Java Code Examples for org.apache.hadoop.security.authentication.util.SignerSecretProvider

The following examples show how to use org.apache.hadoop.security.authentication.util.SignerSecretProvider. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: atlas   Source File: AtlasAuthenticationFilter.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void initializeSecretProvider(FilterConfig filterConfig) throws ServletException {
    LOG.info("==> AtlasAuthenticationFilter.initializeSecretProvider");

    secretProvider = (SignerSecretProvider) filterConfig.getServletContext().getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE);

    if (secretProvider == null) {
        // As tomcat cannot specify the provider object in the configuration.
        // It'll go into this path
        String configPrefix = filterConfig.getInitParameter(CONFIG_PREFIX);

        configPrefix = (configPrefix != null) ? configPrefix + "." : "";

        try {
            secretProvider = AuthenticationFilter.constructSecretProvider(filterConfig.getServletContext(), super.getConfiguration(configPrefix, filterConfig), false);

            this.isInitializedByTomcat = true;
        } catch (Exception ex) {
            throw new ServletException(ex);
        }
    }

    signer = new Signer(secretProvider);

    LOG.info("<== AtlasAuthenticationFilter.initializeSecretProvider(filterConfig={})", filterConfig);
}
 
Example 2
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 6 votes vote down vote up
private static SignerSecretProvider getMockedServletContextWithStringSigner(
    FilterConfig config) throws Exception {
  Properties secretProviderProps = new Properties();
  secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET,
                                  "secret");
  SignerSecretProvider secretProvider =
      StringSignerSecretProviderCreator.newStringSignerSecretProvider();
  secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);

  ServletContext context = Mockito.mock(ServletContext.class);
  Mockito.when(context.getAttribute(
          AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
          .thenReturn(secretProvider);
  Mockito.when(config.getServletContext()).thenReturn(context);
  return secretProvider;
}
 
Example 3
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 6 votes vote down vote up
private static SignerSecretProvider getMockedServletContextWithStringSigner(
    FilterConfig config) throws Exception {
  Properties secretProviderProps = new Properties();
  secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET,
                                  "secret");
  SignerSecretProvider secretProvider =
      StringSignerSecretProviderCreator.newStringSignerSecretProvider();
  secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);

  ServletContext context = Mockito.mock(ServletContext.class);
  Mockito.when(context.getAttribute(
          AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
          .thenReturn(secretProvider);
  Mockito.when(config.getServletContext()).thenReturn(context);
  return secretProvider;
}
 
Example 4
Source Project: incubator-atlas   Source File: AtlasAuthenticationFilter.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void initializeSecretProvider(FilterConfig filterConfig)
        throws ServletException {
    LOG.debug("AtlasAuthenticationFilter :: initializeSecretProvider {}", filterConfig);
    secretProvider = (SignerSecretProvider) filterConfig.getServletContext().
            getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE);
    if (secretProvider == null) {
        // As tomcat cannot specify the provider object in the configuration.
        // It'll go into this path
        String configPrefix = filterConfig.getInitParameter(CONFIG_PREFIX);
        configPrefix = (configPrefix != null) ? configPrefix + "." : "";
        try {
            secretProvider = AuthenticationFilter.constructSecretProvider(
                    filterConfig.getServletContext(),
                    super.getConfiguration(configPrefix, filterConfig), false);
            this.isInitializedByTomcat = true;
        } catch (Exception ex) {
            throw new ServletException(ex);
        }
    }
    signer = new Signer(secretProvider);
}
 
Example 5
Source Project: hadoop-ozone   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private static SignerSecretProvider constructSecretProvider(final Builder b,
    ServletContext ctx)
    throws Exception {
  final ConfigurationSource conf = b.conf;
  Properties config = getFilterProperties(conf,
      b.authFilterConfigurationPrefix);
  return AuthenticationFilter.constructSecretProvider(
      ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
 
Example 6
Source Project: hadoop   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private static SignerSecretProvider constructSecretProvider(final Builder b,
    ServletContext ctx)
    throws Exception {
  final Configuration conf = b.conf;
  Properties config = getFilterProperties(conf,
                                          b.authFilterConfigurationPrefix);
  return AuthenticationFilter.constructSecretProvider(
      ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
 
Example 7
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void testGetToken() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();

  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    SignerSecretProvider secretProvider =
        getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);

    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    AuthenticationToken newToken = filter.getToken(request);

    Assert.assertEquals(token.toString(), newToken.toString());
  } finally {
    filter.destroy();
  }
}
 
Example 8
Source Project: big-c   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private static SignerSecretProvider constructSecretProvider(final Builder b,
    ServletContext ctx)
    throws Exception {
  final Configuration conf = b.conf;
  Properties config = getFilterProperties(conf,
                                          b.authFilterConfigurationPrefix);
  return AuthenticationFilter.constructSecretProvider(
      ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
 
Example 9
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void testGetToken() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();

  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    SignerSecretProvider secretProvider =
        getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);

    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    AuthenticationToken newToken = filter.getToken(request);

    Assert.assertEquals(token.toString(), newToken.toString());
  } finally {
    filter.destroy();
  }
}
 
Example 10
Source Project: lucene-solr   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private static SignerSecretProvider constructSecretProvider(final Builder b,
                                                            ServletContext ctx)
    throws Exception {
  final Configuration conf = b.conf;
  Properties config = getFilterProperties(conf,
      b.authFilterConfigurationPrefix);
  return AuthenticationFilter.constructSecretProvider(
      ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
 
Example 11
Source Project: knox   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private static SignerSecretProvider constructSecretProvider(final Builder b,
                                                            ServletContext ctx)
    throws Exception {
  final Configuration conf = b.conf;
  Properties config = getFilterProperties(conf,
      b.authFilterConfigurationPrefix);
  return AuthenticationFilter.constructSecretProvider(
      ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
 
Example 12
Source Project: knox   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private static SignerSecretProvider constructSecretProvider(final Builder b,
                                                            ServletContext ctx)
    throws Exception {
  final Configuration conf = b.conf;
  Properties config = getFilterProperties(conf,
      b.authFilterConfigurationPrefix);
  return AuthenticationFilter.constructSecretProvider(
      ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
 
Example 13
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenExpired() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token =
        new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("AuthenticationToken expired", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not expired", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 14
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenInvalidType() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("Invalid AuthenticationToken type", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not invalid type", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 15
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
private void _testDoFilterAuthentication(boolean withDomainPath,
                                         boolean invalidToken,
                                         boolean expired) throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  FilterConfig config = Mockito.mock(FilterConfig.class);
  Mockito.when(config.getInitParameter("management.operation.return")).
          thenReturn("true");
  Mockito.when(config.getInitParameter("expired.token")).
          thenReturn(Boolean.toString(expired));
  Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE))
          .thenReturn(DummyAuthenticationHandler.class.getName());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .AUTH_TOKEN_VALIDITY)).thenReturn(new Long(TOKEN_VALIDITY_SEC).toString());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .SIGNATURE_SECRET)).thenReturn("secret");
  Mockito.when(config.getInitParameterNames()).thenReturn(new
          Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
          AuthenticationFilter.AUTH_TOKEN_VALIDITY,
          AuthenticationFilter.SIGNATURE_SECRET, "management.operation" +
          ".return", "expired.token")).elements());
  getMockedServletContextWithStringSigner(config);

  if (withDomainPath) {
    Mockito.when(config.getInitParameter(AuthenticationFilter
            .COOKIE_DOMAIN)).thenReturn(".foo.com");
    Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH))
            .thenReturn("/bar");
    Mockito.when(config.getInitParameterNames()).thenReturn(new
            Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
            AuthenticationFilter.AUTH_TOKEN_VALIDITY,
            AuthenticationFilter.SIGNATURE_SECRET,
            AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter
            .COOKIE_PATH, "management.operation.return")).elements());
  }

  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  Mockito.when(request.getParameter("authenticated")).thenReturn("true");
  Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer
          ("http://foo:8080/bar"));
  Mockito.when(request.getQueryString()).thenReturn("authenticated=true");

  if (invalidToken) {
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{new Cookie
            (AuthenticatedURL.AUTH_COOKIE, "foo")});
  }

  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  FilterChain chain = Mockito.mock(FilterChain.class);

  final HashMap<String, String> cookieMap = new HashMap<String, String>();
  Mockito.doAnswer(new Answer<Object>() {
    @Override
    public Object answer(InvocationOnMock invocation) throws Throwable {
      String cookieHeader = (String)invocation.getArguments()[1];
      parseCookieMap(cookieHeader, cookieMap);
      return null;
    }
  }).when(response).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());

  try {
    filter.init(config);
    filter.doFilter(request, response, chain);

    if (expired) {
      Mockito.verify(response, Mockito.never()).
        addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
    } else {
      String v = cookieMap.get(AuthenticatedURL.AUTH_COOKIE);
      Assert.assertNotNull("cookie missing", v);
      Assert.assertTrue(v.contains("u=") && v.contains("p=") && v.contains
              ("t=") && v.contains("e=") && v.contains("s="));
      Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class),
              Mockito.any(ServletResponse.class));

      SignerSecretProvider secretProvider =
          StringSignerSecretProviderCreator.newStringSignerSecretProvider();
      Properties secretProviderProps = new Properties();
      secretProviderProps.setProperty(
              AuthenticationFilter.SIGNATURE_SECRET, "secret");
      secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
      Signer signer = new Signer(secretProvider);
      String value = signer.verifyAndExtract(v);
      AuthenticationToken token = AuthenticationToken.parse(value);
      assertThat(token.getExpires(), not(0L));

      if (withDomainPath) {
        Assert.assertEquals(".foo.com", cookieMap.get("Domain"));
        Assert.assertEquals("/bar", cookieMap.get("Path"));
      } else {
        Assert.assertFalse(cookieMap.containsKey("Domain"));
        Assert.assertFalse(cookieMap.containsKey("Path"));
      }
    }
  } finally {
    filter.destroy();
  }
}
 
Example 16
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedExpired() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 17
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedInvalidType() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 18
Source Project: hadoop   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testManagementOperation() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("false");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).
      thenReturn(DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).
      thenReturn(new StringBuffer("http://foo:8080/bar"));

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

    FilterChain chain = Mockito.mock(FilterChain.class);

    filter.doFilter(request, response, chain);
    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

    Mockito.reset(request);
    Mockito.reset(response);

    AuthenticationToken token = new AuthenticationToken("u", "p", "t");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());
    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    filter.doFilter(request, response, chain);

    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

  } finally {
    filter.destroy();
  }
}
 
Example 19
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenExpired() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token =
        new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("AuthenticationToken expired", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not expired", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 20
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testGetTokenInvalidType() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    boolean failed = false;
    try {
      filter.getToken(request);
    } catch (AuthenticationException ex) {
      Assert.assertEquals("Invalid AuthenticationToken type", ex.getMessage());
      failed = true;
    } finally {
      Assert.assertTrue("token not invalid type", failed);
    }
  } finally {
    filter.destroy();
  }
}
 
Example 21
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
private void _testDoFilterAuthentication(boolean withDomainPath,
                                         boolean invalidToken,
                                         boolean expired) throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  FilterConfig config = Mockito.mock(FilterConfig.class);
  Mockito.when(config.getInitParameter("management.operation.return")).
          thenReturn("true");
  Mockito.when(config.getInitParameter("expired.token")).
          thenReturn(Boolean.toString(expired));
  Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE))
          .thenReturn(DummyAuthenticationHandler.class.getName());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .AUTH_TOKEN_VALIDITY)).thenReturn(new Long(TOKEN_VALIDITY_SEC).toString());
  Mockito.when(config.getInitParameter(AuthenticationFilter
          .SIGNATURE_SECRET)).thenReturn("secret");
  Mockito.when(config.getInitParameterNames()).thenReturn(new
          Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
          AuthenticationFilter.AUTH_TOKEN_VALIDITY,
          AuthenticationFilter.SIGNATURE_SECRET, "management.operation" +
          ".return", "expired.token")).elements());
  getMockedServletContextWithStringSigner(config);

  if (withDomainPath) {
    Mockito.when(config.getInitParameter(AuthenticationFilter
            .COOKIE_DOMAIN)).thenReturn(".foo.com");
    Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH))
            .thenReturn("/bar");
    Mockito.when(config.getInitParameterNames()).thenReturn(new
            Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
            AuthenticationFilter.AUTH_TOKEN_VALIDITY,
            AuthenticationFilter.SIGNATURE_SECRET,
            AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter
            .COOKIE_PATH, "management.operation.return")).elements());
  }

  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  Mockito.when(request.getParameter("authenticated")).thenReturn("true");
  Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer
          ("http://foo:8080/bar"));
  Mockito.when(request.getQueryString()).thenReturn("authenticated=true");

  if (invalidToken) {
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{new Cookie
            (AuthenticatedURL.AUTH_COOKIE, "foo")});
  }

  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  FilterChain chain = Mockito.mock(FilterChain.class);

  final HashMap<String, String> cookieMap = new HashMap<String, String>();
  Mockito.doAnswer(new Answer<Object>() {
    @Override
    public Object answer(InvocationOnMock invocation) throws Throwable {
      String cookieHeader = (String)invocation.getArguments()[1];
      parseCookieMap(cookieHeader, cookieMap);
      return null;
    }
  }).when(response).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());

  try {
    filter.init(config);
    filter.doFilter(request, response, chain);

    if (expired) {
      Mockito.verify(response, Mockito.never()).
        addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
    } else {
      String v = cookieMap.get(AuthenticatedURL.AUTH_COOKIE);
      Assert.assertNotNull("cookie missing", v);
      Assert.assertTrue(v.contains("u=") && v.contains("p=") && v.contains
              ("t=") && v.contains("e=") && v.contains("s="));
      Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class),
              Mockito.any(ServletResponse.class));

      SignerSecretProvider secretProvider =
          StringSignerSecretProviderCreator.newStringSignerSecretProvider();
      Properties secretProviderProps = new Properties();
      secretProviderProps.setProperty(
              AuthenticationFilter.SIGNATURE_SECRET, "secret");
      secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
      Signer signer = new Signer(secretProvider);
      String value = signer.verifyAndExtract(v);
      AuthenticationToken token = AuthenticationToken.parse(value);
      assertThat(token.getExpires(), not(0L));

      if (withDomainPath) {
        Assert.assertEquals(".foo.com", cookieMap.get("Domain"));
        Assert.assertEquals("/bar", cookieMap.get("Path"));
      } else {
        Assert.assertFalse(cookieMap.containsKey("Domain"));
        Assert.assertFalse(cookieMap.containsKey("Path"));
      }
    }
  } finally {
    filter.destroy();
  }
}
 
Example 22
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedExpired() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
    token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 23
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testDoFilterAuthenticatedInvalidType() throws Exception {
  String secret = "secret";
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("true");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(
      DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn(
      secret);
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      AuthenticationFilter.SIGNATURE_SECRET,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));

    AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, secret);
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());

    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
    Mockito.when(response.containsHeader("WWW-Authenticate")).thenReturn(true);
    FilterChain chain = Mockito.mock(FilterChain.class);

    verifyUnauthorized(filter, request, response, chain);
  } finally {
    filter.destroy();
  }
}
 
Example 24
Source Project: big-c   Source File: TestAuthenticationFilter.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testManagementOperation() throws Exception {
  AuthenticationFilter filter = new AuthenticationFilter();
  try {
    FilterConfig config = Mockito.mock(FilterConfig.class);
    Mockito.when(config.getInitParameter("management.operation.return")).
      thenReturn("false");
    Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).
      thenReturn(DummyAuthenticationHandler.class.getName());
    Mockito.when(config.getInitParameterNames()).thenReturn(
      new Vector<String>(
        Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                      "management.operation.return")).elements());
    getMockedServletContextWithStringSigner(config);
    filter.init(config);

    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRequestURL()).
      thenReturn(new StringBuffer("http://foo:8080/bar"));

    HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

    FilterChain chain = Mockito.mock(FilterChain.class);

    filter.doFilter(request, response, chain);
    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

    Mockito.reset(request);
    Mockito.reset(response);

    AuthenticationToken token = new AuthenticationToken("u", "p", "t");
    token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
    SignerSecretProvider secretProvider =
        StringSignerSecretProviderCreator.newStringSignerSecretProvider();
    Properties secretProviderProps = new Properties();
    secretProviderProps.setProperty(
            AuthenticationFilter.SIGNATURE_SECRET, "secret");
    secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
    Signer signer = new Signer(secretProvider);
    String tokenSigned = signer.sign(token.toString());
    Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
    Mockito.when(request.getCookies()).thenReturn(new Cookie[]{cookie});

    filter.doFilter(request, response, chain);

    Mockito.verify(response).setStatus(HttpServletResponse.SC_ACCEPTED);
    Mockito.verifyNoMoreInteractions(response);

  } finally {
    filter.destroy();
  }
}