Example 1 with AuthenticationToken
use of org.apache.pulsar.client.impl.auth.AuthenticationToken in project pulsar by apache.
the class PulsarFunctionE2ESecurityTest method testAuthorization.
@Test
public void testAuthorization() throws Exception {
String token1 = AuthTokenUtils.createToken(secretKey, SUBJECT, Optional.empty());
String token2 = AuthTokenUtils.createToken(secretKey, "wrong-subject", Optional.empty());
final String replNamespace = TENANT + "/" + NAMESPACE;
final String sourceTopic = "persistent://" + replNamespace + "/my-topic1";
final String sinkTopic = "persistent://" + replNamespace + "/output";
final String propertyKey = "key";
final String propertyValue = "value";
final String functionName = "PulsarFunction-test";
final String subscriptionName = "test-sub";
// create user admin client
AuthenticationToken authToken1 = new AuthenticationToken();
authToken1.configure("token:" + token1);
AuthenticationToken authToken2 = new AuthenticationToken();
authToken2.configure("token:" + token2);
try (PulsarAdmin admin1 = spy(PulsarAdmin.builder().serviceHttpUrl(brokerServiceUrl).authentication(authToken1).build());
PulsarAdmin admin2 = spy(PulsarAdmin.builder().serviceHttpUrl(brokerServiceUrl).authentication(authToken2).build())) {
String jarFilePathUrl = getPulsarApiExamplesJar().toURI().toString();
FunctionConfig functionConfig = createFunctionConfig(TENANT, NAMESPACE, functionName, sourceTopic, sinkTopic, subscriptionName);
// creating function should fail since admin1 doesn't have permissions granted yet
try {
admin1.functions().createFunctionWithUrl(functionConfig, jarFilePathUrl);
fail("client admin shouldn't have permissions to create function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
// grant permissions to admin1
Set<AuthAction> actions = new HashSet<>();
actions.add(AuthAction.functions);
actions.add(AuthAction.produce);
actions.add(AuthAction.consume);
superUserAdmin.namespaces().grantPermissionOnNamespace(replNamespace, SUBJECT, actions);
// user should be able to create function now
admin1.functions().createFunctionWithUrl(functionConfig, jarFilePathUrl);
// admin2 should still fail
try {
admin2.functions().createFunctionWithUrl(functionConfig, jarFilePathUrl);
fail("client admin shouldn't have permissions to create function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
// creating on another tenant should also fail
try {
admin2.functions().createFunctionWithUrl(createFunctionConfig(TENANT2, NAMESPACE, functionName, sourceTopic, sinkTopic, subscriptionName), jarFilePathUrl);
fail("client admin shouldn't have permissions to create function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
assertTrue(retryStrategically((test) -> {
try {
return admin1.functions().getFunctionStatus(TENANT, NAMESPACE, functionName).getNumRunning() == 1 && admin1.topics().getStats(sourceTopic).getSubscriptions().size() == 1;
} catch (PulsarAdminException e) {
return false;
}
}, 50, 150));
// validate pulsar sink consumer has started on the topic
assertEquals(admin1.topics().getStats(sourceTopic).getSubscriptions().size(), 1);
// create a producer that creates a topic at broker
try (Producer<String> producer = pulsarClient.newProducer(Schema.STRING).topic(sourceTopic).create();
Consumer<String> consumer = pulsarClient.newConsumer(Schema.STRING).topic(sinkTopic).subscriptionName("sub").subscribe()) {
int totalMsgs = 5;
for (int i = 0; i < totalMsgs; i++) {
String data = "my-message-" + i;
producer.newMessage().property(propertyKey, propertyValue).value(data).send();
}
retryStrategically((test) -> {
try {
SubscriptionStats subStats = admin1.topics().getStats(sourceTopic).getSubscriptions().get(subscriptionName);
return subStats.getUnackedMessages() == 0;
} catch (PulsarAdminException e) {
return false;
}
}, 50, 150);
Message<String> msg = consumer.receive(5, TimeUnit.SECONDS);
String receivedPropertyValue = msg.getProperty(propertyKey);
assertEquals(propertyValue, receivedPropertyValue);
// validate pulsar-sink consumer has consumed all messages and delivered to Pulsar sink but unacked
// messages
// due to publish failure
assertNotEquals(admin1.topics().getStats(sourceTopic).getSubscriptions().values().iterator().next().getUnackedMessages(), totalMsgs);
}
// test update functions
functionConfig.setParallelism(2);
// admin2 should still fail
try {
admin2.functions().updateFunctionWithUrl(functionConfig, jarFilePathUrl);
fail("client admin shouldn't have permissions to update function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().updateFunctionWithUrl(functionConfig, jarFilePathUrl);
assertTrue(retryStrategically((test) -> {
try {
return admin1.functions().getFunctionStatus(TENANT, NAMESPACE, functionName).getNumRunning() == 2;
} catch (PulsarAdminException e) {
return false;
}
}, 50, 150));
// test getFunctionInfo
try {
admin2.functions().getFunction(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to get function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().getFunction(TENANT, NAMESPACE, functionName);
// test getFunctionInstanceStatus
try {
admin2.functions().getFunctionStatus(TENANT, NAMESPACE, functionName, 0);
fail("client admin shouldn't have permissions to get function status");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().getFunctionStatus(TENANT, NAMESPACE, functionName, 0);
// test getFunctionStatus
try {
admin2.functions().getFunctionStatus(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to get function status");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().getFunctionStatus(TENANT, NAMESPACE, functionName);
// test getFunctionStats
try {
admin2.functions().getFunctionStats(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to get function stats");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().getFunctionStats(TENANT, NAMESPACE, functionName);
// test getFunctionInstanceStats
try {
admin2.functions().getFunctionStats(TENANT, NAMESPACE, functionName, 0);
fail("client admin shouldn't have permissions to get function stats");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().getFunctionStats(TENANT, NAMESPACE, functionName, 0);
// test listFunctions
try {
admin2.functions().getFunctions(TENANT, NAMESPACE);
fail("client admin shouldn't have permissions to list functions");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().getFunctions(TENANT, NAMESPACE);
// test triggerFunction
try {
admin2.functions().triggerFunction(TENANT, NAMESPACE, functionName, sourceTopic, "foo", null);
fail("client admin shouldn't have permissions to trigger function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().triggerFunction(TENANT, NAMESPACE, functionName, sourceTopic, "foo", null);
// test restartFunctionInstance
try {
admin2.functions().restartFunction(TENANT, NAMESPACE, functionName, 0);
fail("client admin shouldn't have permissions to restart function instance");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().restartFunction(TENANT, NAMESPACE, functionName, 0);
// test restartFunctionInstances
try {
admin2.functions().restartFunction(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to restart function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().restartFunction(TENANT, NAMESPACE, functionName);
// test stopFunction instance
try {
admin2.functions().stopFunction(TENANT, NAMESPACE, functionName, 0);
fail("client admin shouldn't have permissions to stop function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().stopFunction(TENANT, NAMESPACE, functionName, 0);
// test stopFunction all instance
try {
admin2.functions().stopFunction(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to restart function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().stopFunction(TENANT, NAMESPACE, functionName);
// test startFunction instance
try {
admin2.functions().startFunction(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to restart function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().restartFunction(TENANT, NAMESPACE, functionName);
// test startFunction all instances
try {
admin2.functions().restartFunction(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to restart function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
admin1.functions().restartFunction(TENANT, NAMESPACE, functionName);
// admin2 should still fail
try {
admin2.functions().deleteFunction(TENANT, NAMESPACE, functionName);
fail("client admin shouldn't have permissions to delete function");
} catch (PulsarAdminException.NotAuthorizedException e) {
}
try {
admin1.functions().deleteFunction(TENANT, NAMESPACE, functionName);
} catch (PulsarAdminException e) {
// This happens because the request becomes outdated. Lets retry again
admin1.functions().deleteFunction(TENANT, NAMESPACE, functionName);
}
assertTrue(retryStrategically((test) -> {
try {
TopicStats stats = admin1.topics().getStats(sourceTopic);
boolean done = stats.getSubscriptions().size() == 0;
if (!done) {
log.info("Topic subscription is not cleaned up yet : {}", stats);
}
return done;
} catch (PulsarAdminException e) {
return false;
}
}, 50, 150));
}
}
Also used :
FunctionConfig(org.apache.pulsar.common.functions.FunctionConfig)
SubscriptionStats(org.apache.pulsar.common.policies.data.SubscriptionStats)
URL(java.net.URL)
AuthTokenUtils(org.apache.pulsar.broker.authentication.utils.AuthTokenUtils)
ObjectMapperFactory(org.apache.pulsar.common.util.ObjectMapperFactory)
Producer(org.apache.pulsar.client.api.Producer)
LoggerFactory(org.slf4j.LoggerFactory)
Test(org.testng.annotations.Test)
ClusterData(org.apache.pulsar.common.policies.data.ClusterData)
AfterMethod(org.testng.annotations.AfterMethod)
AuthAction(org.apache.pulsar.common.policies.data.AuthAction)
Map(java.util.Map)
MockedPulsarServiceBaseTest.retryStrategically(org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest.retryStrategically)
SignatureAlgorithm(io.jsonwebtoken.SignatureAlgorithm)
FunctionConfig(org.apache.pulsar.common.functions.FunctionConfig)
ThreadRuntimeFactoryConfig(org.apache.pulsar.functions.runtime.thread.ThreadRuntimeFactoryConfig)
Method(java.lang.reflect.Method)
Assert.assertNotEquals(org.testng.Assert.assertNotEquals)
BeforeMethod(org.testng.annotations.BeforeMethod)
Set(java.util.Set)
Sets(com.google.common.collect.Sets)
Consumer(org.apache.pulsar.client.api.Consumer)
FutureUtil(org.apache.pulsar.common.util.FutureUtil)
StringUtils.isNotBlank(org.apache.commons.lang3.StringUtils.isNotBlank)
LocalBookkeeperEnsemble(org.apache.pulsar.zookeeper.LocalBookkeeperEnsemble)
AuthenticationToken(org.apache.pulsar.client.impl.auth.AuthenticationToken)
ServiceConfigurationUtils(org.apache.pulsar.broker.ServiceConfigurationUtils)
PulsarAuthorizationProvider(org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider)
ClientBuilder(org.apache.pulsar.client.api.ClientBuilder)
Optional(java.util.Optional)
PulsarFunctionE2ETest(org.apache.pulsar.io.PulsarFunctionE2ETest)
SecretKey(javax.crypto.SecretKey)
SimpleLoadManagerImpl(org.apache.pulsar.broker.loadbalance.impl.SimpleLoadManagerImpl)
DataProvider(org.testng.annotations.DataProvider)
TopicStats(org.apache.pulsar.common.policies.data.TopicStats)
Assert.assertEquals(org.testng.Assert.assertEquals)
PulsarFunctionLocalRunTest.getPulsarApiExamplesJar(org.apache.pulsar.functions.worker.PulsarFunctionLocalRunTest.getPulsarApiExamplesJar)
PulsarAdmin(org.apache.pulsar.client.admin.PulsarAdmin)
Message(org.apache.pulsar.client.api.Message)
Mockito.spy(org.mockito.Mockito.spy)
HashSet(java.util.HashSet)
Lists(com.google.common.collect.Lists)
ThreadRuntimeFactory(org.apache.pulsar.functions.runtime.thread.ThreadRuntimeFactory)
PulsarClient(org.apache.pulsar.client.api.PulsarClient)
TenantInfo(org.apache.pulsar.common.policies.data.TenantInfo)
Properties(java.util.Properties)
Logger(org.slf4j.Logger)
AuthenticationProviderToken(org.apache.pulsar.broker.authentication.AuthenticationProviderToken)
JAVA_INSTANCE_JAR_PROPERTY(org.apache.pulsar.functions.utils.functioncache.FunctionCacheEntry.JAVA_INSTANCE_JAR_PROPERTY)
ServiceConfiguration(org.apache.pulsar.broker.ServiceConfiguration)
PulsarAdminException(org.apache.pulsar.client.admin.PulsarAdminException)
Assert.fail(org.testng.Assert.fail)
PulsarService(org.apache.pulsar.broker.PulsarService)
Schema(org.apache.pulsar.client.api.Schema)
TimeUnit(java.util.concurrent.TimeUnit)
Assert.assertTrue(org.testng.Assert.assertTrue)
BrokerStats(org.apache.pulsar.client.admin.BrokerStats)
Collections(java.util.Collections)
AuthenticationToken(org.apache.pulsar.client.impl.auth.AuthenticationToken)
SubscriptionStats(org.apache.pulsar.common.policies.data.SubscriptionStats)
PulsarAdmin(org.apache.pulsar.client.admin.PulsarAdmin)
AuthAction(org.apache.pulsar.common.policies.data.AuthAction)
PulsarAdminException(org.apache.pulsar.client.admin.PulsarAdminException)
TopicStats(org.apache.pulsar.common.policies.data.TopicStats)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
PulsarFunctionE2ETest(org.apache.pulsar.io.PulsarFunctionE2ETest)
Example 2 with AuthenticationToken
use of org.apache.pulsar.client.impl.auth.AuthenticationToken in project mop by streamnative.
the class TokenAuthenticationConfig method afterSetup.
@Override
public void afterSetup() throws Exception {
AuthenticationToken authToken = new AuthenticationToken();
authToken.configure("token:" + token);
pulsarClient = PulsarClient.builder().serviceUrl(brokerUrl.toString()).authentication(authToken).statsInterval(0, TimeUnit.SECONDS).build();
admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrl.toString()).authentication(authToken).build());
}
Also used :
AuthenticationToken(org.apache.pulsar.client.impl.auth.AuthenticationToken)
Example 3 with AuthenticationToken
use of org.apache.pulsar.client.impl.auth.AuthenticationToken in project pulsar by yahoo.
the class PulsarFunctionE2ESecurityTest method setup.
@BeforeMethod
void setup(Method method) throws Exception {
log.info("--- Setting up method {} ---", method.getName());
// Start local bookkeeper ensemble
bkEnsemble = new LocalBookkeeperEnsemble(3, 0, () -> 0);
bkEnsemble.start();
config = spy(ServiceConfiguration.class);
config.setClusterName("use");
Set<String> superUsers = Sets.newHashSet(ADMIN_SUBJECT);
config.setSuperUserRoles(superUsers);
config.setWebServicePort(Optional.of(0));
config.setZookeeperServers("127.0.0.1" + ":" + bkEnsemble.getZookeeperPort());
config.setBrokerShutdownTimeoutMs(0L);
config.setLoadBalancerOverrideBrokerNicSpeedGbps(Optional.of(1.0d));
config.setBrokerServicePort(Optional.of(0));
config.setLoadManagerClassName(SimpleLoadManagerImpl.class.getName());
config.setAdvertisedAddress("localhost");
config.setAllowAutoTopicCreationType("non-partitioned");
Set<String> providers = new HashSet<>();
providers.add(AuthenticationProviderToken.class.getName());
config.setAuthenticationEnabled(true);
config.setAuthenticationProviders(providers);
config.setAuthorizationEnabled(true);
config.setAuthorizationProvider(PulsarAuthorizationProvider.class.getName());
config.setAnonymousUserRole(ANONYMOUS_ROLE);
secretKey = AuthTokenUtils.createSecretKey(SignatureAlgorithm.HS256);
Properties properties = new Properties();
properties.setProperty("tokenSecretKey", AuthTokenUtils.encodeKeyBase64(secretKey));
config.setProperties(properties);
adminToken = AuthTokenUtils.createToken(secretKey, ADMIN_SUBJECT, Optional.empty());
config.setBrokerClientAuthenticationPlugin(AuthenticationToken.class.getName());
config.setBrokerClientAuthenticationParameters("token:" + adminToken);
functionsWorkerService = createPulsarFunctionWorker(config);
Optional<WorkerService> functionWorkerService = Optional.of(functionsWorkerService);
pulsar = new PulsarService(config, workerConfig, functionWorkerService, (exitCode) -> {
});
pulsar.start();
brokerServiceUrl = pulsar.getWebServiceAddress();
brokerWebServiceUrl = new URL(brokerServiceUrl);
AuthenticationToken authToken = new AuthenticationToken();
authToken.configure("token:" + adminToken);
superUserAdmin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerServiceUrl).authentication(authToken).build());
brokerStatsClient = superUserAdmin.brokerStats();
primaryHost = pulsar.getWebServiceAddress();
// update cluster metadata
ClusterData clusterData = ClusterData.builder().serviceUrl(brokerWebServiceUrl.toString()).build();
superUserAdmin.clusters().updateCluster(config.getClusterName(), clusterData);
ClientBuilder clientBuilder = PulsarClient.builder().serviceUrl(this.workerConfig.getPulsarServiceUrl()).operationTimeout(1000, TimeUnit.MILLISECONDS);
if (isNotBlank(workerConfig.getBrokerClientAuthenticationPlugin()) && isNotBlank(workerConfig.getBrokerClientAuthenticationParameters())) {
clientBuilder.authentication(workerConfig.getBrokerClientAuthenticationPlugin(), workerConfig.getBrokerClientAuthenticationParameters());
}
if (pulsarClient != null) {
pulsarClient.close();
}
pulsarClient = clientBuilder.build();
TenantInfo propAdmin = TenantInfo.builder().adminRoles(Collections.singleton(ADMIN_SUBJECT)).allowedClusters(Collections.singleton("use")).build();
superUserAdmin.tenants().updateTenant(TENANT, propAdmin);
final String replNamespace = TENANT + "/" + NAMESPACE;
superUserAdmin.namespaces().createNamespace(replNamespace);
Set<String> clusters = Sets.newHashSet(Lists.newArrayList("use"));
superUserAdmin.namespaces().setNamespaceReplicationClusters(replNamespace, clusters);
// create another test tenant and namespace
propAdmin = TenantInfo.builder().allowedClusters(Collections.singleton("use")).build();
superUserAdmin.tenants().createTenant(TENANT2, propAdmin);
superUserAdmin.namespaces().createNamespace(TENANT2 + "/" + NAMESPACE);
while (!functionsWorkerService.getLeaderService().isLeader()) {
Thread.sleep(1000);
}
}
Also used :
SubscriptionStats(org.apache.pulsar.common.policies.data.SubscriptionStats)
URL(java.net.URL)
AuthTokenUtils(org.apache.pulsar.broker.authentication.utils.AuthTokenUtils)
ObjectMapperFactory(org.apache.pulsar.common.util.ObjectMapperFactory)
Producer(org.apache.pulsar.client.api.Producer)
LoggerFactory(org.slf4j.LoggerFactory)
Test(org.testng.annotations.Test)
ClusterData(org.apache.pulsar.common.policies.data.ClusterData)
AfterMethod(org.testng.annotations.AfterMethod)
AuthAction(org.apache.pulsar.common.policies.data.AuthAction)
Map(java.util.Map)
MockedPulsarServiceBaseTest.retryStrategically(org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest.retryStrategically)
SignatureAlgorithm(io.jsonwebtoken.SignatureAlgorithm)
FunctionConfig(org.apache.pulsar.common.functions.FunctionConfig)
ThreadRuntimeFactoryConfig(org.apache.pulsar.functions.runtime.thread.ThreadRuntimeFactoryConfig)
Method(java.lang.reflect.Method)
Assert.assertNotEquals(org.testng.Assert.assertNotEquals)
BeforeMethod(org.testng.annotations.BeforeMethod)
Set(java.util.Set)
Sets(com.google.common.collect.Sets)
Consumer(org.apache.pulsar.client.api.Consumer)
FutureUtil(org.apache.pulsar.common.util.FutureUtil)
StringUtils.isNotBlank(org.apache.commons.lang3.StringUtils.isNotBlank)
LocalBookkeeperEnsemble(org.apache.pulsar.zookeeper.LocalBookkeeperEnsemble)
AuthenticationToken(org.apache.pulsar.client.impl.auth.AuthenticationToken)
ServiceConfigurationUtils(org.apache.pulsar.broker.ServiceConfigurationUtils)
PulsarAuthorizationProvider(org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider)
ClientBuilder(org.apache.pulsar.client.api.ClientBuilder)
Optional(java.util.Optional)
PulsarFunctionE2ETest(org.apache.pulsar.io.PulsarFunctionE2ETest)
SecretKey(javax.crypto.SecretKey)
SimpleLoadManagerImpl(org.apache.pulsar.broker.loadbalance.impl.SimpleLoadManagerImpl)
DataProvider(org.testng.annotations.DataProvider)
TopicStats(org.apache.pulsar.common.policies.data.TopicStats)
Assert.assertEquals(org.testng.Assert.assertEquals)
PulsarFunctionLocalRunTest.getPulsarApiExamplesJar(org.apache.pulsar.functions.worker.PulsarFunctionLocalRunTest.getPulsarApiExamplesJar)
PulsarAdmin(org.apache.pulsar.client.admin.PulsarAdmin)
Message(org.apache.pulsar.client.api.Message)
Mockito.spy(org.mockito.Mockito.spy)
HashSet(java.util.HashSet)
Lists(com.google.common.collect.Lists)
ThreadRuntimeFactory(org.apache.pulsar.functions.runtime.thread.ThreadRuntimeFactory)
PulsarClient(org.apache.pulsar.client.api.PulsarClient)
TenantInfo(org.apache.pulsar.common.policies.data.TenantInfo)
Properties(java.util.Properties)
Logger(org.slf4j.Logger)
AuthenticationProviderToken(org.apache.pulsar.broker.authentication.AuthenticationProviderToken)
JAVA_INSTANCE_JAR_PROPERTY(org.apache.pulsar.functions.utils.functioncache.FunctionCacheEntry.JAVA_INSTANCE_JAR_PROPERTY)
ServiceConfiguration(org.apache.pulsar.broker.ServiceConfiguration)
PulsarAdminException(org.apache.pulsar.client.admin.PulsarAdminException)
Assert.fail(org.testng.Assert.fail)
PulsarService(org.apache.pulsar.broker.PulsarService)
Schema(org.apache.pulsar.client.api.Schema)
TimeUnit(java.util.concurrent.TimeUnit)
Assert.assertTrue(org.testng.Assert.assertTrue)
BrokerStats(org.apache.pulsar.client.admin.BrokerStats)
Collections(java.util.Collections)
AuthenticationToken(org.apache.pulsar.client.impl.auth.AuthenticationToken)
AuthenticationProviderToken(org.apache.pulsar.broker.authentication.AuthenticationProviderToken)
TenantInfo(org.apache.pulsar.common.policies.data.TenantInfo)
Properties(java.util.Properties)
LocalBookkeeperEnsemble(org.apache.pulsar.zookeeper.LocalBookkeeperEnsemble)
URL(java.net.URL)
ClusterData(org.apache.pulsar.common.policies.data.ClusterData)
ServiceConfiguration(org.apache.pulsar.broker.ServiceConfiguration)
SimpleLoadManagerImpl(org.apache.pulsar.broker.loadbalance.impl.SimpleLoadManagerImpl)
PulsarService(org.apache.pulsar.broker.PulsarService)
PulsarAuthorizationProvider(org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider)
HashSet(java.util.HashSet)
ClientBuilder(org.apache.pulsar.client.api.ClientBuilder)
BeforeMethod(org.testng.annotations.BeforeMethod)
Example 4 with AuthenticationToken
use of org.apache.pulsar.client.impl.auth.AuthenticationToken in project pulsar by yahoo.
the class ClientConfigurationDataTest method testDoNotPrintSensitiveInfo.
@Test
public void testDoNotPrintSensitiveInfo() throws JsonProcessingException {
ClientConfigurationData clientConfigurationData = new ClientConfigurationData();
clientConfigurationData.setTlsTrustStorePassword("xxxx");
clientConfigurationData.setSocks5ProxyPassword("yyyy");
clientConfigurationData.setAuthentication(new AuthenticationToken("zzzz"));
String s = w.writeValueAsString(clientConfigurationData);
Assert.assertFalse(s.contains("Password"));
Assert.assertFalse(s.contains("xxxx"));
Assert.assertFalse(s.contains("yyyy"));
Assert.assertFalse(s.contains("zzzz"));
}
Also used :
AuthenticationToken(org.apache.pulsar.client.impl.auth.AuthenticationToken)
Test(org.testng.annotations.Test)
Example 5 with AuthenticationToken
use of org.apache.pulsar.client.impl.auth.AuthenticationToken in project incubator-pulsar by apache.
the class ClearTextFunctionTokenAuthProviderTest method testClearTextAuth.
@Test
public void testClearTextAuth() throws Exception {
ClearTextFunctionTokenAuthProvider clearTextFunctionTokenAuthProvider = new ClearTextFunctionTokenAuthProvider();
Function.FunctionDetails funcDetails = Function.FunctionDetails.newBuilder().setTenant("test-tenant").setNamespace("test-ns").setName("test-func").build();
Optional<FunctionAuthData> functionAuthData = clearTextFunctionTokenAuthProvider.cacheAuthData(funcDetails, new AuthenticationDataSource() {
@Override
public boolean hasDataFromCommand() {
return true;
}
@Override
public String getCommandData() {
return "test-token";
}
});
Assert.assertTrue(functionAuthData.isPresent());
Assert.assertEquals(functionAuthData.get().getData(), "test-token".getBytes());
AuthenticationConfig authenticationConfig = AuthenticationConfig.builder().build();
clearTextFunctionTokenAuthProvider.configureAuthenticationConfig(authenticationConfig, functionAuthData);
Assert.assertEquals(authenticationConfig.getClientAuthenticationPlugin(), AuthenticationToken.class.getName());
Assert.assertEquals(authenticationConfig.getClientAuthenticationParameters(), "token:test-token");
AuthenticationToken authenticationToken = new AuthenticationToken();
authenticationToken.configure(authenticationConfig.getClientAuthenticationParameters());
Assert.assertEquals(authenticationToken.getAuthData().getCommandData(), "test-token");
}
Also used :
Function(org.apache.pulsar.functions.proto.Function)
AuthenticationConfig(org.apache.pulsar.functions.instance.AuthenticationConfig)
AuthenticationToken(org.apache.pulsar.client.impl.auth.AuthenticationToken)
AuthenticationDataSource(org.apache.pulsar.broker.authentication.AuthenticationDataSource)
Test(org.testng.annotations.Test)
Aggregations
AuthenticationToken (org.apache.pulsar.client.impl.auth.AuthenticationToken)12
Test (org.testng.annotations.Test)11
Lists (com.google.common.collect.Lists)6
Sets (com.google.common.collect.Sets)6
SignatureAlgorithm (io.jsonwebtoken.SignatureAlgorithm)6
Method (java.lang.reflect.Method)6
URL (java.net.URL)6
Collections (java.util.Collections)6
HashSet (java.util.HashSet)6
Map (java.util.Map)6
Optional (java.util.Optional)6
Properties (java.util.Properties)6
Set (java.util.Set)6
TimeUnit (java.util.concurrent.TimeUnit)6
SecretKey (javax.crypto.SecretKey)6
StringUtils.isNotBlank (org.apache.commons.lang3.StringUtils.isNotBlank)6
PulsarService (org.apache.pulsar.broker.PulsarService)6
ServiceConfiguration (org.apache.pulsar.broker.ServiceConfiguration)6
ServiceConfigurationUtils (org.apache.pulsar.broker.ServiceConfigurationUtils)6
MockedPulsarServiceBaseTest.retryStrategically (org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest.retryStrategically)6
