use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class CMFKeystoreServiceTest method setup.
@Before
public void setup() {
try {
ks = new CMFKeystoreService(".", "ambari");
ks.setMasterService(new MasterService() {
public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
// TODO Auto-generated method stub
}
public void start() throws ServiceLifecycleException {
// TODO Auto-generated method stub
}
public void stop() throws ServiceLifecycleException {
// TODO Auto-generated method stub
}
public char[] getMasterSecret() {
// TODO Auto-generated method stub
return "testmaster".toCharArray();
}
});
} catch (ServiceLifecycleException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class KnoxCLITest method testCreateMasterForce.
@Test
public void testCreateMasterForce() throws Exception {
GatewayConfigImpl config = new GatewayConfigImpl();
File masterFile = new File(config.getGatewaySecurityDir(), "master");
// Need to delete the master file so that the change isn't ignored.
if (masterFile.exists()) {
assertThat("Failed to delete existing master file.", masterFile.delete(), is(true));
}
KnoxCLI cli = new KnoxCLI();
cli.setConf(config);
MasterService ms;
int rc = 0;
outContent.reset();
String[] args = { "create-master", "--master", "test-master-1" };
rc = cli.run(args);
assertThat(rc, is(0));
ms = cli.getGatewayServices().getService("MasterService");
String master = String.copyValueOf(ms.getMasterSecret());
assertThat(master, is("test-master-1"));
assertThat(outContent.toString(), containsString("Master secret has been persisted to disk."));
outContent.reset();
rc = cli.run(args);
assertThat(rc, is(0));
assertThat(outContent.toString(), containsString("Master secret is already present on disk."));
outContent.reset();
args = new String[] { "create-master", "--master", "test-master-2", "--force" };
rc = cli.run(args);
assertThat(rc, is(0));
ms = cli.getGatewayServices().getService("MasterService");
master = String.copyValueOf(ms.getMasterSecret());
assertThat(master, is("test-master-2"));
assertThat(outContent.toString(), containsString("Master secret has been persisted to disk."));
}
use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class KnoxCLITest method testCreateMasterGenerate.
@Test
public void testCreateMasterGenerate() throws Exception {
String[] args = { "create-master", "--generate" };
int rc = 0;
GatewayConfigImpl config = new GatewayConfigImpl();
File masterFile = new File(config.getGatewaySecurityDir(), "master");
// Need to delete the master file so that the change isn't ignored.
if (masterFile.exists()) {
assertThat("Failed to delete existing master file.", masterFile.delete(), is(true));
}
outContent.reset();
KnoxCLI cli = new KnoxCLI();
cli.setConf(config);
rc = cli.run(args);
assertThat(rc, is(0));
MasterService ms = cli.getGatewayServices().getService("MasterService");
String master = String.copyValueOf(ms.getMasterSecret());
assertThat(master.length(), is(36));
assertThat(master.indexOf('-'), is(8));
assertThat(master.indexOf('-', 9), is(13));
assertThat(master.indexOf('-', 14), is(18));
assertThat(master.indexOf('-', 19), is(23));
assertThat(UUID.fromString(master), notNullValue());
assertThat(outContent.toString(), containsString("Master secret has been persisted to disk."));
// Need to delete the master file so that the change isn't ignored.
if (masterFile.exists()) {
assertThat("Failed to delete existing master file.", masterFile.delete(), is(true));
}
outContent.reset();
cli = new KnoxCLI();
rc = cli.run(args);
ms = cli.getGatewayServices().getService("MasterService");
String master2 = String.copyValueOf(ms.getMasterSecret());
assertThat(master2.length(), is(36));
assertThat(UUID.fromString(master2), notNullValue());
assertThat(master2, not(is(master)));
assertThat(rc, is(0));
assertThat(outContent.toString(), containsString("Master secret has been persisted to disk."));
}
use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreationAudience.
@Test
public void testTokenCreationAudience() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, "https://login.example.com", "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertEquals("https://login.example.com", token.getAudience());
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreation.
@Test
public void testTokenCreation() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertTrue(ta.verifyToken(token));
}
Aggregations