You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by xy...@apache.org on 2022/08/05 19:02:35 UTC

[pulsar] 01/02: [improve][authentication] Adapt basic authentication configuration with prefix (#16935)

This is an automated email from the ASF dual-hosted git repository.

xyz pushed a commit to branch branch-2.8
in repository https://gitbox.apache.org/repos/asf/pulsar.git

commit c8c1c0954f391932cb24db3afc071a46f65e707d
Author: Zixuan Liu <no...@gmail.com>
AuthorDate: Thu Aug 4 15:21:30 2022 +0800

    [improve][authentication] Adapt basic authentication configuration with prefix (#16935)
    
    Signed-off-by: Zixuan Liu <no...@gmail.com>
    (cherry picked from commit cd95594f086dd6474962e21b24cd5c27fca3933f)
---
 .../AuthenticationProviderBasic.java               | 41 ++++++++++++++--------
 .../AuthenticationProviderBasicTest.java           | 18 ++++++++--
 2 files changed, 42 insertions(+), 17 deletions(-)

diff --git a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasic.java b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasic.java
index 40ff8635e03..3c62640cde7 100644
--- a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasic.java
+++ b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasic.java
@@ -20,11 +20,12 @@
 package org.apache.pulsar.broker.authentication;
 
 import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileReader;
+import java.io.ByteArrayInputStream;
 import java.io.IOException;
-import java.io.StringReader;
-import java.nio.charset.StandardCharsets;
+import java.io.InputStreamReader;
+import java.net.URISyntaxException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
 import java.util.Arrays;
 import java.util.Base64;
 import java.util.HashMap;
@@ -34,9 +35,11 @@ import javax.naming.AuthenticationException;
 import lombok.Cleanup;
 import org.apache.commons.codec.digest.Crypt;
 import org.apache.commons.codec.digest.Md5Crypt;
+import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.pulsar.broker.ServiceConfiguration;
 import org.apache.pulsar.broker.authentication.metrics.AuthenticationMetrics;
+import org.apache.pulsar.client.api.url.URL;
 
 public class AuthenticationProviderBasic implements AuthenticationProvider {
     private static final String HTTP_HEADER_NAME = "Authorization";
@@ -49,6 +52,20 @@ public class AuthenticationProviderBasic implements AuthenticationProvider {
         // noop
     }
 
+    public static byte[] readData(String data)
+            throws IOException, URISyntaxException, InstantiationException, IllegalAccessException {
+        if (data.startsWith("data:") || data.startsWith("file:")) {
+            return IOUtils.toByteArray(URL.createURL(data));
+        } else if (Files.exists(Paths.get(data))) {
+            return Files.readAllBytes(Paths.get(data));
+        } else if (org.apache.commons.codec.binary.Base64.isBase64(data)) {
+            return Base64.getDecoder().decode(data);
+        } else {
+            String msg = "Not supported config";
+            throw new IllegalArgumentException(msg);
+        }
+    }
+
     @Override
     public void initialize(ServiceConfiguration config) throws IOException {
         String data = config.getProperties().getProperty(CONF_PULSAR_PROPERTY_KEY);
@@ -60,17 +77,11 @@ public class AuthenticationProviderBasic implements AuthenticationProvider {
         }
 
         @Cleanup BufferedReader reader = null;
-        if (org.apache.commons.codec.binary.Base64.isBase64(data)) {
-            reader = new BufferedReader(new StringReader(new String(Base64.getDecoder().decode(data),
-                    StandardCharsets.UTF_8)));
-        } else {
-            File confFile = new File(data);
-            if (!confFile.exists()) {
-                throw new IOException("The password auth conf file does not exist");
-            } else if (!confFile.isFile()) {
-                throw new IOException("The path is not a file");
-            }
-            reader = new BufferedReader(new FileReader(confFile));
+        try {
+            byte[] bytes = readData(data);
+            reader = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(bytes)));
+        } catch (Exception e) {
+            throw new IllegalArgumentException(e);
         }
 
         users = new HashMap<>();
diff --git a/pulsar-broker-common/src/test/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasicTest.java b/pulsar-broker-common/src/test/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasicTest.java
index 812e99a0abf..69df6663bd1 100644
--- a/pulsar-broker-common/src/test/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasicTest.java
+++ b/pulsar-broker-common/src/test/java/org/apache/pulsar/broker/authentication/AuthenticationProviderBasicTest.java
@@ -18,6 +18,7 @@
  */
 package org.apache.pulsar.broker.authentication;
 
+import static org.testng.Assert.assertEquals;
 import com.google.common.io.Resources;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
@@ -25,13 +26,12 @@ import java.nio.file.FileSystems;
 import java.nio.file.Files;
 import java.util.Base64;
 import java.util.Properties;
+import javax.naming.AuthenticationException;
 import lombok.Cleanup;
 import org.apache.pulsar.broker.ServiceConfiguration;
 import org.apache.pulsar.common.api.AuthData;
 import org.testng.annotations.Test;
 
-import javax.naming.AuthenticationException;
-
 public class AuthenticationProviderBasicTest {
     private final String basicAuthConf = Resources.getResource("authentication/basic/.htpasswd").getPath();
     private final String basicAuthConfBase64 = Base64.getEncoder().encodeToString(Files.readAllBytes(
@@ -88,4 +88,18 @@ public class AuthenticationProviderBasicTest {
         provider.initialize(serviceConfiguration);
         testAuthenticate(provider);
     }
+
+    @Test
+    public void testReadData() throws Exception {
+        byte[] data = Files.readAllBytes(Path.of(basicAuthConf));
+        String base64Data = Base64.getEncoder().encodeToString(data);
+
+        // base64 format
+        assertEquals(AuthenticationProviderBasic.readData("data:;base64," + base64Data), data);
+        assertEquals(AuthenticationProviderBasic.readData(base64Data), data);
+
+        // file format
+        assertEquals(AuthenticationProviderBasic.readData("file://" + basicAuthConf), data);
+        assertEquals(AuthenticationProviderBasic.readData(basicAuthConf), data);
+    }
 }