Example 61 with NiFiProperties
use of org.apache.nifi.util.NiFiProperties in project nifi by apache.
the class ProtectedNiFiProperties method protectPlainProperties.
/**
* Returns a new instance of {@link NiFiProperties} with all populated sensitive values protected by the provided protection scheme. Plain non-sensitive values are copied directly.
*
* @param protectionScheme the identifier key of the {@link SensitivePropertyProvider} to use
* @return the protected properties in a {@link StandardNiFiProperties} object
*/
NiFiProperties protectPlainProperties(String protectionScheme) {
SensitivePropertyProvider spp = getSensitivePropertyProvider(protectionScheme);
// Make a new holder (settable)
Properties protectedProperties = new Properties();
// Copy over the plain keys
Set<String> plainKeys = getPropertyKeys();
plainKeys.removeAll(getSensitivePropertyKeys());
for (String key : plainKeys) {
protectedProperties.setProperty(key, getInternalNiFiProperties().getProperty(key));
}
// Add the protected keys and the protection schemes
for (String key : getSensitivePropertyKeys()) {
final String plainValue = getInternalNiFiProperties().getProperty(key);
if (plainValue != null && !plainValue.trim().isEmpty()) {
final String protectedValue = spp.protect(plainValue);
protectedProperties.setProperty(key, protectedValue);
protectedProperties.setProperty(getProtectionKey(key), protectionScheme);
}
}
return new StandardNiFiProperties(protectedProperties);
}
Also used :
Properties(java.util.Properties)
NiFiProperties(org.apache.nifi.util.NiFiProperties)
Example 62 with NiFiProperties
use of org.apache.nifi.util.NiFiProperties in project nifi by apache.
the class TestSocketRemoteSiteListener method testRequestPeerList.
@Test
public void testRequestPeerList() throws Exception {
Method method = SocketRemoteSiteListener.class.getDeclaredMethod("handleRequest", ServerProtocol.class, Peer.class, RequestType.class);
method.setAccessible(true);
final NiFiProperties nifiProperties = spy(NiFiProperties.class);
final int apiPort = 8080;
final int remoteSocketPort = 8081;
final String remoteInputHost = "node1.example.com";
when(nifiProperties.getPort()).thenReturn(apiPort);
when(nifiProperties.getRemoteInputHost()).thenReturn(remoteInputHost);
when(nifiProperties.getRemoteInputPort()).thenReturn(remoteSocketPort);
// Even if HTTP transport is disabled, RAW should work.
when(nifiProperties.getRemoteInputHttpPort()).thenReturn(null);
when(nifiProperties.isSiteToSiteHttpEnabled()).thenReturn(false);
when(nifiProperties.isSiteToSiteSecure()).thenReturn(false);
final SocketRemoteSiteListener listener = new SocketRemoteSiteListener(remoteSocketPort, null, nifiProperties);
final ServerProtocol serverProtocol = mock(ServerProtocol.class);
doAnswer(invocation -> {
final NodeInformation self = invocation.getArgumentAt(2, NodeInformation.class);
// Listener should inform about itself properly:
assertEquals(remoteInputHost, self.getSiteToSiteHostname());
assertEquals(remoteSocketPort, self.getSiteToSitePort().intValue());
assertNull(self.getSiteToSiteHttpApiPort());
assertEquals(apiPort, self.getAPIPort());
return null;
}).when(serverProtocol).sendPeerList(any(Peer.class), any(Optional.class), any(NodeInformation.class));
final Peer peer = null;
method.invoke(listener, serverProtocol, peer, RequestType.REQUEST_PEER_LIST);
}
Also used :
NiFiProperties(org.apache.nifi.util.NiFiProperties)
NodeInformation(org.apache.nifi.remote.cluster.NodeInformation)
Optional(java.util.Optional)
Method(java.lang.reflect.Method)
ServerProtocol(org.apache.nifi.remote.protocol.ServerProtocol)
Test(org.junit.Test)
Example 63 with NiFiProperties
use of org.apache.nifi.util.NiFiProperties in project nifi by apache.
the class JettyServerTest method testConfigureSslContextFactoryWithKeystorePassword.
@Test
public void testConfigureSslContextFactoryWithKeystorePassword() throws InvocationTargetException, NoSuchMethodException, InstantiationException, IllegalAccessException {
// Expect that with no KeyPassword, we use the same one from the KeyStore
String testKeystorePassword = "testKeystorePassword";
final Map<String, String> addProps = new HashMap<>();
addProps.put(NiFiProperties.SECURITY_KEYSTORE_PASSWD, testKeystorePassword);
NiFiProperties nifiProperties = NiFiProperties.createBasicNiFiProperties(null, addProps);
SslContextFactory contextFactory = mock(SslContextFactory.class);
JettyServer.configureSslContextFactory(contextFactory, nifiProperties);
verify(contextFactory).setKeyStorePassword(testKeystorePassword);
verify(contextFactory).setKeyManagerPassword(testKeystorePassword);
}
Also used :
NiFiProperties(org.apache.nifi.util.NiFiProperties)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
HashMap(java.util.HashMap)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 64 with NiFiProperties
use of org.apache.nifi.util.NiFiProperties in project nifi by apache.
the class JettyServerTest method testConfigureSslContextFactoryWithJksTrustStore.
@Test
public void testConfigureSslContextFactoryWithJksTrustStore() {
// Expect that we will not set provider for jks truststore
final Map<String, String> addProps = new HashMap<>();
String trustStoreType = KeystoreType.JKS.toString();
addProps.put(NiFiProperties.SECURITY_TRUSTSTORE_TYPE, trustStoreType);
NiFiProperties nifiProperties = NiFiProperties.createBasicNiFiProperties(null, addProps);
SslContextFactory contextFactory = mock(SslContextFactory.class);
JettyServer.configureSslContextFactory(contextFactory, nifiProperties);
verify(contextFactory).setTrustStoreType(trustStoreType);
verify(contextFactory, never()).setTrustStoreProvider(anyString());
}
Also used :
NiFiProperties(org.apache.nifi.util.NiFiProperties)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
HashMap(java.util.HashMap)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 65 with NiFiProperties
use of org.apache.nifi.util.NiFiProperties in project nifi by apache.
the class JettyServerTest method testConfigureSslContextFactoryWithPkcsKeyStore.
@Test
public void testConfigureSslContextFactoryWithPkcsKeyStore() {
// Expect that we will set Bouncy Castle provider for pkcs12 keystore
final Map<String, String> addProps = new HashMap<>();
String keyStoreType = KeystoreType.PKCS12.toString();
addProps.put(NiFiProperties.SECURITY_KEYSTORE_TYPE, keyStoreType);
NiFiProperties nifiProperties = NiFiProperties.createBasicNiFiProperties(null, addProps);
SslContextFactory contextFactory = mock(SslContextFactory.class);
JettyServer.configureSslContextFactory(contextFactory, nifiProperties);
verify(contextFactory).setKeyStoreType(keyStoreType);
verify(contextFactory).setKeyStoreProvider(BouncyCastleProvider.PROVIDER_NAME);
}
Also used :
NiFiProperties(org.apache.nifi.util.NiFiProperties)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
HashMap(java.util.HashMap)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Aggregations
NiFiProperties (org.apache.nifi.util.NiFiProperties)98
Test (org.junit.Test)63
HashMap (java.util.HashMap)28
Properties (java.util.Properties)24
File (java.io.File)16
Bundle (org.apache.nifi.bundle.Bundle)13
Matchers.anyString (org.mockito.Matchers.anyString)13
IOException (java.io.IOException)10
HashSet (java.util.HashSet)10
Map (java.util.Map)8
X509Certificate (java.security.cert.X509Certificate)7
Mockito.anyString (org.mockito.Mockito.anyString)7
InputStream (java.io.InputStream)6
ArrayList (java.util.ArrayList)6
SystemBundle (org.apache.nifi.nar.SystemBundle)6
SslContextFactory (org.eclipse.jetty.util.ssl.SslContextFactory)6
InvocationTargetException (java.lang.reflect.InvocationTargetException)5
IdentityMapping (org.apache.nifi.authorization.util.IdentityMapping)5
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
FileInputStream (java.io.FileInputStream)4
