Examples with AliasService org.apache.knox.gateway.services.security.AliasService used on opensource projects

Search in sources :

Example 26 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class CredentialResource method getCredentialValueForAlias.

/**
 * @param alias
 * @return
 */
private CredentialValue getCredentialValueForAlias(String alias) {
    GatewayServices services = (GatewayServices) request.getServletContext().getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
    String clusterName = (String) request.getServletContext().getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE);
    AliasService as = services.getService(GatewayServices.ALIAS_SERVICE);
    char[] credential = null;
    try {
        credential = as.getPasswordFromAliasForCluster(clusterName, alias);
    } catch (AliasServiceException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
    if (credential != null) {
        return new CredentialValue(alias, new String(credential));
    }
    return null;
}
Also used : GatewayServices(org.apache.knox.gateway.services.GatewayServices) AliasService(org.apache.knox.gateway.services.security.AliasService) AliasServiceException(org.apache.knox.gateway.services.security.AliasServiceException)

Example 27 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class SecureQueryEncodeProcessorTest method testSimpleQueryEncoding.

@Test
public void testSimpleQueryEncoding() throws Exception {
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    String secret = "sdkjfhsdkjfhsdfs";
    EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
    CryptoService cryptoService = new DefaultCryptoService();
    ((DefaultCryptoService) cryptoService).setAliasService(as);
    GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
    UrlRewriteEnvironment environment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
    EasyMock.expect(environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
    EasyMock.expect(environment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn(Arrays.asList("test-cluster-name")).anyTimes();
    Template inTemplate = Parser.parseLiteral("http://host:0/root/path?query");
    UrlRewriteContext context = EasyMock.createNiceMock(UrlRewriteContext.class);
    EasyMock.expect(context.getCurrentUrl()).andReturn(inTemplate);
    Capture<Template> outTemplate = new Capture<Template>();
    context.setCurrentUrl(EasyMock.capture(outTemplate));
    EasyMock.replay(environment, context);
    SecureQueryEncodeDescriptor descriptor = new SecureQueryEncodeDescriptor();
    SecureQueryEncodeProcessor processor = new SecureQueryEncodeProcessor();
    processor.initialize(environment, descriptor);
    processor.process(context);
    BASE64Encoder encoder = new BASE64Encoder();
    String encQuery = encoder.encode("query".getBytes("utf-8"));
    encQuery = encQuery.replaceAll("\\=", "");
    String outExpect = "http://host:0/root/path?_=" + encQuery;
    String outActual = outTemplate.getValue().toString();
    assertThat(outActual, is(outExpect));
}
Also used : UrlRewriteEnvironment(org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment) GatewayServices(org.apache.knox.gateway.services.GatewayServices) AliasService(org.apache.knox.gateway.services.security.AliasService) BASE64Encoder(sun.misc.BASE64Encoder) UrlRewriteContext(org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext) Capture(org.easymock.Capture) Template(org.apache.knox.gateway.util.urltemplate.Template) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) CryptoService(org.apache.knox.gateway.services.security.CryptoService) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) Test(org.junit.Test)

Example 28 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class SecureQueryEncryptDecryptProcessorTest method testEncryptBadDecrypt.

@Test
public void testEncryptBadDecrypt() throws Exception {
    Query query;
    Template origTemplate = Parser.parseLiteral("http://host:0/path/file?query-param-name=query-param-value");
    // Test encryption.  Results are left in encTemplate
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    String secret = "sdkjfhsdkjfhsdfs";
    EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
    CryptoService cryptoService = new DefaultCryptoService();
    ((DefaultCryptoService) cryptoService).setAliasService(as);
    GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
    UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
    EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
    EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
    UrlRewriteContext encContext = EasyMock.createNiceMock(UrlRewriteContext.class);
    EasyMock.expect(encContext.getCurrentUrl()).andReturn(origTemplate);
    Capture<Template> encTemplate = new Capture<Template>();
    encContext.setCurrentUrl(EasyMock.capture(encTemplate));
    EasyMock.replay(gatewayServices, as, encEnvironment, encContext);
    SecureQueryEncryptDescriptor descriptor = new SecureQueryEncryptDescriptor();
    SecureQueryEncryptProcessor processor = new SecureQueryEncryptProcessor();
    processor.initialize(encEnvironment, descriptor);
    processor.process(encContext);
    assertThat(encTemplate, notNullValue());
    query = encTemplate.getValue().getQuery().get("_");
    assertThat(query.getFirstValue().getPattern().length(), greaterThan(1));
    query = encTemplate.getValue().getQuery().get("query-param-name");
    assertThat(query, nullValue());
    // Test decryption with decode returning null
    gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
    as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
    UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
    EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
    EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
    Params decParams = EasyMock.createNiceMock(Params.class);
    EasyMock.expect(decParams.resolve(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn(Arrays.asList("test-cluster-name")).anyTimes();
    UrlRewriteContext decContext = EasyMock.createNiceMock(UrlRewriteContext.class);
    EasyMock.expect(decContext.getCurrentUrl()).andReturn(encTemplate.getValue());
    EasyMock.expect(decContext.getParameters()).andReturn(decParams);
    Capture<Template> decTemplate = new Capture<Template>();
    decContext.setCurrentUrl(EasyMock.capture(decTemplate));
    SecureQueryDecryptDescriptor descriptor1 = new SecureQueryDecryptDescriptor();
    SecureQueryDecryptProcessor decProcessor = EasyMock.createMockBuilder(SecureQueryDecryptProcessor.class).addMockedMethod(SecureQueryDecryptProcessor.class.getDeclaredMethod("decode", String.class)).createMock();
    EasyMock.expect(decProcessor.decode(EasyMock.anyObject(String.class))).andReturn(null);
    EasyMock.replay(gatewayServices, as, decEnvironment, decParams, decContext, decProcessor);
    decProcessor.initialize(decEnvironment, descriptor1);
    UrlRewriteStepStatus status = decProcessor.process(decContext);
    Assert.assertTrue((status == UrlRewriteStepStatus.FAILURE));
}
Also used : UrlRewriteEnvironment(org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment) GatewayServices(org.apache.knox.gateway.services.GatewayServices) AliasService(org.apache.knox.gateway.services.security.AliasService) Query(org.apache.knox.gateway.util.urltemplate.Query) Params(org.apache.knox.gateway.util.urltemplate.Params) UrlRewriteContext(org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext) Capture(org.easymock.Capture) Template(org.apache.knox.gateway.util.urltemplate.Template) UrlRewriteStepStatus(org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) CryptoService(org.apache.knox.gateway.services.security.CryptoService) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) Test(org.junit.Test)

Example 29 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class SecureQueryEncryptDecryptProcessorTest method testEncryptDecrypt.

@Test
public void testEncryptDecrypt() throws Exception {
    Query query;
    Template origTemplate = Parser.parseLiteral("http://host:0/path/file?query-param-name=query-param-value");
    // Test encryption.  Results are left in encTemplate
    AliasService as = EasyMock.createNiceMock(AliasService.class);
    String secret = "sdkjfhsdkjfhsdfs";
    EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
    CryptoService cryptoService = new DefaultCryptoService();
    ((DefaultCryptoService) cryptoService).setAliasService(as);
    GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
    UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
    EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
    EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
    UrlRewriteContext encContext = EasyMock.createNiceMock(UrlRewriteContext.class);
    EasyMock.expect(encContext.getCurrentUrl()).andReturn(origTemplate);
    Capture<Template> encTemplate = new Capture<Template>();
    encContext.setCurrentUrl(EasyMock.capture(encTemplate));
    EasyMock.replay(gatewayServices, as, encEnvironment, encContext);
    SecureQueryEncryptDescriptor descriptor = new SecureQueryEncryptDescriptor();
    SecureQueryEncryptProcessor processor = new SecureQueryEncryptProcessor();
    processor.initialize(encEnvironment, descriptor);
    processor.process(encContext);
    assertThat(encTemplate, notNullValue());
    query = encTemplate.getValue().getQuery().get("_");
    assertThat(query.getFirstValue().getPattern().length(), greaterThan(1));
    query = encTemplate.getValue().getQuery().get("query-param-name");
    assertThat(query, nullValue());
    // Test decryption.  Results are left in decTemplate.
    gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
    EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
    as = EasyMock.createNiceMock(AliasService.class);
    EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
    UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
    EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
    EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
    Params decParams = EasyMock.createNiceMock(Params.class);
    EasyMock.expect(decParams.resolve(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn(Arrays.asList("test-cluster-name")).anyTimes();
    UrlRewriteContext decContext = EasyMock.createNiceMock(UrlRewriteContext.class);
    EasyMock.expect(decContext.getCurrentUrl()).andReturn(encTemplate.getValue());
    EasyMock.expect(decContext.getParameters()).andReturn(decParams);
    Capture<Template> decTemplate = new Capture<Template>();
    decContext.setCurrentUrl(EasyMock.capture(decTemplate));
    EasyMock.replay(gatewayServices, as, decEnvironment, decParams, decContext);
    SecureQueryDecryptDescriptor descriptor1 = new SecureQueryDecryptDescriptor();
    SecureQueryDecryptProcessor decProcessor = new SecureQueryDecryptProcessor();
    decProcessor.initialize(decEnvironment, descriptor1);
    decProcessor.process(decContext);
    assertThat(decTemplate, notNullValue());
    assertThat(decTemplate.getValue(), notNullValue());
    query = decTemplate.getValue().getQuery().get("query-param-name");
    assertThat(query.getFirstValue().getPattern(), is("query-param-value"));
    query = decTemplate.getValue().getQuery().get("_");
    assertThat(query, nullValue());
}
Also used : UrlRewriteEnvironment(org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment) GatewayServices(org.apache.knox.gateway.services.GatewayServices) AliasService(org.apache.knox.gateway.services.security.AliasService) Query(org.apache.knox.gateway.util.urltemplate.Query) Params(org.apache.knox.gateway.util.urltemplate.Params) UrlRewriteContext(org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext) Capture(org.easymock.Capture) Template(org.apache.knox.gateway.util.urltemplate.Template) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) CryptoService(org.apache.knox.gateway.services.security.CryptoService) DefaultCryptoService(org.apache.knox.gateway.services.security.impl.DefaultCryptoService) Test(org.junit.Test)

Example 30 with AliasService

use of org.apache.knox.gateway.services.security.AliasService in project knox by apache.

the class KnoxLdapContextFactory method setSystemPassword.

@Override
public void setSystemPassword(String systemPass) {
    if (systemPass == null) {
        return;
    }
    systemPass = systemPass.trim();
    if (systemPass.length() == 0) {
        return;
    }
    if (!systemPass.startsWith("S{ALIAS=")) {
        super.setSystemPassword(systemPass);
        return;
    }
    systemPass = systemPass.substring("S{ALIAS=".length(), systemPass.length() - 1);
    String aliasName = systemPass;
    GatewayServices services = GatewayServer.getGatewayServices();
    AliasService aliasService = (AliasService) services.getService(GatewayServices.ALIAS_SERVICE);
    String clusterName = getClusterName();
    // System.err.println("FACTORY systempass 30: " + systemPass);
    // System.err.println("FACTORY clustername 40: " + clusterName);
    // System.err.println("FACTORY SystemProperty GatewayHome 50: " + System.getProperty(GatewayConfig.GATEWAY_HOME_VAR));
    char[] password = null;
    try {
        password = aliasService.getPasswordFromAliasForCluster(clusterName, systemPass);
    } catch (AliasServiceException e) {
        LOG.unableToGetPassword(e);
    }
    // System.err.println("FACTORY password: " + ((password == null) ? "NULL" : new String(password)));
    if (password != null) {
        // System.err.println("FACTORY SUCCESS 20 system password :" + new String(password));
        super.setSystemPassword(new String(password));
    } else {
        // System.err.println("FACTORY FORCING system password to blank");
        super.setSystemPassword("");
        LOG.aliasValueNotFound(clusterName, aliasName);
    }
}
Also used : GatewayServices(org.apache.knox.gateway.services.GatewayServices) AliasService(org.apache.knox.gateway.services.security.AliasService) AliasServiceException(org.apache.knox.gateway.services.security.AliasServiceException)

Aggregations

AliasService (org.apache.knox.gateway.services.security.AliasService)35 Test (org.junit.Test)25 GatewayServices (org.apache.knox.gateway.services.GatewayServices)20 File (java.io.File)15 GatewayConfig (org.apache.knox.gateway.config.GatewayConfig)12 HashMap (java.util.HashMap)11 DefaultCryptoService (org.apache.knox.gateway.services.security.impl.DefaultCryptoService)10 KeystoreService (org.apache.knox.gateway.services.security.KeystoreService)8 MasterService (org.apache.knox.gateway.services.security.MasterService)8 CryptoService (org.apache.knox.gateway.services.security.CryptoService)7 UrlRewriteEnvironment (org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment)6 Principal (java.security.Principal)5 DefaultKeystoreService (org.apache.knox.gateway.services.security.impl.DefaultKeystoreService)5 JWTokenAuthority (org.apache.knox.gateway.services.security.token.JWTokenAuthority)5 FileOutputStream (java.io.FileOutputStream)4 UrlRewriteContext (org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext)4 ZooKeeperClientServiceProvider (org.apache.knox.gateway.service.config.remote.zk.ZooKeeperClientServiceProvider)4 DefaultGatewayServices (org.apache.knox.gateway.services.DefaultGatewayServices)4 RemoteConfigurationRegistryClientService (org.apache.knox.gateway.services.config.client.RemoteConfigurationRegistryClientService)4 Capture (org.easymock.Capture)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial