use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.
the class HttpProxyServer method buildRealm.
private static UserRealm buildRealm(String userRealmClassname, ConfigurationStore properties) throws ConfigurationNotValidException {
try {
UserRealm res = (UserRealm) Class.forName(userRealmClassname).getConstructor().newInstance();
res.configure(properties);
return res;
} catch (ClassNotFoundException err) {
throw new ConfigurationNotValidException(err);
} catch (IllegalAccessException | IllegalArgumentException | InstantiationException | NoSuchMethodException | SecurityException | InvocationTargetException err) {
throw new RuntimeException(err);
}
}
use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.
the class HttpProxyServer method applyDynamicConfiguration.
private void applyDynamicConfiguration(ConfigurationStore newConfigurationStore, boolean atBoot) throws InterruptedException, ConfigurationChangeInProgressException {
if (atBoot && newConfigurationStore != null) {
throw new IllegalStateException();
}
if (!atBoot && newConfigurationStore == null) {
throw new IllegalStateException();
}
// at boot we are constructing a configuration from the database
// if the system is already "up" we have to only apply the new config
ConfigurationStore storeWithConfig = atBoot ? dynamicConfigurationStore : newConfigurationStore;
if (!configurationLock.tryLock()) {
throw new ConfigurationChangeInProgressException();
}
try {
RuntimeServerConfiguration newConfiguration = buildValidConfiguration(storeWithConfig);
EndpointMapper newMapper = buildMapper(newConfiguration.getMapperClassname(), storeWithConfig);
newMapper.setParent(this);
UserRealm newRealm = buildRealm(userRealmClassname, storeWithConfig);
this.filters = buildFilters(newConfiguration);
this.backendHealthManager.reloadConfiguration(newConfiguration, newMapper);
this.dynamicCertificatesManager.reloadConfiguration(newConfiguration);
this.ocspStaplingManager.reloadConfiguration(newConfiguration);
this.listeners.reloadConfiguration(newConfiguration);
this.cache.reloadConfiguration(newConfiguration);
this.requestsLogger.reloadConfiguration(newConfiguration);
this.realm = newRealm;
Map<String, BackendConfiguration> currentBackends = mapper != null ? mapper.getBackends() : Collections.emptyMap();
Map<String, BackendConfiguration> newBackends = newMapper.getBackends();
this.mapper = newMapper;
if (atBoot || !newBackends.equals(currentBackends) || isConnectionsConfigurationChanged(newConfiguration)) {
prometheusRegistry.clear();
Metrics.globalRegistry.clear();
proxyRequestsManager.reloadConfiguration(newConfiguration, newBackends.values());
}
if (!atBoot) {
dynamicConfigurationStore.commitConfiguration(newConfigurationStore);
}
this.currentConfiguration = newConfiguration;
} catch (ConfigurationNotValidException err) {
// impossible to have a non valid configuration here
throw new IllegalStateException(err);
} finally {
configurationLock.unlock();
}
}
use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.
the class AuthAPIRequestsFilter method doFilter.
@Override
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String authorizationHeader = request.getHeader(HEADER_AUTH);
if (authorizationHeader == null) {
UNAUTHORIZED(response);
return;
}
StringTokenizer tokenizer = new StringTokenizer(authorizationHeader);
if (tokenizer.hasMoreTokens()) {
String basic = tokenizer.nextToken();
if (basic.equalsIgnoreCase(HEADER_BASIC)) {
try {
String authBase64 = tokenizer.nextToken().trim();
String credentials = new String(Base64.getDecoder().decode(authBase64), StandardCharsets.UTF_8);
int position = credentials.indexOf(":");
if (position < 0) {
UNAUTHORIZED(response, MESSAGE_INVALID_TOKEN);
return;
}
String currentUser = null;
if (server != null) {
UserRealm userRealm = (UserRealm) server.getRealm();
String username = credentials.substring(0, position).trim();
String password = credentials.substring(position + 1).trim();
currentUser = userRealm.login(username, password);
}
if (currentUser == null) {
UNAUTHORIZED(response, MESSAGE_INVALID_CREDENTIALS);
return;
}
chain.doFilter(servletRequest, servletResponse);
} catch (UnsupportedEncodingException e) {
UNAUTHORIZED(response, MESSAGE_INVALID_TOKEN_NOTSUPPORTED);
}
}
} else {
UNAUTHORIZED(response, MESSAGE_INVALID_TOKEN);
}
}
use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.
the class FileUserRealmTest method testFileRelativePath.
@Test
public void testFileRelativePath() throws Exception {
try (HttpProxyServer server = buildForTests("localhost", 0, new TestEndpointMapper("localhost", 0), tmpDir.newFolder())) {
Properties prop = new Properties();
prop.setProperty("http.admin.enabled", "true");
prop.setProperty("http.admin.port", "8761");
prop.setProperty("http.admin.host", "localhost");
prop.setProperty("admin.accesslog.path", tmpDir.newFile().getAbsolutePath());
// create new file in the server and access it with relative path
File userPropertiesFile = new File("target/testuser" + System.currentTimeMillis() + ".properties");
userPropertiesFile.createNewFile();
Properties userProperties = new Properties();
userProperties.put("user.test1", "pass1");
userProperties.put("user.test2", "pass2");
// store them in the file
try (OutputStream out = new FileOutputStream(userPropertiesFile)) {
userProperties.store(out, "test_users_file");
}
// relative path
prop.setProperty("userrealm.class", "org.carapaceproxy.user.FileUserRealm");
prop.setProperty("userrealm.path", "target/" + userPropertiesFile.getName());
ConfigurationStore configStore = new PropertiesConfigurationStore(prop);
server.configureAtBoot(configStore);
server.start();
server.startAdminInterface();
UserRealm userRealm = server.getRealm();
assertNotNull(userRealm.login("test1", "pass1"));
assertNotNull(userRealm.login("test2", "pass2"));
assertNull(userRealm.login("test1", "wrongpass"));
userPropertiesFile.delete();
}
}
use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.
the class FileUserRealmTest method testFileUserRealm.
@Test
public void testFileUserRealm() throws Exception {
try (HttpProxyServer server = buildForTests("localhost", 0, new TestEndpointMapper("localhost", 0), tmpDir.newFolder())) {
Properties prop = new Properties();
prop.setProperty("http.admin.enabled", "true");
prop.setProperty("http.admin.port", "8761");
prop.setProperty("http.admin.host", "localhost");
prop.setProperty("admin.accesslog.path", tmpDir.newFile().getAbsolutePath());
Map<String, String> users = new HashMap<>();
users.put("test1", "pass1");
users.put("test2", "pass2");
users.put("test3", "pass3");
File usersFile = createUserFile(users);
prop.setProperty("userrealm.class", "org.carapaceproxy.user.FileUserRealm");
prop.setProperty("userrealm.path", usersFile.getPath());
ConfigurationStore configStore = new PropertiesConfigurationStore(prop);
server.configureAtBoot(configStore);
server.start();
server.startAdminInterface();
UserRealm userRealm = server.getRealm();
Collection<String> resultUsers = userRealm.listUsers();
assertThat(resultUsers.size(), is(users.size()));
for (String username : users.keySet()) {
String login = userRealm.login(username, users.get(username));
// login success
assertNotNull(login);
assertThat(username, is(login));
}
String wrongLogin = userRealm.login("wrong", "login");
assertNull(wrongLogin);
}
}
Aggregations