Search in sources :

Example 11 with NiFiAuthenticationToken

use of org.apache.nifi.web.security.token.NiFiAuthenticationToken in project nifi by apache.

the class TestThreadPoolRequestReplicator method testMonitorNotifiedOnSuccessfulCompletion.

@Test(timeout = 5000)
public void testMonitorNotifiedOnSuccessfulCompletion() {
    withReplicator(replicator -> {
        final Object monitor = new Object();
        final CountDownLatch preNotifyLatch = new CountDownLatch(1);
        final CountDownLatch postNotifyLatch = new CountDownLatch(1);
        new Thread(new Runnable() {

            @Override
            public void run() {
                synchronized (monitor) {
                    while (true) {
                        // If monitor is not notified, this will block indefinitely, and the test will timeout
                        try {
                            preNotifyLatch.countDown();
                            monitor.wait();
                            break;
                        } catch (InterruptedException e) {
                            continue;
                        }
                    }
                    postNotifyLatch.countDown();
                }
            }
        }).start();
        // wait for the background thread to notify that it is synchronized on monitor.
        preNotifyLatch.await();
        final Set<NodeIdentifier> nodeIds = new HashSet<>();
        final NodeIdentifier nodeId = new NodeIdentifier("1", "localhost", 8000, "localhost", 8001, "localhost", 8002, 8003, false);
        nodeIds.add(nodeId);
        final URI uri = new URI("http://localhost:8080/processors/1");
        final Entity entity = new ProcessorEntity();
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // ensure the proxied entities header is set
        final Map<String, String> updatedHeaders = new HashMap<>();
        replicator.updateRequestHeaders(updatedHeaders, NiFiUserUtils.getNiFiUser());
        replicator.replicate(nodeIds, HttpMethod.GET, uri, entity, updatedHeaders, true, null, true, true, monitor);
        // wait for monitor to be notified.
        postNotifyLatch.await();
    });
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Entity(org.apache.nifi.web.api.entity.Entity) HashMap(java.util.HashMap) CountDownLatch(java.util.concurrent.CountDownLatch) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 12 with NiFiAuthenticationToken

use of org.apache.nifi.web.security.token.NiFiAuthenticationToken in project nifi by apache.

the class TestThreadPoolRequestReplicator method testRequestChain.

@Test
public void testRequestChain() {
    final String proxyIdentity2 = "proxy-2";
    final String proxyIdentity1 = "proxy-1";
    final String userIdentity = "user";
    withReplicator(replicator -> {
        final Set<NodeIdentifier> nodeIds = new HashSet<>();
        nodeIds.add(new NodeIdentifier("1", "localhost", 8000, "localhost", 8001, "localhost", 8002, 8003, false));
        final URI uri = new URI("http://localhost:8080/processors/1");
        final Entity entity = new ProcessorEntity();
        // set the user
        final NiFiUser proxy2 = new Builder().identity(proxyIdentity2).build();
        final NiFiUser proxy1 = new Builder().identity(proxyIdentity1).chain(proxy2).build();
        final NiFiUser user = new Builder().identity(userIdentity).chain(proxy1).build();
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(user));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        replicator.replicate(nodeIds, HttpMethod.GET, uri, entity, new HashMap<>(), true, true);
    }, Response.Status.OK, 0L, null, "<" + userIdentity + "><" + proxyIdentity1 + "><" + proxyIdentity2 + ">");
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Entity(org.apache.nifi.web.api.entity.Entity) StandardNiFiUser(org.apache.nifi.authorization.user.StandardNiFiUser) NiFiUser(org.apache.nifi.authorization.user.NiFiUser) Builder(org.apache.nifi.authorization.user.StandardNiFiUser.Builder) ClientBuilder(javax.ws.rs.client.ClientBuilder) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 13 with NiFiAuthenticationToken

use of org.apache.nifi.web.security.token.NiFiAuthenticationToken in project nifi by apache.

the class TestThreadPoolRequestReplicator method testMutableRequestRequiresAllNodesConnected.

@Test
public void testMutableRequestRequiresAllNodesConnected() throws URISyntaxException {
    final ClusterCoordinator coordinator = createClusterCoordinator();
    // build a map of connection state to node ids
    final Map<NodeConnectionState, List<NodeIdentifier>> nodeMap = new HashMap<>();
    final List<NodeIdentifier> connectedNodes = new ArrayList<>();
    connectedNodes.add(new NodeIdentifier("1", "localhost", 8100, "localhost", 8101, "localhost", 8102, 8103, false));
    connectedNodes.add(new NodeIdentifier("2", "localhost", 8200, "localhost", 8201, "localhost", 8202, 8203, false));
    nodeMap.put(NodeConnectionState.CONNECTED, connectedNodes);
    final List<NodeIdentifier> otherState = new ArrayList<>();
    otherState.add(new NodeIdentifier("3", "localhost", 8300, "localhost", 8301, "localhost", 8302, 8303, false));
    nodeMap.put(NodeConnectionState.CONNECTING, otherState);
    when(coordinator.getConnectionStates()).thenReturn(nodeMap);
    final NiFiProperties props = NiFiProperties.createBasicNiFiProperties(null, null);
    final ThreadPoolRequestReplicator replicator = new ThreadPoolRequestReplicator(2, 5, 100, ClientBuilder.newClient(), coordinator, "1 sec", "1 sec", null, null, props) {

        @Override
        public AsyncClusterResponse replicate(Set<NodeIdentifier> nodeIds, String method, URI uri, Object entity, Map<String, String> headers, boolean indicateReplicated, boolean verify) {
            return null;
        }
    };
    try {
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        try {
            replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
            Assert.fail("Expected ConnectingNodeMutableRequestException");
        } catch (final ConnectingNodeMutableRequestException e) {
        // expected behavior
        }
        nodeMap.remove(NodeConnectionState.CONNECTING);
        nodeMap.put(NodeConnectionState.DISCONNECTED, otherState);
        try {
            replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
            Assert.fail("Expected DisconnectedNodeMutableRequestException");
        } catch (final DisconnectedNodeMutableRequestException e) {
        // expected behavior
        }
        nodeMap.remove(NodeConnectionState.DISCONNECTED);
        nodeMap.put(NodeConnectionState.DISCONNECTING, otherState);
        try {
            replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
            Assert.fail("Expected DisconnectedNodeMutableRequestException");
        } catch (final DisconnectedNodeMutableRequestException e) {
        // expected behavior
        }
        // should not throw an Exception because it's a GET
        replicator.replicate(HttpMethod.GET, new URI("http://localhost:80/processors/1"), new MultiValueMap<>(), new HashMap<>());
        // should not throw an Exception because all nodes are now connected
        nodeMap.remove(NodeConnectionState.DISCONNECTING);
        replicator.replicate(HttpMethod.POST, new URI("http://localhost:80/processors/1"), new ProcessorEntity(), new HashMap<>());
    } finally {
        replicator.shutdown();
    }
}
Also used : NiFiProperties(org.apache.nifi.util.NiFiProperties) Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) ConnectingNodeMutableRequestException(org.apache.nifi.cluster.manager.exception.ConnectingNodeMutableRequestException) ArrayList(java.util.ArrayList) ClusterCoordinator(org.apache.nifi.cluster.coordination.ClusterCoordinator) NodeConnectionState(org.apache.nifi.cluster.coordination.node.NodeConnectionState) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) List(java.util.List) ArrayList(java.util.ArrayList) DisconnectedNodeMutableRequestException(org.apache.nifi.cluster.manager.exception.DisconnectedNodeMutableRequestException) Map(java.util.Map) HashMap(java.util.HashMap) MultiValueMap(org.apache.commons.collections4.map.MultiValueMap) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) Test(org.junit.Test)

Example 14 with NiFiAuthenticationToken

use of org.apache.nifi.web.security.token.NiFiAuthenticationToken in project nifi by apache.

the class TestThreadPoolRequestReplicator method testResponseRemovedWhenCompletedAndFetched.

/**
 * If we replicate a request, whenever we obtain the merged response from
 * the AsyncClusterResponse object, the response should no longer be
 * available and should be cleared from internal state. This test is to
 * verify that this behavior occurs.
 */
@Test
public void testResponseRemovedWhenCompletedAndFetched() {
    withReplicator(replicator -> {
        final Set<NodeIdentifier> nodeIds = new HashSet<>();
        nodeIds.add(new NodeIdentifier("1", "localhost", 8000, "localhost", 8001, "localhost", 8002, 8003, false));
        final URI uri = new URI("http://localhost:8080/processors/1");
        final Entity entity = new ProcessorEntity();
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        final AsyncClusterResponse response = replicator.replicate(nodeIds, HttpMethod.GET, uri, entity, new HashMap<>(), true, true);
        // We should get back the same response object
        assertTrue(response == replicator.getClusterResponse(response.getRequestIdentifier()));
        assertEquals(HttpMethod.GET, response.getMethod());
        assertEquals(nodeIds, response.getNodesInvolved());
        assertTrue(response == replicator.getClusterResponse(response.getRequestIdentifier()));
        final NodeResponse nodeResponse = response.awaitMergedResponse(3, TimeUnit.SECONDS);
        assertEquals(8000, nodeResponse.getNodeId().getApiPort());
        assertEquals(Response.Status.OK.getStatusCode(), nodeResponse.getStatus());
        assertNull(replicator.getClusterResponse(response.getRequestIdentifier()));
    });
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Entity(org.apache.nifi.web.api.entity.Entity) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) NodeResponse(org.apache.nifi.cluster.manager.NodeResponse) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) Test(org.junit.Test)

Example 15 with NiFiAuthenticationToken

use of org.apache.nifi.web.security.token.NiFiAuthenticationToken in project nifi by apache.

the class TestThreadPoolRequestReplicator method testLongWaitForResponse.

@Test(timeout = 15000)
public void testLongWaitForResponse() {
    withReplicator(replicator -> {
        final Set<NodeIdentifier> nodeIds = new HashSet<>();
        final NodeIdentifier nodeId = new NodeIdentifier("1", "localhost", 8000, "localhost", 8001, "localhost", 8002, 8003, false);
        nodeIds.add(nodeId);
        final URI uri = new URI("http://localhost:8080/processors/1");
        final Entity entity = new ProcessorEntity();
        // set the user
        final Authentication authentication = new NiFiAuthenticationToken(new NiFiUserDetails(StandardNiFiUser.ANONYMOUS));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        final AsyncClusterResponse response = replicator.replicate(nodeIds, HttpMethod.GET, uri, entity, new HashMap<>(), true, true);
        // We should get back the same response object
        assertTrue(response == replicator.getClusterResponse(response.getRequestIdentifier()));
        final NodeResponse completedNodeResponse = response.awaitMergedResponse(2, TimeUnit.SECONDS);
        assertNotNull(completedNodeResponse);
        assertNotNull(completedNodeResponse.getThrowable());
        assertEquals(500, completedNodeResponse.getStatus());
        assertTrue(response.isComplete());
        assertNotNull(response.getMergedResponse());
        assertNull(replicator.getClusterResponse(response.getRequestIdentifier()));
    }, Status.OK, 1000, new ProcessingException(new SocketTimeoutException()));
}
Also used : ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) Entity(org.apache.nifi.web.api.entity.Entity) NodeResponse(org.apache.nifi.cluster.manager.NodeResponse) ProcessorEntity(org.apache.nifi.web.api.entity.ProcessorEntity) URI(java.net.URI) NiFiAuthenticationToken(org.apache.nifi.web.security.token.NiFiAuthenticationToken) SocketTimeoutException(java.net.SocketTimeoutException) Authentication(org.springframework.security.core.Authentication) NodeIdentifier(org.apache.nifi.cluster.protocol.NodeIdentifier) NiFiUserDetails(org.apache.nifi.authorization.user.NiFiUserDetails) HashSet(java.util.HashSet) ProcessingException(javax.ws.rs.ProcessingException) Test(org.junit.Test)

Aggregations

NiFiUserDetails (org.apache.nifi.authorization.user.NiFiUserDetails)29 NiFiAuthenticationToken (org.apache.nifi.web.security.token.NiFiAuthenticationToken)29 Test (org.junit.Test)23 Authentication (org.springframework.security.core.Authentication)17 URI (java.net.URI)12 NiFiUser (org.apache.nifi.authorization.user.NiFiUser)12 ProcessorEntity (org.apache.nifi.web.api.entity.ProcessorEntity)11 HashSet (java.util.HashSet)10 Builder (org.apache.nifi.authorization.user.StandardNiFiUser.Builder)10 NodeIdentifier (org.apache.nifi.cluster.protocol.NodeIdentifier)10 Entity (org.apache.nifi.web.api.entity.Entity)8 HashMap (java.util.HashMap)7 StandardNiFiUser (org.apache.nifi.authorization.user.StandardNiFiUser)7 NodeResponse (org.apache.nifi.cluster.manager.NodeResponse)6 InvalidAuthenticationException (org.apache.nifi.web.security.InvalidAuthenticationException)5 Map (java.util.Map)4 AuthorizationRequest (org.apache.nifi.authorization.AuthorizationRequest)3 ArgumentMatcher (org.mockito.ArgumentMatcher)3 JwtException (io.jsonwebtoken.JwtException)2 ApiOperation (io.swagger.annotations.ApiOperation)2