Search in sources :

Example 11 with NiFiUserDetails

use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.

the class TestThreadPoolRequestReplicator method testMultipleRequestWithTwoPhaseCommit.

@Test(timeout = 15000)
public void testMultipleRequestWithTwoPhaseCommit() {
    final Set<NodeIdentifier> nodeIds = new HashSet<>();
    final NodeIdentifier nodeId = new NodeIdentifier("1", "localhost", 8100, "localhost", 8101, "localhost", 8102, 8103, false);
    nodeIds.add(nodeId);
    final ClusterCoordinator coordinator = mock(ClusterCoordinator.class);
    when(coordinator.getConnectionStatus(Mockito.any(NodeIdentifier.class))).thenReturn(new NodeConnectionStatus(nodeId, NodeConnectionState.CONNECTED));
    final AtomicInteger requestCount = new AtomicInteger(0);
    final NiFiProperties props = NiFiProperties.createBasicNiFiProperties(null, null);
    final ThreadPoolRequestReplicator replicator = new ThreadPoolRequestReplicator(2, 5, 100, ClientBuilder.newClient(), coordinator, "1 sec", "1 sec", null, null, props) {

        @Override
        protected NodeResponse replicateRequest(final Invocation invocation, final NodeIdentifier nodeId, final String method, final URI uri, final String requestId, Map<String, String> givenHeaders, final StandardAsyncClusterResponse response) {
            // the resource builder will not expose its headers to us, so we are using Mockito's Whitebox class to extract them.
            final ClientRequest requestContext = (ClientRequest) Whitebox.getInternalState(invocation, "requestContext");
            final Object expectsHeader = requestContext.getHeaders().getFirst(ThreadPoolRequestReplicator.REQUEST_VALIDATION_HTTP_HEADER);
            final int statusCode;
            if (requestCount.incrementAndGet() == 1) {
                assertEquals(ThreadPoolRequestReplicator.NODE_CONTINUE, expectsHeader);
                statusCode = 150;
            } else {
                assertNull(expectsHeader);
                statusCode = Status.OK.getStatusCode();
            }
            // Return given response from all nodes.
            final Response clientResponse = mock(Response.class);
            when(clientResponse.getStatus()).thenReturn(statusCode);
            return new NodeResponse(nodeId, method, uri, clientResponse, -1L, requestId);
        }
    };
    try {
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        final AsyncClusterResponse clusterResponse = replicator.replicate(nodeIds, HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>(), true, true);
        clusterResponse.awaitMergedResponse();
        // Ensure that we received two requests - the first should contain the X-NcmExpects header; the second should not.
        // These assertions are validated above, in the overridden replicateRequest method.
        assertEquals(2, requestCount.get());
    } catch (final Exception e) {
        e.printStackTrace();
        Assert.fail(e.toString());
    } finally {
        replicator.shutdown();
    }
}
Also used : NiFiProperties(org.apache.nifi.util.NiFiProperties) Invocation(javax.ws.rs.client.Invocation) NodeResponse(org.apache.nifi.cluster.manager.NodeResponse) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NodeConnectionStatus(org.apache.nifi.cluster.coordination.node.NodeConnectionStatus) ClientRequest(org.glassfish.jersey.client.ClientRequest) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) ClusterCoordinator(org.apache.nifi.cluster.coordination.ClusterCoordinator) DisconnectedNodeMutableRequestException(org.apache.nifi.cluster.manager.exception.DisconnectedNodeMutableRequestException) URISyntaxException(java.net.URISyntaxException) IllegalClusterStateException(org.apache.nifi.cluster.manager.exception.IllegalClusterStateException) ProcessingException(javax.ws.rs.ProcessingException) ConnectingNodeMutableRequestException(org.apache.nifi.cluster.manager.exception.ConnectingNodeMutableRequestException) SocketTimeoutException(java.net.SocketTimeoutException) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) NodeResponse(org.apache.nifi.cluster.manager.NodeResponse) Response(javax.ws.rs.core.Response) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) Map(java.util.Map) HashMap(java.util.HashMap) MultiValueMap(org.apache.commons.collections4.map.MultiValueMap) Test(org.junit.Test)

Example 12 with NiFiUserDetails

use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.

the class TestThreadPoolRequestReplicator method testMonitorNotifiedOnSuccessfulCompletion.

@Test(timeout = 5000)
public void testMonitorNotifiedOnSuccessfulCompletion() {
    withReplicator(replicator -> {
        final Object monitor = new Object();
        final CountDownLatch preNotifyLatch = new CountDownLatch(1);
        final CountDownLatch postNotifyLatch = new CountDownLatch(1);
        new Thread(new Runnable() {

            @Override
            public void run() {
                synchronized (monitor) {
                    while (true) {
                        // If monitor is not notified, this will block indefinitely, and the test will timeout
                        try {
                            preNotifyLatch.countDown();
                            monitor.wait();
                            break;
                        } catch (InterruptedException e) {
                            continue;
                        }
                    }
                    postNotifyLatch.countDown();
                }
            }
        }).start();
        // wait for the background thread to notify that it is synchronized on monitor.
        preNotifyLatch.await();
        final Set<NodeIdentifier> nodeIds = new HashSet<>();
        final NodeIdentifier nodeId = new NodeIdentifier("1", "localhost", 8000, "localhost", 8001, "localhost", 8002, 8003, false);
        nodeIds.add(nodeId);
        final URI uri = new URI("http://localhost:8080/processors/1");
        final Entity entity = new ProcessorEntity();
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // ensure the proxied entities header is set
        final Map<String, String> updatedHeaders = new HashMap<>();
        replicator.updateRequestHeaders(updatedHeaders, NiFiUserUtils.getNiFiUser());
        replicator.replicate(nodeIds, HttpMethod.GET, uri, entity, updatedHeaders, true, null, true, true, monitor);
        // wait for monitor to be notified.
        postNotifyLatch.await();
    });
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Entity(org.apache.nifi.web.api.entity.Entity) HashMap(java.util.HashMap) CountDownLatch(java.util.concurrent.CountDownLatch) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 13 with NiFiUserDetails

use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.

the class TestThreadPoolRequestReplicator method testRequestChain.

@Test
public void testRequestChain() {
    final String proxyIdentity2 = "proxy-2";
    final String proxyIdentity1 = "proxy-1";
    final String userIdentity = "user";
    withReplicator(replicator -> {
        final Set<NodeIdentifier> nodeIds = new HashSet<>();
        nodeIds.add(new NodeIdentifier("1", "localhost", 8000, "localhost", 8001, "localhost", 8002, 8003, false));
        final URI uri = new URI("http://localhost:8080/processors/1");
        final Entity entity = new ProcessorEntity();
        // set the user
        final NiFiUser proxy2 = new Builder().identity(proxyIdentity2).build();
        final NiFiUser proxy1 = new Builder().identity(proxyIdentity1).chain(proxy2).build();
        final NiFiUser user = new Builder().identity(userIdentity).chain(proxy1).build();
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(user));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        replicator.replicate(nodeIds, HttpMethod.GET, uri, entity, new HashMap<>(), true, true);
    }, Response.Status.OK, 0L, null, "<" + userIdentity + "><" + proxyIdentity1 + "><" + proxyIdentity2 + ">");
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Entity(org.apache.nifi.web.api.entity.Entity) StandardNiFiUser(org.apache.nifi.authorization.user.StandardNiFiUser) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) Builder(org.apache.nifi.authorization.user.StandardNiFiUser.Builder) ClientBuilder(javax.ws.rs.client.ClientBuilder) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 14 with NiFiUserDetails

use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.

the class TestThreadPoolRequestReplicator method testMutableRequestRequiresAllNodesConnected.

@Test
public void testMutableRequestRequiresAllNodesConnected() throws URISyntaxException {
    final ClusterCoordinator coordinator = createClusterCoordinator();
    // build a map of connection state to node ids
    final Map<NodeConnectionState, List<NodeIdentifier>> nodeMap = new HashMap<>();
    final List<NodeIdentifier> connectedNodes = new ArrayList<>();
    connectedNodes.add(new NodeIdentifier("1", "localhost", 8100, "localhost", 8101, "localhost", 8102, 8103, false));
    connectedNodes.add(new NodeIdentifier("2", "localhost", 8200, "localhost", 8201, "localhost", 8202, 8203, false));
    nodeMap.put(NodeConnectionState.CONNECTED, connectedNodes);
    final List<NodeIdentifier> otherState = new ArrayList<>();
    otherState.add(new NodeIdentifier("3", "localhost", 8300, "localhost", 8301, "localhost", 8302, 8303, false));
    nodeMap.put(NodeConnectionState.CONNECTING, otherState);
    when(coordinator.getConnectionStates()).thenReturn(nodeMap);
    final NiFiProperties props = NiFiProperties.createBasicNiFiProperties(null, null);
    final ThreadPoolRequestReplicator replicator = new ThreadPoolRequestReplicator(2, 5, 100, ClientBuilder.newClient(), coordinator, "1 sec", "1 sec", null, null, props) {

        @Override
        public AsyncClusterResponse replicate(Set<NodeIdentifier> nodeIds, String method, URI uri, Object entity, Map<String, String> headers, boolean indicateReplicated, boolean verify) {
            return null;
        }
    };
    try {
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        try {
            replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
            Assert.fail("Expected ConnectingNodeMutableRequestException");
        } catch (final ConnectingNodeMutableRequestException e) {
        // expected behavior
        }
        nodeMap.remove(NodeConnectionState.CONNECTING);
        nodeMap.put(NodeConnectionState.DISCONNECTED, otherState);
        try {
            replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
            Assert.fail("Expected DisconnectedNodeMutableRequestException");
        } catch (final DisconnectedNodeMutableRequestException e) {
        // expected behavior
        }
        nodeMap.remove(NodeConnectionState.DISCONNECTED);
        nodeMap.put(NodeConnectionState.DISCONNECTING, otherState);
        try {
            replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
            Assert.fail("Expected DisconnectedNodeMutableRequestException");
        } catch (final DisconnectedNodeMutableRequestException e) {
        // expected behavior
        }
        // should not throw an Exception because it's a GET
        replicator.replicate(HttpMethod.GET, new URI("http://localhost:80/processors/1"), new MultiValueMap<>(), new HashMap<>());
        // should not throw an Exception because all nodes are now connected
        nodeMap.remove(NodeConnectionState.DISCONNECTING);
        replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
    } finally {
        replicator.shutdown();
    }
}
Also used : NiFiProperties(org.apache.nifi.util.NiFiProperties) Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) ConnectingNodeMutableRequestException(org.apache.nifi.cluster.manager.exception.ConnectingNodeMutableRequestException) ArrayList(java.util.ArrayList) ClusterCoordinator(org.apache.nifi.cluster.coordination.ClusterCoordinator) NodeConnectionState(org.apache.nifi.cluster.coordination.node.NodeConnectionState) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) List(java.util.List) ArrayList(java.util.ArrayList) DisconnectedNodeMutableRequestException(org.apache.nifi.cluster.manager.exception.DisconnectedNodeMutableRequestException) Map(java.util.Map) HashMap(java.util.HashMap) MultiValueMap(org.apache.commons.collections4.map.MultiValueMap) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) Test(org.junit.Test)

Example 15 with NiFiUserDetails

use of org.apache.nifi.authorization.user.NiFiUserDetails in project nifi by apache.

the class TestThreadPoolRequestReplicator method testResponseRemovedWhenCompletedAndFetched.

/**
 * If we replicate a request, whenever we obtain the merged response from
 * the AsyncClusterResponse object, the response should no longer be
 * available and should be cleared from internal state. This test is to
 * verify that this behavior occurs.
 */
@Test
public void testResponseRemovedWhenCompletedAndFetched() {
    withReplicator(replicator -> {
        final Set<NodeIdentifier> nodeIds = new HashSet<>();
        nodeIds.add(new NodeIdentifier("1", "localhost", 8000, "localhost", 8001, "localhost", 8002, 8003, false));
        final URI uri = new URI("http://localhost:8080/processors/1");
        final Entity entity = new ProcessorEntity();
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        final AsyncClusterResponse response = replicator.replicate(nodeIds, HttpMethod.GET, uri, entity, new HashMap<>(), true, true);
        // We should get back the same response object
        assertTrue(response == replicator.getClusterResponse(response.getRequestIdentifier()));
        assertEquals(HttpMethod.GET, response.getMethod());
        assertEquals(nodeIds, response.getNodesInvolved());
        assertTrue(response == replicator.getClusterResponse(response.getRequestIdentifier()));
        final NodeResponse nodeResponse = response.awaitMergedResponse(3, TimeUnit.SECONDS);
        assertEquals(8000, nodeResponse.getNodeId().getApiPort());
        assertEquals(Response.Status.OK.getStatusCode(), nodeResponse.getStatus());
        assertNull(replicator.getClusterResponse(response.getRequestIdentifier()));
    });
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Entity(org.apache.nifi.web.api.entity.Entity) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) NodeResponse(org.apache.nifi.cluster.manager.NodeResponse) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Test(org.junit.Test)

Aggregations

NiFiUserDetails (org.apache.nifi.authorization.user.NiFiUserDetails)30 NiFiAuthenticationToken (org.apache.nifi.web.security.token.NiFiAuthenticationToken)29 Test (org.junit.Test)23 Authentication (org.springframework.security.core.Authentication)18 NiFiUser (org.apache.nifi.authorization.user.NiFiUser)13 URI (java.net.URI)12 Builder (org.apache.nifi.authorization.user.StandardNiFiUser.Builder)11 ProcessorEntity (org.apache.nifi.web.api.entity.ProcessorEntity)11 HashSet (java.util.HashSet)10 NodeIdentifier (org.apache.nifi.cluster.protocol.NodeIdentifier)10 Entity (org.apache.nifi.web.api.entity.Entity)8 HashMap (java.util.HashMap)7 StandardNiFiUser (org.apache.nifi.authorization.user.StandardNiFiUser)7 NodeResponse (org.apache.nifi.cluster.manager.NodeResponse)6 InvalidAuthenticationException (org.apache.nifi.web.security.InvalidAuthenticationException)5 Map (java.util.Map)4 AuthorizationRequest (org.apache.nifi.authorization.AuthorizationRequest)3 ArgumentMatcher (org.mockito.ArgumentMatcher)3 JwtException (io.jsonwebtoken.JwtException)2 ApiOperation (io.swagger.annotations.ApiOperation)2