.gateway.descriptor.FilterDescriptor in project knox by apache.

the class ServiceDefinitionDeploymentContributor method addDispatchFilterForClass.

private FilterDescriptor addDispatchFilterForClass(DeploymentContext context, Service service, ResourceDescriptor resource, String dispatchClass, String httpClientFactory, boolean useTwoWaySsl) {
    FilterDescriptor filter = resource.addFilter().name(getName()).role(DISPATCH_ROLE).impl(GatewayDispatchFilter.class);
    filter.param().name(DISPATCH_IMPL_PARAM).value(dispatchClass);
    if (httpClientFactory != null) {
        filter.param().name(HTTP_CLIENT_FACTORY_PARAM).value(httpClientFactory);
    }
    // let's take the value of useTwoWaySsl which is derived from the service definition
    // then allow it to be overridden by service params from the topology
    filter.param().name("useTwoWaySsl").value(Boolean.toString(useTwoWaySsl));
    for (Map.Entry<String, String> serviceParam : service.getParams().entrySet()) {
        filter.param().name(serviceParam.getKey()).value(serviceParam.getValue());
    }
    if (context.getGatewayConfig().isHadoopKerberosSecured()) {
        filter.param().name("kerberos").value("true");
    } else {
        // TODO: [sumit] Get rid of special case. Add config/param capabilities to service definitions?
        // special case for hive
        filter.param().name("basicAuthPreemptive").value("true");
    }
    return filter;
}

Example 5 with FilterDescriptor

use of org.apache.knox.gateway.descriptor.FilterDescriptor in project knox by apache.

the class ServiceDefinitionDeploymentContributorTest method testServiceAttributeUseTwoWaySSLParamOverride.

/**
 * Test that service param useTwoWaySsl in topologies overrides the corresponding custom dispatch property.
 */
@Test
public void testServiceAttributeUseTwoWaySSLParamOverride() throws Exception {
    final String TEST_SERVICE_ROLE = "Test";
    final String USE_TWO_WAY_SSL_PARAM = "useTwoWaySsl";
    UrlRewriteRulesDescriptor clusterRules = EasyMock.createNiceMock(UrlRewriteRulesDescriptor.class);
    EasyMock.replay(clusterRules);
    UrlRewriteRulesDescriptor svcRules = EasyMock.createNiceMock(UrlRewriteRulesDescriptor.class);
    EasyMock.replay(svcRules);
    ServiceDefinition svcDef = EasyMock.createNiceMock(ServiceDefinition.class);
    EasyMock.expect(svcDef.getRole()).andReturn(TEST_SERVICE_ROLE).anyTimes();
    List<Route> svcRoutes = new ArrayList<>();
    Route route = EasyMock.createNiceMock(Route.class);
    List<Rewrite> filters = new ArrayList<>();
    EasyMock.expect(route.getRewrites()).andReturn(filters).anyTimes();
    svcRoutes.add(route);
    EasyMock.replay(route);
    EasyMock.expect(svcDef.getRoutes()).andReturn(svcRoutes).anyTimes();
    CustomDispatch cd = EasyMock.createNiceMock(CustomDispatch.class);
    EasyMock.expect(cd.getClassName()).andReturn("TestDispatch").anyTimes();
    EasyMock.expect(cd.getHaClassName()).andReturn("TestHADispatch").anyTimes();
    EasyMock.expect(cd.getHaContributorName()).andReturn(null).anyTimes();
    // Let useTwoWaySsl be FALSE by default
    EasyMock.expect(cd.getUseTwoWaySsl()).andReturn(false).anyTimes();
    EasyMock.replay(cd);
    EasyMock.expect(svcDef.getDispatch()).andReturn(cd).anyTimes();
    EasyMock.replay(svcDef);
    ServiceDefinitionDeploymentContributor sddc = new ServiceDefinitionDeploymentContributor(svcDef, svcRules);
    DeploymentContext context = EasyMock.createNiceMock(DeploymentContext.class);
    EasyMock.expect(context.getDescriptor("rewrite")).andReturn(clusterRules).anyTimes();
    GatewayConfig gc = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(gc.isXForwardedEnabled()).andReturn(false).anyTimes();
    EasyMock.expect(gc.isCookieScopingToPathEnabled()).andReturn(false).anyTimes();
    EasyMock.replay(gc);
    EasyMock.expect(context.getGatewayConfig()).andReturn(gc).anyTimes();
    // Configure the HaProvider
    Topology topology = EasyMock.createNiceMock(Topology.class);
    List<Provider> providers = new ArrayList<>();
    Provider haProvider = EasyMock.createNiceMock(Provider.class);
    EasyMock.expect(haProvider.getRole()).andReturn("ha").anyTimes();
    EasyMock.expect(haProvider.isEnabled()).andReturn(true).anyTimes();
    Map<String, String> providerParams = new HashMap<>();
    providerParams.put(TEST_SERVICE_ROLE, "whatever");
    EasyMock.expect(haProvider.getParams()).andReturn(providerParams).anyTimes();
    EasyMock.replay(haProvider);
    providers.add(haProvider);
    EasyMock.expect(topology.getProviders()).andReturn(providers).anyTimes();
    EasyMock.replay(topology);
    EasyMock.expect(context.getTopology()).andReturn(topology).anyTimes();
    TestGatewayDescriptor gd = new TestGatewayDescriptor();
    EasyMock.expect(context.getGatewayDescriptor()).andReturn(gd).anyTimes();
    EasyMock.replay(context);
    // Configure the service with the useTwoWaySsl param to OVERRIDE the value in the service definition
    Service service = EasyMock.createNiceMock(Service.class);
    Map<String, String> svcParams = new HashMap<>();
    svcParams.put(USE_TWO_WAY_SSL_PARAM, "true");
    EasyMock.expect(service.getParams()).andReturn(svcParams).anyTimes();
    EasyMock.replay(service);
    sddc.contributeService(context, service);
    List<ResourceDescriptor> resources = gd.resources();
    assertEquals(1, gd.resources().size());
    ResourceDescriptor res = gd.resources().get(0);
    assertNotNull(res);
    List<FilterDescriptor> filterList = res.filters();
    assertEquals(1, filterList.size());
    FilterDescriptor f = filterList.get(0);
    assertNotNull(f);
    assertEquals("dispatch", f.role());
    List<FilterParamDescriptor> fParams = f.params();
    assertNotNull(fParams);
    // Collect the values of filter params named useTwoWaySsl
    List<String> useTwoWaySslFilterParamValues = new ArrayList<>();
    for (FilterParamDescriptor param : fParams) {
        if (param.name().equals(USE_TWO_WAY_SSL_PARAM)) {
            useTwoWaySslFilterParamValues.add(param.value());
        }
    }
    assertEquals("Expected only a single filter param named " + USE_TWO_WAY_SSL_PARAM, 1, useTwoWaySslFilterParamValues.size());
    assertEquals("Expected the service param to override the service definition value for " + USE_TWO_WAY_SSL_PARAM, "true", useTwoWaySslFilterParamValues.get(0));
}