use of org.glassfish.jersey.client.oauth1.AccessToken in project cdap by cdapio.
the class GCPRemoteAuthenticatorTest method testRemoteAuthenticatorRefreshesExpiredAccessToken.
@Test
public void testRemoteAuthenticatorRefreshesExpiredAccessToken() throws Exception {
String expiredAccessTokenValue = "expired-access-token";
String accessTokenValue = "access-token";
// This is just an arbitrary fixed point in time.
Instant fixedInstant = Instant.ofEpochSecond(1646358109);
Clock fixedClock = Clock.fixed(fixedInstant, ZoneId.systemDefault());
GoogleCredentials mockGoogleCredentials = mock(GoogleCredentials.class);
AccessToken expiredAccessToken = new AccessToken(expiredAccessTokenValue, Date.from(fixedInstant.minus(Duration.ofHours(1))));
AccessToken accessToken = new AccessToken(accessTokenValue, Date.from(fixedInstant.plus(Duration.ofHours(1))));
when(mockGoogleCredentials.refreshAccessToken()).thenReturn(accessToken);
GCPRemoteAuthenticator gcpRemoteAuthenticator = new GCPRemoteAuthenticator(mockGoogleCredentials, fixedClock, expiredAccessToken);
// Verify expected credential value and that refresh was called exactly once.
Credential credential = gcpRemoteAuthenticator.getCredentials();
Assert.assertEquals(accessTokenValue, credential.getValue());
verify(mockGoogleCredentials, times(1)).refreshAccessToken();
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project helios by spotify.
the class AuthenticatingHttpConnector method connect.
@Override
public HttpURLConnection connect(final URI uri, final String method, final byte[] entity, final Map<String, List<String>> headers) throws HeliosException {
final Endpoint endpoint = endpointIterator.next();
// convert the URI whose hostname portion is a domain name into a URI where the host is an IP
// as we expect there to be several different IP addresses besides a common domain name
final URI ipUri;
try {
ipUri = toIpUri(endpoint, uri);
} catch (URISyntaxException e) {
throw new HeliosException(e);
}
try {
log.debug("connecting to {}", ipUri);
final Optional<AccessToken> accessTokenOpt = accessTokenSupplier.get();
if (accessTokenOpt.isPresent()) {
final String token = accessTokenOpt.get().getTokenValue();
headers.put("Authorization", singletonList("Bearer " + token));
log.debug("Add Authorization header with bearer token");
}
if (clientCertificatePath.isPresent()) {
// prioritize using the certificate file if set
return connectWithCertificateFile(ipUri, method, entity, headers);
} else if (agentProxy.isPresent() && !identities.isEmpty()) {
// ssh-agent based authentication
return connectWithIdentities(identities, ipUri, method, entity, headers);
} else {
// no authentication
return doConnect(ipUri, method, entity, headers);
}
} catch (ConnectException | SocketTimeoutException | UnknownHostException e) {
// UnknownHostException happens if we can't resolve hostname into IP address.
// UnknownHostException's getMessage method returns just the hostname which is a
// useless message, so log the exception class name to provide more info.
log.debug(e.toString());
throw new HeliosException("Unable to connect to master: " + ipUri, e);
} catch (IOException e) {
throw new HeliosException("Unexpected error connecting to " + ipUri, e);
}
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project helios by spotify.
the class AuthenticatingHttpConnectorTest method createAuthenticatingConnectorWithAccessToken.
private AuthenticatingHttpConnector createAuthenticatingConnectorWithAccessToken(final Optional<AgentProxy> proxy, final List<Identity> identities) {
final EndpointIterator endpointIterator = EndpointIterator.of(endpoints);
final AccessToken accessToken = new AccessToken("<token>", null);
return new AuthenticatingHttpConnector(USER, Suppliers.ofInstance(Optional.of(accessToken)), proxy, Optional.<CertKeyPaths>absent(), endpointIterator, connector, identities);
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project helios by spotify.
the class GoogleCredentialsAccessTokenSupplierTest method testGetWithStaticToken.
@Test
public void testGetWithStaticToken() {
final AccessToken token = new AccessToken("token", null);
final GoogleCredentialsAccessTokenSupplier supplier = new GoogleCredentialsAccessTokenSupplier(true, token, null);
assertThat(supplier.get(), equalTo(Optional.of(token)));
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project java by kubernetes-client.
the class KubeConfigTest method testGCPAuthProviderExpiredTokenWithoutGCloud.
@Test
public void testGCPAuthProviderExpiredTokenWithoutGCloud() {
String gcpConfigExpiredToken = "apiVersion: v1\n" + "contexts:\n" + "- context:\n" + " user: gke-cluster\n" + " name: foo-context\n" + "current-context: foo-context\n" + "users:\n" + "- name: gke-cluster\n" + " user:\n" + " auth-provider:\n" + " config:\n" + " access-token: fake-token\n" + " expiry: 1970-01-01T00:00:00Z\n" + " name: gcp";
String fakeToken = "new-fake-token";
String fakeTokenExpiry = "2121-08-05T02:30:24Z";
GoogleCredentials mockGC = Mockito.mock(GoogleCredentials.class);
Mockito.when(mockGC.getAccessToken()).thenReturn(new AccessToken(fakeToken, Date.from(Instant.parse(fakeTokenExpiry))));
KubeConfig.registerAuthenticator(new GCPAuthenticator(null, mockGC));
try {
KubeConfig kc = KubeConfig.loadKubeConfig(new StringReader(gcpConfigExpiredToken));
assertEquals(fakeToken, kc.getAccessToken());
} catch (Exception ex) {
ex.printStackTrace();
fail("Unexpected exception: " + ex);
}
}
Aggregations