use of org.apache.knox.gateway.services.security.impl.DefaultKeystoreService in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreationAudience.
@Test
public void testTokenCreationAudience() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, "https://login.example.com", "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertEquals("https://login.example.com", token.getAudience());
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.services.security.impl.DefaultKeystoreService in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreation.
@Test
public void testTokenCreation() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.services.security.impl.DefaultKeystoreService in project knox by apache.
the class DefaultTokenAuthorityServiceTest method testTokenCreationNullAudience.
@Test
public void testTokenCreationNullAudience() throws Exception {
Principal principal = EasyMock.createNiceMock(Principal.class);
EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
MasterService ms = EasyMock.createNiceMock(MasterService.class);
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
AliasService as = EasyMock.createNiceMock(AliasService.class);
EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
EasyMock.replay(principal, config, ms, as);
KeystoreService ks = new DefaultKeystoreService();
((DefaultKeystoreService) ks).setMasterService(ms);
((DefaultKeystoreService) ks).init(config, new HashMap<String, String>());
JWTokenAuthority ta = new DefaultTokenAuthorityService();
((DefaultTokenAuthorityService) ta).setAliasService(as);
((DefaultTokenAuthorityService) ta).setKeystoreService(ks);
((DefaultTokenAuthorityService) ta).init(config, new HashMap<String, String>());
JWT token = ta.issueToken(principal, null, "RS256");
assertEquals("KNOXSSO", token.getIssuer());
assertEquals("john.doe@example.com", token.getSubject());
assertTrue(ta.verifyToken(token));
}
use of org.apache.knox.gateway.services.security.impl.DefaultKeystoreService in project knox by apache.
the class CLIGatewayServices method init.
public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
ms = new CLIMasterService();
ms.init(config, options);
services.put("MasterService", ms);
ks = new DefaultKeystoreService();
ks.setMasterService(ms);
ks.init(config, options);
services.put(KEYSTORE_SERVICE, ks);
DefaultAliasService alias = new DefaultAliasService();
alias.setKeystoreService(ks);
alias.init(config, options);
services.put(ALIAS_SERVICE, alias);
DefaultCryptoService crypto = new DefaultCryptoService();
crypto.setKeystoreService(ks);
crypto.setAliasService(alias);
crypto.init(config, options);
services.put(CRYPTO_SERVICE, crypto);
DefaultTopologyService tops = new DefaultTopologyService();
tops.init(config, options);
services.put(TOPOLOGY_SERVICE, tops);
RemoteConfigurationRegistryClientService registryClientService = RemoteConfigurationRegistryClientServiceFactory.newInstance(config);
registryClientService.setAliasService(alias);
registryClientService.init(config, options);
services.put(REMOTE_REGISTRY_CLIENT_SERVICE, registryClientService);
}
use of org.apache.knox.gateway.services.security.impl.DefaultKeystoreService in project knox by apache.
the class DefaultGatewayServices method init.
public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
ms = new DefaultMasterService();
ms.init(config, options);
services.put("MasterService", ms);
ks = new DefaultKeystoreService();
ks.setMasterService(ms);
ks.init(config, options);
services.put(KEYSTORE_SERVICE, ks);
DefaultAliasService alias = new DefaultAliasService();
alias.setKeystoreService(ks);
alias.setMasterService(ms);
alias.init(config, options);
services.put(ALIAS_SERVICE, alias);
DefaultCryptoService crypto = new DefaultCryptoService();
crypto.setKeystoreService(ks);
crypto.setAliasService(alias);
crypto.init(config, options);
services.put(CRYPTO_SERVICE, crypto);
DefaultTokenAuthorityService ts = new DefaultTokenAuthorityService();
ts.setAliasService(alias);
ts.setKeystoreService(ks);
ts.init(config, options);
// prolly should not allow the token service to be looked up?
services.put(TOKEN_SERVICE, ts);
JettySSLService ssl = new JettySSLService();
ssl.setAliasService(alias);
ssl.setKeystoreService(ks);
ssl.setMasterService(ms);
ssl.init(config, options);
services.put(SSL_SERVICE, ssl);
DefaultServiceRegistryService sr = new DefaultServiceRegistryService();
sr.setCryptoService(crypto);
sr.init(config, options);
services.put(SERVICE_REGISTRY_SERVICE, sr);
DefaultHostMapperService hm = new DefaultHostMapperService();
hm.init(config, options);
services.put(HOST_MAPPING_SERVICE, hm);
DefaultServerInfoService sis = new DefaultServerInfoService();
sis.init(config, options);
services.put(SERVER_INFO_SERVICE, sis);
RemoteConfigurationRegistryClientService registryClientService = RemoteConfigurationRegistryClientServiceFactory.newInstance(config);
registryClientService.setAliasService(alias);
registryClientService.init(config, options);
services.put(REMOTE_REGISTRY_CLIENT_SERVICE, registryClientService);
DefaultClusterConfigurationMonitorService ccs = new DefaultClusterConfigurationMonitorService();
ccs.setAliasService(alias);
ccs.init(config, options);
services.put(CLUSTER_CONFIGURATION_MONITOR_SERVICE, ccs);
DefaultTopologyService tops = new DefaultTopologyService();
tops.setAliasService(alias);
tops.init(config, options);
services.put(TOPOLOGY_SERVICE, tops);
DefaultServiceDefinitionRegistry sdr = new DefaultServiceDefinitionRegistry();
sdr.init(config, options);
services.put(SERVICE_DEFINITION_REGISTRY, sdr);
DefaultMetricsService metricsService = new DefaultMetricsService();
metricsService.init(config, options);
services.put(METRICS_SERVICE, metricsService);
}
Aggregations