Java Code Examples for org.apache.hadoop.security.authentication.util.Signer

The following examples show how to use org.apache.hadoop.security.authentication.util.Signer. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: atlas   Source File: AtlasAuthenticationFilter.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void initializeSecretProvider(FilterConfig filterConfig) throws ServletException {
    LOG.info("==> AtlasAuthenticationFilter.initializeSecretProvider");

    secretProvider = (SignerSecretProvider) filterConfig.getServletContext().getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE);

    if (secretProvider == null) {
        // As tomcat cannot specify the provider object in the configuration.
        // It'll go into this path
        String configPrefix = filterConfig.getInitParameter(CONFIG_PREFIX);

        configPrefix = (configPrefix != null) ? configPrefix + "." : "";

        try {
            secretProvider = AuthenticationFilter.constructSecretProvider(filterConfig.getServletContext(), super.getConfiguration(configPrefix, filterConfig), false);

            this.isInitializedByTomcat = true;
        } catch (Exception ex) {
            throw new ServletException(ex);
        }
    }

    signer = new Signer(secretProvider);

    LOG.info("<== AtlasAuthenticationFilter.initializeSecretProvider(filterConfig={})", filterConfig);
}
 
Example 2
Source Project: incubator-atlas   Source File: AtlasAuthenticationFilter.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void initializeSecretProvider(FilterConfig filterConfig)
        throws ServletException {
    LOG.debug("AtlasAuthenticationFilter :: initializeSecretProvider {}", filterConfig);
    secretProvider = (SignerSecretProvider) filterConfig.getServletContext().
            getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE);
    if (secretProvider == null) {
        // As tomcat cannot specify the provider object in the configuration.
        // It'll go into this path
        String configPrefix = filterConfig.getInitParameter(CONFIG_PREFIX);
        configPrefix = (configPrefix != null) ? configPrefix + "." : "";
        try {
            secretProvider = AuthenticationFilter.constructSecretProvider(
                    filterConfig.getServletContext(),
                    super.getConfiguration(configPrefix, filterConfig), false);
            this.isInitializedByTomcat = true;
        } catch (Exception ex) {
            throw new ServletException(ex);
        }
    }
    signer = new Signer(secretProvider);
}
 
Example 3
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void testGetToken() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();

  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    SignerSecretProvider secretProvider =
        getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);

    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    AuthenticationToken newToken = filter.getToken(request);

    Assert.assertEquals(token.toString(), newToken.toString());
  } finally {
    filter.destroy();
  }
}
 
Example 4
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void testGetToken() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();

  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    SignerSecretProvider secretProvider =
        getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);

    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    AuthenticationToken newToken = filter.getToken(request);

    Assert.assertEquals(token.toString(), newToken.toString());
  } finally {
    filter.destroy();
  }
}
 
Example 5
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenExpired() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token =
        new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("AuthenticationToken expired", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not expired", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 6
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenInvalidType() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("Invalid AuthenticationToken type", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not invalid type", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 7
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
private void _testDoFilterAuthentication(boolean withDomainPath,
                                         boolean invalidToken,
                                         boolean expired) throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  FilterConfig config = Mockito.mock(FilterConfig.class);
  Mockito.when(config.getInitParameter("management.operation.return")).
          thenReturn("true");
  Mockito.when(config.getInitParameter("expired.token")).
          thenReturn(Boolean.toString(expired));
  Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE))
          .thenReturn(DummyAuthenticationHandler.class.getName());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .AUTH_TOKEN_VALIDITY)).thenReturn(new Long(TOKEN_VALIDITY_SEC).toString());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .SIGNATURE_SECRET)).thenReturn("secret");
  Mockito.when(config.getInitParameterNames()).thenReturn(new
          Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
          AuthenticationFilter.AUTH_TOKEN_VALIDITY,
          AuthenticationFilter.SIGNATURE_SECRET, "management.operation" +
          ".return", "expired.token")).elements());
  getMockedServletContextWithStringSigner(config);

  if (withDomainPath) {
    Mockito.when(config.getInitParameter(AuthenticationFilter
            .COOKIE_DOMAIN)).thenReturn(".foo.com");
    Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH))
            .thenReturn("/bar");
    Mockito.when(config.getInitParameterNames()).thenReturn(new
            Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
            AuthenticationFilter.AUTH_TOKEN_VALIDITY,
            AuthenticationFilter.SIGNATURE_SECRET,
            AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter
            .COOKIE_PATH, "management.operation.return")).elements());
  }

  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  Mockito.when(request.getParameter("authenticated")).thenReturn("true");
  Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer
          ("http://foo:8080/bar"));
  Mockito.when(request.getQueryString()).thenReturn("authenticated=true");

  if (invalidToken) {
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{new Cookie
            (AuthenticatedURL.AUTH_COOKIE, "foo")});
  }

  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  FilterChain chain = Mockito.mock(FilterChain.class);

  final HashMap<String, String> cookieMap = new HashMap<String, String>();
  Mockito.doAnswer(new Answer<Object>() {
    @Override
    public Object answer(InvocationOnMock invocation) throws Throwable {
      String cookieHeader = (String)invocation.getArguments()[1];
      parseCookieMap(cookieHeader, cookieMap);
      return null;
    }
  }).when(response).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());

  try {
    filter.init(config);
    filter.doFilter(request, response, chain);

    if (expired) {
      Mockito.verify(response, Mockito.never()).
        addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
    } else {
      String v = cookieMap.get(AuthenticatedURL.AUTH_COOKIE);
      Assert.assertNotNull("cookie missing", v);
      Assert.assertTrue(v.contains("u=") && v.contains("p=") && v.contains
              ("t=") && v.contains("e=") && v.contains("s="));
      Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class),
              Mockito.any(ServletResponse.class));

      SignerSecretProvider secretProvider =
          StringSignerSecretProviderCreator.newStringSignerSecretProvider();
      Properties secretProviderProps = new Properties();
      secretProviderProps.setProperty(
              AuthenticationFilter.SIGNATURE_SECRET, "secret");
      secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
      Signer signer = new Signer(secretProvider);
      String value = signer.verifyAndExtract(v);
      AuthenticationToken token = AuthenticationToken.parse(value);
      assertThat(token.getExpires(), not(0L));

      if (withDomainPath) {
        Assert.assertEquals(".foo.com", cookieMap.get("Domain"));
        Assert.assertEquals("/bar", cookieMap.get("Path"));
      } else {
        Assert.assertFalse(cookieMap.containsKey("Domain"));
        Assert.assertFalse(cookieMap.containsKey("Path"));
      }
    }
  } finally {
    filter.destroy();
  }
}
 
Example 8
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedExpired() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 9
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedInvalidType() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 10
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testManagementOperation() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("false");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).
      thenReturn(DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).
      thenReturn(new StringBuffer("http://foo:8080/bar"));

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

    FilterChain chain = Mockito.mock(FilterChain.class);

    filter.doFilter(request, response, chain);
    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

    Mockito.reset(request);
    Mockito.reset(response);

    AuthenticationToken token = new AuthenticationToken("u", "p", "t");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());
    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    filter.doFilter(request, response, chain);

    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

  } finally {
    filter.destroy();
  }
}
 
Example 11
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenExpired() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token =
        new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("AuthenticationToken expired", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not expired", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 12
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenInvalidType() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("Invalid AuthenticationToken type", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not invalid type", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 13
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
private void _testDoFilterAuthentication(boolean withDomainPath,
                                         boolean invalidToken,
                                         boolean expired) throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  FilterConfig config = Mockito.mock(FilterConfig.class);
  Mockito.when(config.getInitParameter("management.operation.return")).
          thenReturn("true");
  Mockito.when(config.getInitParameter("expired.token")).
          thenReturn(Boolean.toString(expired));
  Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE))
          .thenReturn(DummyAuthenticationHandler.class.getName());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .AUTH_TOKEN_VALIDITY)).thenReturn(new Long(TOKEN_VALIDITY_SEC).toString());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .SIGNATURE_SECRET)).thenReturn("secret");
  Mockito.when(config.getInitParameterNames()).thenReturn(new
          Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
          AuthenticationFilter.AUTH_TOKEN_VALIDITY,
          AuthenticationFilter.SIGNATURE_SECRET, "management.operation" +
          ".return", "expired.token")).elements());
  getMockedServletContextWithStringSigner(config);

  if (withDomainPath) {
    Mockito.when(config.getInitParameter(AuthenticationFilter
            .COOKIE_DOMAIN)).thenReturn(".foo.com");
    Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH))
            .thenReturn("/bar");
    Mockito.when(config.getInitParameterNames()).thenReturn(new
            Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
            AuthenticationFilter.AUTH_TOKEN_VALIDITY,
            AuthenticationFilter.SIGNATURE_SECRET,
            AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter
            .COOKIE_PATH, "management.operation.return")).elements());
  }

  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  Mockito.when(request.getParameter("authenticated")).thenReturn("true");
  Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer
          ("http://foo:8080/bar"));
  Mockito.when(request.getQueryString()).thenReturn("authenticated=true");

  if (invalidToken) {
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{new Cookie
            (AuthenticatedURL.AUTH_COOKIE, "foo")});
  }

  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  FilterChain chain = Mockito.mock(FilterChain.class);

  final HashMap<String, String> cookieMap = new HashMap<String, String>();
  Mockito.doAnswer(new Answer<Object>() {
    @Override
    public Object answer(InvocationOnMock invocation) throws Throwable {
      String cookieHeader = (String)invocation.getArguments()[1];
      parseCookieMap(cookieHeader, cookieMap);
      return null;
    }
  }).when(response).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());

  try {
    filter.init(config);
    filter.doFilter(request, response, chain);

    if (expired) {
      Mockito.verify(response, Mockito.never()).
        addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
    } else {
      String v = cookieMap.get(AuthenticatedURL.AUTH_COOKIE);
      Assert.assertNotNull("cookie missing", v);
      Assert.assertTrue(v.contains("u=") && v.contains("p=") && v.contains
              ("t=") && v.contains("e=") && v.contains("s="));
      Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class),
              Mockito.any(ServletResponse.class));

      SignerSecretProvider secretProvider =
          StringSignerSecretProviderCreator.newStringSignerSecretProvider();
      Properties secretProviderProps = new Properties();
      secretProviderProps.setProperty(
              AuthenticationFilter.SIGNATURE_SECRET, "secret");
      secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
      Signer signer = new Signer(secretProvider);
      String value = signer.verifyAndExtract(v);
      AuthenticationToken token = AuthenticationToken.parse(value);
      assertThat(token.getExpires(), not(0L));

      if (withDomainPath) {
        Assert.assertEquals(".foo.com", cookieMap.get("Domain"));
        Assert.assertEquals("/bar", cookieMap.get("Path"));
      } else {
        Assert.assertFalse(cookieMap.containsKey("Domain"));
        Assert.assertFalse(cookieMap.containsKey("Path"));
      }
    }
  } finally {
    filter.destroy();
  }
}
 
Example 14
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedExpired() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 15
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedInvalidType() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 16
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testManagementOperation() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("false");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).
      thenReturn(DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).
      thenReturn(new StringBuffer("http://foo:8080/bar"));

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

    FilterChain chain = Mockito.mock(FilterChain.class);

    filter.doFilter(request, response, chain);
    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

    Mockito.reset(request);
    Mockito.reset(response);

    AuthenticationToken token = new AuthenticationToken("u", "p", "t");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());
    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    filter.doFilter(request, response, chain);

    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

  } finally {
    filter.destroy();
  }
}