You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ac...@apache.org on 2018/06/29 13:32:08 UTC
[camel] branch camel-2.21.x updated: CAMEL-12602: Fixing issue with
basic authentication
This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch camel-2.21.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-2.21.x by this push:
new f791d48 CAMEL-12602: Fixing issue with basic authentication
f791d48 is described below
commit f791d483d309f1466282a91c75591c9066a8d9f8
Author: Ricardo Zanini <ri...@gmail.com>
AuthorDate: Wed Jun 27 20:50:04 2018 -0300
CAMEL-12602: Fixing issue with basic authentication
---
.../src/main/docs/wordpress-component.adoc | 2 +-
.../wordpress/api/WordpressServiceProvider.java | 1 +
.../api/auth/WordpressBasicAuthentication.java | 9 +++++++-
.../impl/AbstractWordpressServiceAdapter.java | 7 +++---
.../impl/WordpressServicePostsAdapterTest.java | 3 +++
.../WordpressServiceUsersAdapterTest.java | 5 +++-
.../test/WordpressServerHttpRequestHandler.java | 27 ++++++++++++++++++++++
7 files changed, 47 insertions(+), 7 deletions(-)
diff --git a/components/camel-wordpress/src/main/docs/wordpress-component.adoc b/components/camel-wordpress/src/main/docs/wordpress-component.adoc
index 17b2a20..4879e4c 100644
--- a/components/camel-wordpress/src/main/docs/wordpress-component.adoc
+++ b/components/camel-wordpress/src/main/docs/wordpress-component.adoc
@@ -77,7 +77,7 @@ The `WordpressConfiguration` class can be used to set initial properties configu
----
public void configure() {
final WordpressConfiguration configuration = new WordpressConfiguration();
- final WordpressComponent component = new WordpressComponent();
+ final WordpressComponentConfiguration component = new WordpressComponentConfiguration();
configuration.setApiVersion("2");
configuration.setUrl("http://yoursite.com/wp-json/");
component.setConfiguration(configuration);
diff --git a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java
index 4954623..98c827c 100644
--- a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java
+++ b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java
@@ -71,6 +71,7 @@ public final class WordpressServiceProvider {
this.services = new HashMap<>();
this.services.put(WordpressServicePosts.class, servicePosts);
this.services.put(WordpressServiceUsers.class, serviceUsers);
+ this.configuration = config;
LOGGER.info("Wordpress Service Provider initialized using base URL: {}, API Version {}", config.getApiUrl(), config.getApiVersion());
}
diff --git a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java
index 6f63c48..78b92aa 100644
--- a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java
+++ b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java
@@ -19,6 +19,8 @@ package org.apache.camel.component.wordpress.api.auth;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.jaxrs.client.ClientConfiguration;
import org.apache.cxf.jaxrs.client.WebClient;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
* Basic Authentication implementation for Wordpress authentication mechanism. Should be used only on tested environments due to lack of security. Be aware that credentials will be passed over each
@@ -30,6 +32,8 @@ import org.apache.cxf.jaxrs.client.WebClient;
*/
public class WordpressBasicAuthentication extends BaseWordpressAuthentication {
+ private static final Logger LOGGER = LoggerFactory.getLogger(BaseWordpressAuthentication.class);
+
public WordpressBasicAuthentication() {
}
@@ -45,8 +49,11 @@ public class WordpressBasicAuthentication extends BaseWordpressAuthentication {
@Override
public void configureAuthentication(Object api) {
if (isCredentialsSet()) {
- final String authorizationHeader = String.format("Basic ", Base64Utility.encode(String.format("%s:%s", this.username, this.password).getBytes()));
+ final String authorizationHeader = String.format("Basic %s", Base64Utility.encode(String.format("%s:%s", this.username, this.password).getBytes()));
+ LOGGER.info("Credentials set for user {}", username);
WebClient.client(api).header("Authorization", authorizationHeader);
+ } else {
+ LOGGER.warn("Credentials not set because username or password are empty.");
}
}
diff --git a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java
index 59037e8..5ba844f 100644
--- a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java
+++ b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java
@@ -57,10 +57,6 @@ abstract class AbstractWordpressServiceAdapter<A> implements WordpressService {
WebClient.getConfig(spi).getInInterceptors().add(new LoggingInInterceptor());
WebClient.getConfig(spi).getOutInterceptors().add(new LoggingOutInterceptor());
- if (this.authentication != null) {
- this.authentication.configureAuthentication(spi);
- }
-
LOGGER.info("******* {} API initialized *********", spi.getClass().getSimpleName());
}
@@ -77,5 +73,8 @@ abstract class AbstractWordpressServiceAdapter<A> implements WordpressService {
@Override
public final void setWordpressAuthentication(WordpressAuthentication authentication) {
this.authentication = authentication;
+ if (this.authentication != null) {
+ this.authentication.configureAuthentication(spi);
+ }
}
}
diff --git a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java
index 9adfd6a..ca49e6e 100644
--- a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java
+++ b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java
@@ -17,12 +17,14 @@
package org.apache.camel.component.wordpress.api.service.impl;
import java.util.List;
+import org.apache.camel.component.wordpress.api.auth.WordpressBasicAuthentication;
import org.apache.camel.component.wordpress.api.model.Content;
import org.apache.camel.component.wordpress.api.model.Format;
import org.apache.camel.component.wordpress.api.model.Post;
import org.apache.camel.component.wordpress.api.model.PostSearchCriteria;
import org.apache.camel.component.wordpress.api.service.WordpressServicePosts;
import org.apache.camel.component.wordpress.api.test.WordpressMockServerTestSupport;
+import org.apache.camel.component.wordpress.api.test.WordpressServerHttpRequestHandler;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.hamcrest.CoreMatchers.is;
@@ -39,6 +41,7 @@ public class WordpressServicePostsAdapterTest extends WordpressMockServerTestSup
@BeforeClass
public static void before() {
servicePosts = serviceProvider.getService(WordpressServicePosts.class);
+ servicePosts.setWordpressAuthentication(new WordpressBasicAuthentication(WordpressServerHttpRequestHandler.USERNAME, WordpressServerHttpRequestHandler.PASSWORD));
}
@Test
diff --git a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/ignored/WordpressServiceUsersAdapterTest.java b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServiceUsersAdapterTest.java
similarity index 87%
rename from components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/ignored/WordpressServiceUsersAdapterTest.java
rename to components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServiceUsersAdapterTest.java
index c4ba5a5..c9c69c1 100644
--- a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/ignored/WordpressServiceUsersAdapterTest.java
+++ b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServiceUsersAdapterTest.java
@@ -14,13 +14,15 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.camel.component.wordpress.api.service.impl.ignored;
+package org.apache.camel.component.wordpress.api.service.impl;
import java.util.List;
+import org.apache.camel.component.wordpress.api.auth.WordpressBasicAuthentication;
import org.apache.camel.component.wordpress.api.model.User;
import org.apache.camel.component.wordpress.api.model.UserSearchCriteria;
import org.apache.camel.component.wordpress.api.service.WordpressServiceUsers;
import org.apache.camel.component.wordpress.api.test.WordpressMockServerTestSupport;
+import org.apache.camel.component.wordpress.api.test.WordpressServerHttpRequestHandler;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.hamcrest.CoreMatchers.is;
@@ -37,6 +39,7 @@ public class WordpressServiceUsersAdapterTest extends WordpressMockServerTestSup
@BeforeClass
public static void before() {
serviceUsers = serviceProvider.getService(WordpressServiceUsers.class);
+ serviceUsers.setWordpressAuthentication(new WordpressBasicAuthentication(WordpressServerHttpRequestHandler.USERNAME, WordpressServerHttpRequestHandler.PASSWORD));
}
@Test
diff --git a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java
index 4d5482b..d68c693 100644
--- a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java
+++ b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java
@@ -17,9 +17,12 @@
package org.apache.camel.component.wordpress.api.test;
import java.io.IOException;
+import java.nio.charset.Charset;
+import java.util.Base64;
import java.util.Collections;
import java.util.Map;
import org.apache.cxf.helpers.IOUtils;
+import org.apache.http.Header;
import org.apache.http.HttpException;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
@@ -33,6 +36,9 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class WordpressServerHttpRequestHandler implements HttpRequestHandler {
+
+ public static final String USERNAME = "ben";
+ public static final String PASSWORD = "password123";
private static final Logger LOGGER = LoggerFactory.getLogger(WordpressServerHttpRequestHandler.class);
@@ -50,6 +56,12 @@ public class WordpressServerHttpRequestHandler implements HttpRequestHandler {
public void handle(HttpRequest request, HttpResponse response, HttpContext context) throws HttpException, IOException {
LOGGER.debug("received request {}", request);
final HttpRequestWrapper requestWrapper = HttpRequestWrapper.wrap(request);
+ // make sure that our writing operations have authentication header
+ if (!authenticate(requestWrapper)) {
+ response.setStatusCode(HttpStatus.SC_FORBIDDEN);
+ response.setEntity(new StringEntity("Forbidden", ContentType.TEXT_PLAIN));
+ return;
+ }
final String responseBody = IOUtils.toString(this.getClass().getResourceAsStream(mockResourceJsonResponse.get(requestWrapper.getMethod())));
if (responseBody == null) {
LOGGER.warn("Resource not found on {}. Response body null.", mockResourceJsonResponse);
@@ -58,4 +70,19 @@ public class WordpressServerHttpRequestHandler implements HttpRequestHandler {
response.setEntity(new StringEntity(responseBody, ContentType.APPLICATION_JSON));
}
+ private boolean authenticate(HttpRequestWrapper request) {
+ // read operations don't need to authenticate
+ if (request.getMethod().contentEquals("GET")) {
+ return true;
+ }
+ for (Header authorizationHeader : request.getHeaders("Authorization")) {
+ // Authorization: Basic base64credentials
+ String base64Credentials = authorizationHeader.getValue().substring("Basic".length()).trim();
+ String credentials = new String(Base64.getDecoder().decode(base64Credentials), Charset.forName("UTF-8"));
+ // credentials = username:password
+ final String[] values = credentials.split(":", 2);
+ return USERNAME.equals(values[0]) && PASSWORD.equals(values[1]);
+ }
+ return false;
+ }
}