use of org.apache.knox.gateway.services.security.CryptoService in project knox by apache.
the class SecureQueryEncryptDecryptProcessorTest method testEncryptBadDecrypt.
@Test
public void testEncryptBadDecrypt() throws Exception {
Query query;
Template origTemplate = Parser.parseLiteral("http://host:0/path/file?query-param-name=query-param-value");
// Test encryption. Results are left in encTemplate
AliasService as = EasyMock.createNiceMock(AliasService.class);
String secret = "sdkjfhsdkjfhsdfs";
EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
CryptoService cryptoService = new DefaultCryptoService();
((DefaultCryptoService) cryptoService).setAliasService(as);
GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
UrlRewriteContext encContext = EasyMock.createNiceMock(UrlRewriteContext.class);
EasyMock.expect(encContext.getCurrentUrl()).andReturn(origTemplate);
Capture<Template> encTemplate = new Capture<Template>();
encContext.setCurrentUrl(EasyMock.capture(encTemplate));
EasyMock.replay(gatewayServices, as, encEnvironment, encContext);
SecureQueryEncryptDescriptor descriptor = new SecureQueryEncryptDescriptor();
SecureQueryEncryptProcessor processor = new SecureQueryEncryptProcessor();
processor.initialize(encEnvironment, descriptor);
processor.process(encContext);
assertThat(encTemplate, notNullValue());
query = encTemplate.getValue().getQuery().get("_");
assertThat(query.getFirstValue().getPattern().length(), greaterThan(1));
query = encTemplate.getValue().getQuery().get("query-param-name");
assertThat(query, nullValue());
// Test decryption with decode returning null
gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
Params decParams = EasyMock.createNiceMock(Params.class);
EasyMock.expect(decParams.resolve(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn(Arrays.asList("test-cluster-name")).anyTimes();
UrlRewriteContext decContext = EasyMock.createNiceMock(UrlRewriteContext.class);
EasyMock.expect(decContext.getCurrentUrl()).andReturn(encTemplate.getValue());
EasyMock.expect(decContext.getParameters()).andReturn(decParams);
Capture<Template> decTemplate = new Capture<Template>();
decContext.setCurrentUrl(EasyMock.capture(decTemplate));
SecureQueryDecryptDescriptor descriptor1 = new SecureQueryDecryptDescriptor();
SecureQueryDecryptProcessor decProcessor = EasyMock.createMockBuilder(SecureQueryDecryptProcessor.class).addMockedMethod(SecureQueryDecryptProcessor.class.getDeclaredMethod("decode", String.class)).createMock();
EasyMock.expect(decProcessor.decode(EasyMock.anyObject(String.class))).andReturn(null);
EasyMock.replay(gatewayServices, as, decEnvironment, decParams, decContext, decProcessor);
decProcessor.initialize(decEnvironment, descriptor1);
UrlRewriteStepStatus status = decProcessor.process(decContext);
Assert.assertTrue((status == UrlRewriteStepStatus.FAILURE));
}
use of org.apache.knox.gateway.services.security.CryptoService in project knox by apache.
the class SecureQueryEncryptDecryptProcessorTest method testEncryptDecrypt.
@Test
public void testEncryptDecrypt() throws Exception {
Query query;
Template origTemplate = Parser.parseLiteral("http://host:0/path/file?query-param-name=query-param-value");
// Test encryption. Results are left in encTemplate
AliasService as = EasyMock.createNiceMock(AliasService.class);
String secret = "sdkjfhsdkjfhsdfs";
EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
CryptoService cryptoService = new DefaultCryptoService();
((DefaultCryptoService) cryptoService).setAliasService(as);
GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
EasyMock.expect(encEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
UrlRewriteContext encContext = EasyMock.createNiceMock(UrlRewriteContext.class);
EasyMock.expect(encContext.getCurrentUrl()).andReturn(origTemplate);
Capture<Template> encTemplate = new Capture<Template>();
encContext.setCurrentUrl(EasyMock.capture(encTemplate));
EasyMock.replay(gatewayServices, as, encEnvironment, encContext);
SecureQueryEncryptDescriptor descriptor = new SecureQueryEncryptDescriptor();
SecureQueryEncryptProcessor processor = new SecureQueryEncryptProcessor();
processor.initialize(encEnvironment, descriptor);
processor.process(encContext);
assertThat(encTemplate, notNullValue());
query = encTemplate.getValue().getQuery().get("_");
assertThat(query.getFirstValue().getPattern().length(), greaterThan(1));
query = encTemplate.getValue().getQuery().get("query-param-name");
assertThat(query, nullValue());
// Test decryption. Results are left in decTemplate.
gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService);
as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getPasswordFromAliasForCluster("test-cluster-name", "encryptQueryString")).andReturn(secret.toCharArray()).anyTimes();
UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock(UrlRewriteEnvironment.class);
EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(gatewayServices).anyTimes();
EasyMock.expect(decEnvironment.getAttribute(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn("test-cluster-name").anyTimes();
Params decParams = EasyMock.createNiceMock(Params.class);
EasyMock.expect(decParams.resolve(GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE)).andReturn(Arrays.asList("test-cluster-name")).anyTimes();
UrlRewriteContext decContext = EasyMock.createNiceMock(UrlRewriteContext.class);
EasyMock.expect(decContext.getCurrentUrl()).andReturn(encTemplate.getValue());
EasyMock.expect(decContext.getParameters()).andReturn(decParams);
Capture<Template> decTemplate = new Capture<Template>();
decContext.setCurrentUrl(EasyMock.capture(decTemplate));
EasyMock.replay(gatewayServices, as, decEnvironment, decParams, decContext);
SecureQueryDecryptDescriptor descriptor1 = new SecureQueryDecryptDescriptor();
SecureQueryDecryptProcessor decProcessor = new SecureQueryDecryptProcessor();
decProcessor.initialize(decEnvironment, descriptor1);
decProcessor.process(decContext);
assertThat(decTemplate, notNullValue());
assertThat(decTemplate.getValue(), notNullValue());
query = decTemplate.getValue().getQuery().get("query-param-name");
assertThat(query.getFirstValue().getPattern(), is("query-param-value"));
query = decTemplate.getValue().getQuery().get("_");
assertThat(query, nullValue());
}
use of org.apache.knox.gateway.services.security.CryptoService in project knox by apache.
the class ShiroDeploymentContributorTest method testDeployment.
@Test
public void testDeployment() throws IOException {
WebArchive webArchive = ShrinkWrap.create(WebArchive.class, "test-archive");
Map<String, String> providerParams = new HashMap<>();
Provider provider = new Provider();
provider.setEnabled(true);
provider.setName("shiro");
provider.setParams(providerParams);
Topology topology = new Topology();
topology.setName("Sample");
DeploymentContext context = EasyMock.createNiceMock(DeploymentContext.class);
EasyMock.expect(context.getWebArchive()).andReturn(webArchive).anyTimes();
EasyMock.expect(context.getWebAppDescriptor()).andReturn(Descriptors.create(WebAppDescriptor.class)).anyTimes();
EasyMock.expect(context.getTopology()).andReturn(topology).anyTimes();
EasyMock.replay(context);
AliasService as = EasyMock.createNiceMock(AliasService.class);
CryptoService cryptoService = new DefaultCryptoService();
((DefaultCryptoService) cryptoService).setAliasService(as);
GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
EasyMock.expect(gatewayServices.getService(GatewayServices.CRYPTO_SERVICE)).andReturn(cryptoService).anyTimes();
ShiroDeploymentContributor contributor = new ShiroDeploymentContributor();
assertThat(contributor.getRole(), is("authentication"));
assertThat(contributor.getName(), is("ShiroProvider"));
// Just make sure it doesn't blow up.
contributor.initializeContribution(context);
contributor.contributeProvider(context, provider);
// Just make sure it doesn't blow up.
contributor.finalizeContribution(context);
assertThat(context.getWebAppDescriptor().getOrCreateSessionConfig().getOrCreateCookieConfig().isHttpOnly(), is(true));
assertThat(context.getWebAppDescriptor().getOrCreateSessionConfig().getOrCreateCookieConfig().isSecure(), is(true));
}
Aggregations