Search in sources :

Example 1 with SocketOptions

use of software.amazon.awssdk.crt.io.SocketOptions in project aws-iot-greengrass-edge-connector-for-kinesis-video-stream by awslabs.

the class IPCUtils method getSocketOptionsForIPC.

private static SocketOptions getSocketOptionsForIPC() {
    SocketOptions socketOptions = new SocketOptions();
    socketOptions.connectTimeoutMs = CONNECTION_TIMEOUT_IN_MS;
    socketOptions.domain = SocketOptions.SocketDomain.LOCAL;
    socketOptions.type = SocketOptions.SocketType.STREAM;
    return socketOptions;
}
Also used : SocketOptions(software.amazon.awssdk.crt.io.SocketOptions)

Example 2 with SocketOptions

use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.

the class IPCPubSubTest method GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_authorization_changes_to_authorized_THEN_succeeds.

@SuppressWarnings({ "PMD.AvoidCatchingGenericException" })
@Test
void GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_authorization_changes_to_authorized_THEN_succeeds() throws Exception {
    LogConfig.getRootLogConfig().setLevel(Level.DEBUG);
    String topicName = "topicName";
    SubscribeToTopicRequest subscribeToTopicRequest = new SubscribeToTopicRequest();
    subscribeToTopicRequest.setTopic(topicName);
    CountDownLatch subscriptionLatch = new CountDownLatch(1);
    Slf4jLogAdapter.addGlobalListener(m -> {
        if (m.getMessage().contains("Subscribed to topic")) {
            subscriptionLatch.countDown();
        }
    });
    String authToken = IPCTestUtils.getAuthTokeForService(kernel, "OnlyPublish");
    SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
    try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
        GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
        assertTrue(kernel.getContext().get(AuthorizationModule.class).isPresent(TOKEN_EXCHANGE_SERVICE_TOPICS, TES_DEFAULT_POLICY));
        CompletableFuture<SubscribeToTopicResponse> fut = greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse();
        ExecutionException executionException = assertThrows(ExecutionException.class, () -> fut.get(3, TimeUnit.SECONDS));
        assertTrue(executionException.getCause() instanceof UnauthorizedError);
        UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
        assertEquals("Principal OnlyPublish is not authorized to perform aws.greengrass.ipc.pubsub:aws.greengrass#SubscribeToTopic on resource topicName", unauthorizedError.getMessage());
    }
    Topics aclTopic = kernel.findServiceTopic("OnlyPublish").findTopics(CONFIGURATION_CONFIG_KEY, ACCESS_CONTROL_NAMESPACE_TOPIC);
    Map<String, Object> newAcl = OBJECT_MAPPER.readValue(newAclStr, new TypeReference<Map<String, Object>>() {
    });
    aclTopic.updateFromMap(newAcl, new UpdateBehaviorTree(UpdateBehaviorTree.UpdateBehavior.REPLACE, System.currentTimeMillis()));
    // Block until events are completed
    kernel.getContext().waitForPublishQueueToClear();
    assertTrue(kernel.getContext().get(AuthorizationModule.class).isPresent(TOKEN_EXCHANGE_SERVICE_TOPICS, TES_DEFAULT_POLICY));
    try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
        GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
        CompletableFuture<SubscribeToTopicResponse> fut = greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse();
        try {
            fut.get(3, TimeUnit.SECONDS);
        } catch (Exception e) {
            logger.atError().setCause(e).log("Error when subscribing to component updates");
            fail("Caught exception when subscribing to component updates");
        }
        assertTrue(subscriptionLatch.await(10, TimeUnit.SECONDS));
    }
    aclTopic = kernel.findServiceTopic("OnlyPublish").findTopics(CONFIGURATION_CONFIG_KEY, ACCESS_CONTROL_NAMESPACE_TOPIC);
    Map<String, Object> oldAcl = OBJECT_MAPPER.readValue(oldAclStr, new TypeReference<Map<String, Object>>() {
    });
    aclTopic.updateFromMap(oldAcl, new UpdateBehaviorTree(UpdateBehaviorTree.UpdateBehavior.REPLACE, System.currentTimeMillis()));
    // Block until events are completed
    kernel.getContext().runOnPublishQueueAndWait(() -> {
    });
}
Also used : Topics(com.aws.greengrass.config.Topics) SocketOptions(software.amazon.awssdk.crt.io.SocketOptions) EventStreamRPCConnection(software.amazon.awssdk.eventstreamrpc.EventStreamRPCConnection) CountDownLatch(java.util.concurrent.CountDownLatch) UnauthorizedError(software.amazon.awssdk.aws.greengrass.model.UnauthorizedError) IOException(java.io.IOException) ExecutionException(java.util.concurrent.ExecutionException) UpdateBehaviorTree(com.aws.greengrass.config.UpdateBehaviorTree) GreengrassCoreIPCClient(software.amazon.awssdk.aws.greengrass.GreengrassCoreIPCClient) ExecutionException(java.util.concurrent.ExecutionException) SubscribeToTopicResponse(software.amazon.awssdk.aws.greengrass.model.SubscribeToTopicResponse) Map(java.util.Map) SubscribeToTopicRequest(software.amazon.awssdk.aws.greengrass.model.SubscribeToTopicRequest) Test(org.junit.jupiter.api.Test)

Example 3 with SocketOptions

use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.

the class IPCPubSubTest method GIVEN_PubSubEventStreamClient_WHEN_subscribe_wildcard_is_not_authorized_THEN_Fail.

@Test
void GIVEN_PubSubEventStreamClient_WHEN_subscribe_wildcard_is_not_authorized_THEN_Fail() throws Exception {
    String topicName = "topicName/#";
    SubscribeToTopicRequest subscribeToTopicRequest = new SubscribeToTopicRequest();
    subscribeToTopicRequest.setTopic(topicName);
    // Allowed resource /to*/#
    String authToken = IPCTestUtils.getAuthTokeForService(kernel, "SubscribeAndPublishWildcard");
    SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
    try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
        GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
        ExecutionException executionException = assertThrows(ExecutionException.class, () -> greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse().get());
        assertTrue(executionException.getCause() instanceof UnauthorizedError);
        UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
        assertEquals("Principal SubscribeAndPublishWildcard is not authorized to perform aws.greengrass.ipc" + ".pubsub:aws.greengrass#SubscribeToTopic on resource topicName/#", unauthorizedError.getMessage());
    }
}
Also used : SocketOptions(software.amazon.awssdk.crt.io.SocketOptions) GreengrassCoreIPCClient(software.amazon.awssdk.aws.greengrass.GreengrassCoreIPCClient) EventStreamRPCConnection(software.amazon.awssdk.eventstreamrpc.EventStreamRPCConnection) ExecutionException(java.util.concurrent.ExecutionException) UnauthorizedError(software.amazon.awssdk.aws.greengrass.model.UnauthorizedError) SubscribeToTopicRequest(software.amazon.awssdk.aws.greengrass.model.SubscribeToTopicRequest) Test(org.junit.jupiter.api.Test)

Example 4 with SocketOptions

use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.

the class IPCPubSubTest method GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_is_not_authorized_THEN_Fail.

@Test
void GIVEN_pubsubclient_with_event_stream_WHEN_subscribe_is_not_authorized_THEN_Fail() throws Exception {
    String topicName = "topicName";
    SubscribeToTopicRequest subscribeToTopicRequest = new SubscribeToTopicRequest();
    subscribeToTopicRequest.setTopic(topicName);
    String authToken = IPCTestUtils.getAuthTokeForService(kernel, "PublishNotSubscribe");
    SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
    try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
        GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
        ExecutionException executionException = assertThrows(ExecutionException.class, () -> greengrassCoreIPCClient.subscribeToTopic(subscribeToTopicRequest, getOptionalStreamResponseHandler()).getResponse().get());
        assertTrue(executionException.getCause() instanceof UnauthorizedError);
        UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
        assertEquals("Principal PublishNotSubscribe is not authorized to perform aws.greengrass.ipc.pubsub:aws.greengrass#SubscribeToTopic on resource topicName", unauthorizedError.getMessage());
    }
}
Also used : SocketOptions(software.amazon.awssdk.crt.io.SocketOptions) GreengrassCoreIPCClient(software.amazon.awssdk.aws.greengrass.GreengrassCoreIPCClient) EventStreamRPCConnection(software.amazon.awssdk.eventstreamrpc.EventStreamRPCConnection) ExecutionException(java.util.concurrent.ExecutionException) UnauthorizedError(software.amazon.awssdk.aws.greengrass.model.UnauthorizedError) SubscribeToTopicRequest(software.amazon.awssdk.aws.greengrass.model.SubscribeToTopicRequest) Test(org.junit.jupiter.api.Test)

Example 5 with SocketOptions

use of software.amazon.awssdk.crt.io.SocketOptions in project aws-greengrass-nucleus by aws-greengrass.

the class IPCPubSubTest method GIVEN_pubsubclient_with_event_stream_WHEN_publish_is_not_authorized_THEN_Fail.

@Test
void GIVEN_pubsubclient_with_event_stream_WHEN_publish_is_not_authorized_THEN_Fail() throws Exception {
    String authToken = IPCTestUtils.getAuthTokeForService(kernel, "SubscribeNotPublish");
    SocketOptions socketOptions = TestUtils.getSocketOptionsForIPC();
    try (EventStreamRPCConnection clientConnection = IPCTestUtils.connectToGGCOverEventStreamIPC(socketOptions, authToken, kernel)) {
        GreengrassCoreIPCClient greengrassCoreIPCClient = new GreengrassCoreIPCClient(clientConnection);
        String topicName = "topicName";
        ExecutionException executionException = assertThrows(ExecutionException.class, () -> publishToTopicOverIpcAsBinaryMessage(greengrassCoreIPCClient, topicName, "ABCDEFG"));
        assertTrue(executionException.getCause() instanceof UnauthorizedError);
        UnauthorizedError unauthorizedError = (UnauthorizedError) executionException.getCause();
        assertEquals("Principal SubscribeNotPublish is not authorized to perform aws.greengrass.ipc.pubsub:aws" + ".greengrass#PublishToTopic on resource topicName", unauthorizedError.getMessage());
    }
}
Also used : SocketOptions(software.amazon.awssdk.crt.io.SocketOptions) GreengrassCoreIPCClient(software.amazon.awssdk.aws.greengrass.GreengrassCoreIPCClient) EventStreamRPCConnection(software.amazon.awssdk.eventstreamrpc.EventStreamRPCConnection) ExecutionException(java.util.concurrent.ExecutionException) UnauthorizedError(software.amazon.awssdk.aws.greengrass.model.UnauthorizedError) Test(org.junit.jupiter.api.Test)

Aggregations

SocketOptions (software.amazon.awssdk.crt.io.SocketOptions)43 EventLoopGroup (software.amazon.awssdk.crt.io.EventLoopGroup)30 Test (org.junit.jupiter.api.Test)18 ClientBootstrap (software.amazon.awssdk.crt.io.ClientBootstrap)18 ExecutionException (java.util.concurrent.ExecutionException)13 Test (org.junit.Test)11 HostResolver (software.amazon.awssdk.crt.io.HostResolver)11 EventStreamRPCConnection (software.amazon.awssdk.eventstreamrpc.EventStreamRPCConnection)11 ServerBootstrap (software.amazon.awssdk.crt.io.ServerBootstrap)10 List (java.util.List)9 IOException (java.io.IOException)8 GreengrassCoreIPCClient (software.amazon.awssdk.aws.greengrass.GreengrassCoreIPCClient)8 ArrayList (java.util.ArrayList)7 CompletableFuture (java.util.concurrent.CompletableFuture)7 TimeoutException (java.util.concurrent.TimeoutException)6 Condition (java.util.concurrent.locks.Condition)6 Lock (java.util.concurrent.locks.Lock)6 ReentrantLock (java.util.concurrent.locks.ReentrantLock)6 Header (software.amazon.awssdk.crt.eventstream.Header)6 HashSet (java.util.HashSet)5