use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class KnoxCLITest method createTestMaster.
private void createTestMaster() throws Exception {
outContent.reset();
String[] args = new String[] { "create-master", "--master", "master", "--force" };
KnoxCLI cli = new KnoxCLI();
int rc = cli.run(args);
assertThat(rc, is(0));
MasterService ms = cli.getGatewayServices().getService("MasterService");
String master = String.copyValueOf(ms.getMasterSecret());
assertThat(master, is("master"));
assertThat(outContent.toString(), containsString("Master secret has been persisted to disk."));
}
use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreationSignatureAlgorithm.
@Test
public void testTokenCreationSignatureAlgorithm() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, "RS512");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertTrue(token.getHeader().contains("RS512"));
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.services.security.MasterService in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreationBadSignatureAlgorithm.
@Test
public void testTokenCreationBadSignatureAlgorithm() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
try {
ta.issueToken(principal, "none");
fail("Failure expected on a bad signature algorithm");
} catch (TokenServiceException ex) {
// expected
}
}
Aggregations