use of org.eclipse.hono.config.ServiceConfigProperties in project hono by eclipse.
the class AbstractServiceBaseTest method checkInsecureOnlyPort.
/**
* Verifies that a Hono server will bind to the default insecure port only
* when using a default configuration with the insecure port being enabled.
*/
@Test
public void checkInsecureOnlyPort() {
// GIVEN a default configuration with insecure port being enabled but no key store being set
ServiceConfigProperties configProperties = new ServiceConfigProperties();
configProperties.setInsecurePortEnabled(true);
// WHEN using this configuration to determine the server's port configuration
AbstractServiceBase<ServiceConfigProperties> server = createServer(configProperties);
Future<Void> portConfigurationTracker = server.checkPortConfiguration();
// THEN the server will bind to the default insecure port only
assertTrue(portConfigurationTracker.succeeded());
assertFalse(server.isSecurePortEnabled());
assertTrue(server.isInsecurePortEnabled());
assertThat(server.getInsecurePort(), is(INSECURE_PORT_NR));
}
use of org.eclipse.hono.config.ServiceConfigProperties in project hono by eclipse.
the class AmqpServiceBaseTest method testServerCallsPublishEventOnClientDisconnect.
/**
* Verifies that the service invokes the <em>publishConnectionClosedEvent</em>
* method when a client disconnects.
*/
@Test
@SuppressWarnings({ "rawtypes", "unchecked" })
public void testServerCallsPublishEventOnClientDisconnect() {
// GIVEN a server to which a client is connected
final Handler<ProtonConnection> publishConnectionClosedEvent = mock(Handler.class);
final AmqpServiceBase<ServiceConfigProperties> server = createServer(null, publishConnectionClosedEvent);
final ProtonConnection con = newConnection(Constants.PRINCIPAL_ANONYMOUS);
server.onRemoteConnectionOpen(con);
final ArgumentCaptor<Handler> closeHandlerCaptor = ArgumentCaptor.forClass(Handler.class);
verify(con).disconnectHandler(closeHandlerCaptor.capture());
// WHEN the client disconnects from the service
closeHandlerCaptor.getValue().handle(con);
// THEN the publishConnectionClosedEvent method is invoked
verify(publishConnectionClosedEvent).handle(any(ProtonConnection.class));
}
use of org.eclipse.hono.config.ServiceConfigProperties in project hono by eclipse.
the class AmqpServiceBaseTest method testHandleReceiverOpenRejectsUnauthorizedClient.
/**
* Verifies that the service rejects sender links on resources that
* the client is not authorized to write to.
*/
@Test
public void testHandleReceiverOpenRejectsUnauthorizedClient() {
// GIVEN a server with a endpoint
final ResourceIdentifier restrictedTargetAddress = ResourceIdentifier.from(ENDPOINT, "RESTRICTED_TENANT", null);
final AmqpEndpoint endpoint = mock(AmqpEndpoint.class);
when(endpoint.getName()).thenReturn(ENDPOINT);
final AuthorizationService authService = mock(AuthorizationService.class);
when(authService.isAuthorized(Constants.PRINCIPAL_ANONYMOUS, restrictedTargetAddress, Activity.WRITE)).thenReturn(Future.succeededFuture(Boolean.FALSE));
final AmqpServiceBase<ServiceConfigProperties> server = createServer(endpoint);
server.setAuthorizationService(authService);
// WHEN a client connects to the server using a address for a tenant it is not authorized to write to
final Target target = getTarget(restrictedTargetAddress);
final ProtonReceiver receiver = mock(ProtonReceiver.class);
when(receiver.getRemoteTarget()).thenReturn(target);
when(receiver.setCondition(any())).thenReturn(receiver);
server.handleReceiverOpen(newConnection(Constants.PRINCIPAL_ANONYMOUS), receiver);
// THEN the server closes the link with the client
verify(receiver).close();
}
use of org.eclipse.hono.config.ServiceConfigProperties in project hono by eclipse.
the class ApplicationConfig method tokenValidator.
/**
* Creates a helper for validating JWTs asserting a client's identity and authorities.
* <p>
* An instance of this bean is required for the {@code HonoSaslAuthenticationFactory}.
*
* @return The bean.
*/
@Bean
@Qualifier(AuthenticationConstants.QUALIFIER_AUTHENTICATION)
public AuthTokenHelper tokenValidator() {
ServiceConfigProperties amqpProps = amqpProperties();
AuthenticationServerConfigProperties serviceProps = serviceProperties();
if (!serviceProps.getValidation().isAppropriateForValidating() && amqpProps.getCertPath() != null) {
// fall back to TLS configuration
serviceProps.getValidation().setCertPath(amqpProps.getCertPath());
}
return AuthTokenHelperImpl.forValidating(vertx(), serviceProps.getValidation());
}
use of org.eclipse.hono.config.ServiceConfigProperties in project hono by eclipse.
the class StandaloneAuthServerTest method prepareServer.
/**
* Sets up the server.
*
* @param ctx The vertx test context.
*/
@BeforeClass
public static void prepareServer(final TestContext ctx) {
AuthTokenHelper tokenHelper = AuthTokenHelperImpl.forSharedSecret(SIGNING_SECRET, 5);
ServiceConfigProperties props = new ServiceConfigProperties();
props.setInsecurePortEnabled(true);
props.setInsecurePort(0);
server = new SimpleAuthenticationServer();
server.setConfig(props);
server.setSaslAuthenticatorFactory(new HonoSaslAuthenticatorFactory(vertx, tokenHelper));
server.addEndpoint(new AuthenticationEndpoint(vertx));
AuthenticationServerConfigProperties serviceProps = new AuthenticationServerConfigProperties();
serviceProps.getSigning().setTokenExpiration(5);
serviceProps.getSigning().setSharedSecret(SIGNING_SECRET);
serviceProps.setPermissionsPath(new ClassPathResource("authentication-service-test-permissions.json"));
FileBasedAuthenticationService authServiceImpl = new FileBasedAuthenticationService();
authServiceImpl.setConfig(serviceProps);
authServiceImpl.setTokenFactory(tokenHelper);
Async startup = ctx.async();
Future<String> serverTracker = Future.future();
serverTracker.setHandler(ctx.asyncAssertSuccess(s -> startup.complete()));
Future<String> serviceTracker = Future.future();
vertx.deployVerticle(authServiceImpl, serviceTracker.completer());
serviceTracker.compose(s -> {
vertx.deployVerticle(server, ctx.asyncAssertSuccess(d -> serverTracker.complete(d)));
}, serverTracker);
startup.await(2000);
AuthenticationServerClientConfigProperties clientProps = new AuthenticationServerClientConfigProperties();
clientProps.setHost("127.0.0.1");
clientProps.setName("test-client");
clientProps.setPort(server.getInsecurePort());
clientProps.getValidation().setSharedSecret(SIGNING_SECRET);
ConnectionFactory clientFactory = new ConnectionFactoryImpl(vertx, clientProps);
client = new AuthenticationServerClient(vertx, clientFactory);
}
Aggregations