Search in sources :

Example 1 with UserRealm

use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.

the class HttpProxyServer method buildRealm.

private static UserRealm buildRealm(String userRealmClassname, ConfigurationStore properties) throws ConfigurationNotValidException {
    try {
        UserRealm res = (UserRealm) Class.forName(userRealmClassname).getConstructor().newInstance();
        res.configure(properties);
        return res;
    } catch (ClassNotFoundException err) {
        throw new ConfigurationNotValidException(err);
    } catch (IllegalAccessException | IllegalArgumentException | InstantiationException | NoSuchMethodException | SecurityException | InvocationTargetException err) {
        throw new RuntimeException(err);
    }
}
Also used : ConfigurationNotValidException(org.carapaceproxy.server.config.ConfigurationNotValidException) UserRealm(org.carapaceproxy.user.UserRealm) SimpleUserRealm(org.carapaceproxy.user.SimpleUserRealm) InvocationTargetException(java.lang.reflect.InvocationTargetException)

Example 2 with UserRealm

use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.

the class HttpProxyServer method applyDynamicConfiguration.

private void applyDynamicConfiguration(ConfigurationStore newConfigurationStore, boolean atBoot) throws InterruptedException, ConfigurationChangeInProgressException {
    if (atBoot && newConfigurationStore != null) {
        throw new IllegalStateException();
    }
    if (!atBoot && newConfigurationStore == null) {
        throw new IllegalStateException();
    }
    // at boot we are constructing a configuration from the database
    // if the system is already "up" we have to only apply the new config
    ConfigurationStore storeWithConfig = atBoot ? dynamicConfigurationStore : newConfigurationStore;
    if (!configurationLock.tryLock()) {
        throw new ConfigurationChangeInProgressException();
    }
    try {
        RuntimeServerConfiguration newConfiguration = buildValidConfiguration(storeWithConfig);
        EndpointMapper newMapper = buildMapper(newConfiguration.getMapperClassname(), storeWithConfig);
        newMapper.setParent(this);
        UserRealm newRealm = buildRealm(userRealmClassname, storeWithConfig);
        this.filters = buildFilters(newConfiguration);
        this.backendHealthManager.reloadConfiguration(newConfiguration, newMapper);
        this.dynamicCertificatesManager.reloadConfiguration(newConfiguration);
        this.ocspStaplingManager.reloadConfiguration(newConfiguration);
        this.listeners.reloadConfiguration(newConfiguration);
        this.cache.reloadConfiguration(newConfiguration);
        this.requestsLogger.reloadConfiguration(newConfiguration);
        this.realm = newRealm;
        Map<String, BackendConfiguration> currentBackends = mapper != null ? mapper.getBackends() : Collections.emptyMap();
        Map<String, BackendConfiguration> newBackends = newMapper.getBackends();
        this.mapper = newMapper;
        if (atBoot || !newBackends.equals(currentBackends) || isConnectionsConfigurationChanged(newConfiguration)) {
            prometheusRegistry.clear();
            Metrics.globalRegistry.clear();
            proxyRequestsManager.reloadConfiguration(newConfiguration, newBackends.values());
        }
        if (!atBoot) {
            dynamicConfigurationStore.commitConfiguration(newConfigurationStore);
        }
        this.currentConfiguration = newConfiguration;
    } catch (ConfigurationNotValidException err) {
        // impossible to have a non valid configuration here
        throw new IllegalStateException(err);
    } finally {
        configurationLock.unlock();
    }
}
Also used : ConfigurationNotValidException(org.carapaceproxy.server.config.ConfigurationNotValidException) PropertiesConfigurationStore(org.carapaceproxy.configstore.PropertiesConfigurationStore) ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore) HerdDBConfigurationStore(org.carapaceproxy.configstore.HerdDBConfigurationStore) EndpointMapper(org.carapaceproxy.server.mapper.EndpointMapper) UserRealm(org.carapaceproxy.user.UserRealm) SimpleUserRealm(org.carapaceproxy.user.SimpleUserRealm) ConfigurationChangeInProgressException(org.carapaceproxy.server.config.ConfigurationChangeInProgressException) BackendConfiguration(org.carapaceproxy.server.config.BackendConfiguration)

Example 3 with UserRealm

use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.

the class AuthAPIRequestsFilter method doFilter.

@Override
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;
    String authorizationHeader = request.getHeader(HEADER_AUTH);
    if (authorizationHeader == null) {
        UNAUTHORIZED(response);
        return;
    }
    StringTokenizer tokenizer = new StringTokenizer(authorizationHeader);
    if (tokenizer.hasMoreTokens()) {
        String basic = tokenizer.nextToken();
        if (basic.equalsIgnoreCase(HEADER_BASIC)) {
            try {
                String authBase64 = tokenizer.nextToken().trim();
                String credentials = new String(Base64.getDecoder().decode(authBase64), StandardCharsets.UTF_8);
                int position = credentials.indexOf(":");
                if (position < 0) {
                    UNAUTHORIZED(response, MESSAGE_INVALID_TOKEN);
                    return;
                }
                String currentUser = null;
                if (server != null) {
                    UserRealm userRealm = (UserRealm) server.getRealm();
                    String username = credentials.substring(0, position).trim();
                    String password = credentials.substring(position + 1).trim();
                    currentUser = userRealm.login(username, password);
                }
                if (currentUser == null) {
                    UNAUTHORIZED(response, MESSAGE_INVALID_CREDENTIALS);
                    return;
                }
                chain.doFilter(servletRequest, servletResponse);
            } catch (UnsupportedEncodingException e) {
                UNAUTHORIZED(response, MESSAGE_INVALID_TOKEN_NOTSUPPORTED);
            }
        }
    } else {
        UNAUTHORIZED(response, MESSAGE_INVALID_TOKEN);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) StringTokenizer(java.util.StringTokenizer) UserRealm(org.carapaceproxy.user.UserRealm) HttpServletResponse(javax.servlet.http.HttpServletResponse) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 4 with UserRealm

use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.

the class FileUserRealmTest method testFileRelativePath.

@Test
public void testFileRelativePath() throws Exception {
    try (HttpProxyServer server = buildForTests("localhost", 0, new TestEndpointMapper("localhost", 0), tmpDir.newFolder())) {
        Properties prop = new Properties();
        prop.setProperty("http.admin.enabled", "true");
        prop.setProperty("http.admin.port", "8761");
        prop.setProperty("http.admin.host", "localhost");
        prop.setProperty("admin.accesslog.path", tmpDir.newFile().getAbsolutePath());
        // create new file in the server and access it with relative path
        File userPropertiesFile = new File("target/testuser" + System.currentTimeMillis() + ".properties");
        userPropertiesFile.createNewFile();
        Properties userProperties = new Properties();
        userProperties.put("user.test1", "pass1");
        userProperties.put("user.test2", "pass2");
        // store them in the file
        try (OutputStream out = new FileOutputStream(userPropertiesFile)) {
            userProperties.store(out, "test_users_file");
        }
        // relative path
        prop.setProperty("userrealm.class", "org.carapaceproxy.user.FileUserRealm");
        prop.setProperty("userrealm.path", "target/" + userPropertiesFile.getName());
        ConfigurationStore configStore = new PropertiesConfigurationStore(prop);
        server.configureAtBoot(configStore);
        server.start();
        server.startAdminInterface();
        UserRealm userRealm = server.getRealm();
        assertNotNull(userRealm.login("test1", "pass1"));
        assertNotNull(userRealm.login("test2", "pass2"));
        assertNull(userRealm.login("test1", "wrongpass"));
        userPropertiesFile.delete();
    }
}
Also used : HttpProxyServer(org.carapaceproxy.core.HttpProxyServer) TestEndpointMapper(org.carapaceproxy.utils.TestEndpointMapper) PropertiesConfigurationStore(org.carapaceproxy.configstore.PropertiesConfigurationStore) ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore) PropertiesConfigurationStore(org.carapaceproxy.configstore.PropertiesConfigurationStore) UserRealm(org.carapaceproxy.user.UserRealm) FileUserRealm(org.carapaceproxy.user.FileUserRealm) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) FileOutputStream(java.io.FileOutputStream) Properties(java.util.Properties) File(java.io.File) Test(org.junit.Test)

Example 5 with UserRealm

use of org.carapaceproxy.user.UserRealm in project carapaceproxy by diennea.

the class FileUserRealmTest method testFileUserRealm.

@Test
public void testFileUserRealm() throws Exception {
    try (HttpProxyServer server = buildForTests("localhost", 0, new TestEndpointMapper("localhost", 0), tmpDir.newFolder())) {
        Properties prop = new Properties();
        prop.setProperty("http.admin.enabled", "true");
        prop.setProperty("http.admin.port", "8761");
        prop.setProperty("http.admin.host", "localhost");
        prop.setProperty("admin.accesslog.path", tmpDir.newFile().getAbsolutePath());
        Map<String, String> users = new HashMap<>();
        users.put("test1", "pass1");
        users.put("test2", "pass2");
        users.put("test3", "pass3");
        File usersFile = createUserFile(users);
        prop.setProperty("userrealm.class", "org.carapaceproxy.user.FileUserRealm");
        prop.setProperty("userrealm.path", usersFile.getPath());
        ConfigurationStore configStore = new PropertiesConfigurationStore(prop);
        server.configureAtBoot(configStore);
        server.start();
        server.startAdminInterface();
        UserRealm userRealm = server.getRealm();
        Collection<String> resultUsers = userRealm.listUsers();
        assertThat(resultUsers.size(), is(users.size()));
        for (String username : users.keySet()) {
            String login = userRealm.login(username, users.get(username));
            // login success
            assertNotNull(login);
            assertThat(username, is(login));
        }
        String wrongLogin = userRealm.login("wrong", "login");
        assertNull(wrongLogin);
    }
}
Also used : HttpProxyServer(org.carapaceproxy.core.HttpProxyServer) TestEndpointMapper(org.carapaceproxy.utils.TestEndpointMapper) PropertiesConfigurationStore(org.carapaceproxy.configstore.PropertiesConfigurationStore) ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore) PropertiesConfigurationStore(org.carapaceproxy.configstore.PropertiesConfigurationStore) UserRealm(org.carapaceproxy.user.UserRealm) FileUserRealm(org.carapaceproxy.user.FileUserRealm) HashMap(java.util.HashMap) Properties(java.util.Properties) File(java.io.File) Test(org.junit.Test)

Aggregations

UserRealm (org.carapaceproxy.user.UserRealm)8 PropertiesConfigurationStore (org.carapaceproxy.configstore.PropertiesConfigurationStore)5 HttpProxyServer (org.carapaceproxy.core.HttpProxyServer)5 Properties (java.util.Properties)4 ConfigurationStore (org.carapaceproxy.configstore.ConfigurationStore)4 Test (org.junit.Test)4 File (java.io.File)3 FileUserRealm (org.carapaceproxy.user.FileUserRealm)3 SimpleUserRealm (org.carapaceproxy.user.SimpleUserRealm)3 TestEndpointMapper (org.carapaceproxy.utils.TestEndpointMapper)3 HashMap (java.util.HashMap)2 ConfigurationNotValidException (org.carapaceproxy.server.config.ConfigurationNotValidException)2 FileOutputStream (java.io.FileOutputStream)1 OutputStream (java.io.OutputStream)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 ArrayList (java.util.ArrayList)1 StringTokenizer (java.util.StringTokenizer)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1