Examples with GatewayServices org.apache.knox.gateway.services.GatewayServices used on opensource projects

Search in sources :

Example 26 with GatewayServices

use of org.apache.knox.gateway.services.GatewayServices in project knox by apache.

the class TokenServiceResourceTest method testValidClientCertWrongUser.

@Test
public void testValidClientCertWrongUser() throws Exception {
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(context.getInitParameter("knox.token.client.cert.required")).andReturn("true");
    EasyMock.expect(context.getInitParameter("knox.token.allowed.principals")).andReturn("CN=remotehost, OU=Test, O=Hadoop, L=Test, ST=Test, C=US");
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
    X509Certificate trustedCertMock = EasyMock.createMock(X509Certificate.class);
    EasyMock.expect(trustedCertMock.getSubjectDN()).andReturn(new PrimaryPrincipal("CN=localhost, OU=Test, O=Hadoop, L=Test, ST=Test, C=US")).anyTimes();
    ArrayList<X509Certificate> certArrayList = new ArrayList<X509Certificate>();
    certArrayList.add(trustedCertMock);
    X509Certificate[] certs = {};
    EasyMock.expect(request.getAttribute("javax.servlet.request.X509Certificate")).andReturn(certArrayList.toArray(certs)).anyTimes();
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
    EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
    GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
    JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
    EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
    StringWriter writer = new StringWriter();
    PrintWriter printWriter = new PrintWriter(writer);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    EasyMock.expect(response.getWriter()).andReturn(printWriter);
    EasyMock.replay(principal, services, context, request, response, trustedCertMock);
    TokenResource tr = new TokenResource();
    tr.request = request;
    tr.response = response;
    tr.context = context;
    tr.init();
    // Issue a token
    Response retResponse = tr.doGet();
    assertEquals(403, retResponse.getStatus());
}
Also used : GatewayServices(org.apache.knox.gateway.services.GatewayServices) TokenResource(org.apache.knox.gateway.service.knoxtoken.TokenResource) ArrayList(java.util.ArrayList) HttpServletResponse(javax.servlet.http.HttpServletResponse) X509Certificate(java.security.cert.X509Certificate) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) Response(javax.ws.rs.core.Response) StringWriter(java.io.StringWriter) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) ServletContext(javax.servlet.ServletContext) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) Principal(java.security.Principal) PrintWriter(java.io.PrintWriter) Test(org.junit.Test)

Example 27 with GatewayServices

use of org.apache.knox.gateway.services.GatewayServices in project knox by apache.

the class ServiceTestResource method getServiceTestURLs.

private List<String> getServiceTestURLs(GatewayConfig conf, String role, Topology topology) {
    GatewayServices services = (GatewayServices) request.getServletContext().getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
    List<String> fullURLs = new ArrayList<>();
    if (services != null) {
        TopologyService ts = services.getService(GatewayServices.TOPOLOGY_SERVICE);
        Map<String, List<String>> urls = ts.getServiceTestURLs(topology, conf);
        List<String> urlPaths = urls.get(role);
        if (urlPaths != null) {
            String base = buildURI(topology, conf, request);
            for (String u : urlPaths) {
                fullURLs.add(base + u);
            }
        }
    }
    return fullURLs;
}
Also used : GatewayServices(org.apache.knox.gateway.services.GatewayServices) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) TopologyService(org.apache.knox.gateway.services.topology.TopologyService)

Example 28 with GatewayServices

use of org.apache.knox.gateway.services.GatewayServices in project knox by apache.

the class WebSSOResourceTest method testSignatureAlgorithm.

@Test
public void testSignatureAlgorithm() throws Exception {
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.token.ttl")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.enable.session")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.token.sigalg")).andReturn("RS512");
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getParameter("originalUrl")).andReturn("http://localhost:9080/service");
    EasyMock.expect(request.getParameterMap()).andReturn(Collections.<String, String[]>emptyMap());
    EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
    EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
    GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
    JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
    EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    CookieResponseWrapper responseWrapper = new CookieResponseWrapper(response, outputStream);
    EasyMock.replay(principal, services, context, request);
    WebSSOResource webSSOResponse = new WebSSOResource();
    webSSOResponse.request = request;
    webSSOResponse.response = responseWrapper;
    webSSOResponse.context = context;
    webSSOResponse.init();
    // Issue a token
    webSSOResponse.doGet();
    // Check the cookie
    Cookie cookie = responseWrapper.getCookie("hadoop-jwt");
    assertNotNull(cookie);
    JWT parsedToken = new JWTToken(cookie.getValue());
    assertEquals("alice", parsedToken.getSubject());
    assertTrue(authority.verifyToken(parsedToken));
    assertTrue(parsedToken.getHeader().contains("RS512"));
}
Also used : Cookie(javax.servlet.http.Cookie) GatewayServices(org.apache.knox.gateway.services.GatewayServices) ServletOutputStream(javax.servlet.ServletOutputStream) JWT(org.apache.knox.gateway.services.security.token.impl.JWT) HttpServletResponse(javax.servlet.http.HttpServletResponse) JWTToken(org.apache.knox.gateway.services.security.token.impl.JWTToken) HttpServletRequest(javax.servlet.http.HttpServletRequest) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) ServletContext(javax.servlet.ServletContext) Principal(java.security.Principal) Test(org.junit.Test)

Example 29 with GatewayServices

use of org.apache.knox.gateway.services.GatewayServices in project knox by apache.

the class WebSSOResourceTest method testNegativeTTL.

@Test
public void testNegativeTTL() throws Exception {
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.token.ttl")).andReturn("-60000");
    EasyMock.expect(context.getInitParameter("knoxsso.enable.session")).andReturn(null);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getParameter("originalUrl")).andReturn("http://localhost:9080/service");
    EasyMock.expect(request.getParameterMap()).andReturn(Collections.<String, String[]>emptyMap());
    EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
    EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
    GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
    JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
    EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    CookieResponseWrapper responseWrapper = new CookieResponseWrapper(response, outputStream);
    EasyMock.replay(principal, services, context, request);
    WebSSOResource webSSOResponse = new WebSSOResource();
    webSSOResponse.request = request;
    webSSOResponse.response = responseWrapper;
    webSSOResponse.context = context;
    webSSOResponse.init();
    // Issue a token
    webSSOResponse.doGet();
    // Check the cookie
    Cookie cookie = responseWrapper.getCookie("hadoop-jwt");
    assertNotNull(cookie);
    JWT parsedToken = new JWTToken(cookie.getValue());
    assertEquals("alice", parsedToken.getSubject());
    assertTrue(authority.verifyToken(parsedToken));
    Date expiresDate = parsedToken.getExpiresDate();
    Date now = new Date();
    assertTrue(expiresDate.after(now));
    assertTrue((expiresDate.getTime() - now.getTime()) < 30000L);
}
Also used : Cookie(javax.servlet.http.Cookie) GatewayServices(org.apache.knox.gateway.services.GatewayServices) ServletOutputStream(javax.servlet.ServletOutputStream) JWT(org.apache.knox.gateway.services.security.token.impl.JWT) HttpServletResponse(javax.servlet.http.HttpServletResponse) JWTToken(org.apache.knox.gateway.services.security.token.impl.JWTToken) Date(java.util.Date) HttpServletRequest(javax.servlet.http.HttpServletRequest) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) ServletContext(javax.servlet.ServletContext) Principal(java.security.Principal) Test(org.junit.Test)

Example 30 with GatewayServices

use of org.apache.knox.gateway.services.GatewayServices in project knox by apache.

the class WebSSOResourceTest method testOverflowTTL.

@Test
public void testOverflowTTL() throws Exception {
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn(null);
    EasyMock.expect(context.getInitParameter("knoxsso.token.ttl")).andReturn(String.valueOf(Long.MAX_VALUE));
    EasyMock.expect(context.getInitParameter("knoxsso.enable.session")).andReturn(null);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getParameter("originalUrl")).andReturn("http://localhost:9080/service");
    EasyMock.expect(request.getParameterMap()).andReturn(Collections.<String, String[]>emptyMap());
    EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
    EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
    GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
    JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
    EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    CookieResponseWrapper responseWrapper = new CookieResponseWrapper(response, outputStream);
    EasyMock.replay(principal, services, context, request);
    WebSSOResource webSSOResponse = new WebSSOResource();
    webSSOResponse.request = request;
    webSSOResponse.response = responseWrapper;
    webSSOResponse.context = context;
    webSSOResponse.init();
    // Issue a token
    webSSOResponse.doGet();
    // Check the cookie
    Cookie cookie = responseWrapper.getCookie("hadoop-jwt");
    assertNotNull(cookie);
    JWT parsedToken = new JWTToken(cookie.getValue());
    assertEquals("alice", parsedToken.getSubject());
    assertTrue(authority.verifyToken(parsedToken));
    Date expiresDate = parsedToken.getExpiresDate();
    Date now = new Date();
    assertTrue(expiresDate.after(now));
    assertTrue((expiresDate.getTime() - now.getTime()) < 30000L);
}
Also used : Cookie(javax.servlet.http.Cookie) GatewayServices(org.apache.knox.gateway.services.GatewayServices) ServletOutputStream(javax.servlet.ServletOutputStream) JWT(org.apache.knox.gateway.services.security.token.impl.JWT) HttpServletResponse(javax.servlet.http.HttpServletResponse) JWTToken(org.apache.knox.gateway.services.security.token.impl.JWTToken) Date(java.util.Date) HttpServletRequest(javax.servlet.http.HttpServletRequest) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) ServletContext(javax.servlet.ServletContext) Principal(java.security.Principal) Test(org.junit.Test)

Aggregations

GatewayServices (org.apache.knox.gateway.services.GatewayServices)75 Test (org.junit.Test)37 HttpServletRequest (javax.servlet.http.HttpServletRequest)24 ServletContext (javax.servlet.ServletContext)22 Principal (java.security.Principal)21 JWTokenAuthority (org.apache.knox.gateway.services.security.token.JWTokenAuthority)21 AliasService (org.apache.knox.gateway.services.security.AliasService)20 HttpServletResponse (javax.servlet.http.HttpServletResponse)19 JWT (org.apache.knox.gateway.services.security.token.impl.JWT)18 Response (javax.ws.rs.core.Response)17 JWTToken (org.apache.knox.gateway.services.security.token.impl.JWTToken)17 TopologyService (org.apache.knox.gateway.services.topology.TopologyService)17 HashMap (java.util.HashMap)14 Path (javax.ws.rs.Path)12 File (java.io.File)11 PrintWriter (java.io.PrintWriter)11 StringWriter (java.io.StringWriter)11 UrlRewriteEnvironment (org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment)11 PrimaryPrincipal (org.apache.knox.gateway.security.PrimaryPrincipal)11 TokenResource (org.apache.knox.gateway.service.knoxtoken.TokenResource)11
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial