use of software.amazon.awssdk.crt.io.SocketOptions in project aws-iot-greengrass-edge-connector-for-kinesis-video-stream by awslabs.
the class IPCUtils method getSocketOptionsForIPC.
private static SocketOptions getSocketOptionsForIPC() {
SocketOptions socketOptions = new SocketOptions();
socketOptions.connectTimeoutMs = CONNECTION_TIMEOUT_IN_MS;
socketOptions.domain = SocketOptions.SocketDomain.LOCAL;
socketOptions.type = SocketOptions.SocketType.STREAM;
return socketOptions;
}
use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.
the class IPCPubSubTest method GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_authorization_changes_to_authorized_THEN_succeeds.
@SuppressWarnings({ "PMD.AvoidCatchingGenericException" })
@Test
void GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_authorization_changes_to_authorized_THEN_succeeds() throws Exception {
LogConfig.getRootLogConfig().setLevel(Level.DEBUG);
String topicName = "topicName";
SubscribeToTopicRequest subscribeToTopicRequest = new SubscribeToTopicRequest();
subscribeToTopicRequest.setTopic(topicName);
CountDownLatch subscriptionLatch = new CountDownLatch(1);
Slf4jLogAdapter.addGlobalListener(m -> {
if (m.getMessage().contains("Subscribed to topic")) {
subscriptionLatch.countDown();
}
});
String authToken = IPCTestUtils.getAuthTokeForService(kernel, "OnlyPublish");
SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
assertTrue(kernel.getContext().get(AuthorizationModule.class).isPresent(TOKEN_EXCHANGE_SERVICE_TOPICS, TES_DEFAULT_POLICY));
CompletableFuture<SubscribeToTopicResponse> fut = greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse();
ExecutionException executionException = assertThrows(ExecutionException.class, () -> fut.get(3, TimeUnit.SECONDS));
assertTrue(executionException.getCause() instanceof UnauthorizedError);
UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
assertEquals("Principal OnlyPublish is not authorized to perform aws.greengrass.ipc.pubsub:aws.greengrass#SubscribeToTopic on resource topicName", unauthorizedError.getMessage());
}
Topics aclTopic = kernel.findServiceTopic("OnlyPublish").findTopics(CONFIGURATION_CONFIG_KEY, ACCESS_CONTROL_NAMESPACE_TOPIC);
Map<String, Object> newAcl = OBJECT_MAPPER.readValue(newAclStr, new TypeReference<Map<String, Object>>() {
});
aclTopic.updateFromMap(newAcl, new UpdateBehaviorTree(UpdateBehaviorTree.UpdateBehavior.REPLACE, System.currentTimeMillis()));
// Block until events are completed
kernel.getContext().waitForPublishQueueToClear();
assertTrue(kernel.getContext().get(AuthorizationModule.class).isPresent(TOKEN_EXCHANGE_SERVICE_TOPICS, TES_DEFAULT_POLICY));
try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
CompletableFuture<SubscribeToTopicResponse> fut = greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse();
try {
fut.get(3, TimeUnit.SECONDS);
} catch (Exception e) {
logger.atError().setCause(e).log("Error when subscribing to component updates");
fail("Caught exception when subscribing to component updates");
}
assertTrue(subscriptionLatch.await(10, TimeUnit.SECONDS));
}
aclTopic = kernel.findServiceTopic("OnlyPublish").findTopics(CONFIGURATION_CONFIG_KEY, ACCESS_CONTROL_NAMESPACE_TOPIC);
Map<String, Object> oldAcl = OBJECT_MAPPER.readValue(oldAclStr, new TypeReference<Map<String, Object>>() {
});
aclTopic.updateFromMap(oldAcl, new UpdateBehaviorTree(UpdateBehaviorTree.UpdateBehavior.REPLACE, System.currentTimeMillis()));
// Block until events are completed
kernel.getContext().runOnPublishQueueAndWait(() -> {
});
}
use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.
the class IPCPubSubTest method GIVEN_PubSubEventStreamClient_WHEN_subscribe_wildcard_is_not_authorized_THEN_Fail.
@Test
void GIVEN_PubSubEventStreamClient_WHEN_subscribe_wildcard_is_not_authorized_THEN_Fail() throws Exception {
String topicName = "topicName/#";
SubscribeToTopicRequest subscribeToTopicRequest = new SubscribeToTopicRequest();
subscribeToTopicRequest.setTopic(topicName);
// Allowed resource /to*/#
String authToken = IPCTestUtils.getAuthTokeForService(kernel, "SubscribeAndPublishWildcard");
SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
ExecutionException executionException = assertThrows(ExecutionException.class, () -> greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse().get());
assertTrue(executionException.getCause() instanceof UnauthorizedError);
UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
assertEquals("Principal SubscribeAndPublishWildcard is not authorized to perform aws.greengrass.ipc" + ".pubsub:aws.greengrass#SubscribeToTopic on resource topicName/#", unauthorizedError.getMessage());
}
}
use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.
the class IPCPubSubTest method GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_is_not_authorized_THEN_Fail.
@Test
void GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_is_not_authorized_THEN_Fail() throws Exception {
String topicName = "topicName";
SubscribeToTopicRequest subscribeToTopicRequest = new SubscribeToTopicRequest();
subscribeToTopicRequest.setTopic(topicName);
String authToken = IPCTestUtils.getAuthTokeForService(kernel, "PublishNotSubscribe");
SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
ExecutionException executionException = assertThrows(ExecutionException.class, () -> greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse().get());
assertTrue(executionException.getCause() instanceof UnauthorizedError);
UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
assertEquals("Principal PublishNotSubscribe is not authorized to perform aws.greengrass.ipc.pubsub:aws.greengrass#SubscribeToTopic on resource topicName", unauthorizedError.getMessage());
}
}
use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.
the class IPCPubSubTest method GIVEN_pubsubclient_with_event_stream_WHEN_publish_is_not_authorized_THEN_Fail.
@Test
void GIVEN_pubsubclient_with_event_stream_WHEN_publish_is_not_authorized_THEN_Fail() throws Exception {
String authToken = IPCTestUtils.getAuthTokeForService(kernel, "SubscribeNotPublish");
SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
String topicName = "topicName";
ExecutionException executionException = assertThrows(ExecutionException.class, () -> publishToTopicOverIpcAsBinaryMessage(greengrassCoreIPCClient, topicName, "ABCDEFG"));
assertTrue(executionException.getCause() instanceof UnauthorizedError);
UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
assertEquals("Principal SubscribeNotPublish is not authorized to perform aws.greengrass.ipc.pubsub:aws" + ".greengrass#PublishToTopic on resource topicName", unauthorizedError.getMessage());
}
}
Aggregations