Search in sources :

Example 1 with ResourceDescriptor

use of org.apache.knox.gateway.descriptor.ResourceDescriptor in project knox by apache.

the class ServiceDefinitionDeploymentContributor method contributeResource.

private void contributeResource(DeploymentContext context, Service service, Route binding, Map<String, String> filterParams) throws URISyntaxException {
    List<FilterParamDescriptor> params = new ArrayList<FilterParamDescriptor>();
    ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
    resource.role(service.getRole());
    resource.pattern(binding.getPath());
    // add x-forwarded filter if enabled in config
    if (context.getGatewayConfig().isXForwardedEnabled()) {
        resource.addFilter().name(XFORWARDED_FILTER_NAME).role(XFORWARDED_FILTER_ROLE).impl(XForwardedHeaderFilter.class);
    }
    if (context.getGatewayConfig().isCookieScopingToPathEnabled()) {
        FilterDescriptor filter = resource.addFilter().name(COOKIE_SCOPING_FILTER_NAME).role(COOKIE_SCOPING_FILTER_ROLE).impl(CookieScopeServletFilter.class);
        filter.param().name(GatewayConfigImpl.HTTP_PATH).value(context.getGatewayConfig().getGatewayPath());
    }
    List<Policy> policyBindings = binding.getPolicies();
    if (policyBindings == null) {
        policyBindings = serviceDefinition.getPolicies();
    }
    if (policyBindings == null) {
        // add default set
        addDefaultPolicies(context, service, filterParams, params, resource);
    } else {
        addPolicies(context, service, filterParams, params, resource, policyBindings);
    }
    addDispatchFilter(context, service, resource, binding);
}
Also used : Policy(org.apache.knox.gateway.service.definition.Policy) FilterDescriptor(org.apache.knox.gateway.descriptor.FilterDescriptor) FilterParamDescriptor(org.apache.knox.gateway.descriptor.FilterParamDescriptor) ArrayList(java.util.ArrayList) ResourceDescriptor(org.apache.knox.gateway.descriptor.ResourceDescriptor)

Example 2 with ResourceDescriptor

use of org.apache.knox.gateway.descriptor.ResourceDescriptor in project knox by apache.

the class ServiceDefinitionDeploymentContributorTest method testServiceAttributeUseTwoWaySSLParamOverride.

/**
 * Test that service param useTwoWaySsl in topologies overrides the corresponding custom dispatch property.
 */
@Test
public void testServiceAttributeUseTwoWaySSLParamOverride() throws Exception {
    final String TEST_SERVICE_ROLE = "Test";
    final String USE_TWO_WAY_SSL_PARAM = "useTwoWaySsl";
    UrlRewriteRulesDescriptor clusterRules = EasyMock.createNiceMock(UrlRewriteRulesDescriptor.class);
    EasyMock.replay(clusterRules);
    UrlRewriteRulesDescriptor svcRules = EasyMock.createNiceMock(UrlRewriteRulesDescriptor.class);
    EasyMock.replay(svcRules);
    ServiceDefinition svcDef = EasyMock.createNiceMock(ServiceDefinition.class);
    EasyMock.expect(svcDef.getRole()).andReturn(TEST_SERVICE_ROLE).anyTimes();
    List<Route> svcRoutes = new ArrayList<>();
    Route route = EasyMock.createNiceMock(Route.class);
    List<Rewrite> filters = new ArrayList<>();
    EasyMock.expect(route.getRewrites()).andReturn(filters).anyTimes();
    svcRoutes.add(route);
    EasyMock.replay(route);
    EasyMock.expect(svcDef.getRoutes()).andReturn(svcRoutes).anyTimes();
    CustomDispatch cd = EasyMock.createNiceMock(CustomDispatch.class);
    EasyMock.expect(cd.getClassName()).andReturn("TestDispatch").anyTimes();
    EasyMock.expect(cd.getHaClassName()).andReturn("TestHADispatch").anyTimes();
    EasyMock.expect(cd.getHaContributorName()).andReturn(null).anyTimes();
    // Let useTwoWaySsl be FALSE by default
    EasyMock.expect(cd.getUseTwoWaySsl()).andReturn(false).anyTimes();
    EasyMock.replay(cd);
    EasyMock.expect(svcDef.getDispatch()).andReturn(cd).anyTimes();
    EasyMock.replay(svcDef);
    ServiceDefinitionDeploymentContributor sddc = new ServiceDefinitionDeploymentContributor(svcDef, svcRules);
    DeploymentContext context = EasyMock.createNiceMock(DeploymentContext.class);
    EasyMock.expect(context.getDescriptor("rewrite")).andReturn(clusterRules).anyTimes();
    GatewayConfig gc = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(gc.isXForwardedEnabled()).andReturn(false).anyTimes();
    EasyMock.expect(gc.isCookieScopingToPathEnabled()).andReturn(false).anyTimes();
    EasyMock.replay(gc);
    EasyMock.expect(context.getGatewayConfig()).andReturn(gc).anyTimes();
    // Configure the HaProvider
    Topology topology = EasyMock.createNiceMock(Topology.class);
    List<Provider> providers = new ArrayList<>();
    Provider haProvider = EasyMock.createNiceMock(Provider.class);
    EasyMock.expect(haProvider.getRole()).andReturn("ha").anyTimes();
    EasyMock.expect(haProvider.isEnabled()).andReturn(true).anyTimes();
    Map<String, String> providerParams = new HashMap<>();
    providerParams.put(TEST_SERVICE_ROLE, "whatever");
    EasyMock.expect(haProvider.getParams()).andReturn(providerParams).anyTimes();
    EasyMock.replay(haProvider);
    providers.add(haProvider);
    EasyMock.expect(topology.getProviders()).andReturn(providers).anyTimes();
    EasyMock.replay(topology);
    EasyMock.expect(context.getTopology()).andReturn(topology).anyTimes();
    TestGatewayDescriptor gd = new TestGatewayDescriptor();
    EasyMock.expect(context.getGatewayDescriptor()).andReturn(gd).anyTimes();
    EasyMock.replay(context);
    // Configure the service with the useTwoWaySsl param to OVERRIDE the value in the service definition
    Service service = EasyMock.createNiceMock(Service.class);
    Map<String, String> svcParams = new HashMap<>();
    svcParams.put(USE_TWO_WAY_SSL_PARAM, "true");
    EasyMock.expect(service.getParams()).andReturn(svcParams).anyTimes();
    EasyMock.replay(service);
    sddc.contributeService(context, service);
    List<ResourceDescriptor> resources = gd.resources();
    assertEquals(1, gd.resources().size());
    ResourceDescriptor res = gd.resources().get(0);
    assertNotNull(res);
    List<FilterDescriptor> filterList = res.filters();
    assertEquals(1, filterList.size());
    FilterDescriptor f = filterList.get(0);
    assertNotNull(f);
    assertEquals("dispatch", f.role());
    List<FilterParamDescriptor> fParams = f.params();
    assertNotNull(fParams);
    // Collect the values of filter params named useTwoWaySsl
    List<String> useTwoWaySslFilterParamValues = new ArrayList<>();
    for (FilterParamDescriptor param : fParams) {
        if (param.name().equals(USE_TWO_WAY_SSL_PARAM)) {
            useTwoWaySslFilterParamValues.add(param.value());
        }
    }
    assertEquals("Expected only a single filter param named " + USE_TWO_WAY_SSL_PARAM, 1, useTwoWaySslFilterParamValues.size());
    assertEquals("Expected the service param to override the service definition value for " + USE_TWO_WAY_SSL_PARAM, "true", useTwoWaySslFilterParamValues.get(0));
}
Also used : CustomDispatch(org.apache.knox.gateway.service.definition.CustomDispatch) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) UrlRewriteRulesDescriptor(org.apache.knox.gateway.filter.rewrite.api.UrlRewriteRulesDescriptor) FilterDescriptor(org.apache.knox.gateway.descriptor.FilterDescriptor) ServiceDefinition(org.apache.knox.gateway.service.definition.ServiceDefinition) Route(org.apache.knox.gateway.service.definition.Route) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) FilterParamDescriptor(org.apache.knox.gateway.descriptor.FilterParamDescriptor) Service(org.apache.knox.gateway.topology.Service) Topology(org.apache.knox.gateway.topology.Topology) Provider(org.apache.knox.gateway.topology.Provider) DeploymentContext(org.apache.knox.gateway.deploy.DeploymentContext) Rewrite(org.apache.knox.gateway.service.definition.Rewrite) ResourceDescriptor(org.apache.knox.gateway.descriptor.ResourceDescriptor) Test(org.junit.Test)

Example 3 with ResourceDescriptor

use of org.apache.knox.gateway.descriptor.ResourceDescriptor in project knox by apache.

the class ASDeploymentContributor method contributeService.

@Override
public void contributeService(DeploymentContext context, Service service) throws URISyntaxException {
    ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
    resource.role(service.getRole());
    resource.pattern(AS_EXTERNAL_PATH + "/authenticate");
    if (topologyContainsProviderType(context, "authentication")) {
        context.contributeFilter(service, resource, "authentication", null, null);
    }
    if (topologyContainsProviderType(context, "federation")) {
        context.contributeFilter(service, resource, "federation", null, null);
    }
    context.contributeFilter(service, resource, "identity-assertion", null, null);
}
Also used : ResourceDescriptor(org.apache.knox.gateway.descriptor.ResourceDescriptor)

Example 4 with ResourceDescriptor

use of org.apache.knox.gateway.descriptor.ResourceDescriptor in project knox by apache.

the class JerseyServiceDeploymentContributorBase method contributeService.

public void contributeService(DeploymentContext context, Service service) throws Exception {
    String packages = StringUtils.join(getPackages(), ";");
    for (String pattern : getPatterns()) {
        ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
        resource.role(service.getRole());
        resource.pattern(pattern);
        addWebAppSecFilters(context, service, resource);
        addXForwardedFilter(context, service, resource);
        addAuthenticationFilter(context, service, resource);
        addIdentityAssertionFilter(context, service, resource);
        addAuthorizationFilter(context, service, resource);
        // addRewriteFilter( context, service, resource, null );
        List<FilterParamDescriptor> params = new ArrayList<FilterParamDescriptor>();
        FilterParamDescriptor param = resource.createFilterParam();
        param.name(PACKAGES_PARAM);
        param.value(packages);
        params.add(param);
        // params.add( trace );
        for (Map.Entry<String, String> serviceParam : service.getParams().entrySet()) {
            context.getWebAppDescriptor().createContextParam().paramName(serviceParam.getKey()).paramValue(serviceParam.getValue());
        }
        context.contributeFilter(service, resource, "pivot", "jersey", params);
    }
}
Also used : FilterParamDescriptor(org.apache.knox.gateway.descriptor.FilterParamDescriptor) ArrayList(java.util.ArrayList) Map(java.util.Map) ResourceDescriptor(org.apache.knox.gateway.descriptor.ResourceDescriptor)

Example 5 with ResourceDescriptor

use of org.apache.knox.gateway.descriptor.ResourceDescriptor in project knox by apache.

the class JerseyDeploymentContributorTest method testDeploymentContributors.

@Test
public void testDeploymentContributors() throws Exception {
    JerseyDispatchDeploymentContributor providerContributor = new JerseyDispatchDeploymentContributor();
    assertThat(providerContributor.getRole(), is("pivot"));
    assertThat(providerContributor.getName(), is("jersey"));
    MockJerseyService serviceContributor = new MockJerseyService();
    WebArchive webArchive = ShrinkWrap.create(WebArchive.class, "test-archive");
    Topology topology = new Topology();
    topology.setName("test-topology");
    Provider provider = new Provider();
    provider.setRole("pivot");
    provider.setName("jersey");
    provider.setEnabled(true);
    topology.addProvider(provider);
    GatewayDescriptor descriptor = GatewayDescriptorFactory.create();
    DeploymentContext context = EasyMock.createNiceMock(DeploymentContext.class);
    EasyMock.expect(context.getWebArchive()).andReturn(webArchive).anyTimes();
    EasyMock.expect(context.getTopology()).andReturn(topology).anyTimes();
    EasyMock.expect(context.getGatewayDescriptor()).andReturn(descriptor).anyTimes();
    context.contributeFilter(EasyMock.<Service>isA(Service.class), EasyMock.<ResourceDescriptor>isA(ResourceDescriptor.class), EasyMock.<String>isA(String.class), EasyMock.<String>isA(String.class), EasyMock.<List>isA(List.class));
    EasyMock.expectLastCall().andDelegateTo(new MockDeploymentContext(context, providerContributor, provider)).anyTimes();
    EasyMock.replay(context);
    // Just make sure they don't blow up.
    providerContributor.initializeContribution(context);
    serviceContributor.initializeContribution(context);
    Service service = new Service();
    service.setRole("test-service-role");
    service.setName("test-service-name");
    service.addUrl("http://test-service-host:777/test-service-path");
    // This should end up calling providerContributor.contributeFilter
    serviceContributor.contributeService(context, service);
    ResourceDescriptor resource = context.getGatewayDescriptor().resources().get(0);
    // Just make sure they don't blow up.
    serviceContributor.finalizeContribution(context);
    providerContributor.finalizeContribution(context);
    /*
    GatewayDescriptorFactory.store( descriptor, "xml", new PrintWriter( System.out ) );
    <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <gateway>
      <resource>
        <role>test-service-role</role>
        <pattern>test-service/?**</pattern>
        <filter>
          <role>dispatch</role>
          <name>jersey</name>
          <class>org.glassfish.jersey.servlet.ServletContainer</class>
          <param>
            <name>jersey.config.server.provider.packages</name>
            <value>test-package-1;test-package-2</value>
          </param>
        </filter>
      </resource>
      <resource>
        <role>test-service-role</role>
        <pattern>test-service/**?**</pattern>
        <filter>
          <role>dispatch</role>
          <name>jersey</name>
          <class>org.glassfish.jersey.servlet.ServletContainer</class>
          <param>
            <name>jersey.config.server.provider.packages</name>
            <value>test-package-1;test-package-2</value>
          </param>
        </filter>
      </resource>
    </gateway>
    */
    List<ResourceDescriptor> resources = context.getGatewayDescriptor().resources();
    assertThat(resources.size(), is(2));
    resource = resources.get(0);
    assertThat(resource.role(), is("test-service-role"));
    assertThat(resource.pattern(), is("test-service/?**"));
    List<FilterDescriptor> filters = resource.filters();
    assertThat(filters.size(), is(1));
    FilterDescriptor filter = filters.get(0);
    assertThat(filter.role(), is("pivot"));
    assertThat(filter.name(), is("jersey"));
    assertThat(filter.impl(), is("org.glassfish.jersey.servlet.ServletContainer"));
    List<FilterParamDescriptor> params = filter.params();
    assertThat(params.size(), is(1));
    FilterParamDescriptor param = params.get(0);
    assertThat(param.name(), is("jersey.config.server.provider.packages"));
    assertThat(param.value(), is("test-package-1;test-package-2"));
    resource = resources.get(1);
    assertThat(resource.role(), is("test-service-role"));
    assertThat(resource.pattern(), is("test-service/**?**"));
    filters = resource.filters();
    assertThat(filters.size(), is(1));
    filter = filters.get(0);
    assertThat(filter.role(), is("pivot"));
    assertThat(filter.name(), is("jersey"));
    assertThat(filter.impl(), is("org.glassfish.jersey.servlet.ServletContainer"));
    params = filter.params();
    assertThat(params.size(), is(1));
    param = params.get(0);
    assertThat(param.name(), is("jersey.config.server.provider.packages"));
    assertThat(param.value(), is("test-package-1;test-package-2"));
}
Also used : GatewayDescriptor(org.apache.knox.gateway.descriptor.GatewayDescriptor) WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive) FilterParamDescriptor(org.apache.knox.gateway.descriptor.FilterParamDescriptor) Service(org.apache.knox.gateway.topology.Service) Topology(org.apache.knox.gateway.topology.Topology) Provider(org.apache.knox.gateway.topology.Provider) DeploymentContext(org.apache.knox.gateway.deploy.DeploymentContext) FilterDescriptor(org.apache.knox.gateway.descriptor.FilterDescriptor) List(java.util.List) ResourceDescriptor(org.apache.knox.gateway.descriptor.ResourceDescriptor) Test(org.junit.Test)

Aggregations

ResourceDescriptor (org.apache.knox.gateway.descriptor.ResourceDescriptor)14 FilterParamDescriptor (org.apache.knox.gateway.descriptor.FilterParamDescriptor)9 FilterDescriptor (org.apache.knox.gateway.descriptor.FilterDescriptor)6 ArrayList (java.util.ArrayList)5 GatewayDescriptor (org.apache.knox.gateway.descriptor.GatewayDescriptor)4 Test (org.junit.Test)4 Reader (java.io.Reader)2 StringReader (java.io.StringReader)2 HashMap (java.util.HashMap)2 DeploymentContext (org.apache.knox.gateway.deploy.DeploymentContext)2 Policy (org.apache.knox.gateway.service.definition.Policy)2 Provider (org.apache.knox.gateway.topology.Provider)2 Service (org.apache.knox.gateway.topology.Service)2 Topology (org.apache.knox.gateway.topology.Topology)2 Matchers.containsString (org.hamcrest.Matchers.containsString)2 IOException (java.io.IOException)1 List (java.util.List)1 Map (java.util.Map)1 ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)1 TransformerException (javax.xml.transform.TransformerException)1