You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@lucene.apache.org by GitBox <gi...@apache.org> on 2021/02/25 20:54:53 UTC

[GitHub] [lucene-solr] madrob commented on a change in pull request #2430: SOLR-15194: relax requirements and allow http urls.

madrob commented on a change in pull request #2430:
URL: https://github.com/apache/lucene-solr/pull/2430#discussion_r583170235



##########
File path: solr/core/src/test/org/apache/solr/security/JWTIssuerConfigTest.java
##########
@@ -125,6 +128,31 @@ public void parseIssuerConfigExplicit() {
     assertEquals("https://host/jwk", issuerConfig.getJwksUrls().get(0));
   }
 
+  @Test
+  public void jwksUrlwithHttpLogsaWarning() {
+    HashMap<String, Object> issuerConfigMap = new HashMap<>();
+    issuerConfigMap.put("name", "myName");
+    issuerConfigMap.put("iss", "myIss");
+    issuerConfigMap.put("jwksUrl", "http://host/jwk");
+
+    JWTIssuerConfig issuerConfig = new JWTIssuerConfig(issuerConfigMap);
+
+    LogWatcherConfig watcherCfg = new LogWatcherConfig(true, null, "WARN", 100);
+    @SuppressWarnings({"rawtypes"})
+    LogWatcher watcher = LogWatcher.newRegisteredLogWatcher(watcherCfg, null);
+    
+    assertEquals(1, issuerConfig.getHttpsJwks().size());
+    assertEquals("http://host/jwk", issuerConfig.getHttpsJwks().get(0).getLocation());
+
+      
+    SolrDocumentList history = watcher.getHistory(-1, null);
+    
+    if (history.stream().filter(d -> "org.apache.solr.security.JWTIssuerConfig".equals(d.getFirstValue("logger"))).count() == 0) {

Review comment:
       `assertTrue(msg, history.stream().findFirst(d -> ...).isPresent())`

##########
File path: solr/core/src/test/org/apache/solr/security/JWTIssuerConfigTest.java
##########
@@ -144,13 +172,29 @@ public void wellKnownConfigFromString() throws IOException {
     assertEquals(Arrays.asList("code", "code id_token", "code token", "code id_token token", "token", "id_token", "id_token token"), config.getResponseTypesSupported());
   }
 
-  @Test(expected = SolrException.class)
-  public void wellKnownConfigNotHttps() {
-    JWTIssuerConfig.WellKnownDiscoveryConfig.parse("http://127.0.0.1:45678/.well-known/config");
+  @Test
+  public void wellKnownConfigWithHttpLogsAWarning() {
+    
+    LogWatcherConfig watcherCfg = new LogWatcherConfig(true, null, "WARN", 100);
+    @SuppressWarnings({"rawtypes"})
+    LogWatcher watcher = LogWatcher.newRegisteredLogWatcher(watcherCfg, null);
+    
+    watcher.reset();
+    
+    // currently we throw an exception because we can't open a connection to this fake url and can't mock it.
+    expectThrows(SolrException.class, () -> JWTIssuerConfig.WellKnownDiscoveryConfig.parse("http://127.0.0.1:45678/.well-known/config"));

Review comment:
       Store the exception returned and assert something about it, there are lots of different solr exceptions that can get thrown. Is this the same test as `wellKnownConfigNotReachable`?




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org