You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by mo...@apache.org on 2017/09/20 14:36:25 UTC
[01/12] knox git commit: KNOX-1038 - Replace deprecated rest-assured
"content" call with "body"
Repository: knox
Updated Branches:
refs/heads/KNOX-998-Package_Restructuring f4a4355d4 -> 416ee7c15
KNOX-1038 - Replace deprecated rest-assured "content" call with "body"
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/aac2054c
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/aac2054c
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/aac2054c
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: aac2054c83399669a7084dbb8452013f7e3b532c
Parents: e2e1251
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Sep 14 10:12:58 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Sep 14 10:12:58 2017 +0100
----------------------------------------------------------------------
.../gateway/GatewayAdminTopologyFuncTest.java | 2 -
.../hadoop/gateway/GatewayBasicFuncTest.java | 125 +++++++++----------
.../hadoop/gateway/GatewayHealthFuncTest.java | 2 +-
.../GatewayLdapDynamicGroupFuncTest.java | 2 +-
.../gateway/GatewayLdapPosixGroupFuncTest.java | 9 --
.../GatewayPortMappingDisableFeatureTest.java | 2 +-
.../gateway/GatewayPortMappingFuncTest.java | 2 +-
.../apache/hadoop/gateway/Knox242FuncTest.java | 2 +-
.../hadoop/gateway/WebHdfsHaFuncTest.java | 10 +-
9 files changed, 69 insertions(+), 87 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
index 3a5cd84..2efddff 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
@@ -795,6 +795,4 @@ public class GatewayAdminTopologyFuncTest {
LOG_EXIT();
}
- private static final String CLASS = GatewayAdminTopologyFuncTest.class.getCanonicalName();
-
}
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
index cbe12a8..472270c 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
@@ -314,7 +314,7 @@ public class GatewayBasicFuncTest {
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json" )
- .content( "boolean", is( true ) )
+ .body( "boolean", is( true ) )
.when().put( driver.getUrl( "WEBHDFS" ) + "/v1" + root + "/dir" ).getDetailedCookie( "JSESSIONID" );
assertThat( cookie.isSecured(), is( true ) );
assertThat( cookie.isHttpOnly(), is( true ) );
@@ -373,9 +373,6 @@ public class GatewayBasicFuncTest {
String root = "/tmp/GatewayBasicFuncTest/testBasicOutboundHeaderUseCase";
String username = "hdfs";
String password = "hdfs-password";
- InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
- String gatewayHostName = gatewayAddress.getHostName();
- String gatewayAddrName = InetAddress.getByName(gatewayHostName).getHostAddress();
driver.getMock( "WEBHDFS" )
.expect()
@@ -412,7 +409,6 @@ public class GatewayBasicFuncTest {
String root = "/tmp/GatewayBasicFuncTest/testHdfsTildeUseCase";
String username = "hdfs";
String password = "hdfs-password";
- InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
// Attempt to delete the test directory in case a previous run failed.
// Ignore any result.
@@ -462,7 +458,7 @@ public class GatewayBasicFuncTest {
//.log().all();
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json" )
- .content( "boolean", is( true ) )
+ .body( "boolean", is( true ) )
.when().put( driver.getUrl( "WEBHDFS" ) + "/v1/~/dir" );
driver.assertComplete();
} finally {
@@ -535,7 +531,7 @@ public class GatewayBasicFuncTest {
//.log().all();
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json" )
- .content( "boolean", is( true ) )
+ .body( "boolean", is( true ) )
.when().put( driver.getUrl( "WEBHDFS" ) + "/v1" + root + "/dir" );
driver.assertComplete();
@@ -557,7 +553,7 @@ public class GatewayBasicFuncTest {
.expect()
//.log().ifError()
.statusCode( HttpStatus.SC_OK )
- .content( "FileStatuses.FileStatus[0].pathSuffix", is( "dir" ) )
+ .body( "FileStatuses.FileStatus[0].pathSuffix", is( "dir" ) )
.when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
driver.assertComplete();
@@ -658,7 +654,7 @@ public class GatewayBasicFuncTest {
//.log().all()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "test.txt" ) )
+ .body( driver.getResourceBytes( "test.txt" ) )
.contentType( "text/plain" )
.expect()
//.log().ifError()
@@ -716,7 +712,7 @@ public class GatewayBasicFuncTest {
.expect()
//.log().ifError()
.statusCode( HttpStatus.SC_OK )
- .content( is( "TEST" ) )
+ .body( is( "TEST" ) )
.when().get( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
driver.assertComplete();
@@ -875,7 +871,6 @@ public class GatewayBasicFuncTest {
String root = "/tmp/GatewayBasicFuncTest/testJavaMapReduceViaWebHCat";
String user = "mapred";
String pass = "mapred-password";
- String group = "mapred";
// String user = "hcat";
// String pass = "hcat-password";
// String group = "hcat";
@@ -1063,10 +1058,8 @@ public class GatewayBasicFuncTest {
@Test( timeout = TestUtils.MEDIUM_TIMEOUT )
public void testBasicHiveJDBCUseCase() throws IOException {
LOG_ENTER();
- String root = "/tmp/GatewayHiveJDBCFuncTest/testBasicHiveUseCase";
String username = "hive";
String password = "hive-password";
- InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
// This use case emulates simple JDBC scenario which consists of following steps:
// -open connection;
@@ -1090,7 +1083,7 @@ public class GatewayBasicFuncTest {
Response response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/open-session-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/open-session-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1115,7 +1108,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1139,7 +1132,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-1-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/close-operation-1-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1163,7 +1156,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-server2-http-path-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/execute-set-server2-http-path-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1187,7 +1180,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-2-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/close-operation-2-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1211,7 +1204,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-server2-servermode-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/execute-set-server2-servermode-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1235,7 +1228,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-3-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/close-operation-3-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1259,7 +1252,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1283,7 +1276,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-4-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/close-operation-4-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1307,7 +1300,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-create-table-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/execute-create-table-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1331,7 +1324,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-5-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/close-operation-5-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1355,7 +1348,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-select-from-table-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/execute-select-from-table-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1379,7 +1372,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/get-result-set-metadata-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/get-result-set-metadata-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1403,7 +1396,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/fetch-results-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/fetch-results-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1427,7 +1420,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-6-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/close-operation-6-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1451,7 +1444,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-session-request.bin" ) )
+ .body( driver.getResourceBytes( "hive/close-session-request.bin" ) )
.contentType( "application/x-thrift" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1535,7 +1528,7 @@ public class GatewayBasicFuncTest {
.expect()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/x-protobuf" )
- .content( is( driver.getResourceString( resourceName + ".protobuf", UTF8 ) ) )
+ .body( is( driver.getResourceString( resourceName + ".protobuf", UTF8 ) ) )
.when().get( driver.getUrl( "WEBHBASE" ) );
driver.assertComplete();
LOG_EXIT();
@@ -1719,7 +1712,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
//.header( "Content-Type", ContentType.XML.toString() )
- .content( driver.getResourceBytes( resourceName + ".xml" ) )
+ .body( driver.getResourceBytes( resourceName + ".xml" ) )
.contentType( ContentType.XML.toString() )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1739,7 +1732,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
//.header( "Content-Type", ContentType.JSON.toString() )
- .content( driver.getResourceBytes( resourceName + ".json" ) )
+ .body( driver.getResourceBytes( resourceName + ".json" ) )
.contentType( ContentType.JSON.toString() )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1760,7 +1753,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
//.header( "Content-Type", "application/x-protobuf" )
- .content( driver.getResourceBytes( resourceName + ".protobuf" ) )
+ .body( driver.getResourceBytes( resourceName + ".protobuf" ) )
.contentType( "application/x-protobuf" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1783,7 +1776,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
//.header( "Content-Type", ContentType.XML.toString() )
- .content( driver.getResourceBytes( resourceName + ".xml" ) )
+ .body( driver.getResourceBytes( resourceName + ".xml" ) )
.contentType( ContentType.XML.toString() )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1803,7 +1796,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
//.header( "Content-Type", ContentType.JSON.toString() )
- .content( driver.getResourceBytes( resourceName + ".json" ) )
+ .body( driver.getResourceBytes( resourceName + ".json" ) )
.contentType( ContentType.JSON.toString() )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -1824,7 +1817,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
//.header( "Content-Type", "application/x-protobuf" )
- .content( driver.getResourceBytes( resourceName + ".protobuf" ) )
+ .body( driver.getResourceBytes( resourceName + ".protobuf" ) )
.contentType( "application/x-protobuf" )
.expect()
.statusCode( HttpStatus.SC_OK )
@@ -2241,17 +2234,17 @@ public class GatewayBasicFuncTest {
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
- .content( "apps.app[0].trackingUrl", isEmptyString() )
- .content( "apps.app[1].trackingUrl",
+ .body( "apps.app[0].trackingUrl", isEmptyString() )
+ .body( "apps.app[1].trackingUrl",
anyOf(
startsWith( "http://" + gatewayHostName + ":" + gatewayAddress.getPort() + "/" ),
startsWith( "http://" + gatewayAddrName + ":" + gatewayAddress.getPort() + "/" ) ) )
- .content( "apps.app[2].trackingUrl", isEmptyString() )
- .content( "apps.app[0].amContainerLogs", isEmptyString() )
- .content( "apps.app[1].amContainerLogs", isEmptyString() )
- .content( "apps.app[0].amHostHttpAddress", isEmptyString() )
- .content( "apps.app[1].amHostHttpAddress", isEmptyString() )
- .content( "apps.app[2].id", is( "application_1399541193872_0009" ) )
+ .body( "apps.app[2].trackingUrl", isEmptyString() )
+ .body( "apps.app[0].amContainerLogs", isEmptyString() )
+ .body( "apps.app[1].amContainerLogs", isEmptyString() )
+ .body( "apps.app[0].amHostHttpAddress", isEmptyString() )
+ .body( "apps.app[1].amHostHttpAddress", isEmptyString() )
+ .body( "apps.app[2].id", is( "application_1399541193872_0009" ) )
.when()
.get(gatewayPath + gatewayPathQuery);
@@ -2296,7 +2289,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content(driver.getResourceBytes(resource))
+ .body(driver.getResourceBytes(resource))
.contentType("application/json")
.expect()
.statusCode(HttpStatus.SC_OK)
@@ -2318,7 +2311,7 @@ public class GatewayBasicFuncTest {
response = given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .content(driver.getResourceBytes(resource))
+ .body(driver.getResourceBytes(resource))
.contentType("application/json")
.expect()
.statusCode(HttpStatus.SC_OK)
@@ -2396,17 +2389,17 @@ public class GatewayBasicFuncTest {
.statusCode( HttpStatus.SC_OK )
.contentType( contentType );
if ( running ) {
- response.content(
+ response.body(
"app.trackingUrl",
anyOf(
startsWith( "http://" + gatewayHostName + ":" + gatewayAddress.getPort() + "/" ),
startsWith( "http://" + gatewayAddrName + ":" + gatewayAddress.getPort() + "/" ) ) );
} else {
- response.content( "app.trackingUrl", isEmptyString() );
+ response.body( "app.trackingUrl", isEmptyString() );
}
- response.content( "app.amContainerLogs", isEmptyString() )
- .content( "app.amHostHttpAddress", isEmptyString() )
+ response.body( "app.amContainerLogs", isEmptyString() )
+ .body( "app.amHostHttpAddress", isEmptyString() )
.when()
.get( gatewayPath );
@@ -2508,9 +2501,9 @@ public class GatewayBasicFuncTest {
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
- .content( "appAttempts.appAttempt[0].nodeHttpAddress", isEmptyString() )
- .content( "appAttempts.appAttempt[0].nodeId", not( containsString( "localhost:50060" ) ) )
- .content( "appAttempts.appAttempt[0].logsLink", isEmptyString() )
+ .body( "appAttempts.appAttempt[0].nodeHttpAddress", isEmptyString() )
+ .body( "appAttempts.appAttempt[0].nodeId", not( containsString( "localhost:50060" ) ) )
+ .body( "appAttempts.appAttempt[0].logsLink", isEmptyString() )
.when()
.get( gatewayPath );
@@ -2573,9 +2566,9 @@ public class GatewayBasicFuncTest {
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
- .content( "nodes.node[0].id", not( containsString( nodeId ) ) )
- .content( "nodes.node[0].nodeHostName", isEmptyString() )
- .content( "nodes.node[0].nodeHTTPAddress", isEmptyString() )
+ .body( "nodes.node[0].id", not( containsString( nodeId ) ) )
+ .body( "nodes.node[0].nodeHostName", isEmptyString() )
+ .body( "nodes.node[0].nodeHTTPAddress", isEmptyString() )
.when()
.get( gatewayPath + gatewayPathQuery ).getBody().path( "nodes.node[0].id" );
@@ -2597,9 +2590,9 @@ public class GatewayBasicFuncTest {
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
- .content( "node.id", not( containsString( nodeId ) ) )
- .content( "node.nodeHostName", isEmptyString() )
- .content( "node.nodeHTTPAddress", isEmptyString() )
+ .body( "node.id", not( containsString( nodeId ) ) )
+ .body( "node.nodeHostName", isEmptyString() )
+ .body( "node.nodeHTTPAddress", isEmptyString() )
.when()
.get( gatewayPath + encryptedNodeId );
@@ -2798,7 +2791,7 @@ public class GatewayBasicFuncTest {
if ( contentMatchers != null ) {
for ( Entry<String, Matcher<?>> matcher : contentMatchers.entrySet() ) {
- responseSpecification.content( matcher.getKey(), matcher.getValue() );
+ responseSpecification.body( matcher.getKey(), matcher.getValue() );
}
}
@@ -3156,7 +3149,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", contentType.toString())
- .content(driver.getResourceBytes(postResource))
+ .body(driver.getResourceBytes(postResource))
.expect()
.statusCode(HttpStatus.SC_OK)
.contentType(contentType.toString())
@@ -3890,7 +3883,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( user, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.contentType( contentType )
- .content( driver.getResourceBytes( resource ) )
+ .body( driver.getResourceBytes( resource ) )
.expect()
//.log().all()
.statusCode( status )
@@ -4049,7 +4042,7 @@ public class GatewayBasicFuncTest {
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.queryParam( "op", "CREATE" )
.queryParam( "overwrite", "true" )
- .content( driver.getResourceBytes( resource ) )
+ .body( driver.getResourceBytes( resource ) )
.expect()
//.log().all()
.statusCode( status )
@@ -4091,7 +4084,7 @@ public class GatewayBasicFuncTest {
.queryParam( "op", "CREATE" )
.queryParam( "overwrite", "true" )
.contentType( contentType )
- .content( driver.getResourceBytes( resource ) )
+ .body( driver.getResourceBytes( resource ) )
.expect()
//.log().all()
.statusCode( status )
@@ -4143,7 +4136,7 @@ public class GatewayBasicFuncTest {
//.log().all()
.statusCode( status )
.contentType( "application/json" )
- .content( "boolean", CoreMatchers.equalTo(true) )
+ .body( "boolean", CoreMatchers.equalTo(true) )
.when()
.put( driver.getUrl("WEBHDFS") + "/v1" + dir + ( driver.isUseGateway() ? "" : "?user.name=" + user ) );
String location = response.getHeader( "Location" );
@@ -4273,7 +4266,7 @@ public class GatewayBasicFuncTest {
.pathParam( "job", job )
.expect()
//.log().all()
- .content( "status.jobId", CoreMatchers.equalTo(job) )
+ .body( "status.jobId", CoreMatchers.equalTo(job) )
.statusCode( HttpStatus.SC_OK )
.when().get( driver.getUrl( "WEBHCAT" ) + "/v1/jobs/{job}" + ( driver.isUseGateway() ? "" : "?user.name=" + user ) ).asString();
log.debug( "STATUS=" + status );
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
index 84d43b8..033f028 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
@@ -194,7 +194,7 @@ public class GatewayHealthFuncTest {
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
.when().get(serviceUrl).asString();
- String version = JsonPath.from(body).getString("version");
+ //String version = JsonPath.from(body).getString("version");
Map<String, String> hm = JsonPath.from(body).getMap("");
Assert.assertTrue(hm.size() >= 6);
Assert.assertTrue(hm.keySet().containsAll(new HashSet<String>(Arrays.asList(new String[]{"timers", "histograms",
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
index 5567321..49ae6ed 100755
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
@@ -155,7 +155,7 @@ public class GatewayLdapDynamicGroupFuncTest {
AliasService aliasService = (AliasService)services.getService(GatewayServices.ALIAS_SERVICE);
aliasService.addAliasForCluster("testdg-cluster", "ldcSystemPassword", "guest-password");
- char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
+ //char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
//System.err.println("SETUP password 10: " + ((password1 == null) ? "NULL" : new String(password1)));
File descriptor = new File( topoDir, "testdg-cluster.xml" );
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
index 42674e8..f0b9fd0 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
@@ -61,7 +61,6 @@ import static org.hamcrest.CoreMatchers.notNullValue;
@Category(ReleaseTest.class)
public class GatewayLdapPosixGroupFuncTest {
- private static final Class<?> RESOURCE_BASE_CLASS = GatewayLdapPosixGroupFuncTest.class;
private static Logger LOG = LoggerFactory.getLogger( GatewayLdapPosixGroupFuncTest.class );
public static Enumeration<Appender> appenders;
@@ -221,14 +220,6 @@ public class GatewayLdapPosixGroupFuncTest {
return xml;
}
- private static String getResourceName( String resource ) {
- return getResourceBaseName() + resource;
- }
-
- private static String getResourceBaseName() {
- return RESOURCE_BASE_CLASS.getName().replaceAll( "\\.", "/" ) + "/";
- }
-
@Ignore
// @Test
public void waitForManualTesting() throws IOException {
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
index f5b6f78..848daa5 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
@@ -163,7 +163,7 @@ public class GatewayPortMappingDisableFeatureTest {
.expect()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
.when().get(url + "/v1/");
masterServer.isEmpty();
}
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
index a8199d1..3e09730 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
@@ -187,7 +187,7 @@ public class GatewayPortMappingFuncTest {
.expect()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
.when().get(url + "/v1/");
masterServer.isEmpty();
}
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
index 7026407..a7465d1 100755
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
@@ -135,7 +135,7 @@ public class Knox242FuncTest {
AliasService aliasService = (AliasService)services.getService(GatewayServices.ALIAS_SERVICE);
aliasService.addAliasForCluster("testdg-cluster", "ldcSystemPassword", "guest-password");
- char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
+ // char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
//System.err.println("SETUP password 10: " + ((password1 == null) ? "NULL" : new String(password1)));
File descriptor = new File( topoDir, "testdg-cluster.xml" );
http://git-wip-us.apache.org/repos/asf/knox/blob/aac2054c/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
index 2f4574f..1fc8c33 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
@@ -174,7 +174,7 @@ public class WebHdfsHaFuncTest {
.expect()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
.when().get(driver.getUrl("WEBHDFS") + "/v1/");
masterServer.isEmpty();
LOG_EXIT();
@@ -204,7 +204,7 @@ public class WebHdfsHaFuncTest {
.expect()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
.when().get(driver.getUrl("WEBHDFS") + "/v1/");
standbyServer.isEmpty();
masterServer.start();
@@ -266,7 +266,7 @@ public class WebHdfsHaFuncTest {
.expect()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
.when().get(driver.getUrl("WEBHDFS") + "/v1/");
masterServer.isEmpty();
standbyServer.isEmpty();
@@ -362,7 +362,7 @@ public class WebHdfsHaFuncTest {
.expect()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
- .content("boolean", is(true))
+ .body("boolean", is(true))
.when().post(driver.getUrl("WEBHDFS") + "/v1/user/hdfs/foo.txt");
masterServer.isEmpty();
LOG_EXIT();
@@ -399,7 +399,7 @@ public class WebHdfsHaFuncTest {
.expect()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
- .content("boolean", is(true))
+ .body("boolean", is(true))
.when().post(driver.getUrl("WEBHDFS") + "/v1/user/hdfs/new");
masterServer.isEmpty();
LOG_EXIT();
[12/12] knox git commit: Merge remote-tracking branch 'origin/master'
into KNOX-998-Package_Restructuring
Posted by mo...@apache.org.
Merge remote-tracking branch 'origin/master' into KNOX-998-Package_Restructuring
# Conflicts:
# gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
# gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/416ee7c1
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/416ee7c1
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/416ee7c1
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: 416ee7c15076ddcaf25cd6a908e6cf1b39683673
Parents: f4a4355 2666894
Author: Sandeep More <mo...@apache.org>
Authored: Wed Sep 20 09:52:47 2017 -0400
Committer: Sandeep More <mo...@apache.org>
Committed: Wed Sep 20 09:52:47 2017 -0400
----------------------------------------------------------------------
.../federation/AbstractJWTFilterTest.java | 14 +-
.../federation/JWTFederationFilterTest.java | 1 -
.../federation/SSOCookieProviderTest.java | 1 -
gateway-service-knoxsso/pom.xml | 11 +-
.../gateway/service/knoxsso/WebSSOResource.java | 20 +-
.../service/knoxsso/WebSSOResourceTest.java | 303 +++++++++++++++-
gateway-service-knoxtoken/pom.xml | 29 +-
.../service/knoxtoken/TokenResource.java | 31 +-
.../knoxtoken/TokenServiceResourceTest.java | 257 +++++++++++++-
.../gateway/AmbariServiceDefinitionTest.java | 14 +-
.../knox/gateway/GatewayAdminFuncTest.java | 2 +-
.../gateway/GatewayAdminTopologyFuncTest.java | 62 ++--
.../apache/knox/gateway/GatewayAppFuncTest.java | 70 ++--
.../knox/gateway/GatewayBasicFuncTest.java | 349 +++++++++----------
.../knox/gateway/GatewayDeployFuncTest.java | 2 +-
.../knox/gateway/GatewayHealthFuncTest.java | 6 +-
.../GatewayLdapDynamicGroupFuncTest.java | 6 +-
.../knox/gateway/GatewayLdapGroupFuncTest.java | 4 +-
.../gateway/GatewayLdapPosixGroupFuncTest.java | 13 +-
.../gateway/GatewayLocalServiceFuncTest.java | 2 +-
.../knox/gateway/GatewayMultiFuncTest.java | 26 +-
.../GatewayPortMappingDisableFeatureTest.java | 4 +-
.../gateway/GatewayPortMappingFailTest.java | 2 +-
.../gateway/GatewayPortMappingFuncTest.java | 4 +-
.../knox/gateway/GatewaySampleFuncTest.java | 2 +-
.../apache/knox/gateway/Knox242FuncTest.java | 6 +-
.../apache/knox/gateway/WebHdfsHaFuncTest.java | 30 +-
27 files changed, 895 insertions(+), 376 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
----------------------------------------------------------------------
diff --cc gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
index 10efeb5,0000000..ea56486
mode 100644,000000..100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
@@@ -1,636 -1,0 +1,636 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.provider.federation;
+
+import static org.junit.Assert.fail;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.security.AccessController;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.security.PublicKey;
+import java.security.cert.Certificate;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.text.MessageFormat;
+import java.util.Enumeration;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Properties;
+import java.util.Date;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.knox.gateway.provider.federation.jwt.filter.AbstractJWTFilter;
+import org.apache.knox.gateway.provider.federation.jwt.filter.SSOCookieFederationFilter;
+import org.apache.knox.gateway.security.PrimaryPrincipal;
+import org.apache.knox.gateway.services.security.impl.X509CertificateUtil;
+import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
+import org.apache.knox.gateway.services.security.token.TokenServiceException;
+import org.apache.knox.gateway.services.security.token.impl.JWT;
+import org.apache.knox.gateway.services.security.token.impl.JWTToken;
+import org.easymock.EasyMock;
+import org.junit.After;
+import org.junit.Assert;
- import org.junit.Before;
++import org.junit.BeforeClass;
+import org.junit.Test;
+
+import com.nimbusds.jose.*;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+import com.nimbusds.jose.crypto.RSASSASigner;
+import com.nimbusds.jose.crypto.RSASSAVerifier;
+
+public abstract class AbstractJWTFilterTest {
+ private static final String SERVICE_URL = "https://localhost:8888/resource";
+ private static final String dnTemplate = "CN={0},OU=Test,O=Hadoop,L=Test,ST=Test,C=US";
+
+ protected AbstractJWTFilter handler = null;
- protected RSAPublicKey publicKey = null;
- protected RSAPrivateKey privateKey = null;
- protected String pem = null;
++ protected static RSAPublicKey publicKey = null;
++ protected static RSAPrivateKey privateKey = null;
++ protected static String pem = null;
+
+ protected abstract void setTokenOnRequest(HttpServletRequest request, SignedJWT jwt);
+ protected abstract void setGarbledTokenOnRequest(HttpServletRequest request, SignedJWT jwt);
+ protected abstract String getAudienceProperty();
+ protected abstract String getVerificationPemProperty();
+
- private String buildDistinguishedName(String hostname) {
++ private static String buildDistinguishedName(String hostname) {
+ MessageFormat headerFormatter = new MessageFormat(dnTemplate);
+ String[] paramArray = new String[1];
+ paramArray[0] = hostname;
+ String dn = headerFormatter.format(paramArray);
+ return dn;
+ }
+
- @Before
- public void setup() throws Exception, NoSuchAlgorithmException {
++ @BeforeClass
++ public static void generateKeys() throws Exception, NoSuchAlgorithmException {
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ kpg.initialize(2048);
+ KeyPair KPair = kpg.generateKeyPair();
+ String dn = buildDistinguishedName(InetAddress.getLocalHost().getHostName());
+ Certificate cert = X509CertificateUtil.generateCertificate(dn, KPair, 365, "SHA1withRSA");
+ byte[] data = cert.getEncoded();
+ Base64 encoder = new Base64( 76, "\n".getBytes( "ASCII" ) );
+ pem = new String(encoder.encodeToString( data ).getBytes( "ASCII" )).trim();
+
+ publicKey = (RSAPublicKey) KPair.getPublic();
+ privateKey = (RSAPrivateKey) KPair.getPrivate();
+ }
+
+ @After
+ public void teardown() throws Exception {
+ handler.destroy();
+ }
+
+ @Test
+ public void testValidJWT() throws Exception {
+ try {
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled );
+ Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
+ Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
+ Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName());
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testValidAudienceJWT() throws Exception {
+ try {
+ Properties props = getProperties();
+ props.put(getAudienceProperty(), "bar");
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled );
+ Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
+ Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
+ Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName());
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testInvalidAudienceJWT() throws Exception {
+ try {
+ Properties props = getProperties();
+ props.put(getAudienceProperty(), "foo");
+ props.put("sso.authentication.provider.url", "https://localhost:8443/gateway/knoxsso/api/v1/websso");
+
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be true.", !chain.doFilterCalled);
+ Assert.assertTrue("No Subject should be returned.", chain.subject == null);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testValidVerificationPEM() throws Exception {
+ try {
+ Properties props = getProperties();
+
+// System.out.println("+" + pem + "+");
+
+ props.put(getAudienceProperty(), "bar");
+ props.put("sso.authentication.provider.url", "https://localhost:8443/gateway/knoxsso/api/v1/websso");
+ props.put(getVerificationPemProperty(), pem);
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 50000), privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled );
+ Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
+ Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
+ Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName());
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testExpiredJWT() throws Exception {
+ try {
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() - 1000), privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.", !chain.doFilterCalled);
+ Assert.assertTrue("No Subject should be returned.", chain.subject == null);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testValidJWTNoExpiration() throws Exception {
+ try {
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", null, privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL).anyTimes();
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled );
+ Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
+ Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
+ Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName());
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testUnableToParseJWT() throws Exception {
+ try {
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setGarbledTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL).anyTimes();
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be true.", !chain.doFilterCalled);
+ Assert.assertTrue("No Subject should be returned.", chain.subject == null);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testFailedSignatureValidationJWT() throws Exception {
+ try {
+ // Create a private key to sign the token
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ kpg.initialize(1024);
+
+ KeyPair kp = kpg.genKeyPair();
+
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000),
+ (RSAPrivateKey)kp.getPrivate(), props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL).anyTimes();
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be true.", !chain.doFilterCalled);
+ Assert.assertTrue("No Subject should be returned.", chain.subject == null);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testInvalidVerificationPEM() throws Exception {
+ try {
+ Properties props = getProperties();
+
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ kpg.initialize(1024);
+
+ KeyPair KPair = kpg.generateKeyPair();
+ String dn = buildDistinguishedName(InetAddress.getLocalHost().getHostName());
+ Certificate cert = X509CertificateUtil.generateCertificate(dn, KPair, 365, "SHA1withRSA");
+ byte[] data = cert.getEncoded();
+ Base64 encoder = new Base64( 76, "\n".getBytes( "ASCII" ) );
+ String failingPem = new String(encoder.encodeToString( data ).getBytes( "ASCII" )).trim();
+
+ props.put(getAudienceProperty(), "bar");
+ props.put(getVerificationPemProperty(), failingPem);
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 50000), privateKey, props);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be true.", chain.doFilterCalled == false);
+ Assert.assertTrue("No Subject should be returned.", chain.subject == null);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testInvalidIssuer() throws Exception {
+ try {
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("new-issuer", "alice", new Date(new Date().getTime() + 5000), privateKey);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be true.", !chain.doFilterCalled);
+ Assert.assertTrue("No Subject should be returned.", chain.subject == null);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testValidIssuerViaConfig() throws Exception {
+ try {
+ Properties props = getProperties();
+ props.setProperty(AbstractJWTFilter.JWT_EXPECTED_ISSUER, "new-issuer");
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("new-issuer", "alice", new Date(new Date().getTime() + 5000), privateKey);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ setTokenOnRequest(request, jwt);
+
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
+ Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
+ Assert.assertTrue("No PrimaryPrincipal", principals.size() > 0);
+ Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName());
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ protected Properties getProperties() {
+ Properties props = new Properties();
+ props.setProperty(
+ SSOCookieFederationFilter.SSO_AUTHENTICATION_PROVIDER_URL,
+ "https://localhost:8443/authserver");
+ return props;
+ }
+
+ protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey,
+ Properties props) throws Exception {
+ return getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, sub, expires, privateKey);
+ }
+
+ protected SignedJWT getJWT(String issuer, String sub, Date expires, RSAPrivateKey privateKey)
+ throws Exception {
+ List<String> aud = new ArrayList<String>();
+ aud.add("bar");
+
+ JWTClaimsSet claims = new JWTClaimsSet.Builder()
+ .issuer(issuer)
+ .subject(sub)
+ .audience(aud)
+ .expirationTime(expires)
+ .claim("scope", "openid")
+ .build();
+
+ JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build();
+
+ SignedJWT signedJWT = new SignedJWT(header, claims);
+ JWSSigner signer = new RSASSASigner(privateKey);
+
+ signedJWT.sign(signer);
+
+ return signedJWT;
+ }
+
+ protected static class TestFilterConfig implements FilterConfig {
+ Properties props = null;
+
+ public TestFilterConfig(Properties props) {
+ this.props = props;
+ }
+
+ @Override
+ public String getFilterName() {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterConfig#getServletContext()
+ */
+ @Override
+ public ServletContext getServletContext() {
+// JWTokenAuthority authority = EasyMock.createNiceMock(JWTokenAuthority.class);
+// GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
+// EasyMock.expect(services.getService("TokenService").andReturn(authority));
+// ServletContext context = EasyMock.createNiceMock(ServletContext.class);
+// EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE).andReturn(new DefaultGatewayServices()));
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterConfig#getInitParameter(java.lang.String)
+ */
+ @Override
+ public String getInitParameter(String name) {
+ return props.getProperty(name, null);
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterConfig#getInitParameterNames()
+ */
+ @Override
+ public Enumeration<String> getInitParameterNames() {
+ return null;
+ }
+
+ }
+
+ protected static class TestJWTokenAuthority implements JWTokenAuthority {
+
+ private PublicKey verifyingKey;
+
+ public TestJWTokenAuthority(PublicKey verifyingKey) {
+ this.verifyingKey = verifyingKey;
+ }
+
+ /* (non-Javadoc)
+ * @see JWTokenAuthority#issueToken(javax.security.auth.Subject, java.lang.String)
+ */
+ @Override
+ public JWTToken issueToken(Subject subject, String algorithm)
+ throws TokenServiceException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see JWTokenAuthority#issueToken(java.security.Principal, java.lang.String)
+ */
+ @Override
+ public JWTToken issueToken(Principal p, String algorithm)
+ throws TokenServiceException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see JWTokenAuthority#issueToken(java.security.Principal, java.lang.String, java.lang.String)
+ */
+ @Override
+ public JWTToken issueToken(Principal p, String audience, String algorithm)
+ throws TokenServiceException {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see JWTokenAuthority#verifyToken(JWTToken)
+ */
+ @Override
+ public boolean verifyToken(JWTToken token) throws TokenServiceException {
+ JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) verifyingKey);
+ return token.verify(verifier);
+ }
+
+ /* (non-Javadoc)
+ * @see JWTokenAuthority#issueToken(java.security.Principal, java.lang.String, java.lang.String, long)
+ */
+ @Override
+ public JWTToken issueToken(Principal p, String audience, String algorithm,
+ long expires) throws TokenServiceException {
+ return null;
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, List<String> audiences, String algorithm,
+ long expires) throws TokenServiceException {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see JWTokenAuthority#issueToken(java.security.Principal, java.lang.String, long)
+ */
+ @Override
+ public JWT issueToken(Principal p, String audience, long l)
+ throws TokenServiceException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean verifyToken(JWTToken token, RSAPublicKey publicKey) throws TokenServiceException {
+ JWSVerifier verifier = new RSASSAVerifier(publicKey);
+ return token.verify(verifier);
+ }
+
+ }
+
+ protected static class TestFilterChain implements FilterChain {
+ boolean doFilterCalled = false;
+ Subject subject = null;
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
+ */
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response)
+ throws IOException, ServletException {
+ doFilterCalled = true;
+
+ subject = Subject.getSubject( AccessController.getContext() );
+ }
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTFederationFilterTest.java
----------------------------------------------------------------------
diff --cc gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTFederationFilterTest.java
index c35d013,0000000..bfb5e91
mode 100644,000000..100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTFederationFilterTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTFederationFilterTest.java
@@@ -1,67 -1,0 +1,66 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.provider.federation;
+
+import java.security.NoSuchAlgorithmException;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.knox.gateway.provider.federation.jwt.filter.JWTFederationFilter;
+import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
+import org.easymock.EasyMock;
+import org.junit.Before;
+
+import com.nimbusds.jwt.SignedJWT;
+
+public class JWTFederationFilterTest extends AbstractJWTFilterTest {
+
+ @Before
+ public void setup() throws Exception, NoSuchAlgorithmException {
- super.setup();
+ handler = new TestJWTFederationFilter();
+ ((TestJWTFederationFilter) handler).setTokenService(new TestJWTokenAuthority(publicKey));
+ }
+
+ protected void setTokenOnRequest(HttpServletRequest request, SignedJWT jwt) {
+ String token = "Bearer " + jwt.serialize();
+ EasyMock.expect(request.getHeader("Authorization")).andReturn(token);
+ }
+
+ protected void setGarbledTokenOnRequest(HttpServletRequest request, SignedJWT jwt) {
+ String token = "Bearer " + "ljm" + jwt.serialize();
+ EasyMock.expect(request.getHeader("Authorization")).andReturn(token);
+ }
+
+ protected String getAudienceProperty() {
+ return TestJWTFederationFilter.KNOX_TOKEN_AUDIENCES;
+ }
+
+ private static class TestJWTFederationFilter extends JWTFederationFilter {
+
+ public void setTokenService(JWTokenAuthority ts) {
+ authority = ts;
+ }
+
+ }
+
+ @Override
+ protected String getVerificationPemProperty() {
+ return TestJWTFederationFilter.TOKEN_VERIFICATION_PEM;
+ };
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/SSOCookieProviderTest.java
----------------------------------------------------------------------
diff --cc gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/SSOCookieProviderTest.java
index d217799,0000000..babbee2
mode 100644,000000..100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/SSOCookieProviderTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/SSOCookieProviderTest.java
@@@ -1,162 -1,0 +1,161 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.provider.federation;
+
+import static org.junit.Assert.fail;
+
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.util.Properties;
+import java.util.Date;
+import java.util.Set;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.knox.gateway.provider.federation.jwt.filter.SSOCookieFederationFilter;
+import org.apache.knox.gateway.security.PrimaryPrincipal;
+import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
+import org.easymock.EasyMock;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import com.nimbusds.jwt.SignedJWT;
+
+public class SSOCookieProviderTest extends AbstractJWTFilterTest {
+ private static final String SERVICE_URL = "https://localhost:8888/resource";
+
+ @Before
+ public void setup() throws Exception, NoSuchAlgorithmException {
- super.setup();
+ handler = new TestSSOCookieFederationProvider();
+ ((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority(publicKey));
+ }
+
+ protected void setTokenOnRequest(HttpServletRequest request, SignedJWT jwt) {
+ Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
+ EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie });
+ }
+
+ protected void setGarbledTokenOnRequest(HttpServletRequest request, SignedJWT jwt) {
+ Cookie cookie = new Cookie("hadoop-jwt", "ljm" + jwt.serialize());
+ EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie });
+ }
+
+ protected String getAudienceProperty() {
+ return TestSSOCookieFederationProvider.SSO_EXPECTED_AUDIENCES;
+ }
+
+ @Test
+ public void testCustomCookieNameJWT() throws Exception {
+ try {
+ Properties props = getProperties();
+ props.put("sso.cookie.name", "jowt");
+ handler.init(new TestFilterConfig(props));
+
+ SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000),
+ privateKey, props);
+
+ Cookie cookie = new Cookie("jowt", jwt.serialize());
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie });
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(
+ SERVICE_URL);
+ EasyMock.replay(request);
+
+ TestFilterChain chain = new TestFilterChain();
+ handler.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled );
+ Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
+ Assert.assertTrue("No PrimaryPrincipal returned.", !principals.isEmpty());
+ Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName());
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testNoProviderURLJWT() throws Exception {
+ try {
+ Properties props = getProperties();
+ props.remove("sso.authentication.provider.url");
+ handler.init(new TestFilterConfig(props));
+
+ fail("Servlet exception should have been thrown.");
+
+ } catch (ServletException se) {
+ // expected - let's ensure it mentions the missing authentication provider URL
+ se.getMessage().contains("authentication provider URL is missing");
+ }
+ }
+
+ @Test
+ public void testOrigURLWithQueryString() throws Exception {
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn("name=value");
+ EasyMock.replay(request);
+
+ String loginURL = ((TestSSOCookieFederationProvider)handler).testConstructLoginURL(request);
+ Assert.assertNotNull("loginURL should not be null.", loginURL);
+ Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL + "?name=value", loginURL);
+ }
+
+ @Test
+ public void testOrigURLNoQueryString() throws Exception {
+ Properties props = getProperties();
+ handler.init(new TestFilterConfig(props));
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.expect(request.getRequestURL()).andReturn(
+ new StringBuffer(SERVICE_URL)).anyTimes();
+ EasyMock.expect(request.getQueryString()).andReturn(null);
+ EasyMock.replay(request);
+
+ String loginURL = ((TestSSOCookieFederationProvider)handler).testConstructLoginURL(request);
+ Assert.assertNotNull("LoginURL should not be null.", loginURL);
+ Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL, loginURL);
+ }
+
+
+ @Override
+ protected String getVerificationPemProperty() {
+ return SSOCookieFederationFilter.SSO_VERIFICATION_PEM;
+ };
+
+ private static class TestSSOCookieFederationProvider extends SSOCookieFederationFilter {
+ public String testConstructLoginURL(HttpServletRequest req) {
+ return constructLoginURL(req);
+ }
+
+ public void setTokenService(JWTokenAuthority ts) {
+ authority = ts;
+ }
+ };
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java
----------------------------------------------------------------------
diff --cc gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java
index a6bb3f7,0000000..8a9d028
mode 100644,000000..100644
--- a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java
+++ b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java
@@@ -1,322 -1,0 +1,322 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.service.knoxsso;
+
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Arrays;
++import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.annotation.PostConstruct;
+import javax.servlet.ServletContext;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.WebApplicationException;
+
+import org.apache.knox.gateway.i18n.messages.MessagesFactory;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
+import org.apache.knox.gateway.services.security.token.TokenServiceException;
+import org.apache.knox.gateway.services.security.token.impl.JWT;
+import org.apache.knox.gateway.util.RegExUtils;
+import org.apache.knox.gateway.util.Urls;
+
+import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
+import static javax.ws.rs.core.MediaType.APPLICATION_XML;
+
+@Path( WebSSOResource.RESOURCE_PATH )
+public class WebSSOResource {
+ private static final String SSO_COOKIE_NAME = "knoxsso.cookie.name";
+ private static final String SSO_COOKIE_SECURE_ONLY_INIT_PARAM = "knoxsso.cookie.secure.only";
+ private static final String SSO_COOKIE_MAX_AGE_INIT_PARAM = "knoxsso.cookie.max.age";
+ private static final String SSO_COOKIE_DOMAIN_SUFFIX_PARAM = "knoxsso.cookie.domain.suffix";
+ private static final String SSO_COOKIE_TOKEN_TTL_PARAM = "knoxsso.token.ttl";
+ private static final String SSO_COOKIE_TOKEN_AUDIENCES_PARAM = "knoxsso.token.audiences";
+ private static final String SSO_COOKIE_TOKEN_WHITELIST_PARAM = "knoxsso.redirect.whitelist.regex";
+ private static final String SSO_ENABLE_SESSION_PARAM = "knoxsso.enable.session";
+ private static final String ORIGINAL_URL_REQUEST_PARAM = "originalUrl";
+ private static final String ORIGINAL_URL_COOKIE_NAME = "original-url";
+ private static final String DEFAULT_SSO_COOKIE_NAME = "hadoop-jwt";
+ // default for the whitelist - open up for development - relative paths and localhost only
+ private static final String DEFAULT_WHITELIST = "^/.*$;^https?://(localhost|127.0.0.1|0:0:0:0:0:0:0:1|::1):\\d{0,9}/.*$";
+ static final String RESOURCE_PATH = "/api/v1/websso";
+ private static KnoxSSOMessages log = MessagesFactory.get( KnoxSSOMessages.class );
+ private String cookieName = null;
+ private boolean secureOnly = true;
+ private int maxAge = -1;
+ private long tokenTTL = 30000l;
+ private String whitelist = null;
+ private String domainSuffix = null;
- private String[] targetAudiences = null;
++ private List<String> targetAudiences = new ArrayList<>();
+ private boolean enableSession = false;
+
+ @Context
- private HttpServletRequest request;
++ HttpServletRequest request;
+
+ @Context
- private HttpServletResponse response;
++ HttpServletResponse response;
+
+ @Context
+ ServletContext context;
+
+ @PostConstruct
+ public void init() {
+
+ // configured cookieName
+ cookieName = context.getInitParameter(SSO_COOKIE_NAME);
+ if (cookieName == null) {
+ cookieName = DEFAULT_SSO_COOKIE_NAME;
+ }
+
+ String secure = context.getInitParameter(SSO_COOKIE_SECURE_ONLY_INIT_PARAM);
+ if (secure != null) {
+ secureOnly = ("false".equals(secure) ? false : true);
+ if (!secureOnly) {
+ log.cookieSecureOnly(secureOnly);
+ }
+ }
+
+ String age = context.getInitParameter(SSO_COOKIE_MAX_AGE_INIT_PARAM);
+ if (age != null) {
+ try {
+ log.setMaxAge(age);
+ maxAge = Integer.parseInt(age);
+ }
+ catch (NumberFormatException nfe) {
+ log.invalidMaxAgeEncountered(age);
+ }
+ }
+
+ domainSuffix = context.getInitParameter(SSO_COOKIE_DOMAIN_SUFFIX_PARAM);
+
+ whitelist = context.getInitParameter(SSO_COOKIE_TOKEN_WHITELIST_PARAM);
+ if (whitelist == null) {
+ // default to local/relative targets
+ whitelist = DEFAULT_WHITELIST;
+ }
+
+ String audiences = context.getInitParameter(SSO_COOKIE_TOKEN_AUDIENCES_PARAM);
+ if (audiences != null) {
- targetAudiences = audiences.split(",");
++ String[] auds = audiences.split(",");
++ for (int i = 0; i < auds.length; i++) {
++ targetAudiences.add(auds[i]);
++ }
+ }
+
+ String ttl = context.getInitParameter(SSO_COOKIE_TOKEN_TTL_PARAM);
+ if (ttl != null) {
+ try {
+ tokenTTL = Long.parseLong(ttl);
+ }
+ catch (NumberFormatException nfe) {
+ log.invalidTokenTTLEncountered(ttl);
+ }
+ }
+
+ String enableSession = context.getInitParameter(SSO_ENABLE_SESSION_PARAM);
+ this.enableSession = ("true".equals(enableSession));
+ }
+
+ @GET
+ @Produces({APPLICATION_JSON, APPLICATION_XML})
+ public Response doGet() {
+ return getAuthenticationToken(HttpServletResponse.SC_TEMPORARY_REDIRECT);
+ }
+
+ @POST
+ @Produces({APPLICATION_JSON, APPLICATION_XML})
+ public Response doPost() {
+ return getAuthenticationToken(HttpServletResponse.SC_SEE_OTHER);
+ }
+
+ private Response getAuthenticationToken(int statusCode) {
+ GatewayServices services = (GatewayServices) request.getServletContext()
+ .getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
+ boolean removeOriginalUrlCookie = true;
+ String original = getCookieValue((HttpServletRequest) request, ORIGINAL_URL_COOKIE_NAME);
+ if (original == null) {
+ // in the case where there are no SAML redirects done before here
+ // we need to get it from the request parameters
+ removeOriginalUrlCookie = false;
+ original = getOriginalUrlFromQueryParams();
+ if (original.isEmpty()) {
+ log.originalURLNotFound();
+ throw new WebApplicationException("Original URL not found in the request.", Response.Status.BAD_REQUEST);
+ }
+ boolean validRedirect = RegExUtils.checkWhitelist(whitelist, original);
+ if (!validRedirect) {
+ log.whiteListMatchFail(original, whitelist);
+ throw new WebApplicationException("Original URL not valid according to the configured whitelist.",
+ Response.Status.BAD_REQUEST);
+ }
+ }
+
+ JWTokenAuthority ts = services.getService(GatewayServices.TOKEN_SERVICE);
+ Principal p = ((HttpServletRequest)request).getUserPrincipal();
+
+ try {
+ JWT token = null;
- if (targetAudiences == null || targetAudiences.length == 0) {
++ if (targetAudiences.isEmpty()) {
+ token = ts.issueToken(p, "RS256", getExpiry());
+ } else {
- ArrayList<String> aud = new ArrayList<String>();
- for (int i = 0; i < targetAudiences.length; i++) {
- aud.add(targetAudiences[i]);
- }
- token = ts.issueToken(p, aud, "RS256", getExpiry());
++ token = ts.issueToken(p, targetAudiences, "RS256", getExpiry());
+ }
+
+ // Coverity CID 1327959
+ if( token != null ) {
+ addJWTHadoopCookie( original, token );
+ }
+
+ if (removeOriginalUrlCookie) {
+ removeOriginalUrlCookie(response);
+ }
+
+ log.aboutToRedirectToOriginal(original);
+ response.setStatus(statusCode);
+ response.setHeader("Location", original);
+ try {
+ response.getOutputStream().close();
+ } catch (IOException e) {
+ log.unableToCloseOutputStream(e.getMessage(), Arrays.toString(e.getStackTrace()));
+ }
+ }
+ catch (TokenServiceException e) {
+ log.unableToIssueToken(e);
+ }
+ URI location = null;
+ try {
+ location = new URI(original);
+ }
+ catch(URISyntaxException urise) {
+ // todo log return error response
+ }
+
+ if (!enableSession) {
+ // invalidate the session to avoid autologin
+ // Coverity CID 1352857
+ HttpSession session = request.getSession(false);
+ if( session != null ) {
+ session.invalidate();
+ }
+ }
+
+ return Response.seeOther(location).entity("{ \"redirectTo\" : " + original + " }").build();
+ }
+
+ private String getOriginalUrlFromQueryParams() {
+ String original = request.getParameter(ORIGINAL_URL_REQUEST_PARAM);
+ StringBuffer buf = new StringBuffer(original);
+
+ // Add any other query params.
+ // Probably not ideal but will not break existing integrations by requiring
+ // some encoding.
+ Map<String, String[]> params = request.getParameterMap();
+ for (Entry<String, String[]> entry : params.entrySet()) {
+ if (!ORIGINAL_URL_REQUEST_PARAM.equals(entry.getKey())
+ && !original.contains(entry.getKey() + "=")) {
+ buf.append("&").append(entry.getKey());
+ String[] values = entry.getValue();
+ if (values.length > 0 && values[0] != null) {
+ buf.append("=");
+ }
+ for (int i = 0; i < values.length; i++) {
+ if (values[0] != null) {
+ buf.append(values[i]);
+ if (i < values.length-1) {
+ buf.append("&").append(entry.getKey()).append("=");
+ }
+ }
+ }
+ }
+ }
+
+ return buf.toString();
+ }
+
+ private long getExpiry() {
+ long expiry = 0l;
+ if (tokenTTL == -1) {
+ expiry = -1;
+ }
+ else {
+ expiry = System.currentTimeMillis() + tokenTTL;
+ }
+ return expiry;
+ }
+
+ private void addJWTHadoopCookie(String original, JWT token) {
+ log.addingJWTCookie(token.toString());
+ Cookie c = new Cookie(cookieName, token.toString());
+ c.setPath("/");
+ try {
+ String domain = Urls.getDomainName(original, domainSuffix);
+ if (domain != null) {
+ c.setDomain(domain);
+ }
+ c.setHttpOnly(true);
+ if (secureOnly) {
+ c.setSecure(true);
+ }
+ if (maxAge != -1) {
+ c.setMaxAge(maxAge);
+ }
+ response.addCookie(c);
+ log.addedJWTCookie();
+ }
+ catch(Exception e) {
+ log.unableAddCookieToResponse(e.getMessage(), Arrays.toString(e.getStackTrace()));
+ throw new WebApplicationException("Unable to add JWT cookie to response.");
+ }
+ }
+
+ private void removeOriginalUrlCookie(HttpServletResponse response) {
+ Cookie c = new Cookie(ORIGINAL_URL_COOKIE_NAME, null);
+ c.setMaxAge(0);
+ c.setPath(RESOURCE_PATH);
+ response.addCookie(c);
+ }
+
+ private String getCookieValue(HttpServletRequest request, String name) {
+ Cookie[] cookies = request.getCookies();
+ String value = null;
+ if (cookies != null) {
+ for(Cookie cookie : cookies){
+ if(name.equals(cookie.getName())){
+ value = cookie.getValue();
+ }
+ }
+ }
+ if (value == null) {
+ log.cookieNotFound(name);
+ }
+ return value;
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
----------------------------------------------------------------------
diff --cc gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
index 5b195e4,0000000..864440c
mode 100644,000000..100644
--- a/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
+++ b/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
@@@ -1,71 -1,0 +1,352 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.service.knoxsso;
+
+import org.apache.knox.gateway.util.RegExUtils;
++import static org.junit.Assert.assertEquals;
++import static org.junit.Assert.assertNotNull;
++import static org.junit.Assert.assertTrue;
++
++import java.security.KeyPair;
++import java.security.KeyPairGenerator;
++import java.security.NoSuchAlgorithmException;
++import java.security.Principal;
++import java.security.interfaces.RSAPrivateKey;
++import java.security.interfaces.RSAPublicKey;
++import java.util.ArrayList;
++import java.util.Arrays;
++import java.util.Collections;
++import java.util.HashMap;
++import java.util.List;
++import java.util.Map;
++
++import javax.security.auth.Subject;
++import javax.servlet.ServletContext;
++import javax.servlet.ServletOutputStream;
++import javax.servlet.http.Cookie;
++import javax.servlet.http.HttpServletRequest;
++import javax.servlet.http.HttpServletResponse;
++import javax.servlet.http.HttpServletResponseWrapper;
++
++import org.apache.knox.gateway.services.GatewayServices;
++import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
++import org.apache.knox.gateway.services.security.token.TokenServiceException;
++import org.apache.knox.gateway.services.security.token.impl.JWT;
++import org.apache.knox.gateway.services.security.token.impl.JWTToken;
++import org.apache.knox.gateway.util.RegExUtils;
++import org.easymock.EasyMock;
+import org.junit.Assert;
++import org.junit.BeforeClass;
+import org.junit.Test;
+
++import com.nimbusds.jose.JWSSigner;
++import com.nimbusds.jose.JWSVerifier;
++import com.nimbusds.jose.crypto.RSASSASigner;
++import com.nimbusds.jose.crypto.RSASSAVerifier;
++
+/**
- *
++ * Some tests for the Knox SSO service.
+ */
+public class WebSSOResourceTest {
+
++ protected static RSAPublicKey publicKey;
++ protected static RSAPrivateKey privateKey;
++
++ @BeforeClass
++ public static void setup() throws Exception, NoSuchAlgorithmException {
++ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
++ kpg.initialize(1024);
++ KeyPair KPair = kpg.generateKeyPair();
++
++ publicKey = (RSAPublicKey) KPair.getPublic();
++ privateKey = (RSAPrivateKey) KPair.getPrivate();
++ }
++
+ @Test
+ public void testWhitelistMatching() throws Exception {
+ String whitelist = "^https?://.*example.com:8080/.*$;" +
+ "^https?://.*example.com/.*$;" +
+ "^https?://.*example2.com:\\d{0,9}/.*$;" +
+ "^https://.*example3.com:\\d{0,9}/.*$;" +
+ "^https?://localhost:\\d{0,9}/.*$;^/.*$";
+
+ // match on explicit hostname/domain and port
+ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example.com:8080/"));
+ // match on non-required port
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example.com/"));
+ // match on required but any port
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example2.com:1234/"));
+ // fail on missing port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example2.com/"));
+ // fail on invalid port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example.com:8081/"));
+ // fail on alphanumeric port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example.com:A080/"));
+ // fail on invalid hostname/domain
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example.net:8080/"));
+ // fail on required port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example2.com/"));
+ // fail on required https
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ "http://host.example3.com/"));
+ // match on localhost and port
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ "http://localhost:8080/"));
+ // match on local/relative path
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
++ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ "/local/resource/"));
+ }
++
++ @Test
++ public void testGetToken() throws Exception {
++
++ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.token.ttl")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.enable.session")).andReturn(null);
++
++ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
++ EasyMock.expect(request.getParameter("originalUrl")).andReturn("http://localhost:9080/service");
++ EasyMock.expect(request.getParameterMap()).andReturn(Collections.<String,String[]>emptyMap());
++ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
++
++ Principal principal = EasyMock.createNiceMock(Principal.class);
++ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
++ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
++
++ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
++ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
++
++ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
++ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
++
++ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
++ ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
++ CookieResponseWrapper responseWrapper = new CookieResponseWrapper(response, outputStream);
++
++ EasyMock.replay(principal, services, context, request);
++
++ WebSSOResource webSSOResponse = new WebSSOResource();
++ webSSOResponse.request = request;
++ webSSOResponse.response = responseWrapper;
++ webSSOResponse.context = context;
++ webSSOResponse.init();
++
++ // Issue a token
++ webSSOResponse.doGet();
++
++ // Check the cookie
++ Cookie cookie = responseWrapper.getCookie("hadoop-jwt");
++ assertNotNull(cookie);
++
++ JWTToken parsedToken = new JWTToken(cookie.getValue());
++ assertEquals("alice", parsedToken.getSubject());
++ assertTrue(authority.verifyToken(parsedToken));
++ }
++
++ @Test
++ public void testAudiences() throws Exception {
++
++ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn("recipient1,recipient2");
++ EasyMock.expect(context.getInitParameter("knoxsso.token.ttl")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knoxsso.enable.session")).andReturn(null);
++
++ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
++ EasyMock.expect(request.getParameter("originalUrl")).andReturn("http://localhost:9080/service");
++ EasyMock.expect(request.getParameterMap()).andReturn(Collections.<String,String[]>emptyMap());
++ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
++
++ Principal principal = EasyMock.createNiceMock(Principal.class);
++ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
++ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
++
++ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
++ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
++
++ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
++ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
++
++ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
++ ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
++ CookieResponseWrapper responseWrapper = new CookieResponseWrapper(response, outputStream);
++
++ EasyMock.replay(principal, services, context, request);
++
++ WebSSOResource webSSOResponse = new WebSSOResource();
++ webSSOResponse.request = request;
++ webSSOResponse.response = responseWrapper;
++ webSSOResponse.context = context;
++ webSSOResponse.init();
++
++ // Issue a token
++ webSSOResponse.doGet();
++
++ // Check the cookie
++ Cookie cookie = responseWrapper.getCookie("hadoop-jwt");
++ assertNotNull(cookie);
++
++ JWTToken parsedToken = new JWTToken(cookie.getValue());
++ assertEquals("alice", parsedToken.getSubject());
++ assertTrue(authority.verifyToken(parsedToken));
++
++ // Verify the audiences
++ List<String> audiences = Arrays.asList(parsedToken.getAudienceClaims());
++ assertEquals(2, audiences.size());
++ assertTrue(audiences.contains("recipient1"));
++ assertTrue(audiences.contains("recipient2"));
++ }
++
++ /**
++ * A wrapper for HttpServletResponseWrapper to store the cookies
++ */
++ private static class CookieResponseWrapper extends HttpServletResponseWrapper {
++
++ private ServletOutputStream outputStream;
++ private Map<String, Cookie> cookies = new HashMap<>();
++
++ public CookieResponseWrapper(HttpServletResponse response) {
++ super(response);
++ }
++
++ public CookieResponseWrapper(HttpServletResponse response, ServletOutputStream outputStream) {
++ super(response);
++ this.outputStream = outputStream;
++ }
++
++ @Override
++ public ServletOutputStream getOutputStream() {
++ return outputStream;
++ }
++
++ @Override
++ public void addCookie(Cookie cookie) {
++ super.addCookie(cookie);
++ cookies.put(cookie.getName(), cookie);
++ }
++
++ public Cookie getCookie(String name) {
++ return cookies.get(name);
++ }
++
++ }
++
++ private static class TestJWTokenAuthority implements JWTokenAuthority {
++
++ private RSAPublicKey publicKey;
++ private RSAPrivateKey privateKey;
++
++ public TestJWTokenAuthority(RSAPublicKey publicKey, RSAPrivateKey privateKey) {
++ this.publicKey = publicKey;
++ this.privateKey = privateKey;
++ }
++
++ @Override
++ public JWTToken issueToken(Subject subject, String algorithm)
++ throws TokenServiceException {
++ Principal p = (Principal) subject.getPrincipals().toArray()[0];
++ return issueToken(p, algorithm);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, String algorithm)
++ throws TokenServiceException {
++ return issueToken(p, null, algorithm);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, String audience, String algorithm)
++ throws TokenServiceException {
++ return issueToken(p, audience, algorithm, -1);
++ }
++
++ @Override
++ public boolean verifyToken(JWTToken token) throws TokenServiceException {
++ JWSVerifier verifier = new RSASSAVerifier(publicKey);
++ return token.verify(verifier);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, String audience, String algorithm,
++ long expires) throws TokenServiceException {
++ List<String> audiences = null;
++ if (audience != null) {
++ audiences = new ArrayList<String>();
++ audiences.add(audience);
++ }
++ return issueToken(p, audiences, algorithm, expires);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, List<String> audiences, String algorithm,
++ long expires) throws TokenServiceException {
++ String[] claimArray = new String[4];
++ claimArray[0] = "KNOXSSO";
++ claimArray[1] = p.getName();
++ claimArray[2] = null;
++ if (expires == -1) {
++ claimArray[3] = null;
++ } else {
++ claimArray[3] = String.valueOf(expires);
++ }
++
++ JWTToken token = null;
++ if ("RS256".equals(algorithm)) {
++ token = new JWTToken("RS256", claimArray, audiences);
++ JWSSigner signer = new RSASSASigner(privateKey);
++ token.sign(signer);
++ } else {
++ throw new TokenServiceException("Cannot issue token - Unsupported algorithm");
++ }
++
++ return token;
++ }
++
++ @Override
++ public JWT issueToken(Principal p, String algorithm, long expiry)
++ throws TokenServiceException {
++ return issueToken(p, Collections.<String>emptyList(), algorithm, expiry);
++ }
++
++ @Override
++ public boolean verifyToken(JWTToken token, RSAPublicKey publicKey) throws TokenServiceException {
++ JWSVerifier verifier = new RSASSAVerifier(publicKey);
++ return token.verify(verifier);
++ }
++
++ }
++
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
----------------------------------------------------------------------
diff --cc gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
index 9118d50,0000000..2c77bdf
mode 100644,000000..100644
--- a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
+++ b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
@@@ -1,182 -1,0 +1,183 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.service.knoxtoken;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
++import java.util.List;
++
+import javax.annotation.PostConstruct;
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
+import org.apache.knox.gateway.i18n.messages.MessagesFactory;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
+import org.apache.knox.gateway.services.security.token.TokenServiceException;
+import org.apache.knox.gateway.services.security.token.impl.JWT;
+import org.apache.knox.gateway.util.JsonUtils;
+
+import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
+import static javax.ws.rs.core.MediaType.APPLICATION_XML;
+
+@Path( TokenResource.RESOURCE_PATH )
+public class TokenResource {
+ private static final String EXPIRES_IN = "expires_in";
+ private static final String TOKEN_TYPE = "token_type";
+ private static final String ACCESS_TOKEN = "access_token";
+ private static final String TARGET_URL = "target_url";
+ private static final String BEARER = "Bearer ";
+ private static final String TOKEN_TTL_PARAM = "knox.token.ttl";
+ private static final String TOKEN_AUDIENCES_PARAM = "knox.token.audiences";
+ private static final String TOKEN_TARGET_URL = "knox.token.target.url";
+ private static final String TOKEN_CLIENT_DATA = "knox.token.client.data";
+ static final String RESOURCE_PATH = "knoxtoken/api/v1/token";
+ private static TokenServiceMessages log = MessagesFactory.get( TokenServiceMessages.class );
+ private long tokenTTL = 30000l;
- private String[] targetAudiences = null;
++ private List<String> targetAudiences = new ArrayList<>();
+ private String tokenTargetUrl = null;
+ private Map<String,Object> tokenClientDataMap = null;
+
+ @Context
- private HttpServletRequest request;
++ HttpServletRequest request;
+
+ @Context
- private HttpServletResponse response;
++ HttpServletResponse response;
+
+ @Context
+ ServletContext context;
+
+ @PostConstruct
+ public void init() {
+
+ String audiences = context.getInitParameter(TOKEN_AUDIENCES_PARAM);
+ if (audiences != null) {
- targetAudiences = audiences.split(",");
++ String[] auds = audiences.split(",");
++ for (int i = 0; i < auds.length; i++) {
++ targetAudiences.add(auds[i]);
++ }
+ }
+
+ String ttl = context.getInitParameter(TOKEN_TTL_PARAM);
+ if (ttl != null) {
+ try {
+ tokenTTL = Long.parseLong(ttl);
+ }
+ catch (NumberFormatException nfe) {
+ log.invalidTokenTTLEncountered(ttl);
+ }
+ }
-
++
+ tokenTargetUrl = context.getInitParameter(TOKEN_TARGET_URL);
+
+ String clientData = context.getInitParameter(TOKEN_CLIENT_DATA);
+ if (clientData != null) {
+ tokenClientDataMap = new HashMap<>();
+ String[] tokenClientData = clientData.split(",");
+ addClientDataToMap(tokenClientData, tokenClientDataMap);
+ }
+ }
+
+ @GET
+ @Produces({APPLICATION_JSON, APPLICATION_XML})
+ public Response doGet() {
+ return getAuthenticationToken();
+ }
+
+ @POST
+ @Produces({APPLICATION_JSON, APPLICATION_XML})
+ public Response doPost() {
+ return getAuthenticationToken();
+ }
+
+ private Response getAuthenticationToken() {
+ GatewayServices services = (GatewayServices) request.getServletContext()
+ .getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
+
+ JWTokenAuthority ts = services.getService(GatewayServices.TOKEN_SERVICE);
+ Principal p = ((HttpServletRequest)request).getUserPrincipal();
+ long expires = getExpiry();
-
++
+ try {
+ JWT token = null;
- if (targetAudiences == null || targetAudiences.length == 0) {
- token = ts.issueToken(p, "RS256", getExpiry());
++ if (targetAudiences.isEmpty()) {
++ token = ts.issueToken(p, "RS256", expires);
+ } else {
- ArrayList<String> aud = new ArrayList<String>();
- for (int i = 0; i < targetAudiences.length; i++) {
- aud.add(targetAudiences[i]);
- }
- token = ts.issueToken(p, aud, "RS256", expires);
++ token = ts.issueToken(p, targetAudiences, "RS256", expires);
+ }
+
+ if (token != null) {
+ String accessToken = token.toString();
-
++
+ HashMap<String, Object> map = new HashMap<>();
+ map.put(ACCESS_TOKEN, accessToken);
+ map.put(TOKEN_TYPE, BEARER);
+ map.put(EXPIRES_IN, expires);
+ if (tokenTargetUrl != null) {
+ map.put(TARGET_URL, tokenTargetUrl);
+ }
+ if (tokenClientDataMap != null) {
+ map.putAll(tokenClientDataMap);
+ }
-
++
+ String jsonResponse = JsonUtils.renderAsJsonString(map);
+
+ response.getWriter().write(jsonResponse);
+ return Response.ok().build();
+ }
+ else {
+ return Response.serverError().build();
+ }
+ }
+ catch (TokenServiceException | IOException e) {
+ log.unableToIssueToken(e);
+ }
+ return Response.ok().entity("{ \"Unable to acquire token.\" }").build();
+ }
+
+ void addClientDataToMap(String[] tokenClientData,
+ Map<String,Object> map) {
+ String[] kv = null;
+ for (int i = 0; i < tokenClientData.length; i++) {
+ kv = tokenClientData[i].split("=");
+ if (kv.length == 2) {
+ map.put(kv[0], kv[1]);
+ }
+ }
+ }
+
+ private long getExpiry() {
+ long expiry = 0l;
+ if (tokenTTL == -1) {
+ expiry = -1;
+ }
+ else {
+ expiry = System.currentTimeMillis() + tokenTTL;
+ }
+ return expiry;
+ }
+}
[04/12] knox git commit: KNOX-1047 - Add some tests for the Knox
Token Service
Posted by mo...@apache.org.
KNOX-1047 - Add some tests for the Knox Token Service
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/3557612d
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/3557612d
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/3557612d
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: 3557612d5a5d904c3dfa61ba03cccfbbd365b296
Parents: 4978951
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Sep 19 12:17:59 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Sep 19 12:17:59 2017 +0100
----------------------------------------------------------------------
.../federation/AbstractJWTFilterTest.java | 14 +-
.../federation/JWTFederationFilterTest.java | 1 -
.../federation/SSOCookieProviderTest.java | 1 -
gateway-service-knoxtoken/pom.xml | 29 ++-
.../service/knoxtoken/TokenResource.java | 31 +--
.../knoxtoken/TokenServiceResourceTest.java | 256 ++++++++++++++++++-
6 files changed, 293 insertions(+), 39 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/3557612d/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/AbstractJWTFilterTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/AbstractJWTFilterTest.java b/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/AbstractJWTFilterTest.java
index 6f221a9..d477f1f 100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/AbstractJWTFilterTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/AbstractJWTFilterTest.java
@@ -60,7 +60,7 @@ import org.apache.hadoop.gateway.services.security.token.impl.JWTToken;
import org.easymock.EasyMock;
import org.junit.After;
import org.junit.Assert;
-import org.junit.Before;
+import org.junit.BeforeClass;
import org.junit.Test;
import com.nimbusds.jose.*;
@@ -74,16 +74,16 @@ public abstract class AbstractJWTFilterTest {
private static final String dnTemplate = "CN={0},OU=Test,O=Hadoop,L=Test,ST=Test,C=US";
protected AbstractJWTFilter handler = null;
- protected RSAPublicKey publicKey = null;
- protected RSAPrivateKey privateKey = null;
- protected String pem = null;
+ protected static RSAPublicKey publicKey = null;
+ protected static RSAPrivateKey privateKey = null;
+ protected static String pem = null;
protected abstract void setTokenOnRequest(HttpServletRequest request, SignedJWT jwt);
protected abstract void setGarbledTokenOnRequest(HttpServletRequest request, SignedJWT jwt);
protected abstract String getAudienceProperty();
protected abstract String getVerificationPemProperty();
- private String buildDistinguishedName(String hostname) {
+ private static String buildDistinguishedName(String hostname) {
MessageFormat headerFormatter = new MessageFormat(dnTemplate);
String[] paramArray = new String[1];
paramArray[0] = hostname;
@@ -91,8 +91,8 @@ public abstract class AbstractJWTFilterTest {
return dn;
}
- @Before
- public void setup() throws Exception, NoSuchAlgorithmException {
+ @BeforeClass
+ public static void generateKeys() throws Exception, NoSuchAlgorithmException {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(2048);
KeyPair KPair = kpg.generateKeyPair();
http://git-wip-us.apache.org/repos/asf/knox/blob/3557612d/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/JWTFederationFilterTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/JWTFederationFilterTest.java b/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/JWTFederationFilterTest.java
index d19d999..99a3780 100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/JWTFederationFilterTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/JWTFederationFilterTest.java
@@ -32,7 +32,6 @@ public class JWTFederationFilterTest extends AbstractJWTFilterTest {
@Before
public void setup() throws Exception, NoSuchAlgorithmException {
- super.setup();
handler = new TestJWTFederationFilter();
((TestJWTFederationFilter) handler).setTokenService(new TestJWTokenAuthority(publicKey));
}
http://git-wip-us.apache.org/repos/asf/knox/blob/3557612d/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/SSOCookieProviderTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/SSOCookieProviderTest.java b/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/SSOCookieProviderTest.java
index 85f7d59..768755b 100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/SSOCookieProviderTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/hadoop/gateway/provider/federation/SSOCookieProviderTest.java
@@ -45,7 +45,6 @@ public class SSOCookieProviderTest extends AbstractJWTFilterTest {
@Before
public void setup() throws Exception, NoSuchAlgorithmException {
- super.setup();
handler = new TestSSOCookieFederationProvider();
((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority(publicKey));
}
http://git-wip-us.apache.org/repos/asf/knox/blob/3557612d/gateway-service-knoxtoken/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-service-knoxtoken/pom.xml b/gateway-service-knoxtoken/pom.xml
index 1dafa20..e27b7b0 100644
--- a/gateway-service-knoxtoken/pom.xml
+++ b/gateway-service-knoxtoken/pom.xml
@@ -56,19 +56,20 @@
<groupId>${gateway-group}</groupId>
<artifactId>gateway-provider-jersey</artifactId>
</dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.knox</groupId>
- <artifactId>gateway-test-utils</artifactId>
- <scope>test</scope>
- </dependency>
<dependency>
- <groupId>org.easymock</groupId>
- <artifactId>easymock</artifactId>
- <scope>test</scope>
- </dependency> </dependencies>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.knox</groupId>
+ <artifactId>gateway-test-utils</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.easymock</groupId>
+ <artifactId>easymock</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
</project>
http://git-wip-us.apache.org/repos/asf/knox/blob/3557612d/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java b/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
index 4fda69f..43dd526 100644
--- a/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
+++ b/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
@@ -22,6 +22,8 @@ import java.security.Principal;
import java.util.ArrayList;
import java.util.Map;
import java.util.HashMap;
+import java.util.List;
+
import javax.annotation.PostConstruct;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
@@ -55,15 +57,15 @@ public class TokenResource {
static final String RESOURCE_PATH = "knoxtoken/api/v1/token";
private static TokenServiceMessages log = MessagesFactory.get( TokenServiceMessages.class );
private long tokenTTL = 30000l;
- private String[] targetAudiences = null;
+ private List<String> targetAudiences = new ArrayList<>();
private String tokenTargetUrl = null;
private Map<String,Object> tokenClientDataMap = null;
@Context
- private HttpServletRequest request;
+ HttpServletRequest request;
@Context
- private HttpServletResponse response;
+ HttpServletResponse response;
@Context
ServletContext context;
@@ -73,7 +75,10 @@ public class TokenResource {
String audiences = context.getInitParameter(TOKEN_AUDIENCES_PARAM);
if (audiences != null) {
- targetAudiences = audiences.split(",");
+ String[] auds = audiences.split(",");
+ for (int i = 0; i < auds.length; i++) {
+ targetAudiences.add(auds[i]);
+ }
}
String ttl = context.getInitParameter(TOKEN_TTL_PARAM);
@@ -85,7 +90,7 @@ public class TokenResource {
log.invalidTokenTTLEncountered(ttl);
}
}
-
+
tokenTargetUrl = context.getInitParameter(TOKEN_TARGET_URL);
String clientData = context.getInitParameter(TOKEN_CLIENT_DATA);
@@ -115,22 +120,18 @@ public class TokenResource {
JWTokenAuthority ts = services.getService(GatewayServices.TOKEN_SERVICE);
Principal p = ((HttpServletRequest)request).getUserPrincipal();
long expires = getExpiry();
-
+
try {
JWT token = null;
- if (targetAudiences == null || targetAudiences.length == 0) {
- token = ts.issueToken(p, "RS256", getExpiry());
+ if (targetAudiences.isEmpty()) {
+ token = ts.issueToken(p, "RS256", expires);
} else {
- ArrayList<String> aud = new ArrayList<String>();
- for (int i = 0; i < targetAudiences.length; i++) {
- aud.add(targetAudiences[i]);
- }
- token = ts.issueToken(p, aud, "RS256", expires);
+ token = ts.issueToken(p, targetAudiences, "RS256", expires);
}
if (token != null) {
String accessToken = token.toString();
-
+
HashMap<String, Object> map = new HashMap<>();
map.put(ACCESS_TOKEN, accessToken);
map.put(TOKEN_TYPE, BEARER);
@@ -141,7 +142,7 @@ public class TokenResource {
if (tokenClientDataMap != null) {
map.putAll(tokenClientDataMap);
}
-
+
String jsonResponse = JsonUtils.renderAsJsonString(map);
response.getWriter().write(jsonResponse);
http://git-wip-us.apache.org/repos/asf/knox/blob/3557612d/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxtoken/TokenServiceResourceTest.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxtoken/TokenServiceResourceTest.java b/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxtoken/TokenServiceResourceTest.java
index 2b4fea1..9faa073 100644
--- a/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxtoken/TokenServiceResourceTest.java
+++ b/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxtoken/TokenServiceResourceTest.java
@@ -18,17 +18,63 @@
package org.apache.hadoop.gateway.service.knoxtoken;
import org.apache.hadoop.gateway.service.knoxtoken.TokenResource;
+import org.apache.hadoop.gateway.services.GatewayServices;
+import org.apache.hadoop.gateway.services.security.token.JWTokenAuthority;
+import org.apache.hadoop.gateway.services.security.token.TokenServiceException;
+import org.apache.hadoop.gateway.services.security.token.impl.JWT;
+import org.apache.hadoop.gateway.services.security.token.impl.JWTToken;
+import org.easymock.EasyMock;
import org.junit.Assert;
+import org.junit.BeforeClass;
import org.junit.Test;
+import com.nimbusds.jose.JWSSigner;
+import com.nimbusds.jose.JWSVerifier;
+import com.nimbusds.jose.crypto.RSASSASigner;
+import com.nimbusds.jose.crypto.RSASSAVerifier;
+
import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.Response;
+
+import static org.junit.Assert.*;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
import java.util.HashMap;
+import java.util.List;
/**
- *
+ * Some tests for the token service
*/
public class TokenServiceResourceTest {
+ protected static RSAPublicKey publicKey;
+ protected static RSAPrivateKey privateKey;
+
+ @BeforeClass
+ public static void setup() throws Exception, NoSuchAlgorithmException {
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ kpg.initialize(1024);
+ KeyPair KPair = kpg.generateKeyPair();
+
+ publicKey = (RSAPublicKey) KPair.getPublic();
+ privateKey = (RSAPrivateKey) KPair.getPrivate();
+ }
+
@Test
public void testTokenService() throws Exception {
Assert.assertTrue(true);
@@ -50,4 +96,212 @@ public class TokenServiceResourceTest {
tr.addClientDataToMap("".split(","), clientDataMap);
Assert.assertTrue(clientDataMap.size() == 0);
}
+
+ @Test
+ public void testGetToken() throws Exception {
+ TokenResource tr = new TokenResource();
+
+ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
+ //tr.context = context;
+ // tr.init();
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
+ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
+
+ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
+ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
+
+ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
+ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
+
+ StringWriter writer = new StringWriter();
+ PrintWriter printWriter = new PrintWriter(writer);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.getWriter()).andReturn(printWriter);
+
+ EasyMock.replay(principal, services, context, request, response);
+
+ tr.request = request;
+ tr.response = response;
+
+ // Issue a token
+ Response retResponse = tr.doGet();
+
+ assertEquals(200, retResponse.getStatus());
+
+ // Parse the response
+ String retString = writer.toString();
+ String accessToken = getTagValue(retString, "access_token");
+ assertNotNull(accessToken);
+ String expiry = getTagValue(retString, "expires_in");
+ assertNotNull(expiry);
+
+ // Verify the token
+ JWTToken parsedToken = new JWTToken(accessToken);
+ assertEquals("alice", parsedToken.getSubject());
+ assertTrue(authority.verifyToken(parsedToken));
+ }
+
+ @Test
+ public void testAudiences() throws Exception {
+
+ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
+ EasyMock.expect(context.getInitParameter("knox.token.audiences")).andReturn("recipient1,recipient2");
+ EasyMock.expect(context.getInitParameter("knox.token.ttl")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knox.token.target.url")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knox.token.client.data")).andReturn(null);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
+ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
+
+ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
+ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
+
+ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
+ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
+
+ StringWriter writer = new StringWriter();
+ PrintWriter printWriter = new PrintWriter(writer);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.getWriter()).andReturn(printWriter);
+
+ EasyMock.replay(principal, services, context, request, response);
+
+ TokenResource tr = new TokenResource();
+ tr.request = request;
+ tr.response = response;
+ tr.context = context;
+ tr.init();
+
+ // Issue a token
+ Response retResponse = tr.doGet();
+
+ assertEquals(200, retResponse.getStatus());
+
+ // Parse the response
+ String retString = writer.toString();
+ String accessToken = getTagValue(retString, "access_token");
+ assertNotNull(accessToken);
+ String expiry = getTagValue(retString, "expires_in");
+ assertNotNull(expiry);
+
+ // Verify the token
+ JWTToken parsedToken = new JWTToken(accessToken);
+ assertEquals("alice", parsedToken.getSubject());
+ assertTrue(authority.verifyToken(parsedToken));
+
+ // Verify the audiences
+ List<String> audiences = Arrays.asList(parsedToken.getAudienceClaims());
+ assertEquals(2, audiences.size());
+ assertTrue(audiences.contains("recipient1"));
+ assertTrue(audiences.contains("recipient2"));
+ }
+
+ private String getTagValue(String token, String tagName) {
+ String searchString = tagName + "\":";
+ String value = token.substring(token.indexOf(searchString) + searchString.length());
+ if (value.startsWith("\"")) {
+ value = value.substring(1);
+ }
+ if (value.contains("\"")) {
+ return value.substring(0, value.indexOf("\""));
+ } else if (value.contains(",")) {
+ return value.substring(0, value.indexOf(","));
+ } else {
+ return value.substring(0, value.length() - 1);
+ }
+ }
+
+ private static class TestJWTokenAuthority implements JWTokenAuthority {
+
+ private RSAPublicKey publicKey;
+ private RSAPrivateKey privateKey;
+
+ public TestJWTokenAuthority(RSAPublicKey publicKey, RSAPrivateKey privateKey) {
+ this.publicKey = publicKey;
+ this.privateKey = privateKey;
+ }
+
+ @Override
+ public JWTToken issueToken(Subject subject, String algorithm)
+ throws TokenServiceException {
+ Principal p = (Principal) subject.getPrincipals().toArray()[0];
+ return issueToken(p, algorithm);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, String algorithm)
+ throws TokenServiceException {
+ return issueToken(p, null, algorithm);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, String audience, String algorithm)
+ throws TokenServiceException {
+ return issueToken(p, audience, algorithm, -1);
+ }
+
+ @Override
+ public boolean verifyToken(JWTToken token) throws TokenServiceException {
+ JWSVerifier verifier = new RSASSAVerifier(publicKey);
+ return token.verify(verifier);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, String audience, String algorithm,
+ long expires) throws TokenServiceException {
+ ArrayList<String> audiences = null;
+ if (audience != null) {
+ audiences = new ArrayList<String>();
+ audiences.add(audience);
+ }
+ return issueToken(p, audiences, algorithm, expires);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, List<String> audiences, String algorithm,
+ long expires) throws TokenServiceException {
+ String[] claimArray = new String[4];
+ claimArray[0] = "KNOXSSO";
+ claimArray[1] = p.getName();
+ claimArray[2] = null;
+ if (expires == -1) {
+ claimArray[3] = null;
+ } else {
+ claimArray[3] = String.valueOf(expires);
+ }
+
+ JWTToken token = null;
+ if ("RS256".equals(algorithm)) {
+ token = new JWTToken("RS256", claimArray, audiences);
+ JWSSigner signer = new RSASSASigner(privateKey);
+ token.sign(signer);
+ } else {
+ throw new TokenServiceException("Cannot issue token - Unsupported algorithm");
+ }
+
+ return token;
+ }
+
+ @Override
+ public JWT issueToken(Principal p, String algorithm, long expiry)
+ throws TokenServiceException {
+ return issueToken(p, Collections.<String>emptyList(), algorithm, expiry);
+ }
+
+ @Override
+ public boolean verifyToken(JWTToken token, RSAPublicKey publicKey) throws TokenServiceException {
+ JWSVerifier verifier = new RSASSAVerifier(publicKey);
+ return token.verify(verifier);
+ }
+
+ }
+
+
}
[10/12] knox git commit: Merge remote-tracking branch 'origin/master'
into KNOX-998-Package_Restructuring
Posted by mo...@apache.org.
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAppFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayAppFuncTest.java
index 859d34d,0000000..a282cfe
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAppFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAppFuncTest.java
@@@ -1,672 -1,0 +1,672 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import java.io.File;
+import java.net.URL;
+import java.nio.charset.Charset;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.UUID;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.topology.TopologyService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.Matchers.arrayWithSize;
+import static org.hamcrest.Matchers.hasItemInArray;
+import static org.hamcrest.core.Is.is;
+import static org.hamcrest.core.IsNot.not;
+import static org.junit.Assert.assertThat;
+import static org.xmlmatchers.transform.XmlConverters.the;
+import static org.xmlmatchers.xpath.HasXPath.hasXPath;
+import static uk.co.datumedge.hamcrest.json.SameJSONAs.sameJSONAs;
+
+public class GatewayAppFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayAppFuncTest.class );
+ private static Class<?> DAT = GatewayAppFuncTest.class;
+
+ private static Enumeration<Appender> appenders;
+ private static GatewayTestConfig config;
+ private static DefaultGatewayServices services;
+ private static GatewayServer gateway;
+ private static int gatewayPort;
+ private static String gatewayUrl;
+ private static String clusterUrl;
+ private static Properties params;
+ private static TopologyService topos;
+ private static MockServer mockWebHdfs;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway();
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ @After
+ public void cleanupTest() throws Exception {
+ FileUtils.cleanDirectory( new File( config.getGatewayTopologyDir() ) );
+ // Test run should not fail if deleting deployment files is not successful.
+ // Deletion has been already done by TopologyService.
+ FileUtils.deleteQuietly( new File( config.getGatewayDeploymentDir() ) );
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ config = new GatewayTestConfig();
+ config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ URL svcsFileUrl = TestUtils.getResourceUrl( DAT, "test-svcs/readme.txt" );
+ File svcsFile = new File( svcsFileUrl.getFile() );
+ File svcsDir = svcsFile.getParentFile();
+ config.setGatewayServicesDir( svcsDir.getAbsolutePath() );
+
+ URL appsFileUrl = TestUtils.getResourceUrl( DAT, "test-apps/readme.txt" );
+ File appsFile = new File( appsFileUrl.getFile() );
+ File appsDir = appsFile.getParentFile();
+ config.setGatewayApplicationsDir( appsDir.getAbsolutePath() );
+
+ File topoDir = new File( config.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+
+ setupMockServers();
+ startGatewayServer();
+ }
+
+ public static void setupMockServers() throws Exception {
+ mockWebHdfs = new MockServer( "WEBHDFS", true );
+ }
+
+ public static void startGatewayServer() throws Exception {
+ services = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ services.init( config, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ topos = services.getService(GatewayServices.TOPOLOGY_SERVICE);
+
+ gateway = GatewayServer.startGateway( config, services );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ gatewayPort = gateway.getAddresses()[0].getPort();
+ gatewayUrl = "http://localhost:" + gatewayPort + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-topology";
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ params = new Properties();
+ params.put( "LDAP_URL", driver.getLdapUrl() );
+ params.put( "WEBHDFS_URL", "http://localhost:" + mockWebHdfs.getPort() );
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testSimpleStaticHelloAppDeployUndeploy() throws Exception {
+ LOG_ENTER();
+
+ String topoStr = TestUtils.merge( DAT, "test-static-hello-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/static-hello-app-path/index.html";
+ String body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/html" )
+ .when().get( serviceUrl ).asString();
+ assertThat( the(body), hasXPath( "/html/head/title/text()", equalTo("Static Hello Application") ) );
+
+ serviceUrl = clusterUrl + "/static-hello-app-path/";
+ body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/html" )
+ .when().get( serviceUrl ).asString();
+ assertThat( the(body), hasXPath( "/html/head/title/text()", equalTo("Static Hello Application") ) );
+
+ serviceUrl = clusterUrl + "/static-hello-app-path";
+ body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/html" )
+ .when().get( serviceUrl ).asString();
+ assertThat( the(body), hasXPath( "/html/head/title/text()", equalTo("Static Hello Application") ) );
+
+ assertThat( "Failed to delete test topology file", FileUtils.deleteQuietly( topoFile ), is(true) );
+ topos.reloadTopologies();
+
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( serviceUrl );
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testSimpleDynamicAppDeployUndeploy() throws Exception {
+ LOG_ENTER();
+
+ String topoStr = TestUtils.merge( DAT, "test-dynamic-app-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ String username = "guest";
+ String password = "guest-password";
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ assertThat( "Failed to delete test topology file", FileUtils.deleteQuietly( topoFile ), is(true) );
+ topos.reloadTopologies();
+
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when()
+ .get( clusterUrl + "/dynamic-app-path" );
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testNakedAppDeploy() throws Exception {
+ LOG_ENTER();
+
+ String topoStr = TestUtils.merge( DAT, "test-naked-app-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( gatewayUrl + "/test-topology/dynamic-app/?null" ) )
+ .when().get( gatewayUrl + "/test-topology/dynamic-app" );
+
+ LOG_EXIT();
+ }
+
+ @Test//( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testDefaultAppName() throws Exception {
+ LOG_ENTER();
+
+ String topoStr = TestUtils.merge( DAT, "test-default-app-name-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ String username = "guest";
+ String password = "guest-password";
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( clusterUrl + "/dynamic-app/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app" );
+
+ assertThat( "Failed to delete test topology file", FileUtils.deleteQuietly( topoFile ), is(true) );
+ topos.reloadTopologies();
+
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when()
+ .get( clusterUrl + "/dynamic-app" );
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ assertThat( deployDir.listFiles(), is(arrayWithSize(0)) );
+
+ LOG_EXIT();
+ }
+
+ @Test//( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testMultiApps() throws Exception {
+ LOG_ENTER();
+
+ String topoStr = TestUtils.merge( DAT, "test-multi-apps-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ String username = "guest";
+ String password = "guest-password";
+
+ String body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/html" )
+ .when().get( clusterUrl + "/static-hello-app-path/index.html" ).asString();
+ assertThat( the(body), hasXPath( "/html/head/title/text()", equalTo("Static Hello Application") ) );
+
+ body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .contentType( "" )
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .when().get( clusterUrl + "/static-json-app/one.json" ).asString();
+ assertThat( body, sameJSONAs( "{'test-name-one':'test-value-one'}" ) );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .contentType( "application/xml" )
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .when().get( clusterUrl + "/test.xml" ).asString();
+ assertThat( the(body), hasXPath( "/test" ) );
+
+ assertThat( FileUtils.deleteQuietly( topoFile ), is(true) );
+ topos.reloadTopologies();
+
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( clusterUrl + "/static-hello-app-path/index.html" );
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( clusterUrl + "/static-json-app/one.json" );
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( clusterUrl + "/test.xml" );
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testServicesAndApplications() throws Exception {
+ LOG_ENTER();
+
+ String topoStr = TestUtils.merge( DAT, "test-svcs-and-apps-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ String username = "guest";
+ String password = "guest-password";
+
+ mockWebHdfs.expect()
+ .method( "GET" )
+ .pathInfo( "/v1/" )
+ .queryParam( "op", "GETHOMEDIRECTORY" )
+ .queryParam( "user.name", "guest" )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( "{\"path\":\"/users/guest\"}", Charset.forName("UTF-8") )
+ .contentType( "application/json" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .queryParam( "op", "GETHOMEDIRECTORY" )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/json" )
+ .body( "path", is( "/users/guest") )
+ .when().get( clusterUrl + "/webhdfs/v1" );
+ assertThat( mockWebHdfs.isEmpty(), is(true) );
+
+ String body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/xml" )
+ .when().get( clusterUrl + "/static-xml-app/test.xml" ).asString();
+ assertThat( the(body), hasXPath( "test" ) );
+
+ body = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .contentType( "" )
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .when().get( clusterUrl + "/app-two/one.json" ).asString();
+ assertThat( body, sameJSONAs( "{'test-name-one':'test-value-one'}" ) );
+
+ assertThat( FileUtils.deleteQuietly( topoFile ), is(true) );
+ topos.reloadTopologies();
+
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( clusterUrl + "/app-one/index.html" );
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( clusterUrl + "/app-two/one.json" );
+ given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( clusterUrl + "/test.xml" );
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ assertThat( deployDir.listFiles(), is(arrayWithSize(0)) );
+
+ LOG_EXIT();
+ }
+
+ @Test//( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testDeploymentCleanup() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+
+ int oldVersionLimit = config.getGatewayDeploymentsBackupVersionLimit();
+
+ try {
+ gateway.stop();
+ config.setGatewayDeploymentsBackupVersionLimit( 1 );
+ startGatewayServer();
+
+ String topoStr = TestUtils.merge( DAT, "test-dynamic-app-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ String[] topoDirs1 = deployDir.list();
+ assertThat( topoDirs1, is(arrayWithSize(1)) );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ TestUtils.waitUntilNextSecond();
+ FileUtils.touch( topoFile );
+
+ topos.reloadTopologies();
+ String[] topoDirs2 = deployDir.list();
+ assertThat( topoDirs2, is(arrayWithSize(2)) );
+ assertThat( topoDirs2, hasItemInArray(topoDirs1[0]) );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ TestUtils.waitUntilNextSecond();
+ FileUtils.touch( topoFile );
+ topos.reloadTopologies();
+
+ String[] topoDirs3 = deployDir.list();
+ assertThat( topoDirs3, is(arrayWithSize(2)) );
+ assertThat( topoDirs3, not(hasItemInArray(topoDirs1[0])) );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ } finally {
+ gateway.stop();
+ config.setGatewayDeploymentsBackupAgeLimit( oldVersionLimit );
+ startGatewayServer();
+ }
+
+ LOG_EXIT();
+ }
+
- @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
++ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testDefaultTopology() throws Exception {
+ LOG_ENTER();
+
+ try {
+ gateway.stop();
+ config.setGatewayDeploymentsBackupVersionLimit( 1 );
+ startGatewayServer();
+
+ String topoStr = TestUtils.merge( DAT, "test-dynamic-app-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ String[] topoDirs = deployDir.list();
+ assertThat( topoDirs, is(arrayWithSize(1)) );
+
+ String username = "guest";
+ String password = "guest-password";
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ topoStr = TestUtils.merge( DAT, "test-dynamic-app-topology.xml", params );
+ topoFile = new File( config.getGatewayTopologyDir(), "test-topology-2.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( gatewayUrl + "/test-topology" + "/dynamic-app-path/?null" ) )
+ .when().get( gatewayUrl + "/test-topology/dynamic-app-path" );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( gatewayUrl + "/test-topology-2" + "/dynamic-app-path/?null" ) )
+ .when().get( gatewayUrl + "/test-topology-2/dynamic-app-path" );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_NOT_FOUND )
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) );
+
+ gateway.stop();
+ config.setDefaultTopologyName( "test-topology" );
+ startGatewayServer();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( gatewayUrl + "/test-topology" + "/dynamic-app-path/?null" ) )
+ .when().get( gatewayUrl + "/test-topology/dynamic-app-path" );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .body( is( gatewayUrl + "/test-topology-2" + "/dynamic-app-path/?null" ) )
+ .when().get( gatewayUrl + "/test-topology-2/dynamic-app-path" );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .body( is( clusterUrl + "/dynamic-app-path/?null" ) )
+ .when().get( clusterUrl + "/dynamic-app-path" );
+
+ } finally {
+ gateway.stop();
+ config.setDefaultTopologyName( null );
+ startGatewayServer();
+ }
+
+ LOG_EXIT();
+ }
+
+ public static Collection<String> toNames( File[] files ) {
+ List<String> names = new ArrayList<String>( files.length );
+ for( File file : files ) {
+ names.add( file.getAbsolutePath() );
+ }
+ return names;
+
+ }
+
+}
[03/12] knox git commit: KNOX-1044 - Change Rest Assured "expect" to
"then"
Posted by mo...@apache.org.
KNOX-1044 - Change Rest Assured "expect" to "then"
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/4978951c
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/4978951c
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/4978951c
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: 4978951cc14bd63db2eace832b4db5544b80bee0
Parents: aac2054
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Sep 15 10:02:47 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Sep 15 10:02:47 2017 +0100
----------------------------------------------------------------------
.../gateway/AmbariServiceDefinitionTest.java | 14 +-
.../hadoop/gateway/GatewayAdminFuncTest.java | 2 +-
.../gateway/GatewayAdminTopologyFuncTest.java | 60 ++---
.../hadoop/gateway/GatewayAppFuncTest.java | 68 +++---
.../hadoop/gateway/GatewayBasicFuncTest.java | 224 +++++++++----------
.../hadoop/gateway/GatewayDeployFuncTest.java | 2 +-
.../hadoop/gateway/GatewayHealthFuncTest.java | 4 +-
.../GatewayLdapDynamicGroupFuncTest.java | 4 +-
.../gateway/GatewayLdapGroupFuncTest.java | 4 +-
.../gateway/GatewayLdapPosixGroupFuncTest.java | 4 +-
.../gateway/GatewayLocalServiceFuncTest.java | 2 +-
.../hadoop/gateway/GatewayMultiFuncTest.java | 26 +--
.../GatewayPortMappingDisableFeatureTest.java | 2 +-
.../gateway/GatewayPortMappingFailTest.java | 2 +-
.../gateway/GatewayPortMappingFuncTest.java | 2 +-
.../hadoop/gateway/GatewaySampleFuncTest.java | 2 +-
.../apache/hadoop/gateway/Knox242FuncTest.java | 4 +-
.../hadoop/gateway/WebHdfsHaFuncTest.java | 20 +-
18 files changed, 223 insertions(+), 223 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/AmbariServiceDefinitionTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/AmbariServiceDefinitionTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/AmbariServiceDefinitionTest.java
index 2d02966..84b3ad3 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/AmbariServiceDefinitionTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/AmbariServiceDefinitionTest.java
@@ -177,7 +177,7 @@ public class AmbariServiceDefinitionTest {
String body = given()
// .log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -212,7 +212,7 @@ public class AmbariServiceDefinitionTest {
String body = given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
.when().get( serviceUrl ).asString();
@@ -247,7 +247,7 @@ public class AmbariServiceDefinitionTest {
given()
.auth().preemptive().basic( username, password )
.queryParam("ServiceComponentInfo/component_name", "APP_TIMELINE_SERVER|ServiceComponentInfo/category=MASTER")
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
.when().get( serviceUrl ).asString();
@@ -274,7 +274,7 @@ public class AmbariServiceDefinitionTest {
String body = given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
.when().get( serviceUrl ).asString();
@@ -302,8 +302,8 @@ public class AmbariServiceDefinitionTest {
String body = given()
.auth().preemptive().basic( username, password )
- .content(IOUtils.toByteArray(TestUtils.getResourceStream( DAT, "post-data-wrong-type.json")))
- .expect()
+ .body(IOUtils.toByteArray(TestUtils.getResourceStream( DAT, "post-data-wrong-type.json")))
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/x-www-form-urlencoded" )
.when().post( serviceUrl ).asString();
@@ -335,7 +335,7 @@ public class AmbariServiceDefinitionTest {
String body = given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
.when().get( serviceUrl ).asString();
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminFuncTest.java
index ca36248..342e9ca 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminFuncTest.java
@@ -164,7 +164,7 @@ public class GatewayAdminFuncTest {
//.log().all()
.auth().preemptive().basic( username, password )
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
//.body( is( "{\"hash\":\"unknown\",\"version\":\"unknown\"}" ) )
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
index 2efddff..9ddc469 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAdminTopologyFuncTest.java
@@ -246,7 +246,7 @@ public class GatewayAdminTopologyFuncTest {
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_JSON)
.contentType(MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.body("topologies.topology[0].name", not(nullValue()))
@@ -263,7 +263,7 @@ public class GatewayAdminTopologyFuncTest {
//.log().all()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_XML)
- .expect()
+ .then()
//.log().all()
.body("topologies.topology.href[1]", equalTo(href1))
.statusCode(HttpStatus.SC_OK)
@@ -273,7 +273,7 @@ public class GatewayAdminTopologyFuncTest {
given()
//.log().all()
.auth().preemptive().basic(username, password)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_XML)
@@ -282,7 +282,7 @@ public class GatewayAdminTopologyFuncTest {
given().auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.contentType("application/json")
@@ -303,7 +303,7 @@ public class GatewayAdminTopologyFuncTest {
//.log().all()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.when().get(serviceUrl).thenReturn().getBody().path("topologies.topology[1].href");
@@ -312,7 +312,7 @@ public class GatewayAdminTopologyFuncTest {
//.log().all()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.contentType("application/json")
@@ -323,7 +323,7 @@ public class GatewayAdminTopologyFuncTest {
//.log().all()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.body("topology.name", equalTo("test-cluster"))
@@ -336,7 +336,7 @@ public class GatewayAdminTopologyFuncTest {
//.log().all()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_XML)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.when().get(serviceUrl).thenReturn().getBody().path("topologies.topology[1].href");
@@ -345,7 +345,7 @@ public class GatewayAdminTopologyFuncTest {
//.log().all()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_XML)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.when()
@@ -366,7 +366,7 @@ public class GatewayAdminTopologyFuncTest {
//.log().all()
.auth().preemptive().basic(adminUser, adminPass)
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.contentType(ContentType.JSON)
@@ -394,7 +394,7 @@ public class GatewayAdminTopologyFuncTest {
given()
//.log().all()
.auth().basic(guestUser, guestPass)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_FORBIDDEN)
.when().get(url);
@@ -486,13 +486,13 @@ public class GatewayAdminTopologyFuncTest {
given()
//.log().all()
- .auth().preemptive().basic( "admin", "admin-password" ).header( "Accept", MediaType.APPLICATION_JSON ).expect()
+ .auth().preemptive().basic( "admin", "admin-password" ).header( "Accept", MediaType.APPLICATION_JSON ).then()
//.log().all()
.statusCode( HttpStatus.SC_OK ).body( containsString( "ServerVersion" ) ).when().get( gatewayUrl + "/admin/api/v1/version" );
given()
//.log().all()
- .auth().preemptive().basic( user, password ).expect()
+ .auth().preemptive().basic( user, password ).then()
//.log().all()
.statusCode( HttpStatus.SC_NOT_FOUND ).when().get( url );
@@ -500,7 +500,7 @@ public class GatewayAdminTopologyFuncTest {
given()
//.log().all()
- .auth().preemptive().basic( user, password ).expect()
+ .auth().preemptive().basic( user, password ).then()
//.log().all()
.statusCode( HttpStatus.SC_OK ).contentType( "text/plain" ).body( is( "test-service-response" ) ).when().get( url ).getBody();
@@ -508,7 +508,7 @@ public class GatewayAdminTopologyFuncTest {
given()
//.log().all()
- .auth().preemptive().basic( user, password ).expect()
+ .auth().preemptive().basic( user, password ).then()
//.log().all()
.statusCode( HttpStatus.SC_NOT_FOUND ).when().get( url );
} finally {
@@ -537,7 +537,7 @@ public class GatewayAdminTopologyFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
@@ -545,7 +545,7 @@ public class GatewayAdminTopologyFuncTest {
given()
.auth().preemptive().basic(username, password)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
@@ -554,7 +554,7 @@ public class GatewayAdminTopologyFuncTest {
given()
//.log().all()
.auth().preemptive().basic(username, password)
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_NO_CONTENT)
.when().get(url);
@@ -583,7 +583,7 @@ public class GatewayAdminTopologyFuncTest {
.contentType(MediaType.APPLICATION_JSON)
.header("Accept", MediaType.APPLICATION_XML)
.body(JsonPut)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
//.log().all()
.when().put(url).getBody().asString();
@@ -597,7 +597,7 @@ public class GatewayAdminTopologyFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_XML)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(equalTo(XML))
.when().get(url)
@@ -616,7 +616,7 @@ public class GatewayAdminTopologyFuncTest {
.contentType(MediaType.APPLICATION_XML)
.header("Accept", MediaType.APPLICATION_JSON)
.body(XmlPut)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
//.log().all()
.when().put(url).getBody().asString();
@@ -624,7 +624,7 @@ public class GatewayAdminTopologyFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_JSON)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(equalTo(JSON))
.when().get(url)
@@ -659,7 +659,7 @@ public class GatewayAdminTopologyFuncTest {
.header("X-Forwarded-Server", server )
.header("X-Forwarded-Context", context)
.header("X-Forwarded-Proto", proto)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(newUrl))
.body(containsString("test-cluster"))
@@ -675,7 +675,7 @@ public class GatewayAdminTopologyFuncTest {
.header("X-Forwarded-Server", server )
.header("X-Forwarded-Context", context )
.header("X-Forwarded-Proto", proto )
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(server))
.body(containsString(context))
@@ -693,7 +693,7 @@ public class GatewayAdminTopologyFuncTest {
.header("X-Forwarded-Port", port )
.header("X-Forwarded-Context", context )
.header("X-Forwarded-Proto", proto)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(host))
.body(containsString(port))
@@ -711,7 +711,7 @@ public class GatewayAdminTopologyFuncTest {
.header("X-Forwarded-Port", port)
.header("X-Forwarded-Context", context)
.header("X-Forwarded-Proto", proto)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(server))
.body(containsString(port))
@@ -727,7 +727,7 @@ public class GatewayAdminTopologyFuncTest {
.header("Accept", MediaType.APPLICATION_XML)
.header("X-Forwarded-Host", host )
.header("X-Forwarded-Port", port )
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(host))
.body(containsString(port))
@@ -739,7 +739,7 @@ public class GatewayAdminTopologyFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_XML)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(url))
.body(containsString("test-cluster"))
@@ -760,7 +760,7 @@ public class GatewayAdminTopologyFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_XML)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(url + "/test-cluster"))
.when().get(url);
@@ -779,7 +779,7 @@ public class GatewayAdminTopologyFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.APPLICATION_XML)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.body(containsString(newUrl + "/test-cluster"))
.when().get(newUrl);
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
index ed44d15..b65575e 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
@@ -180,7 +180,7 @@ public class GatewayAppFuncTest {
String body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/html" )
@@ -191,7 +191,7 @@ public class GatewayAppFuncTest {
body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/html" )
@@ -202,7 +202,7 @@ public class GatewayAppFuncTest {
body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/html" )
@@ -214,7 +214,7 @@ public class GatewayAppFuncTest {
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( serviceUrl );
@@ -237,7 +237,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
@@ -248,7 +248,7 @@ public class GatewayAppFuncTest {
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when()
.get( clusterUrl + "/dynamic-app-path" );
@@ -268,7 +268,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( gatewayUrl + "/test-topology/dynamic-app/?null" ) )
@@ -293,7 +293,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( clusterUrl + "/dynamic-app/?null" ) )
@@ -304,7 +304,7 @@ public class GatewayAppFuncTest {
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when()
.get( clusterUrl + "/dynamic-app" );
@@ -331,7 +331,7 @@ public class GatewayAppFuncTest {
String body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/html" )
@@ -341,7 +341,7 @@ public class GatewayAppFuncTest {
body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.contentType( "" )
//.log().all()
.statusCode( HttpStatus.SC_OK )
@@ -351,7 +351,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
@@ -360,7 +360,7 @@ public class GatewayAppFuncTest {
body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.contentType( "application/xml" )
//.log().all()
.statusCode( HttpStatus.SC_OK )
@@ -372,22 +372,22 @@ public class GatewayAppFuncTest {
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( clusterUrl + "/static-hello-app-path/index.html" );
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( clusterUrl + "/static-json-app/one.json" );
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( clusterUrl + "/dynamic-app-path" );
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( clusterUrl + "/test.xml" );
@@ -420,7 +420,7 @@ public class GatewayAppFuncTest {
//.log().all()
.auth().preemptive().basic( username, password )
.queryParam( "op", "GETHOMEDIRECTORY" )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json" )
@@ -431,7 +431,7 @@ public class GatewayAppFuncTest {
String body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/xml" )
@@ -441,7 +441,7 @@ public class GatewayAppFuncTest {
body = given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.contentType( "" )
//.log().all()
.statusCode( HttpStatus.SC_OK )
@@ -453,17 +453,17 @@ public class GatewayAppFuncTest {
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( clusterUrl + "/app-one/index.html" );
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( clusterUrl + "/app-two/one.json" );
given()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( clusterUrl + "/test.xml" );
@@ -499,7 +499,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
@@ -516,7 +516,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
@@ -533,7 +533,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
@@ -573,7 +573,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
@@ -582,7 +582,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
.when().get( clusterUrl + "/dynamic-app-path" );
@@ -596,7 +596,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( gatewayUrl + "/test-topology" + "/dynamic-app-path/?null" ) )
@@ -605,7 +605,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( gatewayUrl + "/test-topology-2" + "/dynamic-app-path/?null" ) )
@@ -614,7 +614,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_NOT_FOUND )
.body( is( clusterUrl + "/dynamic-app-path/?null" ) );
@@ -626,7 +626,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( gatewayUrl + "/test-topology" + "/dynamic-app-path/?null" ) )
@@ -635,7 +635,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.body( is( gatewayUrl + "/test-topology-2" + "/dynamic-app-path/?null" ) )
@@ -644,7 +644,7 @@ public class GatewayAppFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.body( is( clusterUrl + "/dynamic-app-path/?null" ) )
.when().get( clusterUrl + "/dynamic-app-path" );
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
index 472270c..7fadb74 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
@@ -310,7 +310,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "MKDIRS" )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json" )
@@ -349,7 +349,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "CREATE" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
.when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
@@ -389,7 +389,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "CREATE" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
.when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/fileレポー" );
@@ -433,7 +433,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "DELETE" )
.queryParam( "recursive", "true" )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.when().delete( driver.getUrl( "WEBHDFS" ) + "/v1/~" + root + ( driver.isUseGateway() ? "" : "?user.name=" + username ) );
@@ -454,7 +454,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "MKDIRS" )
- .expect()
+ .then()
//.log().all();
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json" )
@@ -496,7 +496,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "DELETE" )
.queryParam( "recursive", "true" )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.when().delete( driver.getUrl( "WEBHDFS" ) + "/v1" + root + ( driver.isUseGateway() ? "" : "?user.name=" + username ) );
@@ -527,7 +527,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "MKDIRS" )
- .expect()
+ .then()
//.log().all();
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json" )
@@ -550,7 +550,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "LISTSTATUS" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_OK )
.body( "FileStatuses.FileStatus[0].pathSuffix", is( "dir" ) )
@@ -563,7 +563,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, "invalid-password" )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "LISTSTATUS" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
@@ -575,7 +575,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( "hdfs-user", "hdfs-password" )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "LISTSTATUS" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
@@ -587,7 +587,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( "mapred-user", "mapred-password" )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "LISTSTATUS" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
@@ -597,12 +597,12 @@ public class GatewayBasicFuncTest {
[&overwrite=<true|false>][&blocksize=<LONG>][&replication=<SHORT>]
[&permission=<OCTAL>][&buffersize=<INT>]"
- The expect is redirected to a datanode where the file data is to be written:
+ The then is redirected to a datanode where the file data is to be written:
HTTP/1.1 307 TEMPORARY_REDIRECT
Location: http://<DATANODE>:<PORT>/webhdfs/v1/<PATH>?op=CREATE...
Content-Length: 0
- Step 2: Submit another HTTP PUT expect using the URL in the Location header with the file data to be written.
+ Step 2: Submit another HTTP PUT then using the URL in the Location header with the file data to be written.
curl -i -X PUT -T <LOCAL_FILE> "http://<DATANODE>:<PORT>/webhdfs/v1/<PATH>?op=CREATE..."
The client receives a HttpStatus.SC_CREATED Created respond with zero content length and the WebHDFS URI of the file in the Location header:
@@ -636,7 +636,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "CREATE" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
.when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
@@ -656,7 +656,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "test.txt" ) )
.contentType( "text/plain" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_CREATED )
.when().put( location );
@@ -673,7 +673,7 @@ public class GatewayBasicFuncTest {
curl -i -L "http://<HOST>:<PORT>/webhdfs/v1/<PATH>?op=OPEN
[&offset=<LONG>][&length=<LONG>][&buffersize=<INT>]"
- The expect is redirected to a datanode where the file data can be read:
+ The then is redirected to a datanode where the file data can be read:
HTTP/1.1 307 TEMPORARY_REDIRECT
Location: http://<DATANODE>:<PORT>/webhdfs/v1/<PATH>?op=OPEN...
Content-Length: 0
@@ -709,7 +709,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "OPEN" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_OK )
.body( is( "TEST" ) )
@@ -743,7 +743,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "DELETE" )
.queryParam( "recursive", "true" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_OK )
.when().delete( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
@@ -840,7 +840,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( userA, "invalid-password" )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "OPEN" )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( driver.getUrl("WEBHDFS") + "/v1" + root + "/dirA700/fileA700" );
@@ -1085,7 +1085,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/open-session-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/open-session-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1110,7 +1110,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1134,7 +1134,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/close-operation-1-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/close-operation-1-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1158,7 +1158,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/execute-set-server2-http-path-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/execute-set-server2-http-path-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1182,7 +1182,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/close-operation-2-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/close-operation-2-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1206,7 +1206,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/execute-set-server2-servermode-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/execute-set-server2-servermode-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1230,7 +1230,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/close-operation-3-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/close-operation-3-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1254,7 +1254,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1278,7 +1278,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/close-operation-4-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/close-operation-4-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1302,7 +1302,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/execute-create-table-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/execute-create-table-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1326,7 +1326,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/close-operation-5-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/close-operation-5-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1350,7 +1350,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/execute-select-from-table-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/execute-select-from-table-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1374,7 +1374,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/get-result-set-metadata-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/get-result-set-metadata-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1398,7 +1398,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/fetch-results-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/fetch-results-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1422,7 +1422,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/close-operation-6-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/close-operation-6-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1446,7 +1446,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body( driver.getResourceBytes( "hive/close-session-request.bin" ) )
.contentType( "application/x-thrift" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( "hive/close-session-result.bin" ) ) )
.contentType( "application/x-thrift" )
@@ -1477,7 +1477,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.XML.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.XML )
.when().get( driver.getUrl( "WEBHBASE" ) );
@@ -1502,7 +1502,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.JSON.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.JSON )
.when().get( driver.getUrl( "WEBHBASE" ) );
@@ -1525,7 +1525,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", "application/x-protobuf" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/x-protobuf" )
.body( is( driver.getResourceString( resourceName + ".protobuf", UTF8 ) ) )
@@ -1555,7 +1555,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode( HttpStatus.SC_CREATED )
.contentType( ContentType.XML )
.header( "Location", startsWith( driver.getUrl( "WEBHBASE" ) + path ) )
@@ -1575,7 +1575,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode( HttpStatus.SC_CREATED )
.contentType( ContentType.JSON )
.header( "Location", startsWith( driver.getUrl( "WEBHBASE" ) + path ) )
@@ -1595,7 +1595,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_CREATED)
.contentType("application/x-protobuf")
.header("Location", startsWith(driver.getUrl("WEBHBASE") + path))
@@ -1627,7 +1627,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.XML.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.XML )
.when().get( driver.getUrl( "WEBHBASE" ) + path );
@@ -1652,7 +1652,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.JSON.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.JSON )
.when().get( driver.getUrl( "WEBHBASE" ) + path );
@@ -1675,7 +1675,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", "application/x-protobuf" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
//.content( is( driver.getResourceBytes( resourceName + ".protobuf" ) ) )
.contentType( "application/x-protobuf" )
@@ -1714,7 +1714,7 @@ public class GatewayBasicFuncTest {
//.header( "Content-Type", ContentType.XML.toString() )
.body( driver.getResourceBytes( resourceName + ".xml" ) )
.contentType( ContentType.XML.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().put(driver.getUrl("WEBHBASE") + multipleRowPath);
driver.assertComplete();
@@ -1734,7 +1734,7 @@ public class GatewayBasicFuncTest {
//.header( "Content-Type", ContentType.JSON.toString() )
.body( driver.getResourceBytes( resourceName + ".json" ) )
.contentType( ContentType.JSON.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().put(driver.getUrl("WEBHBASE") + singleRowPath);
driver.assertComplete();
@@ -1755,7 +1755,7 @@ public class GatewayBasicFuncTest {
//.header( "Content-Type", "application/x-protobuf" )
.body( driver.getResourceBytes( resourceName + ".protobuf" ) )
.contentType( "application/x-protobuf" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().put( driver.getUrl( "WEBHBASE" ) + multipleRowPath );
driver.assertComplete();
@@ -1778,7 +1778,7 @@ public class GatewayBasicFuncTest {
//.header( "Content-Type", ContentType.XML.toString() )
.body( driver.getResourceBytes( resourceName + ".xml" ) )
.contentType( ContentType.XML.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().post( driver.getUrl( "WEBHBASE" ) + multipleRowPath );
driver.assertComplete();
@@ -1798,7 +1798,7 @@ public class GatewayBasicFuncTest {
//.header( "Content-Type", ContentType.JSON.toString() )
.body( driver.getResourceBytes( resourceName + ".json" ) )
.contentType( ContentType.JSON.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().post( driver.getUrl( "WEBHBASE" ) + singleRowPath );
driver.assertComplete();
@@ -1819,7 +1819,7 @@ public class GatewayBasicFuncTest {
//.header( "Content-Type", "application/x-protobuf" )
.body( driver.getResourceBytes( resourceName + ".protobuf" ) )
.contentType( "application/x-protobuf" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().post(driver.getUrl("WEBHBASE") + multipleRowPath);
driver.assertComplete();
@@ -1848,7 +1848,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().delete(driver.getUrl("WEBHBASE") + "/" + tableId + "/" + rowId);
driver.assertComplete();
@@ -1864,7 +1864,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().delete(driver.getUrl("WEBHBASE") + "/" + tableId + "/" + rowId + "/" + familyId);
driver.assertComplete();
@@ -1880,7 +1880,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().delete(driver.getUrl("WEBHBASE") + "/" + tableId + "/" + rowId + "/" + familyId + ":" + columnId);
driver.assertComplete();
@@ -1915,7 +1915,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.XML.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.XML )
.when().get( driver.getUrl( "WEBHBASE" ) + allRowsPath );
@@ -1940,7 +1940,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.XML.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.XML )
.when().get( driver.getUrl( "WEBHBASE" ) + rowsStartsWithPath );
@@ -1965,7 +1965,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.JSON.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.JSON )
.when().get( driver.getUrl( "WEBHBASE" ) + rowsWithKeyPath );
@@ -1988,7 +1988,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.JSON.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.JSON )
.when().get( driver.getUrl( "WEBHBASE" ) + rowsWithKeyAndColumnPath );
@@ -2023,7 +2023,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Content-Type", ContentType.XML.toString() )
.body( driver.getResourceBytes( scannerDefinitionResourceName + ".xml" ) )
- .expect()
+ .then()
//TODO: Add "Location" header check when issue with incorrect outbound rewrites will be resolved
//.header( "Location", startsWith( driver.getUrl( "WEBHBASE" ) + createScannerPath ) )
.statusCode( HttpStatus.SC_CREATED )
@@ -2045,7 +2045,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.header( "Accept", ContentType.XML.toString() )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.contentType( ContentType.XML )
.when().get( driver.getUrl( "WEBHBASE" ) + scannerPath + "/" + scannerId );
@@ -2068,7 +2068,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().delete(driver.getUrl("WEBHBASE") + scannerPath + "/" + scannerId);
driver.assertComplete();
@@ -2087,7 +2087,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
// .header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "MKDIRS" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_BAD_REQUEST )
.when().put( driver.getUrl( "WEBHDFS" ) + "/v1" + root + "/dir" );
@@ -2114,7 +2114,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
// .header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "LISTSTATUS" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root + "/dir" );
@@ -2230,7 +2230,7 @@ public class GatewayBasicFuncTest {
.preemptive()
.basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
@@ -2269,7 +2269,7 @@ public class GatewayBasicFuncTest {
Response response = given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType("application/json")
.when().post(driver.getUrl("RESOURCEMANAGER") + path + (driver.isUseGateway() ? "" : "?user.name=" + username));
@@ -2291,7 +2291,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body(driver.getResourceBytes(resource))
.contentType("application/json")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType("application/json")
.when().post(driver.getUrl("RESOURCEMANAGER") + path + (driver.isUseGateway() ? "" : "?user.name=" + username));
@@ -2313,7 +2313,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.body(driver.getResourceBytes(resource))
.contentType("application/json")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType("application/json")
.when().put(driver.getUrl("RESOURCEMANAGER") + path + (driver.isUseGateway() ? "" : "?user.name=" + username));
@@ -2384,7 +2384,7 @@ public class GatewayBasicFuncTest {
.preemptive()
.basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType );
@@ -2434,7 +2434,7 @@ public class GatewayBasicFuncTest {
.preemptive()
.basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
@@ -2497,7 +2497,7 @@ public class GatewayBasicFuncTest {
.preemptive()
.basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
@@ -2562,7 +2562,7 @@ public class GatewayBasicFuncTest {
.preemptive()
.basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
@@ -2586,7 +2586,7 @@ public class GatewayBasicFuncTest {
.preemptive()
.basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( contentType )
@@ -2635,7 +2635,7 @@ public class GatewayBasicFuncTest {
// .log().all()
.auth().preemptive().basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK ).contentType( ContentType.JSON ).when()
.get( gatewayPath + ( driver.isUseGateway() ? "" : "?user.name=" + username ) ).getBody()
@@ -2651,7 +2651,7 @@ public class GatewayBasicFuncTest {
given()
// .log().all()
.auth().preemptive().basic( username, password )
- .header( "X-XSRF-Header", "jksdhfkhdsf" ).expect()
+ .header( "X-XSRF-Header", "jksdhfkhdsf" ).then()
// .log().all()
.statusCode( HttpStatus.SC_NOT_FOUND ).when()
.get( encryptedTrackingUrl );
@@ -2785,7 +2785,7 @@ public class GatewayBasicFuncTest {
// .log().all()
.auth().preemptive().basic( username, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
// .log().all()
.statusCode( HttpStatus.SC_OK ).contentType( contentType );
@@ -2845,7 +2845,7 @@ public class GatewayBasicFuncTest {
// .log().all()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
// .log().all()
.statusCode(HttpStatus.SC_OK).contentType(contentType).when()
.get(gatewayPath);
@@ -2921,7 +2921,7 @@ public class GatewayBasicFuncTest {
Response response = given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.when().get( gatewayPath );
@@ -3046,7 +3046,7 @@ public class GatewayBasicFuncTest {
Response response = given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.when().get( gatewayPath );
@@ -3104,7 +3104,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", contentType.toString())
- .expect()
+ .then()
// .log().all()
.statusCode(HttpStatus.SC_OK)
.contentType( contentType )
@@ -3150,7 +3150,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", contentType.toString())
.body(driver.getResourceBytes(postResource))
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(contentType.toString())
.when().post(gatewayPath);
@@ -3170,7 +3170,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", contentType.toString())
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(contentType.toString())
.when().post(gatewayPath);
@@ -3235,7 +3235,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", ContentType.JSON.toString())
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType( ContentType.JSON.toString() )
.when().get( gatewayPath );
@@ -3265,7 +3265,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", ContentType.JSON.toString())
- .expect()
+ .then()
// .log().all()
.statusCode(HttpStatus.SC_OK)
.contentType( ContentType.JSON.toString() )
@@ -3314,7 +3314,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", ContentType.JSON.toString())
- .expect()
+ .then()
// .log().all()
.statusCode(HttpStatus.SC_OK)
.contentType( ContentType.JSON.toString() )
@@ -3344,7 +3344,7 @@ public class GatewayBasicFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("X-CSRF-Token", "H/8xIWCYQo4ZDWLvV9k0FAkjD0omWI8beVTp2mEPRxCbJmWBTYhRMhIV9LGIY3E51OAj+s6T7eQChpGJ")
.header("Accept", ContentType.JSON.toString())
- .expect()
+ .then()
.statusCode(HttpStatus.SC_MOVED_TEMPORARILY)
.contentType( ContentType.JSON.toString() )
.when().post( gatewayPath );
@@ -3388,7 +3388,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", ContentType.JSON.toString())
- .expect()
+ .then()
//.log().all()
.statusCode(HttpStatus.SC_OK)
.contentType( ContentType.JSON.toString() )
@@ -3446,7 +3446,7 @@ public class GatewayBasicFuncTest {
.header("X-Forwarded-Port", port)
.header("X-Forwarded-Server", "what")
.header("X-Forwarded-For", "what, boo")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(ContentType.JSON.toString())
.when().get(gatewayPath);
@@ -3486,7 +3486,7 @@ public class GatewayBasicFuncTest {
.header("X-Forwarded-Port", port)
.header("X-Forwarded-Server", "what")
.header("X-Forwarded-For", "what, boo")
- .expect()
+ .then()
// .log().all()
.statusCode(HttpStatus.SC_OK)
.contentType( ContentType.JSON.toString() )
@@ -3528,7 +3528,7 @@ public class GatewayBasicFuncTest {
.header("X-Forwarded-Server", "what")
.header("X-Forwarded-For", "what, boo")
.queryParam( "op", "CREATE" )
- .expect()
+ .then()
//.log().ifError()
.statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
.when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
@@ -3560,7 +3560,7 @@ public class GatewayBasicFuncTest {
setupResources();
given()
.header(new Header("Accept", MediaType.APPLICATION_XML))
- .expect()
+ .then()
.contentType(MediaType.APPLICATION_XML)
.statusCode(HttpStatus.SC_OK)
.body(not(containsString("<httpCode>401")))
@@ -3576,7 +3576,7 @@ public class GatewayBasicFuncTest {
setupResources();
given()
.header(new Header("Accept", MediaType.APPLICATION_JSON))
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
.body(not(containsString("\"httpCode\" : 401")))
@@ -3593,7 +3593,7 @@ public class GatewayBasicFuncTest {
given()
.header(new Header("Accept", MediaType.APPLICATION_JSON))
.auth().preemptive().basic("kminder", "kminder-password")
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
.body(not(containsString("\"httpCode\" : 401")))
@@ -3611,7 +3611,7 @@ public class GatewayBasicFuncTest {
setupResources();
given()
.header(new Header("Accept", MediaType.APPLICATION_JSON))
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
.body(not(containsString("\"httpCode\" : 200")))
@@ -3633,7 +3633,7 @@ public class GatewayBasicFuncTest {
setupResources();
given()
.header(new Header("Accept", MediaType.APPLICATION_JSON))
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
.body(not(containsString("\"httpCode\" : 401")))
@@ -3733,7 +3733,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.header("Accept", ContentType.XML.toString())
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType( ContentType.XML.toString() )
.when().get( gatewayPath );
@@ -3761,7 +3761,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( username, password )
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam( "op", "GET" )
- .expect()
+ .then()
.statusCode( HttpStatus.SC_OK )
.when().get( driver.getUrl( "KAFKA" ) + "/topics" );
@@ -3844,7 +3844,7 @@ public class GatewayBasicFuncTest {
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.queryParam( "op", "CREATE" )
.queryParam( "permission", permsOctal )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().put( driver.getUrl( "WEBHDFS" ) + "/v1" + file + ( driver.isUseGateway() ? "" : "?user.name=" + user ) );
@@ -3884,7 +3884,7 @@ public class GatewayBasicFuncTest {
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.contentType( contentType )
.body( driver.getResourceBytes( resource ) )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().put( location );
@@ -3944,14 +3944,14 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( user, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.queryParam( "op", "OPEN" )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().get( driver.getUrl("WEBHDFS") + "/v1" + file + ( driver.isUseGateway() ? "" : "?user.name=" + user ) );
if( response.getStatusCode() == HttpStatus.SC_OK ) {
String actualContent = response.asString();
- String expectedContent = driver.getResourceString( resource, Charset.forName("UTF-8") );
- assertThat( actualContent, Matchers.is(expectedContent) );
+ String thenedContent = driver.getResourceString( resource, Charset.forName("UTF-8") );
+ assertThat( actualContent, Matchers.is(thenedContent) );
}
driver.assertComplete();
}
@@ -3974,7 +3974,7 @@ public class GatewayBasicFuncTest {
.queryParam( "op", "SETOWNER" )
.queryParam( "owner", owner )
.queryParam( "group", group )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().put( driver.getUrl("WEBHDFS") + "/v1" + file + ( driver.isUseGateway() ? "" : "?user.name=" + user ) );
@@ -3997,7 +3997,7 @@ public class GatewayBasicFuncTest {
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.queryParam( "op", "SETPERMISSION" )
.queryParam( "permission", permsOctal )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().put( driver.getUrl("WEBHDFS") + "/v1" + file + ( driver.isUseGateway() ? "" : "?user.name=" + user ) );
@@ -4043,7 +4043,7 @@ public class GatewayBasicFuncTest {
.queryParam( "op", "CREATE" )
.queryParam( "overwrite", "true" )
.body( driver.getResourceBytes( resource ) )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().put( driver.getUrl("WEBHDFS") + "/v1" + file + ( driver.isUseGateway() ? "" : "?user.name=" + user ) );
@@ -4085,7 +4085,7 @@ public class GatewayBasicFuncTest {
.queryParam( "overwrite", "true" )
.contentType( contentType )
.body( driver.getResourceBytes( resource ) )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().put( location );
@@ -4106,7 +4106,7 @@ public class GatewayBasicFuncTest {
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.queryParam( "op", "DELETE" )
.queryParam( "recursive", recursive )
- .expect()
+ .then()
//.log().all()
.statusCode( Matchers.isIn(ArrayUtils.toObject(status)) )
.when()
@@ -4132,7 +4132,7 @@ public class GatewayBasicFuncTest {
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.queryParam( "op", "MKDIRS" )
.queryParam( "permission", permsOctal )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.contentType( "application/json" )
@@ -4172,7 +4172,7 @@ public class GatewayBasicFuncTest {
.formParam( "jar", jar ) //"/user/hdfs/test/hadoop-examples.jar" )
.formParam( "class", main ) //"org.apache.org.apache.hadoop.examples.WordCount" )
.formParam( "arg", input, output ) //.formParam( "arg", "/user/hdfs/test/input", "/user/hdfs/test/output" )
- .expect()
+ .then()
//.log().all()
.statusCode( status )
.when().post( driver.getUrl( "WEBHCAT" ) + "/v1/mapreduce/jar" + ( driver.isUseGateway() ? "" : "?user.name=" + user ) ).asString();
@@ -4202,7 +4202,7 @@ public class GatewayBasicFuncTest {
.formParam( "file", file )
.formParam( "arg", arg )
.formParam( "statusdir", statusDir )
- .expect()
+ .then()
//.log().all();
.statusCode( Matchers.isIn(ArrayUtils.toObject(status)) )
.contentType( "application/json" )
@@ -4235,7 +4235,7 @@ public class GatewayBasicFuncTest {
.formParam( "group", group )
.formParam( "file", file )
.formParam( "statusdir", statusDir )
- .expect()
+ .then()
//.log().all()
.statusCode( Matchers.isIn(ArrayUtils.toObject(status)) )
.contentType( "application/json" )
@@ -4264,7 +4264,7 @@ public class GatewayBasicFuncTest {
.auth().preemptive().basic( user, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
.pathParam( "job", job )
- .expect()
+ .then()
//.log().all()
.body( "status.jobId", CoreMatchers.equalTo(job) )
.statusCode( HttpStatus.SC_OK )
@@ -4285,7 +4285,7 @@ public class GatewayBasicFuncTest {
given()
.auth().preemptive().basic( user, password )
.header( "X-XSRF-Header", "jksdhfkhdsf" )
- .expect()
+ .then()
.statusCode( 200 )
.body( "", Matchers.hasItems(0, 1) )
.when().get( driver.getUrl( "OOZIE" ) + "/versions" + ( driver.isUseGateway() ? "" : "?user.name=" + user ) ).asString();
@@ -4401,7 +4401,7 @@ public class GatewayBasicFuncTest {
// .queryParam( "action", "start" )
// .contentType( "application/xml;charset=UTF-8" )
// .content( request )
-// .expect()
+// .then()
// .log().all()
// .statusCode( status )
// .when().post( getUrl( "OOZIE" ) + "/v1/jobs" + ( isUseGateway() ? "" : "?user.name=" + user ) ).asString();
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayDeployFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayDeployFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayDeployFuncTest.java
index 744fd85..9b700bf 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayDeployFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayDeployFuncTest.java
@@ -244,7 +244,7 @@ public class GatewayDeployFuncTest {
// Make sure the test topology is not accessible.
given().auth().preemptive().basic( username, password )
- .expect().statusCode( HttpStatus.SC_NOT_FOUND )
+ .then().statusCode( HttpStatus.SC_NOT_FOUND )
.when().get( serviceUrl );
// Make sure deployment directory is empty.
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
index 033f028..a5b5516 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayHealthFuncTest.java
@@ -174,7 +174,7 @@ public class GatewayHealthFuncTest {
String body = given()
.auth().preemptive().basic(username, password)
.header("Accept", MediaType.TEXT_PLAIN)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.TEXT_PLAIN)
.when().get(serviceUrl).asString();
@@ -190,7 +190,7 @@ public class GatewayHealthFuncTest {
String serviceUrl = clusterUrl + "/v1/metrics";
String body = given()
.auth().preemptive().basic(username, password)
- .expect()
+ .then()
.statusCode(HttpStatus.SC_OK)
.contentType(MediaType.APPLICATION_JSON)
.when().get(serviceUrl).asString();
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
index 49ae6ed..645279d 100755
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapDynamicGroupFuncTest.java
@@ -259,7 +259,7 @@ public class GatewayLdapDynamicGroupFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -277,7 +277,7 @@ public class GatewayLdapDynamicGroupFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_FORBIDDEN )
.when().get( serviceUrl );
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapGroupFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapGroupFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapGroupFuncTest.java
index 68b9b5e..b7814e4 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapGroupFuncTest.java
@@ -253,7 +253,7 @@ public class GatewayLdapGroupFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -271,7 +271,7 @@ public class GatewayLdapGroupFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_FORBIDDEN )
.when().get( serviceUrl );
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
index f0b9fd0..1d96a20 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLdapPosixGroupFuncTest.java
@@ -234,7 +234,7 @@ public class GatewayLdapPosixGroupFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -251,7 +251,7 @@ public class GatewayLdapPosixGroupFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_FORBIDDEN )
.when().get( serviceUrl );
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
index dff3182..a72480a 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
@@ -168,7 +168,7 @@ public class GatewayLocalServiceFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayMultiFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayMultiFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayMultiFuncTest.java
index 2c2371f..8d48d24 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayMultiFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayMultiFuncTest.java
@@ -182,7 +182,7 @@ public class GatewayMultiFuncTest {
String json = given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/json; charset=UTF-8" )
@@ -195,7 +195,7 @@ public class GatewayMultiFuncTest {
byte[] bytes = given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "application/octet-stream" )
@@ -319,7 +319,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -328,7 +328,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, invalidPword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( gatewayUrl + "/knox694-1/test-service-path/test-resource-path" );
@@ -341,7 +341,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -350,7 +350,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, invalidPword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( gatewayUrl + "/knox694-2/test-service-path/test-resource-path" );
@@ -363,7 +363,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -372,7 +372,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, invalidPword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( gatewayUrl + "/knox694-3/test-service-path/test-resource-path" );
@@ -385,7 +385,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -394,7 +394,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, invalidPword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( gatewayUrl + "/knox694-4/test-service-path/test-resource-path" );
@@ -407,7 +407,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -416,7 +416,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, invalidPword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( gatewayUrl + "/knox694-5/test-service-path/test-resource-path" );
@@ -429,7 +429,7 @@ public class GatewayMultiFuncTest {
given()
//.log().all()
.auth().preemptive().basic( uname, pword )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_UNAUTHORIZED )
.when().get( gatewayUrl + "/knox694-6/test-service-path/test-resource-path" );
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
index 848daa5..b15dffe 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingDisableFeatureTest.java
@@ -160,7 +160,7 @@ public class GatewayPortMappingDisableFeatureTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
.body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFailTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFailTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFailTest.java
index c4e7794..fecc9e3 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFailTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFailTest.java
@@ -136,7 +136,7 @@ public class GatewayPortMappingFailTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
//.log().ifError()
.statusCode(HttpStatus.SC_NOT_FOUND)
//.content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
index 3e09730..a0c2cdb 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayPortMappingFuncTest.java
@@ -184,7 +184,7 @@ public class GatewayPortMappingFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
.body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
index 9e66887..4c335ae 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
@@ -166,7 +166,7 @@ public class GatewaySampleFuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
index a7465d1..a5eb89c 100755
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/Knox242FuncTest.java
@@ -254,7 +254,7 @@ public class Knox242FuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_OK )
.contentType( "text/plain" )
@@ -272,7 +272,7 @@ public class Knox242FuncTest {
given()
//.log().all()
.auth().preemptive().basic( username, password )
- .expect()
+ .then()
//.log().all()
.statusCode( HttpStatus.SC_FORBIDDEN )
.when().get( serviceUrl );
[11/12] knox git commit: Merge remote-tracking branch 'origin/master'
into KNOX-998-Package_Restructuring
Posted by mo...@apache.org.
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
----------------------------------------------------------------------
diff --cc gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
index db66c8e,0000000..dc76005
mode 100644,000000..100644
--- a/gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
+++ b/gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
@@@ -1,52 -1,0 +1,307 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.service.knoxtoken;
+
++import org.apache.knox.gateway.service.knoxtoken.TokenResource;
++import org.apache.knox.gateway.services.GatewayServices;
++import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
++import org.apache.knox.gateway.services.security.token.TokenServiceException;
++import org.apache.knox.gateway.services.security.token.impl.JWT;
++import org.apache.knox.gateway.services.security.token.impl.JWTToken;
++import org.easymock.EasyMock;
+import org.junit.Assert;
++import org.junit.BeforeClass;
+import org.junit.Test;
+
++import com.nimbusds.jose.JWSSigner;
++import com.nimbusds.jose.JWSVerifier;
++import com.nimbusds.jose.crypto.RSASSASigner;
++import com.nimbusds.jose.crypto.RSASSAVerifier;
++
+import java.util.Map;
++
++import javax.security.auth.Subject;
++import javax.servlet.ServletContext;
++import javax.servlet.http.HttpServletRequest;
++import javax.servlet.http.HttpServletResponse;
++import javax.ws.rs.core.Response;
++
++import static org.junit.Assert.*;
++
++import java.io.PrintWriter;
++import java.io.StringWriter;
++import java.security.KeyPair;
++import java.security.KeyPairGenerator;
++import java.security.NoSuchAlgorithmException;
++import java.security.Principal;
++import java.security.interfaces.RSAPrivateKey;
++import java.security.interfaces.RSAPublicKey;
++import java.util.ArrayList;
++import java.util.Arrays;
++import java.util.Collections;
+import java.util.HashMap;
++import java.util.List;
+
+/**
- *
++ * Some tests for the token service
+ */
+public class TokenServiceResourceTest {
+
++ protected static RSAPublicKey publicKey;
++ protected static RSAPrivateKey privateKey;
++
++ @BeforeClass
++ public static void setup() throws Exception, NoSuchAlgorithmException {
++ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
++ kpg.initialize(1024);
++ KeyPair KPair = kpg.generateKeyPair();
++
++ publicKey = (RSAPublicKey) KPair.getPublic();
++ privateKey = (RSAPrivateKey) KPair.getPrivate();
++ }
++
+ @Test
+ public void testTokenService() throws Exception {
+ Assert.assertTrue(true);
+ }
+
+ @Test
+ public void testClientData() throws Exception {
+ TokenResource tr = new TokenResource();
+
+ Map<String,Object> clientDataMap = new HashMap<>();
+ tr.addClientDataToMap("cookie.name=hadoop-jwt,test=value".split(","), clientDataMap);
+ Assert.assertTrue(clientDataMap.size() == 2);
+
+ clientDataMap = new HashMap<>();
+ tr.addClientDataToMap("cookie.name=hadoop-jwt".split(","), clientDataMap);
+ Assert.assertTrue(clientDataMap.size() == 1);
+
+ clientDataMap = new HashMap<>();
+ tr.addClientDataToMap("".split(","), clientDataMap);
+ Assert.assertTrue(clientDataMap.size() == 0);
+ }
++
++ @Test
++ public void testGetToken() throws Exception {
++ TokenResource tr = new TokenResource();
++
++ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
++ //tr.context = context;
++ // tr.init();
++
++ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
++ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
++ Principal principal = EasyMock.createNiceMock(Principal.class);
++ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
++ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
++
++ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
++ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
++
++ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
++ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
++
++ StringWriter writer = new StringWriter();
++ PrintWriter printWriter = new PrintWriter(writer);
++ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
++ EasyMock.expect(response.getWriter()).andReturn(printWriter);
++
++ EasyMock.replay(principal, services, context, request, response);
++
++ tr.request = request;
++ tr.response = response;
++
++ // Issue a token
++ Response retResponse = tr.doGet();
++
++ assertEquals(200, retResponse.getStatus());
++
++ // Parse the response
++ String retString = writer.toString();
++ String accessToken = getTagValue(retString, "access_token");
++ assertNotNull(accessToken);
++ String expiry = getTagValue(retString, "expires_in");
++ assertNotNull(expiry);
++
++ // Verify the token
++ JWTToken parsedToken = new JWTToken(accessToken);
++ assertEquals("alice", parsedToken.getSubject());
++ assertTrue(authority.verifyToken(parsedToken));
++ }
++
++ @Test
++ public void testAudiences() throws Exception {
++
++ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
++ EasyMock.expect(context.getInitParameter("knox.token.audiences")).andReturn("recipient1,recipient2");
++ EasyMock.expect(context.getInitParameter("knox.token.ttl")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knox.token.target.url")).andReturn(null);
++ EasyMock.expect(context.getInitParameter("knox.token.client.data")).andReturn(null);
++
++ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
++ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
++ Principal principal = EasyMock.createNiceMock(Principal.class);
++ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
++ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
++
++ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
++ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
++
++ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
++ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
++
++ StringWriter writer = new StringWriter();
++ PrintWriter printWriter = new PrintWriter(writer);
++ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
++ EasyMock.expect(response.getWriter()).andReturn(printWriter);
++
++ EasyMock.replay(principal, services, context, request, response);
++
++ TokenResource tr = new TokenResource();
++ tr.request = request;
++ tr.response = response;
++ tr.context = context;
++ tr.init();
++
++ // Issue a token
++ Response retResponse = tr.doGet();
++
++ assertEquals(200, retResponse.getStatus());
++
++ // Parse the response
++ String retString = writer.toString();
++ String accessToken = getTagValue(retString, "access_token");
++ assertNotNull(accessToken);
++ String expiry = getTagValue(retString, "expires_in");
++ assertNotNull(expiry);
++
++ // Verify the token
++ JWTToken parsedToken = new JWTToken(accessToken);
++ assertEquals("alice", parsedToken.getSubject());
++ assertTrue(authority.verifyToken(parsedToken));
++
++ // Verify the audiences
++ List<String> audiences = Arrays.asList(parsedToken.getAudienceClaims());
++ assertEquals(2, audiences.size());
++ assertTrue(audiences.contains("recipient1"));
++ assertTrue(audiences.contains("recipient2"));
++ }
++
++ private String getTagValue(String token, String tagName) {
++ String searchString = tagName + "\":";
++ String value = token.substring(token.indexOf(searchString) + searchString.length());
++ if (value.startsWith("\"")) {
++ value = value.substring(1);
++ }
++ if (value.contains("\"")) {
++ return value.substring(0, value.indexOf("\""));
++ } else if (value.contains(",")) {
++ return value.substring(0, value.indexOf(","));
++ } else {
++ return value.substring(0, value.length() - 1);
++ }
++ }
++
++ private static class TestJWTokenAuthority implements JWTokenAuthority {
++
++ private RSAPublicKey publicKey;
++ private RSAPrivateKey privateKey;
++
++ public TestJWTokenAuthority(RSAPublicKey publicKey, RSAPrivateKey privateKey) {
++ this.publicKey = publicKey;
++ this.privateKey = privateKey;
++ }
++
++ @Override
++ public JWTToken issueToken(Subject subject, String algorithm)
++ throws TokenServiceException {
++ Principal p = (Principal) subject.getPrincipals().toArray()[0];
++ return issueToken(p, algorithm);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, String algorithm)
++ throws TokenServiceException {
++ return issueToken(p, null, algorithm);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, String audience, String algorithm)
++ throws TokenServiceException {
++ return issueToken(p, audience, algorithm, -1);
++ }
++
++ @Override
++ public boolean verifyToken(JWTToken token) throws TokenServiceException {
++ JWSVerifier verifier = new RSASSAVerifier(publicKey);
++ return token.verify(verifier);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, String audience, String algorithm,
++ long expires) throws TokenServiceException {
++ ArrayList<String> audiences = null;
++ if (audience != null) {
++ audiences = new ArrayList<String>();
++ audiences.add(audience);
++ }
++ return issueToken(p, audiences, algorithm, expires);
++ }
++
++ @Override
++ public JWTToken issueToken(Principal p, List<String> audiences, String algorithm,
++ long expires) throws TokenServiceException {
++ String[] claimArray = new String[4];
++ claimArray[0] = "KNOXSSO";
++ claimArray[1] = p.getName();
++ claimArray[2] = null;
++ if (expires == -1) {
++ claimArray[3] = null;
++ } else {
++ claimArray[3] = String.valueOf(expires);
++ }
++
++ JWTToken token = null;
++ if ("RS256".equals(algorithm)) {
++ token = new JWTToken("RS256", claimArray, audiences);
++ JWSSigner signer = new RSASSASigner(privateKey);
++ token.sign(signer);
++ } else {
++ throw new TokenServiceException("Cannot issue token - Unsupported algorithm");
++ }
++
++ return token;
++ }
++
++ @Override
++ public JWT issueToken(Principal p, String algorithm, long expiry)
++ throws TokenServiceException {
++ return issueToken(p, Collections.<String>emptyList(), algorithm, expiry);
++ }
++
++ @Override
++ public boolean verifyToken(JWTToken token, RSAPublicKey publicKey) throws TokenServiceException {
++ JWSVerifier verifier = new RSASSAVerifier(publicKey);
++ return token.verify(verifier);
++ }
++
++ }
++
++
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
index 8b26dce,0000000..79837e8
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
@@@ -1,354 -1,0 +1,354 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.IOUtils;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.topology.TopologyService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpStatus;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+import org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader;
+import org.hamcrest.MatcherAssert;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.StringWriter;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.UUID;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static uk.co.datumedge.hamcrest.json.SameJSONAs.sameJSONAs;
+
+public class AmbariServiceDefinitionTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( AmbariServiceDefinitionTest.class );
+ private static Class<?> DAT = AmbariServiceDefinitionTest.class;
+
+ private static GatewayTestConfig config;
+ private static DefaultGatewayServices services;
+ private static GatewayServer gateway;
+ private static int gatewayPort;
+ private static String gatewayUrl;
+ private static String clusterUrl;
+ private static String clusterPath;
+ private static Properties params;
+ private static TopologyService topos;
+ private static MockServer mockAmbari;
+
+ private static VelocityEngine velocity;
+ private static VelocityContext context;
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ setupGateway();
+ String topoStr = TestUtils.merge( DAT, "test-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ LOG_EXIT();
+ }
+
+ @After
+ public void cleanupTest() throws Exception {
+ FileUtils.cleanDirectory( new File( config.getGatewayTopologyDir() ) );
+ // Test run should not fail if deleting deployment files is not successful.
+ // Deletion has been already done by TopologyService.
+ FileUtils.deleteQuietly( new File( config.getGatewayDeploymentDir() ) );
+ }
+
+ public static void setupGateway() throws Exception {
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ config = new GatewayTestConfig();
+ config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( config.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ setupMockServers();
+ startGatewayServer();
+ }
+
+ public static void setupMockServers() throws Exception {
+ mockAmbari = new MockServer( "AMBARI", true );
+ }
+
+ public static void startGatewayServer() throws Exception {
+ services = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ services.init( config, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ topos = services.getService(GatewayServices.TOPOLOGY_SERVICE);
+
+ gateway = GatewayServer.startGateway( config, services );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ gatewayPort = gateway.getAddresses()[0].getPort();
+ gatewayUrl = "http://localhost:" + gatewayPort + "/" + config.getGatewayPath();
+ String topologyPath = "/test-topology";
+ clusterPath = "/" + config.getGatewayPath() + topologyPath;
+ clusterUrl = gatewayUrl + topologyPath;
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ params = new Properties();
+ params.put( "AMBARI_URL", "http://localhost:" + mockAmbari.getPort() );
+
+ velocity = new VelocityEngine();
+ velocity.setProperty( RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, "org.apache.velocity.runtime.log.NullLogSystem" );
+ velocity.setProperty( RuntimeConstants.RESOURCE_LOADER, "classpath" );
+ velocity.setProperty( "classpath.resource.loader.class", ClasspathResourceLoader.class.getName() );
+ velocity.init();
+
+ context = new VelocityContext();
+ context.put( "cluster_url", clusterUrl );
+ context.put( "cluster_path", clusterPath );
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void clusters() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/clusters";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/clusters" )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "clusters-response.json" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+// .log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+// .log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+
+ String name = TestUtils.getResourceName( this.getClass(), "clusters-response-expected.json" );
+ Template template = velocity.getTemplate( name );
+ StringWriter sw = new StringWriter();
+ template.merge( context, sw );
+ String expected = sw.toString();
+
+ MatcherAssert.assertThat(body, sameJSONAs(expected));
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void historyServer() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/clusters/test/hosts/c6401.ambari.apache.org/host_components/HISTORYSERVER";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/clusters/test/hosts/c6401.ambari.apache.org/host_components/HISTORYSERVER" )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "history-server-response.json" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+
+ String name = TestUtils.getResourceName( this.getClass(), "history-server-response-expected.json" );
+ Template template = velocity.getTemplate( name );
+ StringWriter sw = new StringWriter();
+ template.merge( context, sw );
+ String expected = sw.toString();
+
+ MatcherAssert.assertThat(body, sameJSONAs(expected));
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void unwiseCharacterRequest() throws Exception {
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/clusters/test/components";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/clusters/test/components" )
+ .queryParam("ServiceComponentInfo/component_name", "APP_TIMELINE_SERVER|ServiceComponentInfo/category=MASTER")
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "unwise-character-response.json" ) )
+ .contentType( "text/plain" );
+ //only assertion here is to make sure the request can be made successfully with the unwise characters present
+ //in the request url
+ given()
+ .auth().preemptive().basic( username, password )
+ .queryParam("ServiceComponentInfo/component_name", "APP_TIMELINE_SERVER|ServiceComponentInfo/category=MASTER")
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void encryptedResponse() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/persist/CLUSTER_CURRENT_STATUS?_=1457977721091";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/persist/CLUSTER_CURRENT_STATUS" )
+ .queryParam("_","1457977721091")
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "encrypted-response.txt" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+ Assert.assertNotNull(body);
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void postDataWithWrongContentType() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/stacks/HDP/versions/2.3/recommendations";
+
+ mockAmbari.expect()
+ .method( "POST" )
+ .pathInfo( "/api/v1/stacks/HDP/versions/2.3/recommendations" )
+ .content( TestUtils.getResourceStream( DAT, "post-data-wrong-type.json" ) )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .contentType( "application/x-www-form-urlencoded" );
+
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
- .content(IOUtils.toByteArray(TestUtils.getResourceStream( DAT, "post-data-wrong-type.json")))
- .expect()
++ .body(IOUtils.toByteArray(TestUtils.getResourceStream( DAT, "post-data-wrong-type.json")))
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/x-www-form-urlencoded" )
+ .when().post( serviceUrl ).asString();
+
+ Assert.assertNotNull(body);
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void contextPathInViewsResponse() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+
+ String serviceUrl = clusterUrl + "/ambari/api/v1/views?fields=versions/instances/ViewInstanceInfo,versions/" +
+ "ViewVersionInfo/label&versions/ViewVersionInfo/system=false&_=1461186937589";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/views" )
+ .queryParam("_", "1461186937589")
+ .queryParam("versions/ViewVersionInfo/system", "false")
+ .queryParam("fields", "versions/instances/ViewInstanceInfo,versions/ViewVersionInfo/label")
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "views-response.json" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+
+ String name = TestUtils.getResourceName( this.getClass(), "views-response-expected.json" );
+ Template template = velocity.getTemplate( name );
+ StringWriter sw = new StringWriter();
+ template.merge( context, sw );
+ String expected = sw.toString();
+
+ MatcherAssert.assertThat(body, sameJSONAs(expected));
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
index 810626b,0000000..eba5de6
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
@@@ -1,176 -1,0 +1,176 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.ws.rs.core.MediaType;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+public class GatewayAdminFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayAdminFuncTest.class );
+
+ //public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ TestUtils.LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway();
+ TestUtils.LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ TestUtils.LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ TestUtils.LOG_EXIT();
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ File descriptor = new File( topoDir, "test-cluster.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-cluster";
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .addTag( "provider" )
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "KNOX" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ //@Test
+ public void waitForManualTesting() throws IOException {
+ System.out.println( clusterUrl );
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testAdminService() throws ClassNotFoundException {
+ TestUtils.LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/api/v1/version";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ //.body( is( "{\"hash\":\"unknown\",\"version\":\"unknown\"}" ) )
+ .when().get( serviceUrl );
+
+ TestUtils.LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
index e5c16be,0000000..d33d59e
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
@@@ -1,802 -1,0 +1,800 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.StringReader;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+import javax.ws.rs.core.MediaType;
+
+import io.restassured.http.ContentType;
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.topology.TopologyService;
+import org.apache.knox.gateway.topology.Param;
+import org.apache.knox.gateway.topology.Provider;
+import org.apache.knox.gateway.topology.Service;
+import org.apache.knox.gateway.topology.Topology;
+import org.apache.knox.gateway.util.XmlUtils;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.xml.sax.InputSource;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.not;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.xml.HasXPath.hasXPath;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.fail;
+
+public class GatewayAdminTopologyFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayAdminTopologyFuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway(new GatewayTestConfig());
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ }
+
+ public static void setupGateway(GatewayTestConfig testConfig) throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ File descriptor = new File( topoDir, "admin.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createKnoxTopology().toStream( stream );
+ stream.close();
+
+ File descriptor2 = new File( topoDir, "test-cluster.xml" );
+ FileOutputStream stream2 = new FileOutputStream( descriptor2 );
+ createNormalTopology().toStream( stream2 );
+ stream.close();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/admin";
+ }
+
+ private static XMLTag createNormalTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "webappsec" )
+ .addTag( "name" ).addText( "WebAppSec" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "csrf.enabled" )
+ .addTag( "value" ).addText( "true" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "AclsAuthz" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "webhdfs-acl" )
+ .addTag( "value" ).addText( "hdfs;*;*" ).gotoParent()
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "WEBHDFS" )
+ .addTag( "url" ).addText( "http://localhost:50070/webhdfs/v1" ).gotoParent()
+ .gotoRoot();
+// System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ private static XMLTag createKnoxTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "name" ).addText( "AclsAuthz" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag("param")
+ .addTag("name").addText("knox.acl")
+ .addTag("value").addText("admin;*;*").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "KNOX" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ //@Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testTopologyCollection() throws ClassNotFoundException {
+ LOG_ENTER();
+
+ String username = "admin";
+ String password = "admin-password";
+ String serviceUrl = clusterUrl + "/api/v1/topologies";
+ String href1 = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .contentType(MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .body("topologies.topology[0].name", not(nullValue()))
+ .body("topologies.topology[1].name", not(nullValue()))
+ .body("topologies.topology[0].uri", not(nullValue()))
+ .body("topologies.topology[1].uri", not(nullValue()))
+ .body("topologies.topology[0].href", not(nullValue()))
+ .body("topologies.topology[1].href", not(nullValue()))
+ .body("topologies.topology[0].timestamp", not(nullValue()))
+ .body("topologies.topology[1].timestamp", not(nullValue()))
+ .when().get(serviceUrl).thenReturn().getBody().path("topologies.topology.href[1]");
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
- .expect()
++ .then()
+ //.log().all()
+ .body("topologies.topology.href[1]", equalTo(href1))
+ .statusCode(HttpStatus.SC_OK)
+ .when().get(serviceUrl);
+
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.APPLICATION_XML)
+ .when().get(serviceUrl);
+
+
+ given().auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType("application/json")
+ .body("topology.name", equalTo("test-cluster"))
+ .when().get(href1);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testTopologyObject() throws ClassNotFoundException {
+ LOG_ENTER();
+
+ String username = "admin";
+ String password = "admin-password";
+ String serviceUrl = clusterUrl + "/api/v1/topologies";
+ String hrefJson = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .when().get(serviceUrl).thenReturn().getBody().path("topologies.topology[1].href");
+
+ String timestampJson = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType("application/json")
+ .when().get(serviceUrl).andReturn()
+ .getBody().path("topologies.topology[1].timestamp");
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .body("topology.name", equalTo("test-cluster"))
+ .body("topology.timestamp", equalTo(Long.parseLong(timestampJson)))
+ .when()
+ .get(hrefJson);
+
+
+ String hrefXml = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .when().get(serviceUrl).thenReturn().getBody().path("topologies.topology[1].href");
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .when()
+ .get(hrefXml);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testPositiveAuthorization() throws ClassNotFoundException{
+ LOG_ENTER();
+
+ String adminUser = "admin";
+ String adminPass = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(adminUser, adminPass)
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(ContentType.JSON)
+ .body("topologies.topology[0].name", not(nullValue()))
+ .body("topologies.topology[1].name", not(nullValue()))
+ .body("topologies.topology[0].uri", not(nullValue()))
+ .body("topologies.topology[1].uri", not(nullValue()))
+ .body("topologies.topology[0].href", not(nullValue()))
+ .body("topologies.topology[1].href", not(nullValue()))
+ .body("topologies.topology[0].timestamp", not(nullValue()))
+ .body("topologies.topology[1].timestamp", not(nullValue()))
+ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testNegativeAuthorization() throws ClassNotFoundException{
+ LOG_ENTER();
+
+ String guestUser = "guest";
+ String guestPass = "guest-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+ given()
+ //.log().all()
+ .auth().basic(guestUser, guestPass)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_FORBIDDEN)
+ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ private Topology createTestTopology(){
+ Topology topology = new Topology();
+ topology.setName("test-topology");
+
+ try {
+ topology.setUri(new URI(gatewayUrl + "/" + topology.getName()));
+ } catch (URISyntaxException ex) {
+ assertThat(topology.getUri(), not(nullValue()));
+ }
+
+ Provider identityProvider = new Provider();
+ identityProvider.setName("Default");
+ identityProvider.setRole("identity-assertion");
+ identityProvider.setEnabled(true);
+
+ Provider AuthenicationProvider = new Provider();
+ AuthenicationProvider.setName("ShiroProvider");
+ AuthenicationProvider.setRole("authentication");
+ AuthenicationProvider.setEnabled(true);
+
+ Param ldapMain = new Param();
+ ldapMain.setName("main.ldapRealm");
+ ldapMain.setValue("org.apache.knox.gateway.shirorealm.KnoxLdapRealm");
+
+ Param ldapGroupContextFactory = new Param();
+ ldapGroupContextFactory.setName("main.ldapGroupContextFactory");
+ ldapGroupContextFactory.setValue("org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory");
+
+ Param ldapRealmContext = new Param();
+ ldapRealmContext.setName("main.ldapRealm.contextFactory");
+ ldapRealmContext.setValue("$ldapGroupContextFactory");
+
+ Param ldapURL = new Param();
+ ldapURL.setName("main.ldapRealm.contextFactory.url");
+ ldapURL.setValue(driver.getLdapUrl());
+
+ Param ldapUserTemplate = new Param();
+ ldapUserTemplate.setName("main.ldapRealm.userDnTemplate");
+ ldapUserTemplate.setValue("uid={0},ou=people,dc=hadoop,dc=apache,dc=org");
+
+ Param authcBasic = new Param();
+ authcBasic.setName("urls./**");
+ authcBasic.setValue("authcBasic");
+
+ AuthenicationProvider.addParam(ldapGroupContextFactory);
+ AuthenicationProvider.addParam(ldapMain);
+ AuthenicationProvider.addParam(ldapRealmContext);
+ AuthenicationProvider.addParam(ldapURL);
+ AuthenicationProvider.addParam(ldapUserTemplate);
+ AuthenicationProvider.addParam(authcBasic);
+
+ Service testService = new Service();
+ testService.setRole("test-service-role");
+
+ topology.addProvider(AuthenicationProvider);
+ topology.addProvider(identityProvider);
+ topology.addService(testService);
+ topology.setTimestamp(System.nanoTime());
+
+ return topology;
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testDeployTopology() throws Exception {
+ LOG_ENTER();
+
+ Topology testTopology = createTestTopology();
+
+ String user = "guest";
+ String password = "guest-password";
+
+ String url = gatewayUrl + "/" + testTopology.getName() + "/test-service-path/test-service-resource";
+
+ GatewayServices srvs = GatewayServer.getGatewayServices();
+
+ TopologyService ts = srvs.getService(GatewayServices.TOPOLOGY_SERVICE);
+ try {
+ ts.stopMonitor();
+
+ assertThat( testTopology, not( nullValue() ) );
+ assertThat( testTopology.getName(), is( "test-topology" ) );
+
+ given()
+ //.log().all()
- .auth().preemptive().basic( "admin", "admin-password" ).header( "Accept", MediaType.APPLICATION_JSON ).expect()
++ .auth().preemptive().basic( "admin", "admin-password" ).header( "Accept", MediaType.APPLICATION_JSON ).then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK ).body( containsString( "ServerVersion" ) ).when().get( gatewayUrl + "/admin/api/v1/version" );
+
+ given()
+ //.log().all()
- .auth().preemptive().basic( user, password ).expect()
++ .auth().preemptive().basic( user, password ).then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_NOT_FOUND ).when().get( url );
+
+ ts.deployTopology( testTopology );
+
+ given()
+ //.log().all()
- .auth().preemptive().basic( user, password ).expect()
++ .auth().preemptive().basic( user, password ).then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK ).contentType( "text/plain" ).body( is( "test-service-response" ) ).when().get( url ).getBody();
+
+ ts.deleteTopology( testTopology );
+
+ given()
+ //.log().all()
- .auth().preemptive().basic( user, password ).expect()
++ .auth().preemptive().basic( user, password ).then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_NOT_FOUND ).when().get( url );
+ } finally {
+ ts.startMonitor();
+ }
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testDeleteTopology() throws ClassNotFoundException {
+ LOG_ENTER();
+
+ Topology test = createTestTopology();
+
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies/" + test.getName();
+
+ GatewayServices gs = GatewayServer.getGatewayServices();
+
+ TopologyService ts = gs.getService(GatewayServices.TOPOLOGY_SERVICE);
+
+ ts.deployTopology(test);
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.APPLICATION_JSON)
+ .when().get(url);
+
+ given()
+ .auth().preemptive().basic(username, password)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.APPLICATION_JSON)
+ .when().delete(url);
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
- .expect()
++ .then()
+ //.log().all()
+ .statusCode(HttpStatus.SC_NO_CONTENT)
+ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testPutTopology() throws Exception {
+ LOG_ENTER() ;
+
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies/test-put";
+
+ String JsonPut =
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .get(clusterUrl + "/api/v1/topologies/test-cluster")
+ .getBody().asString();
+
+ String XML = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .contentType(MediaType.APPLICATION_JSON)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .body(JsonPut)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ //.log().all()
+ .when().put(url).getBody().asString();
+
+ InputSource source = new InputSource( new StringReader( XML ) );
+ Document doc = XmlUtils.readXml( source );
+
+ assertThat( doc, hasXPath( "/topology/gateway/provider[1]/name", containsString( "WebAppSec" ) ) );
+ assertThat( doc, hasXPath( "/topology/gateway/provider[1]/param/name", containsString( "csrf.enabled" ) ) );
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(equalTo(XML))
+ .when().get(url)
+ .getBody().asString();
+
+ String XmlPut =
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .get(clusterUrl + "/api/v1/topologies/test-cluster")
+ .getBody().asString();
+
+ String JSON = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .contentType(MediaType.APPLICATION_XML)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .body(XmlPut)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ //.log().all()
+ .when().put(url).getBody().asString();
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(equalTo(JSON))
+ .when().get(url)
+ .getBody().asString();
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testXForwardedHeaders() {
+ LOG_ENTER();
+
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+// X-Forward header values
+ String port = String.valueOf(777);
+ String server = "myserver";
+ String host = server + ":" + port;
+ String proto = "protocol";
+ String context = "/mycontext";
+ String newUrl = proto + "://" + host + context;
+// String port = String.valueOf(gateway.getAddresses()[0].getPort());
+
+// Case 1: Add in all x-forward headers (host, port, server, context, proto)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Port", port )
+ .header("X-Forwarded-Server", server )
+ .header("X-Forwarded-Context", context)
+ .header("X-Forwarded-Proto", proto)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(newUrl))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
+ .when().get(url);
+
+
+// Case 2: add in x-forward headers (host, server, proto, context)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Server", server )
+ .header("X-Forwarded-Context", context )
+ .header("X-Forwarded-Proto", proto )
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(server))
+ .body(containsString(context))
+ .body(containsString(proto))
+ .body(containsString(host))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
+ .when().get(url);
+
+// Case 3: add in x-forward headers (host, proto, port, context)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Port", port )
+ .header("X-Forwarded-Context", context )
+ .header("X-Forwarded-Proto", proto)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(host))
+ .body(containsString(port))
+ .body(containsString(context))
+ .body(containsString(proto))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
+ .when().get(url);
+
+// Case 4: add in x-forward headers (host, proto, port, context) no port in host.
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", server)
+ .header("X-Forwarded-Port", port)
+ .header("X-Forwarded-Context", context)
+ .header("X-Forwarded-Proto", proto)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(server))
+ .body(containsString(port))
+ .body(containsString(context))
+ .body(containsString(proto))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
+ .when().get(url);
+
+// Case 5: add in x-forward headers (host, port)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Port", port )
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(host))
+ .body(containsString(port))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
+ .when().get(url);
+
+// Case 6: Normal Request
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(url))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
+ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testGatewayPathChange() throws Exception {
+ LOG_ENTER();
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+// Case 1: Normal Request (No Change in gateway.path). Ensure HTTP OK resp + valid URL.
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(url + "/test-cluster"))
+ .when().get(url);
+
+
+// Case 2: Change gateway.path to another String. Ensure HTTP OK resp + valid URL.
+ try {
+ gateway.stop();
+
+ GatewayTestConfig conf = new GatewayTestConfig();
+ conf.setGatewayPath("new-gateway-path");
+ setupGateway(conf);
+
+ String newUrl = clusterUrl + "/api/v1/topologies";
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(newUrl + "/test-cluster"))
+ .when().get(newUrl);
+ } catch(Exception e){
+ fail(e.getMessage());
+ }
+ finally {
+// Restart the gateway with old settings.
+ gateway.stop();
+ setupGateway(new GatewayTestConfig());
+ }
+
+ LOG_EXIT();
+ }
+
- private static final String CLASS = GatewayAdminTopologyFuncTest.class.getCanonicalName();
-
+}
[07/12] knox git commit: Merge remote-tracking branch 'origin/master'
into KNOX-998-Package_Restructuring
Posted by mo...@apache.org.
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingDisableFeatureTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingDisableFeatureTest.java
index db1dbe0,0000000..a4d8166
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingDisableFeatureTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingDisableFeatureTest.java
@@@ -1,252 -1,0 +1,252 @@@
+package org.apache.knox.gateway;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpStatus;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.rules.ExpectedException;
+
+import java.io.IOException;
+import java.net.ConnectException;
+import java.util.concurrent.ConcurrentHashMap;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+
+/**
+ * Test that the Gateway Topology Port Mapping feature is disabled properly.
+ *
+ */
+@Category(ReleaseTest.class)
+public class GatewayPortMappingDisableFeatureTest {
+
+ // Specifies if the test requests should go through the gateway or directly to the services.
+ // This is frequently used to verify the behavior of the test both with and without the gateway.
+ private static final boolean USE_GATEWAY = true;
+
+ // Specifies if the test requests should be sent to mock services or the real services.
+ // This is frequently used to verify the behavior of the test both with and without mock services.
+ private static final boolean USE_MOCK_SERVICES = true;
+
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ private static MockServer masterServer;
+
+ private int eeriePort;
+
+ @Rule
+ public ExpectedException exception = ExpectedException.none();
+
+
+ public GatewayPortMappingDisableFeatureTest() {
+ super();
+ }
+
+ /**
+ * Creates a deployment of a gateway instance that all test methods will share. This method also creates a
+ * registry of sorts for all of the services that will be used by the test methods.
+ * The createTopology method is used to create the topology file that would normally be read from disk.
+ * The driver.setupGateway invocation is where the creation of GATEWAY_HOME occurs.
+ * <p/>
+ * This would normally be done once for this suite but the failure tests start affecting each other depending
+ * on the state the last 'active' url
+ *
+ * @throws Exception Thrown if any failure occurs.
+ */
+ @Before
+ public void setup() throws Exception {
+ LOG_ENTER();
+
+ eeriePort = getAvailablePort(1240, 49151);
+
+ ConcurrentHashMap<String, Integer> topologyPortMapping = new ConcurrentHashMap<String, Integer>();
+ topologyPortMapping.put("eerie", eeriePort);
+
+ masterServer = new MockServer("master", true);
+ GatewayTestConfig config = new GatewayTestConfig();
+ config.setGatewayPath("gateway");
+ config.setTopologyPortMapping(topologyPortMapping);
+ // disable the feature
+ config.setGatewayPortMappingEnabled(false);
+
+ driver.setResourceBase(WebHdfsHaFuncTest.class);
+ driver.setupLdap(0);
+
+ driver.setupService("WEBHDFS", "http://vm.local:50070/webhdfs", "/eerie/webhdfs", USE_MOCK_SERVICES);
+
+ driver.setupGateway(config, "eerie", createTopology("WEBHDFS"), USE_GATEWAY);
+
+ LOG_EXIT();
+ }
+
+ @After
+ public void cleanup() throws Exception {
+ LOG_ENTER();
+ driver.cleanup();
+ driver.reset();
+ masterServer.reset();
+ LOG_EXIT();
+ }
+
+ /**
+ * Test the standard case
+ *
+ * @throws IOException
+ */
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicListOperation() throws IOException {
+ LOG_ENTER();
+ test(driver.getUrl("WEBHDFS") );
+ LOG_EXIT();
+ }
+
+ /**
+ * Test the multi port fail scenario when the feature is disabled.
+ * @throws IOException
+ */
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testMultiPortFailOperation() throws IOException {
+ LOG_ENTER();
+ exception.expect(ConnectException.class);
+ exception.expectMessage("Connection refused");
+
+ test("http://localhost:" + eeriePort + "/webhdfs" );
+ LOG_EXIT();
+ }
+
+
+ private void test (final String url) throws IOException {
+ String password = "hdfs-password";
+ String username = "hdfs";
+
+ masterServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-liststatus-success.json"))
+ .contentType("application/json");
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+ .log().ifError()
+ .statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
++ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .when().get(url + "/v1/");
+ masterServer.isEmpty();
+ }
+
+
+ /**
+ * Creates a topology that is deployed to the gateway instance for the test suite.
+ * Note that this topology is shared by all of the test methods in this suite.
+ *
+ * @return A populated XML structure for a topology file.
+ */
+ private static XMLTag createTopology(final String role) {
+ XMLTag xml = XMLDoc.newDocument(true)
+ .addRoot("topology")
+ .addTag("gateway")
+ .addTag("provider")
+ .addTag("role").addText("webappsec")
+ .addTag("name").addText("WebAppSec")
+ .addTag("enabled").addText("true")
+ .addTag("param")
+ .addTag("name").addText("csrf.enabled")
+ .addTag("value").addText("true").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("authentication")
+ .addTag("name").addText("ShiroProvider")
+ .addTag("enabled").addText("true")
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm")
+ .addTag("value").addText("org.apache.knox.gateway.shirorealm.KnoxLdapRealm").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.userDnTemplate")
+ .addTag("value").addText("uid={0},ou=people,dc=hadoop,dc=apache,dc=org").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.url")
+ .addTag("value").addText(driver.getLdapUrl()).gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.authenticationMechanism")
+ .addTag("value").addText("simple").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("urls./**")
+ .addTag("value").addText("authcBasic").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("identity-assertion")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("Default").gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("authorization")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("AclsAuthz").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("webhdfs-acl")
+ .addTag("value").addText("hdfs;*;*").gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("ha")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("HaProvider")
+ .addTag("param")
+ .addTag("name").addText("WEBHDFS")
+ .addTag("value").addText("maxFailoverAttempts=3;failoverSleep=15;maxRetryAttempts=3;retrySleep=10;enabled=true").gotoParent()
+ .gotoRoot()
+ .addTag("service")
+ .addTag("role").addText(role)
+ .addTag("url").addText("http://localhost:" + masterServer.getPort() + "/webhdfs")
+ .gotoRoot();
+ return xml;
+ }
+
+ /**
+ * This utility method will return the next available port
+ * that can be used.
+ *
+ * @return Port that is available.
+ */
+ public static int getAvailablePort(final int min, final int max) {
+
+ for (int i = min; i <= max; i++) {
+
+ if (!GatewayServer.isPortInUse(i)) {
+ return i;
+ }
+ }
+ // too bad
+ return -1;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFailTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFailTest.java
index ee9e802,0000000..bc01c86
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFailTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFailTest.java
@@@ -1,150 -1,0 +1,150 @@@
+package org.apache.knox.gateway;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpStatus;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.IOException;
+import java.util.concurrent.ConcurrentHashMap;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+
+/**
+ * Test the fail cases for the Port Mapping Feature
+ */
+@Category(ReleaseTest.class)
+public class GatewayPortMappingFailTest {
+
+ // Specifies if the test requests should go through the gateway or directly to the services.
+ // This is frequently used to verify the behavior of the test both with and without the gateway.
+ private static final boolean USE_GATEWAY = true;
+
+ // Specifies if the test requests should be sent to mock services or the real services.
+ // This is frequently used to verify the behavior of the test both with and without mock services.
+ private static final boolean USE_MOCK_SERVICES = true;
+
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ private static MockServer masterServer;
+
+ private static int eeriePort;
+
+ /**
+ * Create an instance
+ */
+ public GatewayPortMappingFailTest() {
+ super();
+ }
+
+ /**
+ * Creates a deployment of a gateway instance that all test methods will share. This method also creates a
+ * registry of sorts for all of the services that will be used by the test methods.
+ * The createTopology method is used to create the topology file that would normally be read from disk.
+ * The driver.setupGateway invocation is where the creation of GATEWAY_HOME occurs.
+ * <p/>
+ * This would normally be done once for this suite but the failure tests start affecting each other depending
+ * on the state the last 'active' url
+ *
+ * @throws Exception Thrown if any failure occurs.
+ */
+ @BeforeClass
+ public static void setup() throws Exception {
+ LOG_ENTER();
+
+ eeriePort = GatewayPortMappingFuncTest.getAvailablePort(1240, 49151);
+
+ ConcurrentHashMap<String, Integer> topologyPortMapping = new ConcurrentHashMap<String, Integer>();
+ topologyPortMapping.put("eerie", eeriePort);
+
+ masterServer = new MockServer("master", true);
+ GatewayTestConfig config = new GatewayTestConfig();
+ config.setGatewayPath("gateway");
+ config.setTopologyPortMapping(topologyPortMapping);
+
+ driver.setResourceBase(WebHdfsHaFuncTest.class);
+ driver.setupLdap(0);
+
+ driver.setupService("WEBHDFS", "http://vm.local:50070/webhdfs", "/eerie/webhdfs", USE_MOCK_SERVICES);
+
+ driver.setupGateway(config, "eerie", GatewayPortMappingFuncTest.createTopology("WEBHDFS", driver.getLdapUrl(), masterServer.getPort()), USE_GATEWAY);
+
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ LOG_ENTER();
+ driver.cleanup();
+ driver.reset();
+ masterServer.reset();
+ LOG_EXIT();
+ }
+
+
+ /**
+ * Fail when trying to use this feature on the standard port.
+ * Here we do not have Default Topology Feature not enabled.
+ *
+ * http://localhost:{gatewayPort}/webhdfs/v1
+ *
+ * @throws IOException
+ */
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testMultiPortOperationFail() throws IOException {
+ LOG_ENTER();
+ final String url = "http://localhost:" + driver.getGatewayPort() + "/webhdfs" ;
+
+ String password = "hdfs-password";
+ String username = "hdfs";
+
+ masterServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-liststatus-success.json"))
+ .contentType("application/json");
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode(HttpStatus.SC_NOT_FOUND)
+ //.content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .when().get(url + "/v1/");
+ masterServer.isEmpty();
+
+ LOG_EXIT();
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFuncTest.java
index b597f41,0000000..cbf138b
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayPortMappingFuncTest.java
@@@ -1,276 -1,0 +1,276 @@@
+package org.apache.knox.gateway;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpStatus;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.IOException;
+import java.util.concurrent.ConcurrentHashMap;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+
+/**
+ * Test the Gateway Topology Port Mapping functionality
+ *
+ */
+@Category(ReleaseTest.class)
+public class GatewayPortMappingFuncTest {
+
+ // Specifies if the test requests should go through the gateway or directly to the services.
+ // This is frequently used to verify the behavior of the test both with and without the gateway.
+ private static final boolean USE_GATEWAY = true;
+
+ // Specifies if the test requests should be sent to mock services or the real services.
+ // This is frequently used to verify the behavior of the test both with and without mock services.
+ private static final boolean USE_MOCK_SERVICES = true;
+
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ private static MockServer masterServer;
+
+ private static int eeriePort;
+
+ public GatewayPortMappingFuncTest() {
+ super();
+ }
+
+ /**
+ * Creates a deployment of a gateway instance that all test methods will share. This method also creates a
+ * registry of sorts for all of the services that will be used by the test methods.
+ * The createTopology method is used to create the topology file that would normally be read from disk.
+ * The driver.setupGateway invocation is where the creation of GATEWAY_HOME occurs.
+ * <p/>
+ * This would normally be done once for this suite but the failure tests start affecting each other depending
+ * on the state the last 'active' url
+ *
+ * @throws Exception Thrown if any failure occurs.
+ */
+ @BeforeClass
+ public static void setup() throws Exception {
+ LOG_ENTER();
+
+ eeriePort = getAvailablePort(1240, 49151);
+
+ ConcurrentHashMap<String, Integer> topologyPortMapping = new ConcurrentHashMap<String, Integer>();
+ topologyPortMapping.put("eerie", eeriePort);
+
+ masterServer = new MockServer("master", true);
+ GatewayTestConfig config = new GatewayTestConfig();
+ config.setGatewayPath("gateway");
+ config.setTopologyPortMapping(topologyPortMapping);
+
+ // Enable default topology
+ config.setDefaultTopologyName("eerie");
+
+ driver.setResourceBase(WebHdfsHaFuncTest.class);
+ driver.setupLdap(0);
+
+ driver.setupService("WEBHDFS", "http://vm.local:50070/webhdfs", "/eerie/webhdfs", USE_MOCK_SERVICES);
+
+ driver.setupGateway(config, "eerie", createTopology("WEBHDFS", driver.getLdapUrl(), masterServer.getPort()), USE_GATEWAY);
+
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ LOG_ENTER();
+ driver.cleanup();
+ driver.reset();
+ masterServer.reset();
+ LOG_EXIT();
+ }
+
+ /**
+ * Test the standard case:
+ * http://localhost:{gatewayPort}/gateway/eerie/webhdfs/v1
+ *
+ * @throws IOException
+ */
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicListOperation() throws IOException {
+ LOG_ENTER();
+ test("http://localhost:" + driver.getGatewayPort() + "/gateway/eerie" + "/webhdfs" );
+ LOG_EXIT();
+ }
+
+ /**
+ * Test the Default Topology Feature, activated by property
+ * "default.app.topology.name"
+ *
+ * http://localhost:{eeriePort}/gateway/eerie/webhdfs/v1
+ *
+ * @throws IOException
+ */
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testDefaultTopologyFeature() throws IOException {
+ LOG_ENTER();
+ test("http://localhost:" + driver.getGatewayPort() + "/webhdfs" );
+ LOG_EXIT();
+ }
+
+ /**
+ * Test the multi port scenario.
+ *
+ * http://localhost:{eeriePort}/webhdfs/v1
+ *
+ * @throws IOException
+ */
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testMultiPortOperation() throws IOException {
+ LOG_ENTER();
+ test("http://localhost:" + eeriePort + "/webhdfs" );
+ LOG_EXIT();
+ }
+
+ /**
+ * Test the multi port scenario when gateway path is included.
+ *
+ * http://localhost:{eeriePort}/gateway/eerie/webhdfs/v1
+ *
+ * @throws IOException
+ */
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testMultiPortWithGatewayPath() throws IOException {
+ LOG_ENTER();
+ test("http://localhost:" + eeriePort + "/gateway/eerie" + "/webhdfs" );
+ LOG_EXIT();
+ }
+
+
+ private void test (final String url) throws IOException {
+ String password = "hdfs-password";
+ String username = "hdfs";
+
+ masterServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-liststatus-success.json"))
+ .contentType("application/json");
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+ .log().ifError()
+ .statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
++ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .when().get(url + "/v1/");
+ masterServer.isEmpty();
+ }
+
+
+ /**
+ * Creates a topology that is deployed to the gateway instance for the test suite.
+ * Note that this topology is shared by all of the test methods in this suite.
+ *
+ * @return A populated XML structure for a topology file.
+ */
+ public static XMLTag createTopology(final String role, final String ldapURL, final int gatewayPort ) {
+ XMLTag xml = XMLDoc.newDocument(true)
+ .addRoot("topology")
+ .addTag("gateway")
+ .addTag("provider")
+ .addTag("role").addText("webappsec")
+ .addTag("name").addText("WebAppSec")
+ .addTag("enabled").addText("true")
+ .addTag("param")
+ .addTag("name").addText("csrf.enabled")
+ .addTag("value").addText("true").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("authentication")
+ .addTag("name").addText("ShiroProvider")
+ .addTag("enabled").addText("true")
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm")
+ .addTag("value").addText("org.apache.knox.gateway.shirorealm.KnoxLdapRealm").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.userDnTemplate")
+ .addTag("value").addText("uid={0},ou=people,dc=hadoop,dc=apache,dc=org").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.url")
+ .addTag("value").addText(ldapURL).gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.authenticationMechanism")
+ .addTag("value").addText("simple").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("urls./**")
+ .addTag("value").addText("authcBasic").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("identity-assertion")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("Default").gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("authorization")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("AclsAuthz").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("webhdfs-acl")
+ .addTag("value").addText("hdfs;*;*").gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("ha")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("HaProvider")
+ .addTag("param")
+ .addTag("name").addText("WEBHDFS")
+ .addTag("value").addText("maxFailoverAttempts=3;failoverSleep=15;maxRetryAttempts=3;retrySleep=10;enabled=true").gotoParent()
+ .gotoRoot()
+ .addTag("service")
+ .addTag("role").addText(role)
+ .addTag("url").addText("http://localhost:" + gatewayPort + "/webhdfs")
+ .gotoRoot();
+ return xml;
+ }
+
+ /**
+ * This utility method will return the next available port
+ * that can be used.
+ *
+ * @return Port that is available.
+ */
+ public static int getAvailablePort(final int min, final int max) {
+
+ for (int i = min; i <= max; i++) {
+
+ if (!GatewayServer.isPortInUse(i)) {
+ return i;
+ }
+ }
+ // too bad
+ return -1;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewaySampleFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewaySampleFuncTest.java
index 4c87a90,0000000..b146972
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewaySampleFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewaySampleFuncTest.java
@@@ -1,180 -1,0 +1,180 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+public class GatewaySampleFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewaySampleFuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway();
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ File descriptor = new File( topoDir, "test-cluster.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-cluster";
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .addTag( "provider" )
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "test-service-role" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ //@Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testTestService() throws ClassNotFoundException {
+ LOG_ENTER();
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/Knox242FuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/Knox242FuncTest.java
index 7aaf056,0000000..cd30311
mode 100755,000000..100755
--- a/gateway-test/src/test/java/org/apache/knox/gateway/Knox242FuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/Knox242FuncTest.java
@@@ -1,284 -1,0 +1,284 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.InetSocketAddress;
+import java.net.URL;
+import java.nio.file.FileSystems;
+import java.nio.file.Path;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+
+/**
+ * Functional test to verify : KNOX-242 LDAP Enhancements
+ * Please see
+ * https://issues.apache.org/jira/browse/KNOX-242
+ *
+ */
+public class Knox242FuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( Knox242FuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ public static String serviceUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+ Path path = FileSystems.getDefault().getPath(basedir, "/src/test/resources/users-dynamic.ldif");
+ driver.setupLdap( 0 , path.toFile() );
+ setupGateway();
+ TestUtils.awaitNon404HttpStatus( new URL( serviceUrl ), 10000, 100 );
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ public static void setupGateway() throws IOException, Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/testdg-cluster";
+ serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+
+ GatewayServices services = GatewayServer.getGatewayServices();
+ AliasService aliasService = (AliasService)services.getService(GatewayServices.ALIAS_SERVICE);
+ aliasService.addAliasForCluster("testdg-cluster", "ldcSystemPassword", "guest-password");
+
- char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
++ // char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
+ //System.err.println("SETUP password 10: " + ((password1 == null) ? "NULL" : new String(password1)));
+
+ File descriptor = new File( topoDir, "testdg-cluster.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapGroupContextFactory" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory" )
+ .addTag( "value" ).addText( "$ldapGroupContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl())
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" )
+
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.searchBase" )
+ .addTag( "value" ).addText( "dc=hadoop,dc=apache,dc=org" )
+
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userSearchAttributeName" )
+ .addTag( "value" ).addText( "uid" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userObjectClass" )
+ .addTag( "value" ).addText( "person" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userSearchBase" )
+ .addTag( "value" ).addText( "dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.groupSearchBase" )
+ .addTag( "value" ).addText( "ou=groups,dc=hadoop,dc=apache,dc=org" )
+
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.authorizationEnabled" )
+ .addTag( "value" ).addText( "true" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemAuthenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.groupObjectClass" )
+ .addTag( "value" ).addText( "groupofurls" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttribute" )
+ .addTag( "value" ).addText( "memberurl" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttributeValueTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemUsername" )
+ .addTag( "value" ).addText( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.clusterName" )
+ .addTag( "value" ).addText( "testdg-cluster" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemPassword" )
+ .addTag( "value" ).addText( "S{ALIAS=ldcSystemPassword}" )
+ // .addTag( "value" ).addText( "guest-password" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "name" ).addText( "AclsAuthz" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "test-service-role.acl" )
+ .addTag( "value" ).addText( "*;directors;*" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "test-service-role" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ @Ignore
+ // @Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testGroupMember() throws ClassNotFoundException, Exception {
+ LOG_ENTER();
+ String username = "joe";
+ String password = "joe-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testNonGroupMember() throws ClassNotFoundException {
+ LOG_ENTER();
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_FORBIDDEN )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/WebHdfsHaFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/WebHdfsHaFuncTest.java
index d7496b6,0000000..98739a1
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/WebHdfsHaFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/WebHdfsHaFuncTest.java
@@@ -1,466 -1,0 +1,466 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpStatus;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.IOException;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+
+@Category(ReleaseTest.class)
+public class WebHdfsHaFuncTest {
+
+ // Specifies if the test requests should go through the gateway or directly to the services.
+ // This is frequently used to verify the behavior of the test both with and without the gateway.
+ private static final boolean USE_GATEWAY = true;
+
+ // Specifies if the test requests should be sent to mock services or the real services.
+ // This is frequently used to verify the behavior of the test both with and without mock services.
+ private static final boolean USE_MOCK_SERVICES = true;
+
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ private static MockServer masterServer;
+
+ private static MockServer standbyServer;
+
+ /**
+ * Creates a deployment of a gateway instance that all test methods will share. This method also creates a
+ * registry of sorts for all of the services that will be used by the test methods.
+ * The createTopology method is used to create the topology file that would normally be read from disk.
+ * The driver.setupGateway invocation is where the creation of GATEWAY_HOME occurs.
+ * <p/>
+ * This would normally be done once for this suite but the failure tests start affecting each other depending
+ * on the state the last 'active' url
+ *
+ * @throws Exception Thrown if any failure occurs.
+ */
+ @Before
+ public void setup() throws Exception {
+ LOG_ENTER();
+ //Log.setLog(new NoOpLogger());
+ masterServer = new MockServer("master", true);
+ standbyServer = new MockServer("standby", true);
+ GatewayTestConfig config = new GatewayTestConfig();
+ config.setGatewayPath("gateway");
+ driver.setResourceBase(WebHdfsHaFuncTest.class);
+ driver.setupLdap(0);
+ driver.setupService("WEBHDFS", "http://vm.local:50070/webhdfs", "/cluster/webhdfs", USE_MOCK_SERVICES);
+ driver.setupGateway(config, "cluster", createTopology(), USE_GATEWAY);
+ LOG_EXIT();
+ }
+
+ @After
+ public void cleanup() throws Exception {
+ LOG_ENTER();
+ driver.cleanup();
+ driver.reset();
+ masterServer.reset();
+ standbyServer.reset();
+ LOG_EXIT();
+ }
+
+ /**
+ * Creates a topology that is deployed to the gateway instance for the test suite.
+ * Note that this topology is shared by all of the test methods in this suite.
+ *
+ * @return A populated XML structure for a topology file.
+ */
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument(true)
+ .addRoot("topology")
+ .addTag("gateway")
+ .addTag("provider")
+ .addTag("role").addText("webappsec")
+ .addTag("name").addText("WebAppSec")
+ .addTag("enabled").addText("true")
+ .addTag("param")
+ .addTag("name").addText("csrf.enabled")
+ .addTag("value").addText("true").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("authentication")
+ .addTag("name").addText("ShiroProvider")
+ .addTag("enabled").addText("true")
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm")
+ .addTag("value").addText("org.apache.knox.gateway.shirorealm.KnoxLdapRealm").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.userDnTemplate")
+ .addTag("value").addText("uid={0},ou=people,dc=hadoop,dc=apache,dc=org").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.url")
+ .addTag("value").addText(driver.getLdapUrl()).gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.authenticationMechanism")
+ .addTag("value").addText("simple").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("urls./**")
+ .addTag("value").addText("authcBasic").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("identity-assertion")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("Default").gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("authorization")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("AclsAuthz").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("webhdfs-acl")
+ .addTag("value").addText("hdfs;*;*").gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("ha")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("HaProvider")
+ .addTag("param")
+ .addTag("name").addText("WEBHDFS")
+ .addTag("value").addText("maxFailoverAttempts=3;failoverSleep=15;maxRetryAttempts=3;retrySleep=10;enabled=true").gotoParent()
+ .gotoRoot()
+ .addTag("service")
+ .addTag("role").addText("WEBHDFS")
+ .addTag("url").addText("http://localhost:" + masterServer.getPort() + "/webhdfs")
+ .addTag("url").addText("http://localhost:" + standbyServer.getPort() + "/webhdfs").gotoParent()
+ .gotoRoot();
+// System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicListOperation() throws IOException {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
+ masterServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-liststatus-success.json"))
+ .contentType("application/json");
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+ .log().ifError()
+ .statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
++ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .when().get(driver.getUrl("WEBHDFS") + "/v1/");
+ masterServer.isEmpty();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ @Ignore( "KNOX-446" )
+ public void testFailoverListOperation() throws Exception {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
- //Shutdown master and expect standby to serve the list response
++ //Shutdown master and then standby to serve the list response
+ masterServer.stop();
+ standbyServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-liststatus-success.json"))
+ .contentType("application/json");
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+ .log().ifError()
+ .statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
++ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .when().get(driver.getUrl("WEBHDFS") + "/v1/");
+ standbyServer.isEmpty();
+ masterServer.start();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testFailoverLimit() throws Exception {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
- //Shutdown master and expect standby to serve the list response
++ //Shutdown master and then standby to serve the list response
+ masterServer.stop();
+ standbyServer.stop();
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+// .log().ifError()
+ .statusCode(HttpStatus.SC_INTERNAL_SERVER_ERROR)
+ .when().get(driver.getUrl("WEBHDFS") + "/v1/");
+ standbyServer.start();
+ masterServer.start();
+ LOG_EXIT();
+ }
+
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ @Ignore( "KNOX-446" )
+ public void testServerInStandby() throws IOException {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
+ //make master the server that is in standby
+ masterServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-liststatus-standby.json"))
+ .contentType("application/json");
+ //standby server is 'active' in this test case and serves the list response
+ standbyServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-liststatus-success.json"))
+ .contentType("application/json");
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+ .log().ifError()
+ .statusCode(HttpStatus.SC_OK)
- .content("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
++ .body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
+ .when().get(driver.getUrl("WEBHDFS") + "/v1/");
+ masterServer.isEmpty();
+ standbyServer.isEmpty();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testServerInStandbyFailoverLimit() throws IOException {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
+ //make master the server that is in standby
+ masterServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-liststatus-standby.json"))
+ .contentType("application/json");
+ standbyServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-liststatus-standby.json"))
+ .contentType("application/json");
+ masterServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-liststatus-standby.json"))
+ .contentType("application/json");
+ standbyServer.expect()
+ .method("GET")
+ .pathInfo("/webhdfs/v1/")
+ .queryParam("op", "LISTSTATUS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-liststatus-standby.json"))
+ .contentType("application/json");
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "LISTSTATUS")
- .expect()
++ .then()
+// .log().ifError()
+ .statusCode(HttpStatus.SC_INTERNAL_SERVER_ERROR)
+ .when().get(driver.getUrl("WEBHDFS") + "/v1/");
+ masterServer.isEmpty();
+ standbyServer.isEmpty();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testServerInSafeMode() throws IOException {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
+ //master is in safe mode
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/foo.txt")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-rename-safemode.json"))
+ .contentType("application/json");
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/foo.txt")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-rename-safemode-off.json"))
+ .contentType("application/json");
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
- .expect()
++ .then()
+ .log().ifError()
+ .statusCode(HttpStatus.SC_OK)
- .content("boolean", is(true))
++ .body("boolean", is(true))
+ .when().post(driver.getUrl("WEBHDFS") + "/v1/user/hdfs/foo.txt");
+ masterServer.isEmpty();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testServerInSafeModeRetriableException() throws IOException {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
+ //master is in safe mode
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/new")
+ .queryParam("op", "MKDIRS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-mkdirs-safemode.json"))
+ .contentType("application/json");
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/new")
+ .queryParam("op", "MKDIRS")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes("webhdfs-rename-safemode-off.json"))
+ .contentType("application/json");
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "MKDIRS")
- .expect()
++ .then()
+ .log().ifError()
+ .statusCode(HttpStatus.SC_OK)
- .content("boolean", is(true))
++ .body("boolean", is(true))
+ .when().post(driver.getUrl("WEBHDFS") + "/v1/user/hdfs/new");
+ masterServer.isEmpty();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testServerInSafeModeRetryLimit() throws IOException {
+ LOG_ENTER();
+ String username = "hdfs";
+ String password = "hdfs-password";
+ //master is in safe mode
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/foo.txt")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-rename-safemode.json"))
+ .contentType("application/json");
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/foo.txt")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-rename-safemode.json"))
+ .contentType("application/json");
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/foo.txt")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-rename-safemode.json"))
+ .contentType("application/json");
+ masterServer.expect()
+ .method("POST")
+ .pathInfo("/webhdfs/v1/user/hdfs/foo.txt")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
+ .queryParam("user.name", username)
+ .respond()
+ .status(HttpStatus.SC_FORBIDDEN)
+ .content(driver.getResourceBytes("webhdfs-rename-safemode.json"))
+ .contentType("application/json");
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam("op", "RENAME")
+ .queryParam("destination", "/user/hdfs/foo.txt")
- .expect()
++ .then()
+// .log().ifError()
+ .statusCode(HttpStatus.SC_INTERNAL_SERVER_ERROR)
+ .when().post(driver.getUrl("WEBHDFS") + "/v1/user/hdfs/foo.txt");
+ masterServer.isEmpty();
+ LOG_EXIT();
+ }
+}
[09/12] knox git commit: Merge remote-tracking branch 'origin/master'
into KNOX-998-Package_Restructuring
Posted by mo...@apache.org.
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayBasicFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayBasicFuncTest.java
index 0fbd6db,0000000..3adf41a
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayBasicFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayBasicFuncTest.java
@@@ -1,4515 -1,0 +1,4508 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileFilter;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.PrintStream;
+import java.io.StringWriter;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.nio.charset.Charset;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Map.Entry;
+import javax.ws.rs.core.MediaType;
+
+import io.restassured.RestAssured;
+import io.restassured.http.ContentType;
+import io.restassured.http.Cookie;
+import io.restassured.http.Header;
+import io.restassured.path.json.JsonPath;
+import io.restassured.response.Response;
+import io.restassured.specification.ResponseSpecification;
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.commons.io.filefilter.WildcardFileFilter;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.knox.gateway.util.KnoxCLI;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.MediumTests;
+import org.apache.hadoop.test.category.VerifyTest;
+import org.apache.hadoop.test.mock.MockRequestMatcher;
+import org.apache.http.HttpHost;
+import org.apache.http.HttpResponse;
+import org.apache.http.HttpStatus;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.client.AuthCache;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.client.protocol.HttpClientContext;
+import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.auth.BasicScheme;
+import org.apache.http.impl.client.BasicAuthCache;
+import org.apache.http.impl.client.BasicCredentialsProvider;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.util.EntityUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+import org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader;
+import org.hamcrest.CoreMatchers;
+import org.hamcrest.Matcher;
+import org.hamcrest.MatcherAssert;
+import org.hamcrest.Matchers;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.*;
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.greaterThan;
+import static org.hamcrest.text.IsEmptyString.isEmptyString;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+import static org.xmlmatchers.XmlMatchers.isEquivalentTo;
+import static org.xmlmatchers.transform.XmlConverters.the;
+import static uk.co.datumedge.hamcrest.json.SameJSONAs.sameJSONAs;
+
+@Category( { VerifyTest.class, MediumTests.class } )
+public class GatewayBasicFuncTest {
+
+ private static final Charset UTF8 = Charset.forName("UTF-8");
+
+ // Uncomment to cause the test to hang after the gateway instance is setup.
+ // This will allow the gateway instance to be hit directly via some external client.
+// @Test
+// public void hang() throws IOException {
+// System.out.println( "Server on port " + driver.gateway.getAddresses()[0].getPort() );
+// System.out.println();
+// System.in.read();
+// }
+
+ private static Logger log = LoggerFactory.getLogger( GatewayBasicFuncTest.class );
+
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ // Controls the host name to which the gateway dispatch requests. This may be the name of a sandbox VM
+ // or an EC2 instance. Currently only a single host is supported.
+ private static final String TEST_HOST = "vm.local";
+
+ // Specifies if the test requests should go through the gateway or directly to the services.
+ // This is frequently used to verify the behavior of the test both with and without the gateway.
+ private static final boolean USE_GATEWAY = true;
+
+ // Specifies if the test requests should be sent to mock services or the real services.
+ // This is frequently used to verify the behavior of the test both with and without mock services.
+ private static final boolean USE_MOCK_SERVICES = true;
+
+ // Specifies if the GATEWAY_HOME created for the test should be deleted when the test suite is complete.
+ // This is frequently used during debugging to keep the GATEWAY_HOME around for inspection.
+ private static final boolean CLEANUP_TEST = true;
+
+// private static final boolean USE_GATEWAY = false;
+// private static final boolean USE_MOCK_SERVICES = false;
+// private static final boolean CLEANUP_TEST = false;
+
+ /**
+ * Creates a deployment of a gateway instance that all test methods will share. This method also creates a
+ * registry of sorts for all of the services that will be used by the test methods.
+ * The createTopology method is used to create the topology file that would normally be read from disk.
+ * The driver.setupGateway invocation is where the creation of GATEWAY_HOME occurs.
+ * @throws Exception Thrown if any failure occurs.
+ */
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ //Log.setLog( new NoOpLogger() );
+ LOG_ENTER();
+ GatewayTestConfig config = new GatewayTestConfig();
+ driver.setResourceBase(GatewayBasicFuncTest.class);
+ driver.setupLdap(0);
+ driver.setupService("WEBHDFS", "http://" + TEST_HOST + ":50070/webhdfs", "/cluster/webhdfs", USE_MOCK_SERVICES);
+ driver.setupService( "DATANODE", "http://" + TEST_HOST + ":50075/webhdfs", "/cluster/webhdfs/data", USE_MOCK_SERVICES );
+ driver.setupService( "WEBHCAT", "http://" + TEST_HOST + ":50111/templeton", "/cluster/templeton", USE_MOCK_SERVICES );
+ driver.setupService( "OOZIE", "http://" + TEST_HOST + ":11000/oozie", "/cluster/oozie", USE_MOCK_SERVICES );
+ driver.setupService( "HIVE", "http://" + TEST_HOST + ":10000", "/cluster/hive", USE_MOCK_SERVICES );
+ driver.setupService( "WEBHBASE", "http://" + TEST_HOST + ":60080", "/cluster/hbase", USE_MOCK_SERVICES );
+ driver.setupService( "NAMENODE", "hdfs://" + TEST_HOST + ":8020", null, USE_MOCK_SERVICES );
+ driver.setupService( "JOBTRACKER", "thrift://" + TEST_HOST + ":8021", null, USE_MOCK_SERVICES );
+ driver.setupService( "RESOURCEMANAGER", "http://" + TEST_HOST + ":8088/ws", "/cluster/resourcemanager", USE_MOCK_SERVICES );
+ driver.setupService( "FALCON", "http://" + TEST_HOST + ":15000", "/cluster/falcon", USE_MOCK_SERVICES );
+ driver.setupService( "STORM", "http://" + TEST_HOST + ":8477", "/cluster/storm", USE_MOCK_SERVICES );
+ driver.setupService( "STORM-LOGVIEWER", "http://" + TEST_HOST + ":8477", "/cluster/storm", USE_MOCK_SERVICES );
+ driver.setupService( "SOLR", "http://" + TEST_HOST + ":8983", "/cluster/solr", USE_MOCK_SERVICES );
+ driver.setupService( "KAFKA", "http://" + TEST_HOST + ":8477", "/cluster/kafka", USE_MOCK_SERVICES );
+ driver.setupGateway( config, "cluster", createTopology(), USE_GATEWAY );
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ if( CLEANUP_TEST ) {
+ driver.cleanup();
+ }
+ LOG_EXIT();
+ }
+
+ @After
+ public void cleanupTest() {
+ driver.reset();
+ }
+
+ /**
+ * Creates a topology that is deployed to the gateway instance for the test suite.
+ * Note that this topology is shared by all of the test methods in this suite.
+ * @return A populated XML structure for a topology file.
+ */
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "webappsec" )
+ .addTag("name").addText("WebAppSec")
+ .addTag("enabled").addText("true")
+ .addTag( "param" )
+ .addTag("name").addText("csrf.enabled")
+ .addTag("value").addText("true").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("authentication")
+ .addTag("name").addText("ShiroProvider")
+ .addTag("enabled").addText("true")
+ .addTag( "param" )
+ .addTag("name").addText("main.ldapRealm")
+ .addTag("value").addText("org.apache.knox.gateway.shirorealm.KnoxLdapRealm").gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("identity-assertion")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("Default").gotoParent()
+ .addTag("provider")
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag("name").addText("AclsAuthz").gotoParent()
+ .addTag("param")
+ .addTag("name").addText( "webhdfs-acl" )
+ .addTag("value").addText( "hdfs;*;*" ).gotoParent()
+ .gotoRoot()
+ .addTag("service")
+ .addTag("role").addText("WEBHDFS")
+ .addTag("url").addText(driver.getRealUrl("WEBHDFS")).gotoParent()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "NAMENODE" )
+ .addTag( "url" ).addText( driver.getRealUrl( "NAMENODE" ) ).gotoParent()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "DATANODE" )
+ .addTag( "url" ).addText( driver.getRealUrl( "DATANODE" ) ).gotoParent()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "JOBTRACKER" )
+ .addTag( "url" ).addText( driver.getRealUrl( "JOBTRACKER" ) ).gotoParent()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "WEBHCAT" )
+ .addTag( "url" ).addText( driver.getRealUrl( "WEBHCAT" ) ).gotoParent()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "OOZIE" )
+ .addTag( "url" ).addText( driver.getRealUrl( "OOZIE" ) ).gotoParent()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "HIVE" )
+ .addTag( "url" ).addText( driver.getRealUrl( "HIVE" ) ).gotoParent()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "WEBHBASE" )
+ .addTag( "url" ).addText( driver.getRealUrl( "WEBHBASE" ) ).gotoParent()
+ .addTag("service")
+ .addTag("role").addText("RESOURCEMANAGER")
+ .addTag("url").addText(driver.getRealUrl("RESOURCEMANAGER")).gotoParent()
+ .addTag("service")
+ .addTag("role").addText("FALCON")
+ .addTag("url").addText(driver.getRealUrl("FALCON")).gotoParent()
+ .addTag("service")
+ .addTag("role").addText("STORM")
+ .addTag("url").addText(driver.getRealUrl("STORM")).gotoParent()
+ .addTag("service")
+ .addTag("role").addText("STORM-LOGVIEWER")
+ .addTag("url").addText(driver.getRealUrl("STORM-LOGVIEWER")).gotoParent()
+ .addTag("service")
+ .addTag("role").addText("SOLR")
+ .addTag("url").addText(driver.getRealUrl("SOLR")).gotoParent()
+ .addTag("service")
+ .addTag("role").addText("KAFKA")
+ .addTag("url").addText(driver.getRealUrl("KAFKA")).gotoParent()
+ .addTag("service")
+ .addTag("role").addText("SERVICE-TEST")
+ .gotoRoot();
+// System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicJsonUseCase() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testBasicJsonUseCase";
+ String username = "hdfs";
+ String password = "hdfs-password";
+ /* Create a directory.
+ curl -i -X PUT "http://<HOST>:<PORT>/<PATH>?op=MKDIRS[&permission=<OCTAL>]"
+
+ The client receives a respond with a boolean JSON object:
+ HTTP/1.1 HttpStatus.SC_OK OK
+ Content-Type: application/json
+ Transfer-Encoding: chunked
+
+ {"boolean": true}
+ */
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/v1" + root + "/dir" )
+ .queryParam( "op", "MKDIRS" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "webhdfs-success.json" ) )
+ .contentType( "application/json" );
+ Cookie cookie = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "MKDIRS" )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/json" )
- .content( "boolean", is( true ) )
++ .body( "boolean", is( true ) )
+ .when().put( driver.getUrl( "WEBHDFS" ) + "/v1" + root + "/dir" ).getDetailedCookie( "JSESSIONID" );
+ assertThat( cookie.isSecured(), is( true ) );
+ assertThat( cookie.isHttpOnly(), is( true ) );
+ assertThat( cookie.getPath(), is( "/gateway/cluster" ) );
+ assertThat( cookie.getValue().length(), greaterThan( 16 ) );
+ driver.assertComplete();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicOutboundHeaderUseCase() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testBasicOutboundHeaderUseCase";
+ String username = "hdfs";
+ String password = "hdfs-password";
+ InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
+ String gatewayHostName = gatewayAddress.getHostName();
+ String gatewayAddrName = InetAddress.getByName(gatewayHostName).getHostAddress();
+
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/v1" + root + "/dir/file" )
+ .header( "Host", driver.getRealAddr( "WEBHDFS" ) )
+ .queryParam( "op", "CREATE" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_TEMPORARY_REDIRECT )
+ .header("Location", driver.getRealUrl("DATANODE") + "/v1" + root + "/dir/file?op=CREATE&user.name=hdfs");
+ Response response = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "CREATE" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
+ .when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
+ String location = response.getHeader( "Location" );
+ //System.out.println( location );
+ log.debug( "Redirect location: " + response.getHeader( "Location" ) );
+ if( driver.isUseGateway() ) {
+ MatcherAssert.assertThat( location, anyOf(
+ startsWith( "http://" + gatewayHostName + ":" + gatewayAddress.getPort() + "/" ),
+ startsWith( "http://" + gatewayAddrName + ":" + gatewayAddress.getPort() + "/" ) ) );
+ MatcherAssert.assertThat( location, containsString( "?_=" ) );
+ }
+ MatcherAssert.assertThat(location, not(containsString("host=")));
+ MatcherAssert.assertThat(location, not(containsString("port=")));
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicOutboundEncodedHeaderUseCase() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testBasicOutboundHeaderUseCase";
+ String username = "hdfs";
+ String password = "hdfs-password";
- InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
- String gatewayHostName = gatewayAddress.getHostName();
- String gatewayAddrName = InetAddress.getByName(gatewayHostName).getHostAddress();
+
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/v1" + root + "/dir/fileレポー" )
+ .header( "Host", driver.getRealAddr( "WEBHDFS" ) )
+ .queryParam( "op", "CREATE" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_TEMPORARY_REDIRECT )
+ .header("Location", driver.getRealUrl("DATANODE") + "/v1" + root + "/dir/file%E3%83%AC%E3%83%9D%E3%83%BC?op=CREATE&user.name=hdfs");
+ Response response = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "CREATE" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
+ .when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/fileレポー" );
+// .when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file%E3%83%AC%E3%83%9D%E3%83%BC" );
+ String location = response.getHeader( "Location" );
+ //System.out.println( location );
+ log.debug( "Redirect location: " + response.getHeader( "Location" ) );
+ if( driver.isUseGateway() ) {
+ MatcherAssert.assertThat( location, containsString("/dir/file%E3%83%AC%E3%83%9D%E3%83%BC") );
+ }
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testHdfsTildeUseCase() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testHdfsTildeUseCase";
+ String username = "hdfs";
+ String password = "hdfs-password";
- InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
+
+ // Attempt to delete the test directory in case a previous run failed.
+ // Ignore any result.
+ // Cleanup anything that might have been leftover because the test failed previously.
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "DELETE" )
+ .from( "testHdfsTildeUseCase" )
+ .pathInfo( "/v1/user/hdfs" + root )
+ .queryParam( "op", "DELETE" )
+ .queryParam( "user.name", username )
+ .queryParam( "recursive", "true" )
+ .respond()
+ .status( HttpStatus.SC_OK );
+
+ try {
+ // Need to turn off URL encoding here or otherwise the tilde gets encoded and the rewrite rules fail
+ RestAssured.urlEncodingEnabled = false;
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "DELETE" )
+ .queryParam( "recursive", "true" )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .when().delete( driver.getUrl( "WEBHDFS" ) + "/v1/~" + root + ( driver.isUseGateway() ? "" : "?user.name=" + username ) );
+ driver.assertComplete();
+
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/v1/user/hdfs/dir" )
+ .queryParam( "op", "MKDIRS" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "webhdfs-success.json" ) )
+ .contentType("application/json");
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "MKDIRS" )
- .expect()
++ .then()
+ //.log().all();
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/json" )
- .content( "boolean", is( true ) )
++ .body( "boolean", is( true ) )
+ .when().put( driver.getUrl( "WEBHDFS" ) + "/v1/~/dir" );
+ driver.assertComplete();
+ } finally {
+ RestAssured.urlEncodingEnabled = true;
+ }
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicHdfsUseCase() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testBasicHdfsUseCase";
+ String username = "hdfs";
+ String password = "hdfs-password";
+ InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
+ String gatewayHostName = gatewayAddress.getHostName();
+ String gatewayAddrName = InetAddress.getByName( gatewayHostName ).getHostAddress();
+
+ // Attempt to delete the test directory in case a previous run failed.
+ // Ignore any result.
+ // Cleanup anything that might have been leftover because the test failed previously.
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "DELETE" )
+ .from( "testBasicHdfsUseCase-1" )
+ .pathInfo( "/v1" + root )
+ .queryParam( "op", "DELETE" )
+ .queryParam( "user.name", username )
+ .queryParam( "recursive", "true" )
+ .respond()
+ .status( HttpStatus.SC_OK );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "DELETE" )
+ .queryParam( "recursive", "true" )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .when().delete( driver.getUrl( "WEBHDFS" ) + "/v1" + root + ( driver.isUseGateway() ? "" : "?user.name=" + username ) );
+ driver.assertComplete();
+
+ /* Create a directory.
+ curl -i -X PUT "http://<HOST>:<PORT>/<PATH>?op=MKDIRS[&permission=<OCTAL>]"
+
+ The client receives a respond with a boolean JSON object:
+ HTTP/1.1 HttpStatus.SC_OK OK
+ Content-Type: application/json
+ Transfer-Encoding: chunked
+
+ {"boolean": true}
+ */
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/v1" + root + "/dir" )
+ .queryParam( "op", "MKDIRS" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "webhdfs-success.json" ) )
+ .contentType( "application/json" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "MKDIRS" )
- .expect()
++ .then()
+ //.log().all();
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/json" )
- .content( "boolean", is( true ) )
++ .body( "boolean", is( true ) )
+ .when().put( driver.getUrl( "WEBHDFS" ) + "/v1" + root + "/dir" );
+ driver.assertComplete();
+
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( "/v1" + root )
+ .queryParam( "op", "LISTSTATUS" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "webhdfs-liststatus-test.json" ) )
+ .contentType( "application/json" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "LISTSTATUS" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_OK )
- .content( "FileStatuses.FileStatus[0].pathSuffix", is( "dir" ) )
++ .body( "FileStatuses.FileStatus[0].pathSuffix", is( "dir" ) )
+ .when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
+ driver.assertComplete();
+
+ //NEGATIVE: Test a bad password.
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, "invalid-password" )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "LISTSTATUS" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
+ driver.assertComplete();
+
+ //NEGATIVE: Test a bad user.
+ given()
+ //.log().all()
+ .auth().preemptive().basic( "hdfs-user", "hdfs-password" )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "LISTSTATUS" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
+ driver.assertComplete();
+
+ //NEGATIVE: Test a valid but unauthorized user.
+ given()
+ //.log().all()
+ .auth().preemptive().basic( "mapred-user", "mapred-password" )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "LISTSTATUS" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
+
+ /* Add a file.
+ curl -i -X PUT "http://<HOST>:<PORT>/webhdfs/v1/<PATH>?op=CREATE
+ [&overwrite=<true|false>][&blocksize=<LONG>][&replication=<SHORT>]
+ [&permission=<OCTAL>][&buffersize=<INT>]"
+
- The expect is redirected to a datanode where the file data is to be written:
++ The then is redirected to a datanode where the file data is to be written:
+ HTTP/1.1 307 TEMPORARY_REDIRECT
+ Location: http://<DATANODE>:<PORT>/webhdfs/v1/<PATH>?op=CREATE...
+ Content-Length: 0
+
- Step 2: Submit another HTTP PUT expect using the URL in the Location header with the file data to be written.
++ Step 2: Submit another HTTP PUT then using the URL in the Location header with the file data to be written.
+ curl -i -X PUT -T <LOCAL_FILE> "http://<DATANODE>:<PORT>/webhdfs/v1/<PATH>?op=CREATE..."
+
+ The client receives a HttpStatus.SC_CREATED Created respond with zero content length and the WebHDFS URI of the file in the Location header:
+ HTTP/1.1 HttpStatus.SC_CREATED Created
+ Location: webhdfs://<HOST>:<PORT>/<PATH>
+ Content-Length: 0
+ */
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/v1" + root + "/dir/file" )
+ .queryParam( "op", "CREATE" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_TEMPORARY_REDIRECT )
+ .header( "Location", driver.getRealUrl( "DATANODE" ) + "/v1" + root + "/dir/file?op=CREATE&user.name=hdfs" );
+ driver.getMock( "DATANODE" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/v1" + root + "/dir/file" )
+ .queryParam( "op", "CREATE" )
+ .queryParam( "user.name", username )
+ .contentType( "text/plain" )
+ .content( driver.getResourceBytes( "test.txt" ) )
+ //.content( driver.gerResourceBytes( "hadoop-examples.jar" ) )
+ .respond()
+ .status( HttpStatus.SC_CREATED )
+ .header( "Location", "webhdfs://" + driver.getRealAddr( "DATANODE" ) + "/v1" + root + "/dir/file" );
+ Response response = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "CREATE" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
+ .when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
+ String location = response.getHeader( "Location" );
+ log.debug( "Redirect location: " + response.getHeader( "Location" ) );
+ if( driver.isUseGateway() ) {
+ MatcherAssert.assertThat( location, anyOf(
+ startsWith( "http://" + gatewayHostName + ":" + gatewayAddress.getPort() + "/" ),
+ startsWith( "http://" + gatewayAddrName + ":" + gatewayAddress.getPort() + "/" ) ) );
+ MatcherAssert.assertThat( location, containsString( "?_=" ) );
+ }
+ MatcherAssert.assertThat( location, not( containsString( "host=" ) ) );
+ MatcherAssert.assertThat( location, not( containsString( "port=" ) ) );
+ response = given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "test.txt" ) )
++ .body( driver.getResourceBytes( "test.txt" ) )
+ .contentType( "text/plain" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_CREATED )
+ .when().put( location );
+ location = response.getHeader( "Location" );
+ log.debug( "Created location: " + location );
+ if( driver.isUseGateway() ) {
+ MatcherAssert.assertThat( location, anyOf(
+ startsWith( "http://" + gatewayHostName + ":" + gatewayAddress.getPort() + "/" ),
+ startsWith( "http://" + gatewayAddrName + ":" + gatewayAddress.getPort() + "/" ) ) );
+ }
+ driver.assertComplete();
+
+ /* Get the file.
+ curl -i -L "http://<HOST>:<PORT>/webhdfs/v1/<PATH>?op=OPEN
+ [&offset=<LONG>][&length=<LONG>][&buffersize=<INT>]"
+
- The expect is redirected to a datanode where the file data can be read:
++ The then is redirected to a datanode where the file data can be read:
+ HTTP/1.1 307 TEMPORARY_REDIRECT
+ Location: http://<DATANODE>:<PORT>/webhdfs/v1/<PATH>?op=OPEN...
+ Content-Length: 0
+
+ The client follows the redirect to the datanode and receives the file data:
+ HTTP/1.1 HttpStatus.SC_OK OK
+ Content-Type: application/octet-stream
+ Content-Length: 22
+
+ Hello, webhdfs user!
+ */
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( "/v1" + root + "/dir/file" )
+ .queryParam( "op", "OPEN" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_TEMPORARY_REDIRECT )
+ .header( "Location", driver.getRealUrl( "DATANODE" ) + "/v1" + root + "/dir/file?op=OPEN&user.name=hdfs" );
+ driver.getMock( "DATANODE" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( "/v1" + root + "/dir/file" )
+ .queryParam( "op", "OPEN" )
+ .queryParam( "user.name", username )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .content( driver.getResourceBytes( "test.txt" ) );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "OPEN" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_OK )
- .content( is( "TEST" ) )
++ .body( is( "TEST" ) )
+ .when().get( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
+ driver.assertComplete();
+
+ /* Delete the directory.
+ curl -i -X DELETE "http://<host>:<port>/webhdfs/v1/<path>?op=DELETE
+ [&recursive=<true|false>]"
+
+ The client receives a respond with a boolean JSON object:
+ HTTP/1.1 HttpStatus.SC_OK OK
+ Content-Type: application/json
+ Transfer-Encoding: chunked
+
+ {"boolean": true}
+ */
+ // Mock the interaction with the namenode.
+ driver.getMock( "WEBHDFS" )
+ .expect()
+ .from( "testBasicHdfsUseCase-1" )
+ .method( "DELETE" )
+ .pathInfo( "/v1" + root )
+ .queryParam( "op", "DELETE" )
+ .queryParam( "user.name", username )
+ .queryParam( "recursive", "true" )
+ .respond()
+ .status( HttpStatus.SC_OK );
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "DELETE" )
+ .queryParam( "recursive", "true" )
- .expect()
++ .then()
+ //.log().ifError()
+ .statusCode( HttpStatus.SC_OK )
+ .when().delete( driver.getUrl( "WEBHDFS" ) + "/v1" + root );
+ driver.assertComplete();
+ LOG_EXIT();
+ }
+
+ // User hdfs in groups hadoop, hdfs
+ // User mapred in groups hadoop, mapred
+ // User hcat in group hcat
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testPmHdfsM1UseCase() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testPmHdfdM1UseCase";
+ String userA = "hdfs";
+ String passA = "hdfs-password";
+ String userB = "mapred";
+ String passB = "mapred-password";
+ String userC = "hcat";
+ String passC = "hcat-password";
+ String groupA = "hdfs";
+ String groupB = "mapred";
+ String groupAB = "hadoop";
+ String groupC = "hcat";
+
+ deleteFile( userA, passA, root, "true", 200 );
+
+ createDir( userA, passA, groupA, root + "/dirA700", "700", 200, 200 );
+ createDir( userA, passA, groupA, root + "/dirA770", "770", 200, 200 );
+ createDir( userA, passA, groupA, root + "/dirA707", "707", 200, 200 );
+ createDir( userA, passA, groupA, root + "/dirA777", "777", 200, 200 );
+ createDir( userA, passA, groupAB, root + "/dirAB700", "700", 200, 200 );
+ createDir( userA, passA, groupAB, root + "/dirAB770", "770", 200, 200 );
+ createDir( userA, passA, groupAB, root + "/dirAB707", "707", 200, 200 );
+ createDir( userA, passA, groupAB, root + "/dirAB777", "777", 200, 200 );
+
+ // CREATE: Files
+ // userA:groupA
+ createFile( userA, passA, groupA, root + "/dirA700/fileA700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+ createFile( userA, passA, groupA, root + "/dirA770/fileA770", "770", "text/plain", "small1.txt", 307, 201, 200 );
+ createFile( userA, passA, groupA, root + "/dirA707/fileA707", "707", "text/plain", "small1.txt", 307, 201, 200 );
+ createFile( userA, passA, groupA, root + "/dirA777/fileA777", "777", "text/plain", "small1.txt", 307, 201, 200 );
+ // userA:groupAB
+ createFile( userA, passA, groupAB, root + "/dirAB700/fileAB700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+ createFile( userA, passA, groupAB, root + "/dirAB770/fileAB770", "770", "text/plain", "small1.txt", 307, 201, 200 );
+ createFile( userA, passA, groupAB, root + "/dirAB707/fileAB707", "707", "text/plain", "small1.txt", 307, 201, 200 );
+ createFile( userA, passA, groupAB, root + "/dirAB777/fileAB777", "777", "text/plain", "small1.txt", 307, 201, 200 );
+ // userB:groupB
+ createFile( userB, passB, groupB, root + "/dirA700/fileB700", "700", "text/plain", "small1.txt", 307, 403, 0 );
+ createFile( userB, passB, groupB, root + "/dirA770/fileB700", "700", "text/plain", "small1.txt", 307, 403, 0 );
+//kam:20130219[ chmod seems to be broken at least in Sandbox 1.2
+// createFile( userB, passB, groupB, root + "/dirA707/fileB700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+// createFile( userB, passB, groupB, root + "/dirA777/fileB700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+//kam]
+ // userB:groupAB
+ createFile( userB, passB, groupAB, root + "/dirA700/fileBA700", "700", "text/plain", "small1.txt", 307, 403, 0 );
+ createFile( userB, passB, groupAB, root + "/dirA770/fileBA700", "700", "text/plain", "small1.txt", 307, 403, 0 );
+ createFile( userB, passB, groupAB, root + "/dirA707/fileBA700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+ createFile( userB, passB, groupAB, root + "/dirA777/fileBA700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+ // userC:groupC
+ createFile( userC, passC, groupC, root + "/dirA700/fileC700", "700", "text/plain", "small1.txt", 307, 403, 0 );
+ createFile( userC, passC, groupC, root + "/dirA770/fileC700", "700", "text/plain", "small1.txt", 307, 403, 0 );
+//kam:20130219[ chmod seems to be broken at least in Sandbox 1.2
+// createFile( userC, passC, groupC, root + "/dirA707/fileC700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+// createFile( userC, passC, groupC, root + "/dirA777/fileC700", "700", "text/plain", "small1.txt", 307, 201, 200 );
+//kam]
+
+ // READ
+ // userA
+ readFile( userA, passA, root + "/dirA700/fileA700", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ readFile( userA, passA, root + "/dirA770/fileA770", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ readFile( userA, passA, root + "/dirA707/fileA707", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ readFile( userA, passA, root + "/dirA777/fileA777", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ // userB:groupB
+ readFile( userB, passB, root + "/dirA700/fileA700", "text/plain", "small1.txt", HttpStatus.SC_FORBIDDEN );
+ readFile( userB, passB, root + "/dirA770/fileA770", "text/plain", "small1.txt", HttpStatus.SC_FORBIDDEN );
+ readFile( userB, passB, root + "/dirA707/fileA707", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ readFile( userB, passB, root + "/dirA777/fileA777", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ // userB:groupAB
+ readFile( userB, passB, root + "/dirAB700/fileAB700", "text/plain", "small1.txt", HttpStatus.SC_FORBIDDEN );
+ readFile( userB, passB, root + "/dirAB770/fileAB770", "text/plain", "small1.txt", HttpStatus.SC_FORBIDDEN );
+ readFile( userB, passB, root + "/dirAB707/fileAB707", "text/plain", "small1.txt", HttpStatus.SC_FORBIDDEN );
+ readFile( userB, passB, root + "/dirAB777/fileAB777", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ // userC:groupC
+ readFile( userC, passC, root + "/dirA700/fileA700", "text/plain", "small1.txt", HttpStatus.SC_FORBIDDEN );
+ readFile( userC, passC, root + "/dirA770/fileA770", "text/plain", "small1.txt", HttpStatus.SC_FORBIDDEN );
+ readFile( userC, passC, root + "/dirA707/fileA707", "text/plain", "small1.txt", HttpStatus.SC_OK );
+ readFile( userC, passC, root + "/dirA777/fileA777", "text/plain", "small1.txt", HttpStatus.SC_OK );
+
+ //NEGATIVE: Test a bad password.
+ if( driver.isUseGateway() ) {
+ given()
+ //.log().all()
+ .auth().preemptive().basic( userA, "invalid-password" )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .queryParam( "op", "OPEN" )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( driver.getUrl("WEBHDFS") + "/v1" + root + "/dirA700/fileA700" );
+ }
+ driver.assertComplete();
+
+ // UPDATE (Negative First)
+ updateFile( userC, passC, root + "/dirA700/fileA700", "text/plain", "small2.txt", 307, 403 );
+ updateFile( userB, passB, root + "/dirAB700/fileAB700", "text/plain", "small2.txt", 307, 403 );
+ updateFile( userB, passB, root + "/dirAB770/fileAB700", "text/plain", "small2.txt", 307, 403 );
+ updateFile( userB, passB, root + "/dirAB770/fileAB770", "text/plain", "small2.txt", 307, 403 );
+ updateFile( userA, passA, root + "/dirA700/fileA700", "text/plain", "small2.txt", 307, 201 );
+
+ // DELETE (Negative First)
+ deleteFile( userC, passC, root + "/dirA700/fileA700", "false", HttpStatus.SC_FORBIDDEN );
+ deleteFile( userB, passB, root + "/dirAB700/fileAB700", "false", HttpStatus.SC_FORBIDDEN );
+ deleteFile( userB, passB, root + "/dirAB770/fileAB770", "false", HttpStatus.SC_FORBIDDEN );
+ deleteFile( userA, passA, root + "/dirA700/fileA700", "false", HttpStatus.SC_OK );
+
+ // Cleanup anything that might have been leftover because the test failed previously.
+ deleteFile( userA, passA, root, "true", HttpStatus.SC_OK );
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testJavaMapReduceViaWebHCat() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testJavaMapReduceViaWebHCat";
+ String user = "mapred";
+ String pass = "mapred-password";
- String group = "mapred";
+// String user = "hcat";
+// String pass = "hcat-password";
+// String group = "hcat";
+
+ // Cleanup anything that might have been leftover because the test failed previously.
+ deleteFile( user, pass, root, "true", HttpStatus.SC_OK );
+
+ /* Put the mapreduce code into HDFS. (hadoop-examples.jar)
+ curl -X PUT --data-binary @hadoop-examples.jar 'http://192.168.1.163:8888/org.apache.org.apache.knox.gateway/cluster/webhdfs/v1/user/hdfs/wordcount/hadoop-examples.jar?user.name=hdfs&op=CREATE'
+ */
+ createFile( user, pass, null, root+"/hadoop-examples.jar", "777", "application/octet-stream", findHadoopExamplesJar(), 307, 201, 200 );
+
+ /* Put the data file into HDFS (changes.txt)
+ curl -X PUT --data-binary @changes.txt 'http://192.168.1.163:8888/org.apache.org.apache.knox.gateway/cluster/webhdfs/v1/user/hdfs/wordcount/input/changes.txt?user.name=hdfs&op=CREATE'
+ */
+ createFile( user, pass, null, root+"/input/changes.txt", "777", "text/plain", "changes.txt", 307, 201, 200 );
+
+ /* Create the output directory
+ curl -X PUT 'http://192.168.1.163:8888/org.apache.org.apache.knox.gateway/cluster/webhdfs/v1/user/hdfs/wordcount/output?op=MKDIRS&user.name=hdfs'
+ */
+ createDir( user, pass, null, root+"/output", "777", 200, 200 );
+
+ /* Submit the job
+ curl -d user.name=hdfs -d jar=wordcount/hadoop-examples.jar -d class=org.apache.org.apache.hadoop.examples.WordCount -d arg=wordcount/input -d arg=wordcount/output 'http://localhost:8888/org.apache.org.apache.knox.gateway/cluster/templeton/v1/mapreduce/jar'
+ {"id":"job_201210301335_0059"}
+ */
+ String job = submitJava(
+ user, pass,
+ root+"/hadoop-examples.jar", "org.apache.org.apache.hadoop.examples.WordCount",
+ root+"/input", root+"/output",
+ 200 );
+
+ /* Get the job status
+ curl 'http://vm:50111/templeton/v1/queue/:jobid?user.name=hdfs'
+ */
+ queryQueue( user, pass, job );
+
+ // Can't really check for the output here because the job won't be done.
+ /* Retrieve results
+ curl 'http://192.168.1.163:8888/org.apache.org.apache.knox.gateway/cluster/webhdfs/v1/user/hdfs/wordcount/input?op=LISTSTATUS'
+ */
+
+ if( CLEANUP_TEST ) {
+ // Cleanup anything that might have been leftover because the test failed previously.
+ deleteFile( user, pass, root, "true", HttpStatus.SC_OK );
+ }
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testPigViaWebHCat() throws IOException {
+ LOG_ENTER();
+ String root = "/tmp/GatewayWebHCatFuncTest/testPigViaWebHCat";
+ String user = "mapred";
+ String pass = "mapred-password";
+ String group = "mapred";
+
+ // Cleanup if previous run failed.
+ deleteFile( user, pass, root, "true", 200, 404 );
+
+ // Post the data to HDFS
+ createFile( user, pass, null, root + "/passwd.txt", "777", "text/plain", "passwd.txt", 307, 201, 200 );
+
+ // Post the script to HDFS
+ createFile( user, pass, null, root+"/script.pig", "777", "text/plain", "script.pig", 307, 201, 200 );
+
+ // Create the output directory
+ createDir( user, pass, null, root + "/output", "777", 200, 200 );
+
+ // Submit the job
+ submitPig( user, pass, group, root + "/script.pig", "-v", root + "/output", 200 );
+
+ // Check job status (if possible)
+ // Check output (if possible)
+
+ // Cleanup
+ deleteFile( user, pass, root, "true", 200 );
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testHiveViaWebHCat() throws IOException {
+ LOG_ENTER();
+ String user = "hive";
+ String pass = "hive-password";
+ String group = "hive";
+ String root = "/tmp/GatewayWebHCatFuncTest/testHiveViaWebHCat";
+
+ // Cleanup if previous run failed.
+ deleteFile( user, pass, root, "true", 200, 404 );
+
+ // Post the data to HDFS
+
+ // Post the script to HDFS
+ createFile(user, pass, null, root + "/script.hive", "777", "text/plain", "script.hive", 307, 201, 200);
+
+ // Submit the job
+ submitHive(user, pass, group, root + "/script.hive", root + "/output", 200);
+
+ // Check job status (if possible)
+ // Check output (if possible)
+
+ // Cleanup
+ deleteFile( user, pass, root, "true", 200 );
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testOozieJobSubmission() throws Exception {
+ LOG_ENTER();
+ String root = "/tmp/GatewayBasicFuncTest/testOozieJobSubmission";
+ String user = "hdfs";
+ String pass = "hdfs-password";
+ String group = "hdfs";
+
+ // Cleanup anything that might have been leftover because the test failed previously.
+ deleteFile( user, pass, root, "true", HttpStatus.SC_OK );
+
+ /* Put the workflow definition into HDFS */
+ createFile( user, pass, group, root+"/workflow.xml", "666", "application/octet-stream", "oozie-workflow.xml", 307, 201, 200 );
+
+ /* Put the mapreduce code into HDFS. (hadoop-examples.jar)
+ curl -X PUT --data-binary @hadoop-examples.jar 'http://192.168.1.163:8888/org.apache.org.apache.knox.gateway/cluster/webhdfs/v1/user/hdfs/wordcount/hadoop-examples.jar?user.name=hdfs&op=CREATE'
+ */
+ createFile( user, pass, group, root+"/lib/hadoop-examples.jar", "777", "application/octet-stream", findHadoopExamplesJar(), 307, 201, 200 );
+
+ /* Put the data file into HDFS (changes.txt)
+ curl -X PUT --data-binary @changes.txt 'http://192.168.1.163:8888/org.apache.org.apache.knox.gateway/cluster/webhdfs/v1/user/hdfs/wordcount/input/changes.txt?user.name=hdfs&op=CREATE'
+ */
+ createFile( user, pass, group, root+"/input/changes.txt", "666", "text/plain", "changes.txt", 307, 201, 200 );
+
+ VelocityEngine velocity = new VelocityEngine();
+ velocity.setProperty( RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, "org.apache.velocity.runtime.log.NullLogSystem" );
+ velocity.setProperty( RuntimeConstants.RESOURCE_LOADER, "classpath" );
+ velocity.setProperty( "classpath.resource.loader.class", ClasspathResourceLoader.class.getName() );
+ velocity.init();
+
+ VelocityContext context = new VelocityContext();
+ context.put( "userName", user );
+ context.put( "nameNode", "hdfs://sandbox:8020" );
+ context.put( "jobTracker", "sandbox:50300" );
+ //context.put( "appPath", "hdfs://sandbox:8020" + root );
+ context.put( "appPath", root );
+ context.put( "inputDir", root + "/input" );
+ context.put( "outputDir", root + "/output" );
+
+ //URL url = TestUtils.getResourceUrl( GatewayBasicFuncTest.class, "oozie-jobs-submit-request.xml" );
+ //String name = url.toExternalForm();
+ String name = TestUtils.getResourceName( this.getClass(), "oozie-jobs-submit-request.xml" );
+ Template template = velocity.getTemplate( name );
+ StringWriter sw = new StringWriter();
+ template.merge( context, sw );
+ String request = sw.toString();
+ //System.out.println( "REQUEST=" + request );
+
+ /* Submit the job via Oozie. */
+ String id = oozieSubmitJob( user, pass, request, 201 );
+ //System.out.println( "ID=" + id );
+
+ String success = "SUCCEEDED";
+ String status = "UNKNOWN";
+ long delay = 1000 * 1; // 1 second.
+ long limit = 1000 * 60; // 60 seconds.
+ long start = System.currentTimeMillis();
+ while( System.currentTimeMillis() <= start+limit ) {
+ status = oozieQueryJobStatus( user, pass, id, 200 );
+ //System.out.println( "Status=" + status );
+ if( success.equalsIgnoreCase( status ) ) {
+ break;
+ } else {
+ //System.out.println( "Status=" + status );
+ Thread.sleep( delay );
+ }
+ }
+ //System.out.println( "Status is " + status + " after " + ((System.currentTimeMillis()-start)/1000) + " seconds." );
+ MatcherAssert.assertThat( status, is( success ) );
+
+ if( CLEANUP_TEST ) {
+ // Cleanup anything that might have been leftover because the test failed previously.
+ deleteFile( user, pass, root, "true", HttpStatus.SC_OK );
+ }
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testBasicHiveJDBCUseCase() throws IOException {
+ LOG_ENTER();
- String root = "/tmp/GatewayHiveJDBCFuncTest/testBasicHiveUseCase";
+ String username = "hive";
+ String password = "hive-password";
- InetSocketAddress gatewayAddress = driver.gateway.getAddresses()[0];
+
+ // This use case emulates simple JDBC scenario which consists of following steps:
+ // -open connection;
+ // -configure Hive using 'execute' statements (this also includes execution of 'close operation' requests internally);
+ // -execution of create table command;
+ // -execution of select from table command;
+ // Data insertion is omitted because it causes a lot of additional command during insertion/querying.
+ // All binary data was intercepted during real scenario and stored into files as array of bytes.
+
+ // open session
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/open-session-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/open-session-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ Response response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/open-session-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/open-session-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/open-session-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/open-session-result.bin" ) ) );
+
+ driver.assertComplete();
+
+ // execute 'set hive.fetch.output.serde=...' (is called internally be JDBC driver)
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/execute-set-fetch-output-serde-result.bin" ) ) );
+ driver.assertComplete();
+
+ // close operation for execute 'set hive.fetch.output.serde=...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/close-operation-1-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/close-operation-1-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-1-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/close-operation-1-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/close-operation-1-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/close-operation-1-result.bin" ) ) );
+ driver.assertComplete();
+
+ // execute 'set hive.server2.http.path=...' (is called internally be JDBC driver)
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/execute-set-server2-http-path-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/execute-set-server2-http-path-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-server2-http-path-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/execute-set-server2-http-path-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/execute-set-server2-http-path-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/execute-set-server2-http-path-result.bin" ) ) );
+ driver.assertComplete();
+
+ // close operation for execute 'set hive.server2.http.path=...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/close-operation-2-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/close-operation-2-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-2-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/close-operation-2-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/close-operation-2-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/close-operation-2-result.bin" ) ) );
+ driver.assertComplete();
+
+ // execute 'set hive.server2.servermode=...' (is called internally be JDBC driver)
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/execute-set-server2-servermode-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/execute-set-server2-servermode-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-server2-servermode-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/execute-set-server2-servermode-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/execute-set-server2-servermode-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/execute-set-server2-servermode-result.bin" ) ) );
+ driver.assertComplete();
+
+ // close operation for execute 'set hive.server2.servermode=...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/close-operation-3-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/close-operation-3-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-3-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/close-operation-3-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/close-operation-3-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/close-operation-3-result.bin" ) ) );
+ driver.assertComplete();
+
+ // execute 'set hive.security.authorization.enabled=...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/execute-set-security-authorization-enabled-result.bin" ) ) );
+ driver.assertComplete();
+
+ // close operation for execute 'set hive.security.authorization.enabled=...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/close-operation-4-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/close-operation-4-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-4-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/close-operation-4-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/close-operation-4-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/close-operation-4-result.bin" ) ) );
+ driver.assertComplete();
+
+ // execute 'create table...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/execute-create-table-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/execute-create-table-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-create-table-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/execute-create-table-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/execute-create-table-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/execute-create-table-result.bin" ) ) );
+ driver.assertComplete();
+
+ // close operation for execute 'create table...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/close-operation-5-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/close-operation-5-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-5-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/close-operation-5-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/close-operation-5-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/close-operation-5-result.bin" ) ) );
+ driver.assertComplete();
+
+ // execute 'select * from...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/execute-select-from-table-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/execute-select-from-table-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/execute-select-from-table-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/execute-select-from-table-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/execute-select-from-table-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/execute-select-from-table-result.bin" ) ) );
+ driver.assertComplete();
+
+ // execute 'GetResultSetMetadata' (is called internally be JDBC driver)
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/get-result-set-metadata-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/get-result-set-metadata-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/get-result-set-metadata-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/get-result-set-metadata-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/get-result-set-metadata-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/get-result-set-metadata-result.bin" ) ) );
+ driver.assertComplete();
+
+ // execute 'FetchResults' (is called internally be JDBC driver)
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/fetch-results-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/fetch-results-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/fetch-results-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/fetch-results-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/fetch-results-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/fetch-results-result.bin" ) ) );
+ driver.assertComplete();
+
+ // close operation for execute 'select * from...'
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/close-operation-6-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/close-operation-6-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-operation-6-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/close-operation-6-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/close-operation-6-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/close-operation-6-result.bin" ) ) );
+ driver.assertComplete();
+
+ // close session
+ driver.getMock( "HIVE" )
+ .expect()
+ .method( "POST" )
+ .content( driver.getResourceBytes( "hive/close-session-request.bin" ) )
+ .contentType( "application/x-thrift" )
+ .respond()
+ .characterEncoding( "UTF-8" )
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( "hive/close-session-result.bin" ) )
+ .contentType( "application/x-thrift" );
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .content( driver.getResourceBytes( "hive/close-session-request.bin" ) )
++ .body( driver.getResourceBytes( "hive/close-session-request.bin" ) )
+ .contentType( "application/x-thrift" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( "hive/close-session-result.bin" ) ) )
+ .contentType( "application/x-thrift" )
+ .when().post( driver.getUrl( "HIVE" ) );
+ assertThat( response.body().asByteArray(), is( driver.getResourceBytes( "hive/close-session-result.bin" ) ) );
+ driver.assertComplete();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testHBaseGetTableList() throws IOException {
+ LOG_ENTER();
+ String username = "hbase";
+ String password = "hbase-password";
+ String resourceName = "hbase/table-list";
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( "/" )
+ .header( "Accept", ContentType.XML.toString() )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( resourceName + ".xml" ) )
+ .contentType( ContentType.XML.toString() );
+
+ Response response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .header( "Accept", ContentType.XML.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( ContentType.XML )
+ .when().get( driver.getUrl( "WEBHBASE" ) );
+
+ MatcherAssert
+ .assertThat(
+ the( response.getBody().asString() ),
+ isEquivalentTo( the( driver.getResourceString( resourceName + ".xml", UTF8 ) ) ) );
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( "/" )
+ .header( "Accept", ContentType.JSON.toString() )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( resourceName + ".json" ) )
+ .contentType( ContentType.JSON.toString() );
+
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .header( "Accept", ContentType.JSON.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( ContentType.JSON )
+ .when().get( driver.getUrl( "WEBHBASE" ) );
+
+ MatcherAssert
+ .assertThat( response.getBody().asString(), sameJSONAs( driver.getResourceString( resourceName + ".json", UTF8 ) ) );
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( "/" )
+ .header( "Accept", "application/x-protobuf" )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceString( resourceName + ".protobuf", UTF8 ), UTF8 )
+ .contentType( "application/x-protobuf" );
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .header( "Accept", "application/x-protobuf" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/x-protobuf" )
- .content( is( driver.getResourceString( resourceName + ".protobuf", UTF8 ) ) )
++ .body( is( driver.getResourceString( resourceName + ".protobuf", UTF8 ) ) )
+ .when().get( driver.getUrl( "WEBHBASE" ) );
+ driver.assertComplete();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testHBaseCreateTableAndVerifySchema() throws IOException {
+ LOG_ENTER();
+ String username = "hbase";
+ String password = "hbase-password";
+ String resourceName = "hbase/table-schema";
+ String path = "/table/schema";
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( path )
+ .respond()
+ .status( HttpStatus.SC_CREATED )
+ .content( driver.getResourceBytes( resourceName + ".xml" ) )
+ .contentType( ContentType.XML.toString() )
+ .header( "Location", driver.getRealUrl( "WEBHBASE" ) + path );
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_CREATED )
+ .contentType( ContentType.XML )
+ .header( "Location", startsWith( driver.getUrl( "WEBHBASE" ) + path ) )
+ .when().put(driver.getUrl("WEBHBASE") + path);
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( path )
+ .respond()
+ .status(HttpStatus.SC_CREATED)
+ .content(driver.getResourceBytes(resourceName + ".json"))
+ .contentType(ContentType.JSON.toString())
+ .header("Location", driver.getRealUrl("WEBHBASE") + path);
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_CREATED )
+ .contentType( ContentType.JSON )
+ .header( "Location", startsWith( driver.getUrl( "WEBHBASE" ) + path ) )
+ .when().put( driver.getUrl( "WEBHBASE" ) + path );
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( path )
+ .respond()
+ .status( HttpStatus.SC_CREATED )
+ .content( driver.getResourceBytes( resourceName + ".protobuf" ) )
+ .contentType( "application/x-protobuf" )
+ .header("Location", driver.getRealUrl("WEBHBASE") + path);
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_CREATED)
+ .contentType("application/x-protobuf")
+ .header("Location", startsWith(driver.getUrl("WEBHBASE") + path))
+ .when().put(driver.getUrl("WEBHBASE") + path);
+ driver.assertComplete();
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testHBaseGetTableSchema() throws IOException {
+ LOG_ENTER();
+ String username = "hbase";
+ String password = "hbase-password";
+ String resourceName = "hbase/table-metadata";
+ String path = "/table/schema";
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( path )
+ .header("Accept", ContentType.XML.toString())
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes(resourceName + ".xml"))
+ .contentType(ContentType.XML.toString());
+
+ Response response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .header( "Accept", ContentType.XML.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( ContentType.XML )
+ .when().get( driver.getUrl( "WEBHBASE" ) + path );
+
+ MatcherAssert
+ .assertThat(
+ the(response.getBody().asString()),
+ isEquivalentTo(the(driver.getResourceString(resourceName + ".xml", UTF8))));
+ driver.assertComplete();
+
+ driver.getMock("WEBHBASE")
+ .expect()
+ .method("GET")
+ .pathInfo(path)
+ .header("Accept", ContentType.JSON.toString())
+ .respond()
+ .status(HttpStatus.SC_OK)
+ .content(driver.getResourceBytes(resourceName + ".json"))
+ .contentType(ContentType.JSON.toString());
+
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .header( "Accept", ContentType.JSON.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( ContentType.JSON )
+ .when().get( driver.getUrl( "WEBHBASE" ) + path );
+
+ MatcherAssert
+ .assertThat(response.getBody().asString(), sameJSONAs(driver.getResourceString(resourceName + ".json", UTF8)));
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "GET" )
+ .pathInfo( path )
+ .header( "Accept", "application/x-protobuf" )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( driver.getResourceBytes( resourceName + ".protobuf" ) )
+ .contentType("application/x-protobuf");
+
+ response = given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ .header( "Accept", "application/x-protobuf" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ //.content( is( driver.getResourceBytes( resourceName + ".protobuf" ) ) )
+ .contentType( "application/x-protobuf" )
+ .when().get( driver.getUrl( "WEBHBASE" ) + path );
+ // RestAssured seems to be screwing up the binary comparison so do it explicitly.
+ assertThat( driver.getResourceBytes( resourceName + ".protobuf" ), is( response.body().asByteArray() ) );
+ driver.assertComplete();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testHBaseInsertDataIntoTable() throws IOException {
+ LOG_ENTER();
+ String username = "hbase";
+ String password = "hbase-password";
+
+ String resourceName = "hbase/table-data";
+ String singleRowPath = "/table/testrow";
+ String multipleRowPath = "/table/false-row-key";
+
+ //PUT request
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( multipleRowPath )
+ //.header( "Content-Type", ContentType.XML.toString() )
+ .content( driver.getResourceBytes( resourceName + ".xml" ) )
+ .contentType( ContentType.XML.toString() )
+ .respond()
+ .status(HttpStatus.SC_OK);
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ //.header( "Content-Type", ContentType.XML.toString() )
- .content( driver.getResourceBytes( resourceName + ".xml" ) )
++ .body( driver.getResourceBytes( resourceName + ".xml" ) )
+ .contentType( ContentType.XML.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().put(driver.getUrl("WEBHBASE") + multipleRowPath);
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "PUT" )
+ .pathInfo( singleRowPath )
+ //.header( "Content-Type", ContentType.JSON.toString() )
+ .contentType( ContentType.JSON.toString() )
+ .respond()
+ .status( HttpStatus.SC_OK );
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ //.header( "Content-Type", ContentType.JSON.toString() )
- .content( driver.getResourceBytes( resourceName + ".json" ) )
++ .body( driver.getResourceBytes( resourceName + ".json" ) )
+ .contentType( ContentType.JSON.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().put(driver.getUrl("WEBHBASE") + singleRowPath);
+ driver.assertComplete();
+
+ driver.getMock("WEBHBASE")
+ .expect()
+ .method("PUT")
+ .pathInfo(multipleRowPath)
+ //.header( "Content-Type", "application/x-protobuf" )
+ .contentType("application/x-protobuf")
+ .content(driver.getResourceBytes(resourceName + ".protobuf"))
+ .respond()
+ .status(HttpStatus.SC_OK);
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ //.header( "Content-Type", "application/x-protobuf" )
- .content( driver.getResourceBytes( resourceName + ".protobuf" ) )
++ .body( driver.getResourceBytes( resourceName + ".protobuf" ) )
+ .contentType( "application/x-protobuf" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().put( driver.getUrl( "WEBHBASE" ) + multipleRowPath );
+ driver.assertComplete();
+
+ //POST request
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "POST" )
+ .pathInfo( multipleRowPath )
+ //.header( "Content-Type", ContentType.XML.toString() )
+ .content( driver.getResourceBytes( resourceName + ".xml" ) )
+ .contentType( ContentType.XML.toString() )
+ .respond()
+ .status( HttpStatus.SC_OK );
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ //.header( "Content-Type", ContentType.XML.toString() )
- .content( driver.getResourceBytes( resourceName + ".xml" ) )
++ .body( driver.getResourceBytes( resourceName + ".xml" ) )
+ .contentType( ContentType.XML.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().post( driver.getUrl( "WEBHBASE" ) + multipleRowPath );
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "POST" )
+ .pathInfo( singleRowPath )
+ //.header( "Content-Type", ContentType.JSON.toString() )
+ .contentType( ContentType.JSON.toString() )
+ .respond()
+ .status( HttpStatus.SC_OK );
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ //.header( "Content-Type", ContentType.JSON.toString() )
- .content( driver.getResourceBytes( resourceName + ".json" ) )
++ .body( driver.getResourceBytes( resourceName + ".json" ) )
+ .contentType( ContentType.JSON.toString() )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().post( driver.getUrl( "WEBHBASE" ) + singleRowPath );
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .method( "POST" )
+ .pathInfo( multipleRowPath )
+ //.header( "Content-Type", "application/x-protobuf" )
+ .content( driver.getResourceBytes( resourceName + ".protobuf" ) )
+ .contentType( "application/x-protobuf" )
+ .respond()
+ .status( HttpStatus.SC_OK );
+
+ given()
+ .auth().preemptive().basic( username, password )
+ .header("X-XSRF-Header", "jksdhfkhdsf")
+ //.header( "Content-Type", "application/x-protobuf" )
- .content( driver.getResourceBytes( resourceName + ".protobuf" ) )
++ .body( driver.getResourceBytes( resourceName + ".protobuf" ) )
+ .contentType( "application/x-protobuf" )
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().post(driver.getUrl("WEBHBASE") + multipleRowPath);
+ driver.assertComplete();
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testHBaseDeleteDataFromTable() {
+ LOG_ENTER();
+ String username = "hbase";
+ String password = "hbase-password";
+
+ String tableId = "table";
+ String rowId = "row";
+ String familyId = "family";
+ String columnId = "column";
+
+ driver.getMock("WEBHBASE")
+ .expect()
+ .from("testHBaseDeleteDataFromTable-1")
+ .method("DELETE")
+ .pathInfo("/" + tableId + "/" + rowId)
+ .respond()
+ .status(HttpStatus.SC_OK);
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().delete(driver.getUrl("WEBHBASE") + "/" + tableId + "/" + rowId);
+ driver.assertComplete();
+
+ driver.getMock( "WEBHBASE" )
+ .expect()
+ .from("testHBaseDeleteDataFromTable-2")
+ .method("DELETE")
+ .pathInfo("/" + tableId + "/" + rowId + "/" + familyId)
+ .respond()
+ .status( HttpStatus.SC_OK );
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().delete(driver.getUrl("WEBHBASE") + "/" + tableId + "/" + rowId + "/" + familyId);
+ driver.assertComplete();
+
+ driver.getMock("WEBHBASE")
+ .expect()
+ .from("testHBaseDeleteDataFromTable-3")
+ .method("DELETE")
+ .pathInfo("/" + tableId + "/" + rowId + "/" + familyId + ":" + columnId)
+ .respond()
+ .status(HttpStatus.SC_OK);
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("X-XSRF-Header", "jksdhfkhdsf")
- .expect()
++ .then()
+ .statusCode( HttpStatus.SC_OK )
+ .when().delete(driver.getUrl("WEBHBASE") + "/" + tableId + "/" + rowId + "/" + familyId + ":" + columnId);
+ driver.assertComplete();
+
+ LOG_EXIT();
+ }
+
+ @Test( t
<TRUNCATED>
[06/12] knox git commit: KNOX-1052 - Add some tests for the Knox SSO
Service
Posted by mo...@apache.org.
KNOX-1052 - Add some tests for the Knox SSO Service
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/2666894b
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/2666894b
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/2666894b
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: 2666894bc84281ed78890110ab15b009fa5f2830
Parents: a5a8825
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Sep 20 11:09:54 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Sep 20 11:09:54 2017 +0100
----------------------------------------------------------------------
gateway-service-knoxsso/pom.xml | 11 +-
.../gateway/service/knoxsso/WebSSOResource.java | 20 +-
.../service/knoxsso/WebSSOResourceTest.java | 304 ++++++++++++++++++-
3 files changed, 308 insertions(+), 27 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/2666894b/gateway-service-knoxsso/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-service-knoxsso/pom.xml b/gateway-service-knoxsso/pom.xml
index f5018a2..e6b6ca5 100644
--- a/gateway-service-knoxsso/pom.xml
+++ b/gateway-service-knoxsso/pom.xml
@@ -59,9 +59,10 @@
<artifactId>gateway-test-utils</artifactId>
<scope>test</scope>
</dependency>
- <dependency>
- <groupId>org.easymock</groupId>
- <artifactId>easymock</artifactId>
- <scope>test</scope>
- </dependency> </dependencies>
+ <dependency>
+ <groupId>org.easymock</groupId>
+ <artifactId>easymock</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
</project>
http://git-wip-us.apache.org/repos/asf/knox/blob/2666894b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
index 7cc5378..0d9e6dd 100644
--- a/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
+++ b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
@@ -23,6 +23,7 @@ import java.net.URISyntaxException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
@@ -74,14 +75,14 @@ public class WebSSOResource {
private long tokenTTL = 30000l;
private String whitelist = null;
private String domainSuffix = null;
- private String[] targetAudiences = null;
+ private List<String> targetAudiences = new ArrayList<>();
private boolean enableSession = false;
@Context
- private HttpServletRequest request;
+ HttpServletRequest request;
@Context
- private HttpServletResponse response;
+ HttpServletResponse response;
@Context
ServletContext context;
@@ -124,7 +125,10 @@ public class WebSSOResource {
String audiences = context.getInitParameter(SSO_COOKIE_TOKEN_AUDIENCES_PARAM);
if (audiences != null) {
- targetAudiences = audiences.split(",");
+ String[] auds = audiences.split(",");
+ for (int i = 0; i < auds.length; i++) {
+ targetAudiences.add(auds[i]);
+ }
}
String ttl = context.getInitParameter(SSO_COOKIE_TOKEN_TTL_PARAM);
@@ -180,14 +184,10 @@ public class WebSSOResource {
try {
JWT token = null;
- if (targetAudiences == null || targetAudiences.length == 0) {
+ if (targetAudiences.isEmpty()) {
token = ts.issueToken(p, "RS256", getExpiry());
} else {
- ArrayList<String> aud = new ArrayList<String>();
- for (int i = 0; i < targetAudiences.length; i++) {
- aud.add(targetAudiences[i]);
- }
- token = ts.issueToken(p, aud, "RS256", getExpiry());
+ token = ts.issueToken(p, targetAudiences, "RS256", getExpiry());
}
// Coverity CID 1327959
http://git-wip-us.apache.org/repos/asf/knox/blob/2666894b/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java b/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
index 73910dd..c953c91 100644
--- a/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
+++ b/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
@@ -17,15 +17,65 @@
*/
package org.apache.hadoop.gateway.service.knoxsso;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+
+import org.apache.hadoop.gateway.services.GatewayServices;
+import org.apache.hadoop.gateway.services.security.token.JWTokenAuthority;
+import org.apache.hadoop.gateway.services.security.token.TokenServiceException;
+import org.apache.hadoop.gateway.services.security.token.impl.JWT;
+import org.apache.hadoop.gateway.services.security.token.impl.JWTToken;
import org.apache.hadoop.gateway.util.RegExUtils;
+import org.easymock.EasyMock;
import org.junit.Assert;
+import org.junit.BeforeClass;
import org.junit.Test;
+import com.nimbusds.jose.JWSSigner;
+import com.nimbusds.jose.JWSVerifier;
+import com.nimbusds.jose.crypto.RSASSASigner;
+import com.nimbusds.jose.crypto.RSASSAVerifier;
+
/**
- *
+ * Some tests for the Knox SSO service.
*/
public class WebSSOResourceTest {
+ protected static RSAPublicKey publicKey;
+ protected static RSAPrivateKey privateKey;
+
+ @BeforeClass
+ public static void setup() throws Exception, NoSuchAlgorithmException {
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+ kpg.initialize(1024);
+ KeyPair KPair = kpg.generateKeyPair();
+
+ publicKey = (RSAPublicKey) KPair.getPublic();
+ privateKey = (RSAPrivateKey) KPair.getPrivate();
+ }
+
@Test
public void testWhitelistMatching() throws Exception {
String whitelist = "^https?://.*example.com:8080/.*$;" +
@@ -35,37 +85,267 @@ public class WebSSOResourceTest {
"^https?://localhost:\\d{0,9}/.*$;^/.*$";
// match on explicit hostname/domain and port
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
"http://host.example.com:8080/"));
// match on non-required port
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
"http://host.example.com/"));
// match on required but any port
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
"http://host.example2.com:1234/"));
// fail on missing port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
"http://host.example2.com/"));
// fail on invalid port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
"http://host.example.com:8081/"));
// fail on alphanumeric port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
"http://host.example.com:A080/"));
// fail on invalid hostname/domain
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
"http://host.example.net:8080/"));
// fail on required port
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
"http://host.example2.com/"));
// fail on required https
- Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,
"http://host.example3.com/"));
// match on localhost and port
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
"http://localhost:8080/"));
// match on local/relative path
- Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
+ Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist,
"/local/resource/"));
}
+
+ @Test
+ public void testGetToken() throws Exception {
+
+ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.token.ttl")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.enable.session")).andReturn(null);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.expect(request.getParameter("originalUrl")).andReturn("http://localhost:9080/service");
+ EasyMock.expect(request.getParameterMap()).andReturn(Collections.<String,String[]>emptyMap());
+ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
+
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
+ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
+
+ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
+ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
+
+ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
+ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
+
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
+ CookieResponseWrapper responseWrapper = new CookieResponseWrapper(response, outputStream);
+
+ EasyMock.replay(principal, services, context, request);
+
+ WebSSOResource webSSOResponse = new WebSSOResource();
+ webSSOResponse.request = request;
+ webSSOResponse.response = responseWrapper;
+ webSSOResponse.context = context;
+ webSSOResponse.init();
+
+ // Issue a token
+ webSSOResponse.doGet();
+
+ // Check the cookie
+ Cookie cookie = responseWrapper.getCookie("hadoop-jwt");
+ assertNotNull(cookie);
+
+ JWTToken parsedToken = new JWTToken(cookie.getValue());
+ assertEquals("alice", parsedToken.getSubject());
+ assertTrue(authority.verifyToken(parsedToken));
+ }
+
+ @Test
+ public void testAudiences() throws Exception {
+
+ ServletContext context = EasyMock.createNiceMock(ServletContext.class);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn("recipient1,recipient2");
+ EasyMock.expect(context.getInitParameter("knoxsso.token.ttl")).andReturn(null);
+ EasyMock.expect(context.getInitParameter("knoxsso.enable.session")).andReturn(null);
+
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.expect(request.getParameter("originalUrl")).andReturn("http://localhost:9080/service");
+ EasyMock.expect(request.getParameterMap()).andReturn(Collections.<String,String[]>emptyMap());
+ EasyMock.expect(request.getServletContext()).andReturn(context).anyTimes();
+
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("alice").anyTimes();
+ EasyMock.expect(request.getUserPrincipal()).andReturn(principal).anyTimes();
+
+ GatewayServices services = EasyMock.createNiceMock(GatewayServices.class);
+ EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE)).andReturn(services);
+
+ JWTokenAuthority authority = new TestJWTokenAuthority(publicKey, privateKey);
+ EasyMock.expect(services.getService(GatewayServices.TOKEN_SERVICE)).andReturn(authority);
+
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
+ CookieResponseWrapper responseWrapper = new CookieResponseWrapper(response, outputStream);
+
+ EasyMock.replay(principal, services, context, request);
+
+ WebSSOResource webSSOResponse = new WebSSOResource();
+ webSSOResponse.request = request;
+ webSSOResponse.response = responseWrapper;
+ webSSOResponse.context = context;
+ webSSOResponse.init();
+
+ // Issue a token
+ webSSOResponse.doGet();
+
+ // Check the cookie
+ Cookie cookie = responseWrapper.getCookie("hadoop-jwt");
+ assertNotNull(cookie);
+
+ JWTToken parsedToken = new JWTToken(cookie.getValue());
+ assertEquals("alice", parsedToken.getSubject());
+ assertTrue(authority.verifyToken(parsedToken));
+
+ // Verify the audiences
+ List<String> audiences = Arrays.asList(parsedToken.getAudienceClaims());
+ assertEquals(2, audiences.size());
+ assertTrue(audiences.contains("recipient1"));
+ assertTrue(audiences.contains("recipient2"));
+ }
+
+ /**
+ * A wrapper for HttpServletResponseWrapper to store the cookies
+ */
+ private static class CookieResponseWrapper extends HttpServletResponseWrapper {
+
+ private ServletOutputStream outputStream;
+ private Map<String, Cookie> cookies = new HashMap<>();
+
+ public CookieResponseWrapper(HttpServletResponse response) {
+ super(response);
+ }
+
+ public CookieResponseWrapper(HttpServletResponse response, ServletOutputStream outputStream) {
+ super(response);
+ this.outputStream = outputStream;
+ }
+
+ @Override
+ public ServletOutputStream getOutputStream() {
+ return outputStream;
+ }
+
+ @Override
+ public void addCookie(Cookie cookie) {
+ super.addCookie(cookie);
+ cookies.put(cookie.getName(), cookie);
+ }
+
+ public Cookie getCookie(String name) {
+ return cookies.get(name);
+ }
+
+ }
+
+ private static class TestJWTokenAuthority implements JWTokenAuthority {
+
+ private RSAPublicKey publicKey;
+ private RSAPrivateKey privateKey;
+
+ public TestJWTokenAuthority(RSAPublicKey publicKey, RSAPrivateKey privateKey) {
+ this.publicKey = publicKey;
+ this.privateKey = privateKey;
+ }
+
+ @Override
+ public JWTToken issueToken(Subject subject, String algorithm)
+ throws TokenServiceException {
+ Principal p = (Principal) subject.getPrincipals().toArray()[0];
+ return issueToken(p, algorithm);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, String algorithm)
+ throws TokenServiceException {
+ return issueToken(p, null, algorithm);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, String audience, String algorithm)
+ throws TokenServiceException {
+ return issueToken(p, audience, algorithm, -1);
+ }
+
+ @Override
+ public boolean verifyToken(JWTToken token) throws TokenServiceException {
+ JWSVerifier verifier = new RSASSAVerifier(publicKey);
+ return token.verify(verifier);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, String audience, String algorithm,
+ long expires) throws TokenServiceException {
+ List<String> audiences = null;
+ if (audience != null) {
+ audiences = new ArrayList<String>();
+ audiences.add(audience);
+ }
+ return issueToken(p, audiences, algorithm, expires);
+ }
+
+ @Override
+ public JWTToken issueToken(Principal p, List<String> audiences, String algorithm,
+ long expires) throws TokenServiceException {
+ String[] claimArray = new String[4];
+ claimArray[0] = "KNOXSSO";
+ claimArray[1] = p.getName();
+ claimArray[2] = null;
+ if (expires == -1) {
+ claimArray[3] = null;
+ } else {
+ claimArray[3] = String.valueOf(expires);
+ }
+
+ JWTToken token = null;
+ if ("RS256".equals(algorithm)) {
+ token = new JWTToken("RS256", claimArray, audiences);
+ JWSSigner signer = new RSASSASigner(privateKey);
+ token.sign(signer);
+ } else {
+ throw new TokenServiceException("Cannot issue token - Unsupported algorithm");
+ }
+
+ return token;
+ }
+
+ @Override
+ public JWT issueToken(Principal p, String algorithm, long expiry)
+ throws TokenServiceException {
+ return issueToken(p, Collections.<String>emptyList(), algorithm, expiry);
+ }
+
+ @Override
+ public boolean verifyToken(JWTToken token, RSAPublicKey publicKey) throws TokenServiceException {
+ JWSVerifier verifier = new RSASSAVerifier(publicKey);
+ return token.verify(verifier);
+ }
+
+ }
+
}
[02/12] knox git commit: KNOX-1044 - Change Rest Assured "expect" to
"then"
Posted by mo...@apache.org.
http://git-wip-us.apache.org/repos/asf/knox/blob/4978951c/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
index 1fc8c33..e2d679b 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/WebHdfsHaFuncTest.java
@@ -171,7 +171,7 @@ public class WebHdfsHaFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
.body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
@@ -186,7 +186,7 @@ public class WebHdfsHaFuncTest {
LOG_ENTER();
String username = "hdfs";
String password = "hdfs-password";
- //Shutdown master and expect standby to serve the list response
+ //Shutdown master and then standby to serve the list response
masterServer.stop();
standbyServer.expect()
.method("GET")
@@ -201,7 +201,7 @@ public class WebHdfsHaFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
.body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
@@ -216,14 +216,14 @@ public class WebHdfsHaFuncTest {
LOG_ENTER();
String username = "hdfs";
String password = "hdfs-password";
- //Shutdown master and expect standby to serve the list response
+ //Shutdown master and then standby to serve the list response
masterServer.stop();
standbyServer.stop();
given()
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
// .log().ifError()
.statusCode(HttpStatus.SC_INTERNAL_SERVER_ERROR)
.when().get(driver.getUrl("WEBHDFS") + "/v1/");
@@ -263,7 +263,7 @@ public class WebHdfsHaFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
.body("FileStatuses.FileStatus[0].pathSuffix", is("app-logs"))
@@ -319,7 +319,7 @@ public class WebHdfsHaFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "LISTSTATUS")
- .expect()
+ .then()
// .log().ifError()
.statusCode(HttpStatus.SC_INTERNAL_SERVER_ERROR)
.when().get(driver.getUrl("WEBHDFS") + "/v1/");
@@ -359,7 +359,7 @@ public class WebHdfsHaFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "RENAME")
.queryParam("destination", "/user/hdfs/foo.txt")
- .expect()
+ .then()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
.body("boolean", is(true))
@@ -396,7 +396,7 @@ public class WebHdfsHaFuncTest {
.auth().preemptive().basic(username, password)
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "MKDIRS")
- .expect()
+ .then()
.log().ifError()
.statusCode(HttpStatus.SC_OK)
.body("boolean", is(true))
@@ -456,7 +456,7 @@ public class WebHdfsHaFuncTest {
.header("X-XSRF-Header", "jksdhfkhdsf")
.queryParam("op", "RENAME")
.queryParam("destination", "/user/hdfs/foo.txt")
- .expect()
+ .then()
// .log().ifError()
.statusCode(HttpStatus.SC_INTERNAL_SERVER_ERROR)
.when().post(driver.getUrl("WEBHDFS") + "/v1/user/hdfs/foo.txt");
[08/12] knox git commit: Merge remote-tracking branch 'origin/master'
into KNOX-998-Package_Restructuring
Posted by mo...@apache.org.
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayDeployFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayDeployFuncTest.java
index e9442cd,0000000..9349dca
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayDeployFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayDeployFuncTest.java
@@@ -1,315 -1,0 +1,315 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import io.restassured.response.Response;
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.FilenameFilter;
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Pattern;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.Matchers.greaterThan;
+import static org.junit.Assert.assertThat;
+
+@Category(ReleaseTest.class)
+public class GatewayDeployFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayDeployFuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static File gatewayHome;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ @Before
+ public void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+ gatewayHome = gatewayDir;
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-cluster";
+ }
+
+ @After
+ public void cleanupGateway() throws Exception {
+ gateway.stop();
+ FileUtils.deleteQuietly( gatewayHome );
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .addTag( "provider" )
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "test-service-role" )
+ .gotoRoot();
+ return xml;
+ }
+
+ //@Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testDeployRedeployUndeploy() throws InterruptedException, IOException {
+ LOG_ENTER();
+ long sleep = 200;
+ int numFilesInWebInf = 4; // # files in WEB-INF (ie gateway.xml, rewrite.xml, shiro.ini, web.xml)
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ long topoTimestampBefore, topoTimestampAfter;
+
+ File topoDir = new File( config.getGatewayTopologyDir() );
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ File earDir;
+
+ // Make sure deployment directory is empty.
+ assertThat( topoDir.listFiles().length, is( 0 ) );
+ assertThat( deployDir.listFiles().length, is( 0 ) );
+
+ File descriptor = writeTestTopology( "test-cluster", createTopology() );
+ long writeTime = System.currentTimeMillis();
+
+ earDir = waitForFiles( deployDir, "test-cluster\\.topo\\.[0-9A-Fa-f]+", 1, 0, sleep );
+ File warDir = new File( earDir, "%2F" );
+ File webInfDir = new File( warDir, "WEB-INF" );
+ waitForFiles( webInfDir, ".*", numFilesInWebInf, 0, sleep );
+ waitForAccess( serviceUrl, username, password, sleep );
+
+ // Wait to make sure a second has passed to ensure the the file timestamps are different.
+ waitForElapsed( writeTime, 1000, 100 );
+
+ // Redeploy and make sure the timestamp is updated.
+ topoTimestampBefore = descriptor.lastModified();
+ GatewayServer.redeployTopologies( null );
+ writeTime = System.currentTimeMillis();
+ topoTimestampAfter = descriptor.lastModified();
+ assertThat( topoTimestampAfter, greaterThan( topoTimestampBefore ) );
+
+ // Check to make sure there are two war directories with the same root.
+ earDir = waitForFiles( deployDir, "test-cluster\\.topo\\.[0-9A-Fa-f]+", 2, 1, sleep );
+ warDir = new File( earDir, "%2F" );
+ webInfDir = new File( warDir, "WEB-INF" );
+ waitForFiles( webInfDir, ".*", numFilesInWebInf, 0, sleep );
+ waitForAccess( serviceUrl, username, password, sleep );
+
+ // Wait to make sure a second has passed to ensure the the file timestamps are different.
+ waitForElapsed( writeTime, 1000, 100 );
+
+ // Redeploy and make sure the timestamp is updated.
+ topoTimestampBefore = descriptor.lastModified();
+ GatewayServer.redeployTopologies( "test-cluster" );
+ writeTime = System.currentTimeMillis();
+ topoTimestampAfter = descriptor.lastModified();
+ assertThat( topoTimestampAfter, greaterThan( topoTimestampBefore ) );
+
+ // Check to make sure there are two war directories with the same root.
+ earDir = waitForFiles( deployDir, "test-cluster\\.topo\\.[0-9A-Fa-f]+", 3, 2, sleep );
+ warDir = new File( earDir, "%2F" );
+ webInfDir = new File( warDir, "WEB-INF" );
+ waitForFiles( webInfDir, ".*", numFilesInWebInf, 0, sleep );
+ waitForAccess( serviceUrl, username, password, sleep );
+
+ // Delete the test topology.
+ assertThat( "Failed to delete the topology file.", descriptor.delete(), is( true ) );
+
+ // Wait to make sure a second has passed to ensure the the file timestamps are different.
+ waitForElapsed( writeTime, 1000, 100 );
+
+ waitForFiles( deployDir, ".*", 0, -1, sleep );
+
+ // Wait a bit more to make sure undeployment finished.
+ Thread.sleep( sleep );
+
+ // Make sure the test topology is not accessible.
+ given().auth().preemptive().basic( username, password )
- .expect().statusCode( HttpStatus.SC_NOT_FOUND )
++ .then().statusCode( HttpStatus.SC_NOT_FOUND )
+ .when().get( serviceUrl );
+
+ // Make sure deployment directory is empty.
+ assertThat( topoDir.listFiles().length, is( 0 ) );
+ assertThat( deployDir.listFiles().length, is( 0 ) );
+ LOG_EXIT();
+ }
+
+ private void waitForElapsed( long from, long total, long sleep ) throws InterruptedException {
+ while( System.currentTimeMillis() - from < total ) {
+ Thread.sleep( sleep );
+ }
+ }
+
+ private File writeTestTopology( String name, XMLTag xml ) throws IOException {
+ // Create the test topology.
+ File tempFile = new File( config.getGatewayTopologyDir(), name + ".xml." + UUID.randomUUID() );
+ FileOutputStream stream = new FileOutputStream( tempFile );
+ xml.toStream( stream );
+ stream.close();
+ File descriptor = new File( config.getGatewayTopologyDir(), name + ".xml" );
+ tempFile.renameTo( descriptor );
+ return descriptor;
+ }
+
+ private File waitForFiles( File dir, String pattern, int count, int index, long sleep ) throws InterruptedException {
+ RegexDirFilter filter = new RegexDirFilter( pattern );
+ while( true ) {
+ File[] files = dir.listFiles( filter );
+ if( files.length == count ) {
+ return ( index < 0 ) ? null : files[ index ];
+ }
+ Thread.sleep( sleep );
+ }
+ }
+
+ private void waitForAccess( String url, String username, String password, long sleep ) throws InterruptedException {
+ while( true ) {
+ Response response = given()
+ .auth().preemptive().basic( username, password )
+ .when().get( url ).andReturn();
+ if( response.getStatusCode() == HttpStatus.SC_NOT_FOUND ) {
+ Thread.sleep( sleep );
+ continue;
+ }
+ assertThat( response.getContentType(), containsString( "text/plain" ) );
+ assertThat( response.getBody().asString(), is( "test-service-response" ) );
+ break;
+ }
+ }
+
+ private class RegexDirFilter implements FilenameFilter {
+
+ Pattern pattern;
+
+ RegexDirFilter( String regex ) {
+ pattern = Pattern.compile( regex );
+ }
+
+ @Override
+ public boolean accept( File dir, String name ) {
+ return pattern.matcher( name ).matches();
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayHealthFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayHealthFuncTest.java
index a1d00b2,0000000..c7ac9ee
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayHealthFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayHealthFuncTest.java
@@@ -1,205 -1,0 +1,205 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import io.restassured.path.json.JsonPath;
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.ws.rs.core.MediaType;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.nio.file.FileSystems;
+import java.nio.file.Path;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.UUID;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+public class GatewayHealthFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger(GatewayAdminFuncTest.class);
+
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ public static SimpleLdapDirectoryServer ldap;
+ public static TcpTransport ldapTransport;
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ TestUtils.LOG_ENTER();
+ setupLdap();
+ setupGateway();
+ TestUtils.LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ TestUtils.LOG_ENTER();
+ gateway.stop();
+ ldap.stop(true);
+ TestUtils.LOG_EXIT();
+ }
+
+ public static void setupLdap() throws Exception {
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+
+ final Path path = FileSystems
+ .getDefault().getPath(basedir, "/src/test/resources/users.ldif");
+
+ ldapTransport = new TcpTransport(0);
+ ldap = new SimpleLdapDirectoryServer("dc=hadoop,dc=apache,dc=org", path.toFile(), ldapTransport);
+ ldap.start();
+ LOG.info("LDAP port = " + ldapTransport.getPort());
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File(System.getProperty("user.dir"), "target");
+ File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir(gatewayDir.getAbsolutePath());
+
+ File topoDir = new File(testConfig.getGatewayTopologyDir());
+ topoDir.mkdirs();
+
+ File deployDir = new File(testConfig.getGatewayDeploymentDir());
+ deployDir.mkdirs();
+
+ File descriptor = new File(topoDir, "test-cluster.xml");
+ FileOutputStream stream = new FileOutputStream(descriptor);
+ createTopology().toStream(stream);
+ stream.close();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String, String> options = new HashMap<String, String>();
+ options.put("persist-master", "false");
+ options.put("master", "password");
+ try {
+ srvcs.init(testConfig, options);
+ } catch (ServiceLifecycleException e) {
+ e.printStackTrace(); // I18N not required.
+ }
+ gateway = GatewayServer.startGateway(testConfig, srvcs);
+ MatcherAssert.assertThat("Failed to start gateway.", gateway, notNullValue());
+
+ LOG.info("Gateway port = " + gateway.getAddresses()[0].getPort());
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-cluster";
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument(true)
+ .addRoot("topology")
+ .addTag("gateway")
+ .addTag("provider")
+ .addTag("role").addText("authentication")
+ .addTag("name").addText("ShiroProvider")
+ .addTag("enabled").addText("true")
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm")
+ .addTag("value").addText("org.apache.knox.gateway.shirorealm.KnoxLdapRealm").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.userDnTemplate")
+ .addTag("value").addText("uid={0},ou=people,dc=hadoop,dc=apache,dc=org").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.url")
+ .addTag("value").addText("ldap://localhost:" + ldapTransport.getAcceptor().getLocalAddress().getPort()).gotoParent()
+ .addTag("param")
+ .addTag("name").addText("main.ldapRealm.contextFactory.authenticationMechanism")
+ .addTag("value").addText("simple").gotoParent()
+ .addTag("param")
+ .addTag("name").addText("urls./**")
+ .addTag("value").addText("authcBasic").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag("role").addText("identity-assertion")
+ .addTag("enabled").addText("true")
+ .addTag("name").addText("Default").gotoParent()
+ .addTag("provider")
+ .gotoRoot()
+ .addTag("service")
+ .addTag("role").addText("HEALTH")
+ .gotoRoot();
+ return xml;
+ }
+
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT)
+ public void testPingResource() {
+ TestUtils.LOG_ENTER();
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/v1/ping";
+ String body = given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.TEXT_PLAIN)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.TEXT_PLAIN)
+ .when().get(serviceUrl).asString();
+ Assert.assertEquals("OK", body.trim());
+ TestUtils.LOG_EXIT();
+ }
+
+ @Test(timeout = TestUtils.MEDIUM_TIMEOUT)
+ public void testMetricsResource() {
+ TestUtils.LOG_ENTER();
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/v1/metrics";
+ String body = given()
+ .auth().preemptive().basic(username, password)
- .expect()
++ .then()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.APPLICATION_JSON)
+ .when().get(serviceUrl).asString();
- String version = JsonPath.from(body).getString("version");
++ //String version = JsonPath.from(body).getString("version");
+ Map<String, String> hm = JsonPath.from(body).getMap("");
+ Assert.assertTrue(hm.size() >= 6);
+ Assert.assertTrue(hm.keySet().containsAll(new HashSet<String>(Arrays.asList(new String[]{"timers", "histograms",
+ "counters", "gauges", "version", "meters"}))));
+ TestUtils.LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapDynamicGroupFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapDynamicGroupFuncTest.java
index b66716d,0000000..3a3d776
mode 100755,000000..100755
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapDynamicGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapDynamicGroupFuncTest.java
@@@ -1,287 -1,0 +1,287 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.net.URL;
+import java.nio.file.FileSystems;
+import java.nio.file.Path;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+
+/**
+ * Functional test to verify : looking up ldap groups from directory
+ * and using them in acl authorization checks
+ *
+ */
+public class GatewayLdapDynamicGroupFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayLdapDynamicGroupFuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ public static String serviceUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+ Path path = FileSystems.getDefault().getPath(basedir, "/src/test/resources/users-dynamic.ldif");
+ driver.setupLdap( 0, path.toFile() );
+ setupGateway();
+ TestUtils.awaitNon404HttpStatus( new URL( serviceUrl ), 10000, 100 );
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ public static void setupGateway() throws IOException, Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+
+ /*
+ System.setProperty(GatewayConfig.GATEWAY_HOME_VAR, gatewayDir.getAbsolutePath());
+ System.err.println("GH 10: " + System.getProperty(GatewayConfig.GATEWAY_HOME_VAR));
+ ByteArrayOutputStream outContent = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outContent));
+ String[] argvals = {"create-alias", "ldcSystemPassword", "--value", "guest-password", "--master", "hadoop", "--cluster", "testdg-cluster"};
+ KnoxCLI cli = new KnoxCLI();
+ cli.setConf(new GatewayConfigImpl());
+ cli.run(argvals);
+
+ outContent.reset();
+ String[] args1 = {"list-alias", "--cluster", "testdg-cluster", "--master", "hadoop"};
+ cli = new KnoxCLI();
+ cli.run(args1);
+ System.err.println("ALIAS LIST: " + outContent.toString());
+
+ AliasService as1 = cli.getGatewayServices().getService(GatewayServices.ALIAS_SERVICE);
+ char[] passwordChars1 = as1.getPasswordFromAliasForCluster( "test-cluster", "ldcsystemPassword");
+ System.err.println("ALIAS value1: " + new String(passwordChars1));
+ */
+
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/testdg-cluster";
+ serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+
+ ///*
+ GatewayServices services = GatewayServer.getGatewayServices();
+ AliasService aliasService = (AliasService)services.getService(GatewayServices.ALIAS_SERVICE);
+ aliasService.addAliasForCluster("testdg-cluster", "ldcSystemPassword", "guest-password");
+
- char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
++ //char[] password1 = aliasService.getPasswordFromAliasForCluster( "testdg-cluster", "ldcSystemPassword");
+ //System.err.println("SETUP password 10: " + ((password1 == null) ? "NULL" : new String(password1)));
+
+ File descriptor = new File( topoDir, "testdg-cluster.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapGroupContextFactory" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory" )
+ .addTag( "value" ).addText( "$ldapGroupContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl())
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.authorizationEnabled" )
+ .addTag( "value" ).addText( "true" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemAuthenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.searchBase" )
+ .addTag( "value" ).addText( "ou=groups,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.groupObjectClass" )
+ .addTag( "value" ).addText( "groupofurls" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttribute" )
+ .addTag( "value" ).addText( "memberurl" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttributeValueTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemUsername" )
+ .addTag( "value" ).addText( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.clusterName" )
+ .addTag( "value" ).addText( "testdg-cluster" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemPassword" )
+ .addTag( "value" ).addText( "S{ALIAS=ldcSystemPassword}" )
+ // .addTag( "value" ).addText( "guest-password" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "name" ).addText( "AclsAuthz" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "test-service-role.acl" ) // FIXME[dilli]
+ .addTag( "value" ).addText( "*;directors;*" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "test-service-role" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ // @Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testGroupMember() throws ClassNotFoundException, Exception {
+ LOG_ENTER();
+ String username = "bob";
+ String password = "bob-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testNonGroupMember() throws ClassNotFoundException {
+ LOG_ENTER();
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_FORBIDDEN )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapGroupFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapGroupFuncTest.java
index 60e3250,0000000..37ee90c
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapGroupFuncTest.java
@@@ -1,283 -1,0 +1,283 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+
+/**
+ * Functional test to verify : looking up ldap groups from directory
+ * and using them in acl authorization checks
+ *
+ */
+public class GatewayLdapGroupFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayLdapGroupFuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ public static String serviceUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway();
+ TestUtils.awaitNon404HttpStatus( new URL( serviceUrl ), 10000, 100 );
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "true" );
+ options.put( "master", "hadoop" );
+
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+
+ /*
+ System.setProperty(GatewayConfig.GATEWAY_HOME_VAR, gatewayDir.getAbsolutePath());
+ System.err.println("GH 10: " + System.getProperty(GatewayConfig.GATEWAY_HOME_VAR));
+ ByteArrayOutputStream outContent = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outContent));
+ String[] argvals = {"create-alias", "ldcSystemPassword", "--value", "guest-password", "--master", "hadoop", "--cluster", "test-cluster"};
+ KnoxCLI cli = new KnoxCLI();
+ cli.setConf(new GatewayConfigImpl());
+ cli.run(argvals);
+
+ outContent.reset();
+ String[] args1 = {"list-alias", "--cluster", "test-cluster", "--master", "hadoop"};
+ cli = new KnoxCLI();
+ cli.run(args1);
+ System.err.println("ALIAS LIST: " + outContent.toString());
+
+ AliasService as1 = cli.getGatewayServices().getService(GatewayServices.ALIAS_SERVICE);
+ char[] passwordChars1 = as1.getPasswordFromAliasForCluster( "test-cluster", "ldcsystemPassword");
+ System.err.println("ALIAS value1: " + new String(passwordChars1));
+ */
+
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-cluster";
+ serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+
+ ///*
+ GatewayServices services = GatewayServer.getGatewayServices();
+ AliasService aliasService = (AliasService)services.getService(GatewayServices.ALIAS_SERVICE);
+ aliasService.addAliasForCluster("test-cluster", "ldcSystemPassword", "guest-password");
+
+ // char[] password1 = aliasService.getPasswordFromAliasForCluster( "test-cluster", "ldcSystemPassword");
+ //System.err.println("SETUP password 10: " + ((password1 == null) ? "NULL" : new String(password1)));
+
+ File descriptor = new File( topoDir, "test-cluster.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapGroupContextFactory" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory" )
+ .addTag( "value" ).addText( "$ldapGroupContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl())
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.authorizationEnabled" )
+ .addTag( "value" ).addText( "true" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemAuthenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.searchBase" )
+ .addTag( "value" ).addText( "ou=groups,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.groupObjectClass" )
+ .addTag( "value" ).addText( "groupofnames" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttribute" )
+ .addTag( "value" ).addText( "member" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttributeValueTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.clusterName" )
+ .addTag( "value" ).addText( "test-cluster" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemUsername" )
+ .addTag( "value" ).addText( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemPassword" )
+ .addTag( "value" ).addText( "S{ALIAS=ldcSystemPassword}" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "name" ).addText( "AclsAuthz" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "test-service-role.acl" ) // FIXME[dilli]
+ .addTag( "value" ).addText( "*;analyst;*" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "test-service-role" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ @Ignore
+ // @Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testGroupMember() throws ClassNotFoundException, Exception {
+ LOG_ENTER();
+ String username = "sam";
+ String password = "sam-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testNonGroupMember() throws ClassNotFoundException {
+ LOG_ENTER();
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_FORBIDDEN )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapPosixGroupFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapPosixGroupFuncTest.java
index f1dc3ad,0000000..b623f06
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapPosixGroupFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLdapPosixGroupFuncTest.java
@@@ -1,273 -1,0 +1,264 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.InetSocketAddress;
+import java.net.URL;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+/**
+ * Functional test to verify : looking up ldap groups from directory
+ * and using them in acl authorization checks
+ *
+ */
+@Category(ReleaseTest.class)
+public class GatewayLdapPosixGroupFuncTest {
+
- private static final Class<?> RESOURCE_BASE_CLASS = GatewayLdapPosixGroupFuncTest.class;
+ private static Logger LOG = LoggerFactory.getLogger( GatewayLdapPosixGroupFuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ public static String serviceUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ URL usersUrl = TestUtils.getResourceUrl( GatewayLdapPosixGroupFuncTest.class, "users.ldif" );
+ driver.setupLdap( 0, new File( usersUrl.toURI() ) );
+ setupGateway();
+ TestUtils.awaitNon404HttpStatus( new URL( serviceUrl ), 10000, 100 );
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "true" );
+ options.put( "master", "hadoop" );
+
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-cluster";
+ serviceUrl = clusterUrl + "/test-service-path/test-service-resource";
+
+ GatewayServices services = GatewayServer.getGatewayServices();
+ AliasService aliasService = (AliasService)services.getService(GatewayServices.ALIAS_SERVICE);
+ aliasService.addAliasForCluster("test-cluster", "ldcSystemPassword", "guest-password");
+
+ char[] password1 = aliasService.getPasswordFromAliasForCluster( "test-cluster", "ldcSystemPassword");
+
+ File descriptor = new File( topoDir, "test-cluster.xml" );
+ OutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapGroupContextFactory" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory" )
+ .addTag( "value" ).addText( "$ldapGroupContextFactory" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.authorizationEnabled" )
+ .addTag( "value" ).addText( "true" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemAuthenticationMechanism" )
+ .addTag( "value" ).addText( "simple" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.searchBase" )
+ .addTag( "value" ).addText( "ou=groups,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.groupObjectClass" )
+ .addTag( "value" ).addText( "posixGroup" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttribute" )
+ .addTag( "value" ).addText( "memberUid" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.memberAttributeValueTemplate" )
+ .addTag( "value" ).addText( "uid={0}" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.clusterName" )
+ .addTag( "value" ).addText( "test-cluster" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemUsername" )
+ .addTag( "value" ).addText( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.systemPassword" )
+ .addTag( "value" ).addText( "S{ALIAS=ldcSystemPassword}" )
+ .gotoParent().addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "name" ).addText( "AclsAuthz" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "test-service-role.acl" )
+ .addTag( "value" ).addText( "*;analyst;*" )
+
+ .gotoParent().gotoParent().addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "test-service-role" )
+ .gotoRoot();
+
+ return xml;
+ }
+
- private static String getResourceName( String resource ) {
- return getResourceBaseName() + resource;
- }
-
- private static String getResourceBaseName() {
- return RESOURCE_BASE_CLASS.getName().replaceAll( "\\.", "/" ) + "/";
- }
-
+ @Ignore
+ // @Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testGroupMember() throws ClassNotFoundException, Exception {
+ LOG_ENTER();
+ String username = "sam";
+ String password = "sam-password";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testNonGroupMember() throws ClassNotFoundException {
+ LOG_ENTER();
+ String username = "guest";
+ String password = "guest-password";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_FORBIDDEN )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLocalServiceFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayLocalServiceFuncTest.java
index 4ade255,0000000..442a767
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLocalServiceFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayLocalServiceFuncTest.java
@@@ -1,185 -1,0 +1,185 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.log.NoOpAppender;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.junit.Assert.assertThat;
+
+public class GatewayLocalServiceFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayTestDriver.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway();
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ FileUtils.deleteQuietly( new File( config.getGatewayConfDir() ) );
+ FileUtils.deleteQuietly( new File( config.getGatewayDataDir() ) );
+ NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ File descriptor = new File( topoDir, "cluster.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/cluster";
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .addTag( "provider" )
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "test-jersey-service-role" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testJerseyService() throws ClassNotFoundException {
+ LOG_ENTER();
+ assertThat( ClassLoader.getSystemClassLoader().loadClass( "org.glassfish.jersey.servlet.ServletContainer" ), notNullValue() );
+ assertThat( ClassLoader.getSystemClassLoader().loadClass(
+ "org.apache.knox.gateway.jersey.JerseyDispatchDeploymentContributor"), notNullValue() );
+ assertThat( ClassLoader.getSystemClassLoader().loadClass(
+ "org.apache.knox.gateway.jersey.JerseyServiceDeploymentContributorBase"), notNullValue() );
+ assertThat( ClassLoader.getSystemClassLoader().loadClass(
+ "org.apache.knox.gateway.TestJerseyService"), notNullValue() );
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/test-jersey-service/test-jersey-resource-path";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-jersey-resource-response" ) )
+ .when().get( serviceUrl );
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/416ee7c1/gateway-test/src/test/java/org/apache/knox/gateway/GatewayMultiFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayMultiFuncTest.java
index 01fdd84,0000000..6dc469c
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayMultiFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayMultiFuncTest.java
@@@ -1,443 -1,0 +1,443 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import java.io.File;
+import java.net.URL;
+import java.nio.charset.Charset;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.UUID;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.IOUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.topology.TopologyService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpHost;
+import org.apache.http.HttpStatus;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.client.AuthCache;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpPut;
+import org.apache.http.client.protocol.HttpClientContext;
+import org.apache.http.impl.auth.BasicScheme;
+import org.apache.http.impl.client.BasicAuthCache;
+import org.apache.http.impl.client.BasicCredentialsProvider;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.endsWith;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.core.Is.is;
+import static org.junit.Assert.assertThat;
+import static org.xmlmatchers.XmlMatchers.hasXPath;
+import static org.xmlmatchers.transform.XmlConverters.the;
+
+@Category(ReleaseTest.class)
+public class GatewayMultiFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayMultiFuncTest.class );
+ private static Class<?> DAT = GatewayMultiFuncTest.class;
+
+ private static Enumeration<Appender> appenders;
+ private static GatewayTestConfig config;
+ private static DefaultGatewayServices services;
+ private static GatewayServer gateway;
+ private static int gatewayPort;
+ private static String gatewayUrl;
+ private static TcpTransport ldapTransport;
+ private static Properties params;
+ private static TopologyService topos;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway();
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ LOG_EXIT();
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ config = new GatewayTestConfig();
+ config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ URL svcsFileUrl = TestUtils.getResourceUrl( DAT, "services/readme.txt" );
+ File svcsFile = new File( svcsFileUrl.getFile() );
+ File svcsDir = svcsFile.getParentFile();
+ config.setGatewayServicesDir( svcsDir.getAbsolutePath() );
+
+ URL appsFileUrl = TestUtils.getResourceUrl( DAT, "applications/readme.txt" );
+ File appsFile = new File( appsFileUrl.getFile() );
+ File appsDir = appsFile.getParentFile();
+ config.setGatewayApplicationsDir( appsDir.getAbsolutePath() );
+
+ File topoDir = new File( config.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ startGatewayServer();
+ }
+
+ public static void startGatewayServer() throws Exception {
+ services = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ services.init( config, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ topos = services.getService(GatewayServices.TOPOLOGY_SERVICE);
+
+ gateway = GatewayServer.startGateway( config, services );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ gatewayPort = gateway.getAddresses()[0].getPort();
+ gatewayUrl = "http://localhost:" + gatewayPort + "/" + config.getGatewayPath();
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ params = new Properties();
+ params.put( "LDAP_URL", driver.getLdapUrl() );
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testDefaultJsonMimeTypeHandlingKnox678() throws Exception {
+ LOG_ENTER();
+
+ MockServer mock = new MockServer( "REPEAT", true );
+
+ params = new Properties();
+ params.put( "LDAP_URL", driver.getLdapUrl() );
+ params.put( "MOCK_SERVER_PORT", mock.getPort() );
+
+ String topoStr = TestUtils.merge( DAT, "topologies/test-knox678-utf8-chars-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "knox678.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ String uname = "guest";
+ String pword = uname + "-password";
+
+ mock.expect().method( "GET" )
+ .respond().contentType( "application/json" ).contentLength( -1 ).content( "{\"msg\":\"H\u00eallo\"}", Charset.forName( "UTF-8" ) );
+ String json = given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/json; charset=UTF-8" )
+ .when().get( gatewayUrl + "/knox678/repeat" ).andReturn().asString();
+ assertThat( json, is("{\"msg\":\"H\u00eallo\"}") );
+ assertThat( mock.isEmpty(), is(true) );
+
+ mock.expect().method( "GET" )
+ .respond().contentType( "application/octet-stream" ).contentLength( -1 ).content( "H\u00eallo".getBytes() );
+ byte[] bytes = given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/octet-stream" )
+ .when().get( gatewayUrl + "/knox678/repeat" ).andReturn().asByteArray();
+ assertThat( bytes, is(equalTo("H\u00eallo".getBytes())) );
+ assertThat( mock.isEmpty(), is(true) );
+
+ mock.stop();
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testPostWithContentTypeKnox681() throws Exception {
+ LOG_ENTER();
+
+ MockServer mock = new MockServer( "REPEAT", true );
+
+ params = new Properties();
+ params.put( "MOCK_SERVER_PORT", mock.getPort() );
+ params.put( "LDAP_URL", driver.getLdapUrl() );
+
+ String topoStr = TestUtils.merge( DAT, "topologies/test-knox678-utf8-chars-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "knox681.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+
+ topos.reloadTopologies();
+
+ mock
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/repeat-context/" )
+ .respond()
+ .status( HttpStatus.SC_CREATED )
+ .content( "{\"name\":\"value\"}".getBytes() )
+ .contentLength( -1 )
+ .contentType( "application/json; charset=UTF-8" )
+ .header( "Location", gatewayUrl + "/knox681/repeat" );
+
+ String uname = "guest";
+ String pword = uname + "-password";
+
+ HttpHost targetHost = new HttpHost( "localhost", gatewayPort, "http" );
+ CredentialsProvider credsProvider = new BasicCredentialsProvider();
+ credsProvider.setCredentials(
+ new AuthScope( targetHost.getHostName(), targetHost.getPort() ),
+ new UsernamePasswordCredentials( uname, pword ) );
+
+ AuthCache authCache = new BasicAuthCache();
+ BasicScheme basicAuth = new BasicScheme();
+ authCache.put( targetHost, basicAuth );
+
+ HttpClientContext context = HttpClientContext.create();
+ context.setCredentialsProvider( credsProvider );
+ context.setAuthCache( authCache );
+
+ CloseableHttpClient client = HttpClients.createDefault();
+ HttpPut request = new HttpPut( gatewayUrl + "/knox681/repeat" );
+ request.addHeader( "X-XSRF-Header", "jksdhfkhdsf" );
+ request.addHeader( "Content-Type", "application/json" );
+ CloseableHttpResponse response = client.execute( request, context );
+ assertThat( response.getStatusLine().getStatusCode(), is( HttpStatus.SC_CREATED ) );
+ assertThat( response.getFirstHeader( "Location" ).getValue(), endsWith("/gateway/knox681/repeat" ) );
+ assertThat( response.getFirstHeader( "Content-Type" ).getValue(), is("application/json; charset=UTF-8") );
+ String body = new String( IOUtils.toByteArray( response.getEntity().getContent() ), Charset.forName( "UTF-8" ) );
+ assertThat( body, is( "{\"name\":\"value\"}" ) );
+ response.close();
+ client.close();
+
+ mock
+ .expect()
+ .method( "PUT" )
+ .pathInfo( "/repeat-context/" )
+ .respond()
+ .status( HttpStatus.SC_CREATED )
+ .content( "<test-xml/>".getBytes() )
+ .contentType( "application/xml; charset=UTF-8" )
+ .header( "Location", gatewayUrl + "/knox681/repeat" );
+
+ client = HttpClients.createDefault();
+ request = new HttpPut( gatewayUrl + "/knox681/repeat" );
+ request.addHeader( "X-XSRF-Header", "jksdhfkhdsf" );
+ request.addHeader( "Content-Type", "application/xml" );
+ response = client.execute( request, context );
+ assertThat( response.getStatusLine().getStatusCode(), is( HttpStatus.SC_CREATED ) );
+ assertThat( response.getFirstHeader( "Location" ).getValue(), endsWith("/gateway/knox681/repeat" ) );
+ assertThat( response.getFirstHeader( "Content-Type" ).getValue(), is("application/xml; charset=UTF-8") );
+ body = new String( IOUtils.toByteArray( response.getEntity().getContent() ), Charset.forName( "UTF-8" ) );
+ assertThat( the(body), hasXPath( "/test-xml" ) );
+ response.close();
+ client.close();
+
+ mock.stop();
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testLdapSearchConfigEnhancementsKnox694() throws Exception {
+ LOG_ENTER();
+
+ String topoStr;
+ File topoFile;
+
+ String adminUName = "uid=admin,ou=people,dc=hadoop,dc=apache,dc=org";
+ String adminPWord = "admin-password";
+ String uname = "people\\guest";
+ String pword = "guest-password";
+ String invalidPword = "invalid-guest-password";
+
+ params = new Properties();
+ params.put( "LDAP_URL", driver.getLdapUrl() );
+ params.put( "LDAP_SYSTEM_USERNAME", adminUName );
+ params.put( "LDAP_SYSTEM_PASSWORD", adminPWord );
+
+ topoStr = TestUtils.merge( DAT, "topologies/test-knox694-principal-regex-user-dn-template.xml", params );
+ topoFile = new File( config.getGatewayTopologyDir(), "knox694-1.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( gatewayUrl + "/knox694-1/test-service-path/test-resource-path" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, invalidPword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( gatewayUrl + "/knox694-1/test-service-path/test-resource-path" );
+
+ topoStr = TestUtils.merge( DAT, "topologies/test-knox694-principal-regex-search-attribute.xml", params );
+ topoFile = new File( config.getGatewayTopologyDir(), "knox694-2.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( gatewayUrl + "/knox694-2/test-service-path/test-resource-path" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, invalidPword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( gatewayUrl + "/knox694-2/test-service-path/test-resource-path" );
+
+ topoStr = TestUtils.merge( DAT, "topologies/test-knox694-principal-regex-search-filter.xml", params );
+ topoFile = new File( config.getGatewayTopologyDir(), "knox694-3.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( gatewayUrl + "/knox694-3/test-service-path/test-resource-path" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, invalidPword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( gatewayUrl + "/knox694-3/test-service-path/test-resource-path" );
+
+ topoStr = TestUtils.merge( DAT, "topologies/test-knox694-principal-regex-search-scope-object.xml", params );
+ topoFile = new File( config.getGatewayTopologyDir(), "knox694-4.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( gatewayUrl + "/knox694-4/test-service-path/test-resource-path" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, invalidPword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( gatewayUrl + "/knox694-4/test-service-path/test-resource-path" );
+
+ topoStr = TestUtils.merge( DAT, "topologies/test-knox694-principal-regex-search-scope-onelevel-positive.xml", params );
+ topoFile = new File( config.getGatewayTopologyDir(), "knox694-5.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .body( is( "test-service-response" ) )
+ .when().get( gatewayUrl + "/knox694-5/test-service-path/test-resource-path" );
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, invalidPword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( gatewayUrl + "/knox694-5/test-service-path/test-resource-path" );
+
+ topoStr = TestUtils.merge( DAT, "topologies/test-knox694-principal-regex-search-scope-onelevel-negative.xml", params );
+ topoFile = new File( config.getGatewayTopologyDir(), "knox694-6.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( uname, pword )
- .expect()
++ .then()
+ //.log().all()
+ .statusCode( HttpStatus.SC_UNAUTHORIZED )
+ .when().get( gatewayUrl + "/knox694-6/test-service-path/test-resource-path" );
+
+ LOG_EXIT();
+ }
+
+}
+
+
[05/12] knox git commit: KNOX-1042 - Fix test timeout (Phil Zampino
via Sandeep More)
Posted by mo...@apache.org.
KNOX-1042 - Fix test timeout (Phil Zampino via Sandeep More)
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/a5a88258
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/a5a88258
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/a5a88258
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: a5a88258b82d8451710d048eba94a39cbd4da343
Parents: 3557612
Author: Sandeep More <mo...@apache.org>
Authored: Tue Sep 19 14:12:08 2017 -0400
Committer: Sandeep More <mo...@apache.org>
Committed: Tue Sep 19 14:12:08 2017 -0400
----------------------------------------------------------------------
.../test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/a5a88258/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
index b65575e..c365fb0 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayAppFuncTest.java
@@ -548,7 +548,7 @@ public class GatewayAppFuncTest {
LOG_EXIT();
}
- @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
public void testDefaultTopology() throws Exception {
LOG_ENTER();