You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by fe...@apache.org on 2017/09/26 05:35:13 UTC
zeppelin git commit: [ZEPPELIN-2880] - Fix username output when OIDC
is enabled
Repository: zeppelin
Updated Branches:
refs/heads/master 84e9bd96d -> a6a8b0298
[ZEPPELIN-2880] - Fix username output when OIDC is enabled
### What is this PR for?
When OIDC is enabled, user's roles/permissions/tokens are sent to Zeppelin's client via websocket and appears in the web browser when running a paragraph in a notebook.
### What type of PR is it?
[Bug Fix]
### What is the Jira issue?
* [ZEPPELIN-2880](https://issues.apache.org/jira/browse/ZEPPELIN-2880)
### How should this be tested?
Enable OIDC , login to Zeppelin and run a paragraph. Check the text "Last updated by".
### Questions:
* Does the licenses files need update? N/A
* Is there breaking changes for older versions? N/A
* Does this needs documentation? N/A
Author: byamthev <by...@gmail.com>
Closes #2551 from byamthev/zeppelin_2880 and squashes the following commits:
cb6ec70 [byamthev] [ZEPPELIN-2880] - Fix username output when OIDC is enabled
11d0729 [byamthev] [ZEPPELIN-2880] - Fix username output when OIDC is enabled
7263689 [byamthev] [ZEPPELIN-2880] - Fix username output when OIDC is enabled
Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo
Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/a6a8b029
Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/a6a8b029
Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/a6a8b029
Branch: refs/heads/master
Commit: a6a8b0298f2f52c541ed6753806f12174edcd326
Parents: 84e9bd9
Author: byamthev <by...@gmail.com>
Authored: Fri Sep 8 10:09:51 2017 +0300
Committer: Felix Cheung <fe...@apache.org>
Committed: Mon Sep 25 22:35:09 2017 -0700
----------------------------------------------------------------------
zeppelin-server/pom.xml | 30 +++++++++++++++++++-
.../apache/zeppelin/utils/SecurityUtils.java | 14 ++++++++-
.../zeppelin/security/SecurityUtilsTest.java | 27 +++++++++++++++++-
3 files changed, 68 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/a6a8b029/zeppelin-server/pom.xml
----------------------------------------------------------------------
diff --git a/zeppelin-server/pom.xml b/zeppelin-server/pom.xml
index e8db0c5..08ede29 100644
--- a/zeppelin-server/pom.xml
+++ b/zeppelin-server/pom.xml
@@ -47,6 +47,7 @@
<!--test library versions-->
<selenium.java.version>2.48.2</selenium.java.version>
<xml.apis.version>1.4.01</xml.apis.version>
+ <powermock.version>1.6.6</powermock.version>
<!--plugin library versions-->
<plugin.failsafe.version>2.16</plugin.failsafe.version>
@@ -301,8 +302,35 @@
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.powermock</groupId>
+ <artifactId>powermock-module-junit4</artifactId>
+ <version>${powermock.version}</version>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.javassist</groupId>
+ <artifactId>javassist</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.powermock</groupId>
+ <artifactId>powermock-api-mockito</artifactId>
+ <version>${powermock.version}</version>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.hamcrest</groupId>
+ <artifactId>hamcrest-core</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.objenesis</groupId>
+ <artifactId>objenesis</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
</dependencies>
-
<build>
<plugins>
<plugin>
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/a6a8b029/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java b/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java
index b2029ec..2098681 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java
@@ -20,6 +20,7 @@ import java.net.InetAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
+import java.security.Principal;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
@@ -88,13 +89,24 @@ public class SecurityUtils {
String principal;
if (subject.isAuthenticated()) {
- principal = subject.getPrincipal().toString();
+ principal = extractPrincipal(subject);
} else {
principal = ANONYMOUS;
}
return principal;
}
+ private static String extractPrincipal(Subject subject) {
+ String principal;
+ Object principalObject = subject.getPrincipal();
+ if (principalObject instanceof Principal) {
+ principal = ((Principal) principalObject).getName();
+ } else {
+ principal = String.valueOf(principalObject);
+ }
+ return principal;
+ }
+
public static Collection getRealmsList() {
if (!isEnabled) {
return Collections.emptyList();
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/a6a8b029/zeppelin-server/src/test/java/org/apache/zeppelin/security/SecurityUtilsTest.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/test/java/org/apache/zeppelin/security/SecurityUtilsTest.java b/zeppelin-server/src/test/java/org/apache/zeppelin/security/SecurityUtilsTest.java
index 9d902c8..1527816 100644
--- a/zeppelin-server/src/test/java/org/apache/zeppelin/security/SecurityUtilsTest.java
+++ b/zeppelin-server/src/test/java/org/apache/zeppelin/security/SecurityUtilsTest.java
@@ -17,18 +17,30 @@
package org.apache.zeppelin.security;
import static org.junit.Assert.*;
+import static org.mockito.Mockito.when;
+
import org.apache.commons.configuration.ConfigurationException;
import org.apache.zeppelin.conf.ZeppelinConfiguration;
import org.apache.zeppelin.utils.SecurityUtils;
import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
+import sun.security.acl.PrincipalImpl;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.net.InetAddress;
-
+@RunWith(PowerMockRunner.class)
+@PrepareForTest(org.apache.shiro.SecurityUtils.class)
public class SecurityUtilsTest {
+ @Mock
+ org.apache.shiro.subject.Subject subject;
+
@Test
public void isInvalid() throws URISyntaxException, UnknownHostException {
assertFalse(SecurityUtils.isValidOrigin("http://127.0.1.1", ZeppelinConfiguration.create()));
@@ -87,4 +99,17 @@ public class SecurityUtilsTest {
assertFalse(SecurityUtils.isValidOrigin("test123",
new ZeppelinConfiguration(this.getClass().getResource("/zeppelin-site.xml"))));
}
+
+
+ @Test
+ public void canGetPrincipalName() {
+ String expectedName = "java.security.Principal.getName()";
+ SecurityUtils.setIsEnabled(true);
+ PowerMockito.mockStatic(org.apache.shiro.SecurityUtils.class);
+ when(org.apache.shiro.SecurityUtils.getSubject()).thenReturn(subject);
+ when(subject.isAuthenticated()).thenReturn(true);
+ when(subject.getPrincipal()).thenReturn(new PrincipalImpl(expectedName));
+
+ assertEquals(expectedName, SecurityUtils.getPrincipal());
+ }
}