Examples with AliasService org.apache.knox.gateway.services.security.AliasService used on opensource projects

Search in sources :

Example 6 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class ZooKeeperConfigurationMonitorTest method testZooKeeperConfigMonitor.

@Test
public void testZooKeeperConfigMonitor() throws Exception {
    String configMonitorName = "remoteConfigMonitorClient";
    // Setup the base GatewayConfig mock
    gc = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(gc.getGatewayProvidersConfigDir()).andReturn(providersDir.getAbsolutePath()).anyTimes();
    EasyMock.expect(gc.getGatewayDescriptorsDir()).andReturn(descriptorsDir.getAbsolutePath()).anyTimes();
    EasyMock.expect(gc.getRemoteRegistryConfigurationNames()).andReturn(Collections.singletonList(configMonitorName)).anyTimes();
    final String registryConfig = GatewayConfig.REMOTE_CONFIG_REGISTRY_TYPE + "=" + ZooKeeperClientService.TYPE + ";" + GatewayConfig.REMOTE_CONFIG_REGISTRY_ADDRESS + "=" + zkCluster.getConnectString();
    EasyMock.expect(gc.getRemoteRegistryConfiguration(configMonitorName)).andReturn(registryConfig).anyTimes();
    EasyMock.expect(gc.getRemoteConfigurationMonitorClientName()).andReturn(configMonitorName).anyTimes();
    EasyMock.replay(gc);
    AliasService aliasService = EasyMock.createNiceMock(AliasService.class);
    EasyMock.replay(aliasService);
    RemoteConfigurationRegistryClientService clientService = (new ZooKeeperClientServiceProvider()).newInstance();
    clientService.setAliasService(aliasService);
    clientService.init(gc, Collections.emptyMap());
    clientService.start();
    DefaultRemoteConfigurationMonitor cm = new DefaultRemoteConfigurationMonitor(gc, clientService);
    // Create a provider configuration in the test ZK, prior to starting the monitor, to make sure that the monitor
    // will download existing entries upon starting.
    final String preExistingProviderConfig = getProviderPath("pre-existing-providers.xml");
    client.create().withMode(CreateMode.PERSISTENT).forPath(preExistingProviderConfig, TEST_PROVIDERS_CONFIG_1.getBytes());
    File preExistingProviderConfigLocalFile = new File(providersDir, "pre-existing-providers.xml");
    assertFalse("This file should not exist locally prior to monitor starting.", preExistingProviderConfigLocalFile.exists());
    try {
        cm.start();
    } catch (Exception e) {
        fail("Failed to start monitor: " + e.getMessage());
    }
    assertTrue("This file should exist locally immediately after monitor starting.", preExistingProviderConfigLocalFile.exists());
    try {
        final String pc_one_znode = getProviderPath("providers-config1.xml");
        final File pc_one = new File(providersDir, "providers-config1.xml");
        final String pc_two_znode = getProviderPath("providers-config2.xml");
        final File pc_two = new File(providersDir, "providers-config2.xml");
        client.create().withMode(CreateMode.PERSISTENT).forPath(pc_one_znode, TEST_PROVIDERS_CONFIG_1.getBytes());
        Thread.sleep(100);
        assertTrue(pc_one.exists());
        assertEquals(TEST_PROVIDERS_CONFIG_1, FileUtils.readFileToString(pc_one));
        client.create().withMode(CreateMode.PERSISTENT).forPath(getProviderPath("providers-config2.xml"), TEST_PROVIDERS_CONFIG_2.getBytes());
        Thread.sleep(100);
        assertTrue(pc_two.exists());
        assertEquals(TEST_PROVIDERS_CONFIG_2, FileUtils.readFileToString(pc_two));
        client.setData().forPath(pc_two_znode, TEST_PROVIDERS_CONFIG_1.getBytes());
        Thread.sleep(100);
        assertTrue(pc_two.exists());
        assertEquals(TEST_PROVIDERS_CONFIG_1, FileUtils.readFileToString(pc_two));
        client.delete().forPath(pc_two_znode);
        Thread.sleep(100);
        assertFalse(pc_two.exists());
        client.delete().forPath(pc_one_znode);
        Thread.sleep(100);
        assertFalse(pc_one.exists());
        final String desc_one_znode = getDescriptorPath("test1.json");
        final String desc_two_znode = getDescriptorPath("test2.json");
        final String desc_three_znode = getDescriptorPath("test3.json");
        final File desc_one = new File(descriptorsDir, "test1.json");
        final File desc_two = new File(descriptorsDir, "test2.json");
        final File desc_three = new File(descriptorsDir, "test3.json");
        client.create().withMode(CreateMode.PERSISTENT).forPath(desc_one_znode, TEST_DESCRIPTOR_1.getBytes());
        Thread.sleep(100);
        assertTrue(desc_one.exists());
        assertEquals(TEST_DESCRIPTOR_1, FileUtils.readFileToString(desc_one));
        client.create().withMode(CreateMode.PERSISTENT).forPath(desc_two_znode, TEST_DESCRIPTOR_1.getBytes());
        Thread.sleep(100);
        assertTrue(desc_two.exists());
        assertEquals(TEST_DESCRIPTOR_1, FileUtils.readFileToString(desc_two));
        client.setData().forPath(desc_two_znode, TEST_DESCRIPTOR_2.getBytes());
        Thread.sleep(100);
        assertTrue(desc_two.exists());
        assertEquals(TEST_DESCRIPTOR_2, FileUtils.readFileToString(desc_two));
        client.create().withMode(CreateMode.PERSISTENT).forPath(desc_three_znode, TEST_DESCRIPTOR_1.getBytes());
        Thread.sleep(100);
        assertTrue(desc_three.exists());
        assertEquals(TEST_DESCRIPTOR_1, FileUtils.readFileToString(desc_three));
        client.delete().forPath(desc_two_znode);
        Thread.sleep(100);
        assertFalse("Expected test2.json to have been deleted.", desc_two.exists());
        client.delete().forPath(desc_three_znode);
        Thread.sleep(100);
        assertFalse(desc_three.exists());
        client.delete().forPath(desc_one_znode);
        Thread.sleep(100);
        assertFalse(desc_one.exists());
    } finally {
        cm.stop();
    }
}
Also used : AliasService(org.apache.knox.gateway.services.security.AliasService) ZooKeeperClientServiceProvider(org.apache.knox.gateway.service.config.remote.zk.ZooKeeperClientServiceProvider) RemoteConfigurationRegistryClientService(org.apache.knox.gateway.services.config.client.RemoteConfigurationRegistryClientService) File(java.io.File) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Example 7 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class KnoxCLITest method testGatewayAndClusterStores.

@Test
public void testGatewayAndClusterStores() throws Exception {
    GatewayConfigImpl config = new GatewayConfigImpl();
    FileUtils.deleteQuietly(new File(config.getGatewaySecurityDir()));
    outContent.reset();
    String[] gwCreateArgs = { "create-alias", "alias1", "--value", "testvalue1", "--master", "master" };
    int rc = 0;
    KnoxCLI cli = new KnoxCLI();
    cli.setConf(config);
    rc = cli.run(gwCreateArgs);
    assertEquals(0, rc);
    assertTrue(outContent.toString(), outContent.toString().contains("alias1 has been successfully " + "created."));
    AliasService as = cli.getGatewayServices().getService(GatewayServices.ALIAS_SERVICE);
    outContent.reset();
    String[] clusterCreateArgs = { "create-alias", "alias2", "--value", "testvalue1", "--cluster", "test", "--master", "master" };
    cli = new KnoxCLI();
    cli.setConf(config);
    rc = cli.run(clusterCreateArgs);
    assertEquals(0, rc);
    assertTrue(outContent.toString(), outContent.toString().contains("alias2 has been successfully " + "created."));
    outContent.reset();
    String[] args2 = { "list-alias", "--master", "master" };
    cli = new KnoxCLI();
    rc = cli.run(args2);
    assertEquals(0, rc);
    assertFalse(outContent.toString(), outContent.toString().contains("alias2"));
    assertTrue(outContent.toString(), outContent.toString().contains("alias1"));
    char[] passwordChars = as.getPasswordFromAliasForCluster("test", "alias2");
    assertNotNull(passwordChars);
    assertTrue(new String(passwordChars), "testvalue1".equals(new String(passwordChars)));
    outContent.reset();
    String[] args1 = { "list-alias", "--cluster", "test", "--master", "master" };
    cli = new KnoxCLI();
    rc = cli.run(args1);
    assertEquals(0, rc);
    assertFalse(outContent.toString(), outContent.toString().contains("alias1"));
    assertTrue(outContent.toString(), outContent.toString().contains("alias2"));
    outContent.reset();
    String[] args4 = { "delete-alias", "alias1", "--master", "master" };
    cli = new KnoxCLI();
    rc = cli.run(args4);
    assertEquals(0, rc);
    assertTrue(outContent.toString(), outContent.toString().contains("alias1 has been successfully " + "deleted."));
    outContent.reset();
    String[] args5 = { "delete-alias", "alias2", "--cluster", "test", "--master", "master" };
    cli = new KnoxCLI();
    rc = cli.run(args5);
    assertEquals(0, rc);
    assertTrue(outContent.toString(), outContent.toString().contains("alias2 has been successfully " + "deleted."));
}
Also used : AliasService(org.apache.knox.gateway.services.security.AliasService) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) GatewayConfigImpl(org.apache.knox.gateway.config.impl.GatewayConfigImpl) File(java.io.File) Test(org.junit.Test)

Example 8 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class DefaultTokenAuthorityServiceTest method testTokenCreationAudience.

@Test
public void testTokenCreationAudience() throws Exception {
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    String basedir = System.getProperty("basedir");
    if (basedir == null) {
        basedir = new File(".").getCanonicalPath();
    }
    EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
    EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
    EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
    MasterService ms = EasyMock.createNiceMock(MasterService.class);
    EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
    EasyMock.replay(principal, config, ms, as);
    KeystoreService ks = new DefaultKeystoreService();
    ((DefaultKeystoreService) ks).setMasterService(ms);
    ((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
    JWTokenAuthority ta = new DefaultTokenAuthorityService();
    ((DefaultTokenAuthorityService) ta).setAliasService(as);
    ((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
    ((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
    JWT token = ta.issueToken(principal, "https://login.example.com", "RS256");
    assertEquals("KNOXSSO", token.getIssuer());
    assertEquals("john.doe@example.com", token.getSubject());
    assertEquals("https://login.example.com", token.getAudience());
    assertTrue(ta.verifyToken(token));
}
Also used : AliasService(org.apache.knox.gateway.services.security.AliasService) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) JWT(org.apache.knox.gateway.services.security.token.impl.JWT) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) KeystoreService(org.apache.knox.gateway.services.security.KeystoreService) File(java.io.File) MasterService(org.apache.knox.gateway.services.security.MasterService) Principal(java.security.Principal) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Example 9 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class DefaultTokenAuthorityServiceTest method testTokenCreation.

@Test
public void testTokenCreation() throws Exception {
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    String basedir = System.getProperty("basedir");
    if (basedir == null) {
        basedir = new File(".").getCanonicalPath();
    }
    EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
    EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
    EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
    MasterService ms = EasyMock.createNiceMock(MasterService.class);
    EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
    EasyMock.replay(principal, config, ms, as);
    KeystoreService ks = new DefaultKeystoreService();
    ((DefaultKeystoreService) ks).setMasterService(ms);
    ((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
    JWTokenAuthority ta = new DefaultTokenAuthorityService();
    ((DefaultTokenAuthorityService) ta).setAliasService(as);
    ((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
    ((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
    JWT token = ta.issueToken(principal, "RS256");
    assertEquals("KNOXSSO", token.getIssuer());
    assertEquals("john.doe@example.com", token.getSubject());
    assertTrue(ta.verifyToken(token));
}
Also used : AliasService(org.apache.knox.gateway.services.security.AliasService) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) JWT(org.apache.knox.gateway.services.security.token.impl.JWT) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) KeystoreService(org.apache.knox.gateway.services.security.KeystoreService) File(java.io.File) MasterService(org.apache.knox.gateway.services.security.MasterService) Principal(java.security.Principal) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Example 10 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class DefaultTokenAuthorityServiceTest method testTokenCreationNullAudience.

@Test
public void testTokenCreationNullAudience() throws Exception {
    Principal principal = EasyMock.createNiceMock(Principal.class);
    EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    String basedir = System.getProperty("basedir");
    if (basedir == null) {
        basedir = new File(".").getCanonicalPath();
    }
    EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
    EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
    EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
    MasterService ms = EasyMock.createNiceMock(MasterService.class);
    EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
    EasyMock.replay(principal, config, ms, as);
    KeystoreService ks = new DefaultKeystoreService();
    ((DefaultKeystoreService) ks).setMasterService(ms);
    ((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
    JWTokenAuthority ta = new DefaultTokenAuthorityService();
    ((DefaultTokenAuthorityService) ta).setAliasService(as);
    ((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
    ((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
    JWT token = ta.issueToken(principal, null, "RS256");
    assertEquals("KNOXSSO", token.getIssuer());
    assertEquals("john.doe@example.com", token.getSubject());
    assertTrue(ta.verifyToken(token));
}
Also used : AliasService(org.apache.knox.gateway.services.security.AliasService) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) JWT(org.apache.knox.gateway.services.security.token.impl.JWT) JWTokenAuthority(org.apache.knox.gateway.services.security.token.JWTokenAuthority) DefaultKeystoreService(org.apache.knox.gateway.services.security.impl.DefaultKeystoreService) KeystoreService(org.apache.knox.gateway.services.security.KeystoreService) File(java.io.File) MasterService(org.apache.knox.gateway.services.security.MasterService) Principal(java.security.Principal) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Aggregations

AliasService (org.apache.knox.gateway.services.security.AliasService)35 Test (org.junit.Test)25 GatewayServices (org.apache.knox.gateway.services.GatewayServices)20 File (java.io.File)15 GatewayConfig (org.apache.knox.gateway.config.GatewayConfig)12 HashMap (java.util.HashMap)11 DefaultCryptoService (org.apache.knox.gateway.services.security.impl.DefaultCryptoService)10 KeystoreService (org.apache.knox.gateway.services.security.KeystoreService)8 MasterService (org.apache.knox.gateway.services.security.MasterService)8 CryptoService (org.apache.knox.gateway.services.security.CryptoService)7 UrlRewriteEnvironment (org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment)6 Principal (java.security.Principal)5 DefaultKeystoreService (org.apache.knox.gateway.services.security.impl.DefaultKeystoreService)5 JWTokenAuthority (org.apache.knox.gateway.services.security.token.JWTokenAuthority)5 FileOutputStream (java.io.FileOutputStream)4 UrlRewriteContext (org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext)4 ZooKeeperClientServiceProvider (org.apache.knox.gateway.service.config.remote.zk.ZooKeeperClientServiceProvider)4 DefaultGatewayServices (org.apache.knox.gateway.services.DefaultGatewayServices)4 RemoteConfigurationRegistryClientService (org.apache.knox.gateway.services.config.client.RemoteConfigurationRegistryClientService)4 Capture (org.easymock.Capture)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial