Search in sources :

Example 1 with EncryptStepContextParams

use of org.apache.knox.gateway.encrypturi.EncryptStepContextParams in project knox by apache.

the class EncryptUriProcessor method process.

@Override
public UrlRewriteStepStatus process(UrlRewriteContext context) throws Exception {
    if (param != null && !param.isEmpty() && template != null && !template.isEmpty()) {
        Template uri = Parser.parseTemplate(template);
        String resolvedTemplate = Expander.expandToString(uri, context.getParameters(), context.getEvaluator());
        if (resolvedTemplate != null && !resolvedTemplate.isEmpty()) {
            String endcoedUrl = encode(resolvedTemplate);
            EncryptStepContextParams params = new EncryptStepContextParams();
            params.addParam(param, Arrays.asList(endcoedUrl));
            context.addParameters(params);
            return UrlRewriteStepStatus.SUCCESS;
        }
    }
    return UrlRewriteStepStatus.FAILURE;
}
Also used : EncryptStepContextParams(org.apache.knox.gateway.encrypturi.EncryptStepContextParams) Template(org.apache.knox.gateway.util.urltemplate.Template)

Example 2 with EncryptStepContextParams

use of org.apache.knox.gateway.encrypturi.EncryptStepContextParams in project knox by apache.

the class EncryptDecryptUriProcessorTest method testEncryptDecrypt.

@Test
public void testEncryptDecrypt() throws Exception {
    String encryptedValueParamName = "address";
    String clusterName = "test-cluster-name";
    String passwordAlias = "encryptQueryString";
    // Test encryption.  Result is in encryptedAdrress
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    String secret = "asdf";
    EasyMock.expect(as.getPasswordFromAliasForCluster(clusterName, passwordAlias)).andReturn(secret.toCharArray()).anyTimes();
    CryptoService cryptoService = new DefaultCryptoService();
    ((DefaultCryptoService) cryptoService).setAliasService(as);
    GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
    UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
    EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
    EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn(clusterName).anyTimes();
    UrlRewriteContext encContext = EasyMock.createNiceMock(UrlRewriteContext.class);
    EncryptStepContextParams hostPortParams = new EncryptStepContextParams();
    hostPortParams.addParam("host", Arrays.asList("host.yarn.com"));
    hostPortParams.addParam("port", Arrays.asList("8088"));
    EasyMock.expect(encContext.getParameters()).andReturn(hostPortParams);
    Capture<EncryptStepContextParams> encodedValue = new Capture<EncryptStepContextParams>();
    encContext.addParameters(EasyMock.capture(encodedValue));
    EasyMock.replay(gatewayServices, as, encEnvironment, encContext);
    EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
    descriptor.setTemplate("{host}:{port}");
    descriptor.setParam(encryptedValueParamName);
    EncryptUriProcessor processor = new EncryptUriProcessor();
    processor.initialize(encEnvironment, descriptor);
    UrlRewriteStepStatus encStatus = processor.process(encContext);
    assertThat(encStatus, is(UrlRewriteStepStatus.SUCCESS));
    assertThat(encodedValue.getValue(), notNullValue());
    assertThat(encodedValue.getValue().resolve(encryptedValueParamName).size(), is(1));
    String encryptedAdrress = encodedValue.getValue().resolve(encryptedValueParamName).get(0);
    assertThat(encryptedAdrress, not(isEmptyOrNullString()));
    assertThat(encryptedAdrress, not("{host}:{port}"));
    assertThat(encryptedAdrress, not("hdp:8088"));
    // Test decryption.  Result is in dectryptedAdrress.
    String decParam = "foo";
    gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
    as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getPasswordFromAliasForCluster(clusterName, passwordAlias)).andReturn(secret.toCharArray()).anyTimes();
    UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
    EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
    EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn(clusterName).anyTimes();
    UrlRewriteContext decContext = EasyMock.createNiceMock(UrlRewriteContext.class);
    EncryptStepContextParams encryptedParams = new EncryptStepContextParams();
    // Value was encrypted by EncryptUriProcessor
    encryptedParams.addParam(decParam, Arrays.asList(encryptedAdrress));
    encryptedParams.addParam("foo1", Arrays.asList("test"));
    EasyMock.expect(decContext.getParameters()).andReturn(encryptedParams);
    Capture<EncryptStepContextParams> decodedValue = new Capture<EncryptStepContextParams>();
    decContext.addParameters(EasyMock.capture(decodedValue));
    EasyMock.replay(gatewayServices, as, decEnvironment, decContext);
    DecryptUriDescriptor decDescriptor = new DecryptUriDescriptor();
    decDescriptor.setParam(decParam);
    DecryptUriProcessor decProcessor = new DecryptUriProcessor();
    decProcessor.initialize(decEnvironment, decDescriptor);
    UrlRewriteStepStatus decStatus = decProcessor.process(decContext);
    assertThat(decStatus, is(UrlRewriteStepStatus.SUCCESS));
    assertThat(decodedValue.getValue(), notNullValue());
    assertThat(decodedValue.getValue().resolve(decParam).size(), is(1));
    String dectryptedAdrress = decodedValue.getValue().resolve(decParam).get(0);
    assertThat(dectryptedAdrress, is("host.yarn.com:8088"));
}
Also used : UrlRewriteEnvironment(org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment) GatewayServices(org.apache.knox.gateway.services.GatewayServices) EncryptStepContextParams(org.apache.knox.gateway.encrypturi.EncryptStepContextParams) AliasService(org.apache.knox.gateway.services.security.AliasService) EncryptUriDescriptor(org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor) IsEmptyString.isEmptyOrNullString(org.hamcrest.text.IsEmptyString.isEmptyOrNullString) UrlRewriteContext(org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext) Capture(org.easymock.Capture) UrlRewriteStepStatus(org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) CryptoService(org.apache.knox.gateway.services.security.CryptoService) DecryptUriDescriptor(org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) Test(org.junit.Test)

Example 3 with EncryptStepContextParams

use of org.apache.knox.gateway.encrypturi.EncryptStepContextParams in project knox by apache.

the class DecryptUriProcessor method process.

@Override
public UrlRewriteStepStatus process(UrlRewriteContext context) throws Exception {
    if (param != null && !param.isEmpty()) {
        Template template = Parser.parseTemplate("{" + param + "}");
        String resolvedTemplate = Expander.expandToString(template, context.getParameters(), context.getEvaluator());
        String url = decode(resolvedTemplate);
        EncryptStepContextParams params = new EncryptStepContextParams();
        params.addParam(param, Arrays.asList(url));
        context.addParameters(params);
        return UrlRewriteStepStatus.SUCCESS;
    }
    return UrlRewriteStepStatus.FAILURE;
}
Also used : EncryptStepContextParams(org.apache.knox.gateway.encrypturi.EncryptStepContextParams) Template(org.apache.knox.gateway.util.urltemplate.Template)

Aggregations

EncryptStepContextParams (org.apache.knox.gateway.encrypturi.EncryptStepContextParams)3 Template (org.apache.knox.gateway.util.urltemplate.Template)2 DecryptUriDescriptor (org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor)1 EncryptUriDescriptor (org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor)1 UrlRewriteEnvironment (org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment)1 UrlRewriteContext (org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext)1 UrlRewriteStepStatus (org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus)1 GatewayServices (org.apache.knox.gateway.services.GatewayServices)1 AliasService (org.apache.knox.gateway.services.security.AliasService)1 CryptoService (org.apache.knox.gateway.services.security.CryptoService)1 DefaultCryptoService (org.apache.knox.gateway.services.security.impl.DefaultCryptoService)1 Capture (org.easymock.Capture)1 IsEmptyString.isEmptyOrNullString (org.hamcrest.text.IsEmptyString.isEmptyOrNullString)1 Test (org.junit.Test)1