Search in sources :

Example 11 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class AwsSigner4RequestTest method testSign.

@Test
public void testSign() {
    HttpPost request = new HttpPost("https://ecr.us-east-1.amazonaws.com/");
    request.setHeader("host", "ecr.us-east-1.amazonaws.com");
    request.setHeader("Content-Type", "application/x-amz-json-1.1");
    request.setHeader("X-Amz-Target", "AmazonEC2ContainerRegistry_V20150921.GetAuthorizationToken");
    request.setEntity(new StringEntity("{\"registryIds\":[\"012345678901\"]}", StandardCharsets.UTF_8));
    AwsSigner4 signer = new AwsSigner4("us-east-1", "ecr");
    Date signingTime = Date.from(ZonedDateTime.of(2015, 8, 30, 12, 36, 0, 0, ZoneId.of("GMT")).toInstant());
    AwsSigner4Request sr = new AwsSigner4Request("us-east-1", "service", request, signingTime);
    AuthConfig credentials = AuthConfig.builder().username("AKIDEXAMPLE").password("wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY").build();
    Assert.assertEquals(TASK1, signer.task1(sr));
    Assert.assertEquals(TASK2, signer.task2(sr));
    StringBuilder dst = new StringBuilder();
    AwsSigner4.hexEncode(dst, signer.task3(sr, credentials));
    Assert.assertEquals(TASK3, dst.toString());
    Assert.assertEquals(TASK4, signer.task4(sr, credentials));
}
Also used : HttpPost(org.apache.http.client.methods.HttpPost) StringEntity(org.apache.http.entity.StringEntity) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) Date(java.util.Date) Test(org.junit.Test)

Example 12 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class AwsSigner4RequestTest method includesAuthTokenAsAwsSecurityToken.

@Test
public void includesAuthTokenAsAwsSecurityToken() {
    HttpUriRequest request = newGet("https://someService.us-east-1.amazonaws.com/");
    request.setHeader("host", request.getURI().getHost());
    String awsSecurityToken = "securityToken";
    AuthConfig credentials = AuthConfig.builder().username("awsAccessKeyId").password("awsSecretAccessKey").auth(awsSecurityToken).build();
    AwsSigner4 signer = new AwsSigner4("us-east-1", "someService");
    signer.sign(request, credentials, new Date());
    Assert.assertEquals(request.getFirstHeader("X-Amz-Security-Token").getValue(), awsSecurityToken);
}
Also used : HttpUriRequest(org.apache.http.client.methods.HttpUriRequest) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) Date(java.util.Date) Test(org.junit.Test)

Example 13 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class DockerRegistryAuthHandlerTest method testDockerLoginFallsBackToAuthWhenCredentialHelperDoesNotMatchDomain.

@Test
public void testDockerLoginFallsBackToAuthWhenCredentialHelperDoesNotMatchDomain() throws IOException {
    executeWithTempHomeDir(homeDir -> {
        writeDockerConfigJson(createDockerConfig(homeDir), null, singletonMap("registry1", "credHelper1-does-not-exist"));
        AuthConfig config = handler.create(RegistryAuthConfig.Kind.PUSH, "roland", "localhost:5000", s -> s);
        verifyAuthConfig(config, "roland", "secret", "roland@jolokia.org");
    });
}
Also used : AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) RegistryAuthConfig(org.eclipse.jkube.kit.build.api.auth.RegistryAuthConfig) Test(org.junit.Test)

Example 14 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class EcrExtendedAuthTest method testHeaders.

@Test
public void testHeaders() {
    EcrExtendedAuth eea = new EcrExtendedAuth(logger, "123456789012.dkr.ecr.eu-west-1.amazonaws.com");
    AuthConfig localCredentials = AuthConfig.builder().username("username").password("password").build();
    Date signingTime = Date.from(ZonedDateTime.of(2016, 12, 17, 21, 10, 58, 0, ZoneId.of("GMT")).toInstant());
    HttpPost request = eea.createSignedRequest(localCredentials, signingTime);
    assertEquals("api.ecr.eu-west-1.amazonaws.com", request.getFirstHeader("host").getValue());
    assertEquals("20161217T211058Z", request.getFirstHeader("X-Amz-Date").getValue());
    assertEquals("AWS4-HMAC-SHA256 Credential=username/20161217/eu-west-1/ecr/aws4_request, SignedHeaders=content-type;host;x-amz-target, Signature=2ae11d499499cc951900aac0fbec96009382ba4f735bd14baa375c3e51d50aa9", request.getFirstHeader("Authorization").getValue());
}
Also used : HttpPost(org.apache.http.client.methods.HttpPost) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) Date(java.util.Date) Test(org.junit.Test)

Example 15 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class EcrExtendedAuthTest method testClientClosedAndCredentialsDecoded.

@Test
public void testClientClosedAndCredentialsDecoded(@Mocked final CloseableHttpClient closeableHttpClient, @Mocked final CloseableHttpResponse closeableHttpResponse, @Mocked final StatusLine statusLine) throws IOException, IllegalStateException {
    final HttpEntity entity = new StringEntity("{\"authorizationData\": [{" + "\"authorizationToken\": \"QVdTOnBhc3N3b3Jk\"," + "\"expiresAt\": 1448878779.809," + "\"proxyEndpoint\": \"https://012345678910.dkr.ecr.eu-west-1.amazonaws.com\"}]}");
    new Expectations() {

        {
            statusLine.getStatusCode();
            result = 200;
            closeableHttpResponse.getEntity();
            result = entity;
        }
    };
    EcrExtendedAuth eea = new EcrExtendedAuth(logger, "123456789012.dkr.ecr.eu-west-1.amazonaws.com") {

        CloseableHttpClient createClient() {
            return closeableHttpClient;
        }
    };
    AuthConfig localCredentials = AuthConfig.builder().username("username").password("password").build();
    AuthConfig awsCredentials = eea.extendedAuth(localCredentials);
    assertEquals("AWS", awsCredentials.getUsername());
    assertEquals("password", awsCredentials.getPassword());
    new Verifications() {

        {
            closeableHttpClient.close();
        }
    };
}
Also used : Expectations(mockit.Expectations) StringEntity(org.apache.http.entity.StringEntity) HttpEntity(org.apache.http.HttpEntity) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) Verifications(mockit.Verifications) Test(org.junit.Test)

Aggregations

AuthConfig (org.eclipse.jkube.kit.build.api.auth.AuthConfig)42 Test (org.junit.Test)34 RegistryAuthConfig (org.eclipse.jkube.kit.build.api.auth.RegistryAuthConfig)10 JsonObject (com.google.gson.JsonObject)6 Expectations (mockit.Expectations)6 IOException (java.io.IOException)4 HashMap (java.util.HashMap)4 Date (java.util.Date)3 MockUp (mockit.MockUp)3 ImageName (org.eclipse.jkube.kit.config.image.ImageName)3 ArrayList (java.util.ArrayList)2 HttpPost (org.apache.http.client.methods.HttpPost)2 StringEntity (org.apache.http.entity.StringEntity)2 AuthConfigFactory (org.eclipse.jkube.kit.build.service.docker.auth.AuthConfigFactory)2 RegistryServerConfiguration (org.eclipse.jkube.kit.common.RegistryServerConfiguration)2 SystemMock (org.eclipse.jkube.kit.common.SystemMock)2 Credential (com.google.cloud.tools.jib.api.Credential)1 Gson (com.google.gson.Gson)1 JsonPrimitive (com.google.gson.JsonPrimitive)1 KubernetesList (io.fabric8.kubernetes.api.model.KubernetesList)1