You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by mo...@apache.org on 2017/09/01 13:17:31 UTC
[33/64] [partial] knox git commit: KNOX-998 - Refactoring save 1
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java
deleted file mode 100644
index 9a9d0c7..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Arrays;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.hadoop.gateway.encrypturi.EncryptStepContextParams;
-import org.apache.hadoop.gateway.encrypturi.api.DecryptUriDescriptor;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteContext;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.EncryptionResult;
-import org.apache.hadoop.gateway.util.urltemplate.Expander;
-import org.apache.hadoop.gateway.util.urltemplate.Parser;
-import org.apache.hadoop.gateway.util.urltemplate.Template;
-
-public class DecryptUriProcessor
- implements UrlRewriteStepProcessor<DecryptUriDescriptor> {
-
- private String clusterName;
- private CryptoService cryptoService;
- private String param;
-
- @Override
- public String getType() {
- return DecryptUriDescriptor.STEP_NAME;
- }
-
- @Override
- public void initialize( UrlRewriteEnvironment environment, DecryptUriDescriptor descriptor ) throws Exception {
- clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
- GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
- cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
- param = descriptor.getParam();
- }
-
- @Override
- public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
- if( param != null && !param.isEmpty() ) {
- Template template = Parser.parseTemplate( "{" + param + "}" );
- String resolvedTemplate = Expander.expandToString( template, context.getParameters(), context.getEvaluator() );
- String url = decode( resolvedTemplate );
- EncryptStepContextParams params = new EncryptStepContextParams();
- params.addParam( param, Arrays.asList( url ) );
- context.addParameters( params );
- return UrlRewriteStepStatus.SUCCESS;
- }
- return UrlRewriteStepStatus.FAILURE;
- }
-
- @Override
- public void destroy() {
- }
-
- private String decode( String string ) throws UnsupportedEncodingException {
- byte[] bytes = Base64.decodeBase64( string );
- EncryptionResult result = EncryptionResult.fromByteArray(bytes);
- byte[] clear = cryptoService.decryptForCluster(clusterName,
- EncryptUriDescriptor.PASSWORD_ALIAS,
- result.cipher,
- result.iv,
- result.salt);
- if (clear != null) {
- return new String(clear);
- }
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
deleted file mode 100644
index 622fdff..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import org.apache.hadoop.gateway.deploy.DeploymentContext;
-import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor;
-import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributorBase;
-import org.apache.hadoop.gateway.descriptor.FilterParamDescriptor;
-import org.apache.hadoop.gateway.descriptor.ResourceDescriptor;
-import org.apache.hadoop.gateway.encrypturi.EncryptUriMessages;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;
-import org.apache.hadoop.gateway.services.security.AliasService;
-import org.apache.hadoop.gateway.services.security.AliasServiceException;
-import org.apache.hadoop.gateway.topology.Provider;
-import org.apache.hadoop.gateway.topology.Service;
-
-import java.util.List;
-
-public class EncryptUriDeploymentContributor
- extends ProviderDeploymentContributorBase
- implements ProviderDeploymentContributor {
-
- private static EncryptUriMessages log = MessagesFactory.get( EncryptUriMessages.class );
- public static final String PROVIDER_ROLE_NAME = "encrypt";
- public static final String PROVIDER_IMPL_NAME = "default";
- private AliasService as;
-
- @Override
- public String getRole() {
- return PROVIDER_ROLE_NAME;
- }
-
- @Override
- public String getName() {
- return PROVIDER_IMPL_NAME;
- }
-
- public void setAliasService(AliasService as) {
- this.as = as;
- }
-
- @Override
- public void initializeContribution(DeploymentContext context) {
- super.initializeContribution(context);
-
- String clusterName = context.getTopology().getName();
-
- // we don't want to overwrite an existing alias from a previous topology deployment
- // so we can't just blindly generateAlias here.
- // this version of getPassword will generate a value for it only if missing
- try {
- this.as.getPasswordFromAliasForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, true);
- } catch (AliasServiceException e) {
- log.unableCreatePasswordForEncryption(e);
- }
- }
-
- @Override
- public void contributeProvider( DeploymentContext context, Provider provider ) {
- }
-
- @Override
- public void contributeFilter(
- DeploymentContext context,
- Provider provider,
- Service service,
- ResourceDescriptor resource,
- List<FilterParamDescriptor> params ) {
- }
-
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java
deleted file mode 100644
index 2b0554e..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Arrays;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.hadoop.gateway.encrypturi.EncryptStepContextParams;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteContext;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.EncryptionResult;
-import org.apache.hadoop.gateway.util.urltemplate.Expander;
-import org.apache.hadoop.gateway.util.urltemplate.Parser;
-import org.apache.hadoop.gateway.util.urltemplate.Template;
-
-public class EncryptUriProcessor
- implements UrlRewriteStepProcessor<EncryptUriDescriptor> {
-
- private String clusterName;
- private CryptoService cryptoService;
- private String template;
- private String param;
-
- @Override
- public String getType() {
- return EncryptUriDescriptor.STEP_NAME;
- }
-
- @Override
- public void initialize( UrlRewriteEnvironment environment, EncryptUriDescriptor descriptor ) throws Exception {
- clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
- GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
- cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
- template = descriptor.getTemplate();
- param = descriptor.getParam();
- }
-
- @Override
- public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
- if( param != null && !param.isEmpty() && template != null && !template.isEmpty() ) {
- Template uri = Parser.parseTemplate( template );
- String resolvedTemplate = Expander.expandToString( uri, context.getParameters(), context.getEvaluator() );
- if( resolvedTemplate != null && !resolvedTemplate.isEmpty() ) {
- String endcoedUrl = encode( resolvedTemplate );
- EncryptStepContextParams params = new EncryptStepContextParams();
- params.addParam( param, Arrays.asList( endcoedUrl ) );
- context.addParameters( params );
- return UrlRewriteStepStatus.SUCCESS;
- }
- }
- return UrlRewriteStepStatus.FAILURE;
- }
-
- @Override
- public void destroy() {
- }
-
- private String encode( String string ) throws UnsupportedEncodingException {
- EncryptionResult result = cryptoService.encryptForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, string.getBytes("UTF-8"));
- string = Base64.encodeBase64URLSafeString(result.toByteAray());
- return string;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java
new file mode 100644
index 0000000..919660a
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.knox.gateway.util.urltemplate.Params;
+
+public class EncryptStepContextParams implements Params {
+ Map<String, List<String>> params = new HashMap<>();
+
+ public EncryptStepContextParams() {
+ }
+
+ @Override
+ public List<String> resolve( String name ) {
+ return params.get( name );
+ }
+
+ @Override
+ public Set<String> getNames() {
+ return params.keySet();
+ }
+
+ public void addParam( String name, List<String> values ) {
+ params.put( name, values );
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java
new file mode 100644
index 0000000..afcc384
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi;
+
+import org.apache.knox.gateway.i18n.messages.Message;
+import org.apache.knox.gateway.i18n.messages.MessageLevel;
+import org.apache.knox.gateway.i18n.messages.Messages;
+import org.apache.knox.gateway.i18n.messages.StackTrace;
+
+@Messages(logger="org.apache.hadoop.gateway.encrypturi")
+public interface EncryptUriMessages {
+
+ @Message( level = MessageLevel.ERROR, text = "Failed to create or verify the presence of a password for URL encryption: {0}" )
+ void unableCreatePasswordForEncryption(@StackTrace( level = MessageLevel.DEBUG ) Exception e);
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java
new file mode 100644
index 0000000..886e181
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import org.apache.knox.gateway.filter.rewrite.ext.UrlRewriteActionDescriptor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteActionDescriptorBase;
+
+public class DecryptUriDescriptor extends UrlRewriteActionDescriptorBase
+ implements UrlRewriteActionDescriptor {
+ public static final String STEP_NAME = "decrypt";
+ private String param;
+
+ public DecryptUriDescriptor() {
+ super( STEP_NAME );
+ }
+
+ public String getParam() {
+ return param;
+ }
+
+ public void setParam( String param ) {
+ this.param = param;
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java
new file mode 100644
index 0000000..7dbae0a
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import org.apache.knox.gateway.filter.rewrite.ext.UrlRewriteActionDescriptor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteActionDescriptorBase;
+
+public class EncryptUriDescriptor extends UrlRewriteActionDescriptorBase
+ implements UrlRewriteActionDescriptor {
+ public static final String STEP_NAME = "encrypt";
+ public static final String PASSWORD_ALIAS = "encryptQueryString";
+ private String template;
+ private String param;
+
+ public EncryptUriDescriptor() {
+ super( STEP_NAME );
+ }
+
+ public String getTemplate() {
+ return template;
+ }
+
+ public void setTemplate( String template ) {
+ this.template = template;
+ }
+
+ public String getParam() {
+ return param;
+ }
+
+ public void setParam( String param ) {
+ this.param = param;
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java
new file mode 100644
index 0000000..c1b2e8e
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java
@@ -0,0 +1,90 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.knox.gateway.encrypturi.EncryptStepContextParams;
+import org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.EncryptionResult;
+import org.apache.knox.gateway.util.urltemplate.Expander;
+import org.apache.knox.gateway.util.urltemplate.Parser;
+import org.apache.knox.gateway.util.urltemplate.Template;
+
+public class DecryptUriProcessor
+ implements UrlRewriteStepProcessor<DecryptUriDescriptor> {
+
+ private String clusterName;
+ private CryptoService cryptoService;
+ private String param;
+
+ @Override
+ public String getType() {
+ return DecryptUriDescriptor.STEP_NAME;
+ }
+
+ @Override
+ public void initialize( UrlRewriteEnvironment environment, DecryptUriDescriptor descriptor ) throws Exception {
+ clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
+ GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
+ cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
+ param = descriptor.getParam();
+ }
+
+ @Override
+ public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
+ if( param != null && !param.isEmpty() ) {
+ Template template = Parser.parseTemplate( "{" + param + "}" );
+ String resolvedTemplate = Expander
+ .expandToString( template, context.getParameters(), context.getEvaluator() );
+ String url = decode( resolvedTemplate );
+ EncryptStepContextParams params = new EncryptStepContextParams();
+ params.addParam( param, Arrays.asList( url ) );
+ context.addParameters( params );
+ return UrlRewriteStepStatus.SUCCESS;
+ }
+ return UrlRewriteStepStatus.FAILURE;
+ }
+
+ @Override
+ public void destroy() {
+ }
+
+ private String decode( String string ) throws UnsupportedEncodingException {
+ byte[] bytes = Base64.decodeBase64( string );
+ EncryptionResult result = EncryptionResult.fromByteArray(bytes);
+ byte[] clear = cryptoService.decryptForCluster(clusterName,
+ EncryptUriDescriptor.PASSWORD_ALIAS,
+ result.cipher,
+ result.iv,
+ result.salt);
+ if (clear != null) {
+ return new String(clear);
+ }
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
new file mode 100644
index 0000000..b3ac725
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
@@ -0,0 +1,87 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import org.apache.knox.gateway.deploy.DeploymentContext;
+import org.apache.knox.gateway.deploy.ProviderDeploymentContributor;
+import org.apache.knox.gateway.deploy.ProviderDeploymentContributorBase;
+import org.apache.knox.gateway.descriptor.FilterParamDescriptor;
+import org.apache.knox.gateway.descriptor.ResourceDescriptor;
+import org.apache.knox.gateway.encrypturi.EncryptUriMessages;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.i18n.messages.MessagesFactory;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.AliasServiceException;
+import org.apache.knox.gateway.topology.Provider;
+import org.apache.knox.gateway.topology.Service;
+
+import java.util.List;
+
+public class EncryptUriDeploymentContributor
+ extends ProviderDeploymentContributorBase
+ implements ProviderDeploymentContributor {
+
+ private static EncryptUriMessages log = MessagesFactory.get( EncryptUriMessages.class );
+ public static final String PROVIDER_ROLE_NAME = "encrypt";
+ public static final String PROVIDER_IMPL_NAME = "default";
+ private AliasService as;
+
+ @Override
+ public String getRole() {
+ return PROVIDER_ROLE_NAME;
+ }
+
+ @Override
+ public String getName() {
+ return PROVIDER_IMPL_NAME;
+ }
+
+ public void setAliasService(AliasService as) {
+ this.as = as;
+ }
+
+ @Override
+ public void initializeContribution(DeploymentContext context) {
+ super.initializeContribution(context);
+
+ String clusterName = context.getTopology().getName();
+
+ // we don't want to overwrite an existing alias from a previous topology deployment
+ // so we can't just blindly generateAlias here.
+ // this version of getPassword will generate a value for it only if missing
+ try {
+ this.as.getPasswordFromAliasForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, true);
+ } catch (AliasServiceException e) {
+ log.unableCreatePasswordForEncryption(e);
+ }
+ }
+
+ @Override
+ public void contributeProvider( DeploymentContext context, Provider provider ) {
+ }
+
+ @Override
+ public void contributeFilter(
+ DeploymentContext context,
+ Provider provider,
+ Service service,
+ ResourceDescriptor resource,
+ List<FilterParamDescriptor> params ) {
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java
new file mode 100644
index 0000000..413ddfc
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java
@@ -0,0 +1,86 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.knox.gateway.encrypturi.EncryptStepContextParams;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.EncryptionResult;
+import org.apache.knox.gateway.util.urltemplate.Expander;
+import org.apache.knox.gateway.util.urltemplate.Parser;
+import org.apache.knox.gateway.util.urltemplate.Template;
+
+public class EncryptUriProcessor
+ implements UrlRewriteStepProcessor<EncryptUriDescriptor> {
+
+ private String clusterName;
+ private CryptoService cryptoService;
+ private String template;
+ private String param;
+
+ @Override
+ public String getType() {
+ return EncryptUriDescriptor.STEP_NAME;
+ }
+
+ @Override
+ public void initialize( UrlRewriteEnvironment environment, EncryptUriDescriptor descriptor ) throws Exception {
+ clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
+ GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
+ cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
+ template = descriptor.getTemplate();
+ param = descriptor.getParam();
+ }
+
+ @Override
+ public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
+ if( param != null && !param.isEmpty() && template != null && !template.isEmpty() ) {
+ Template uri = Parser.parseTemplate( template );
+ String resolvedTemplate = Expander
+ .expandToString( uri, context.getParameters(), context.getEvaluator() );
+ if( resolvedTemplate != null && !resolvedTemplate.isEmpty() ) {
+ String endcoedUrl = encode( resolvedTemplate );
+ EncryptStepContextParams params = new EncryptStepContextParams();
+ params.addParam( param, Arrays.asList( endcoedUrl ) );
+ context.addParameters( params );
+ return UrlRewriteStepStatus.SUCCESS;
+ }
+ }
+ return UrlRewriteStepStatus.FAILURE;
+ }
+
+ @Override
+ public void destroy() {
+ }
+
+ private String encode( String string ) throws UnsupportedEncodingException {
+ EncryptionResult result = cryptoService.encryptForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, string.getBytes("UTF-8"));
+ string = Base64.encodeBase64URLSafeString(result.toByteAray());
+ return string;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor
deleted file mode 100644
index 328b0a0..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor
+++ /dev/null
@@ -1,19 +0,0 @@
-##########################################################################
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##########################################################################
-
-org.apache.hadoop.gateway.encrypturi.impl.EncryptUriDeploymentContributor
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
deleted file mode 100644
index 1404210..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
+++ /dev/null
@@ -1,20 +0,0 @@
-##########################################################################
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##########################################################################
-
-org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor
-org.apache.hadoop.gateway.encrypturi.api.DecryptUriDescriptor
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
deleted file mode 100644
index 14bd1d5..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
+++ /dev/null
@@ -1,20 +0,0 @@
-##########################################################################
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##########################################################################
-
-org.apache.hadoop.gateway.encrypturi.impl.EncryptUriProcessor
-org.apache.hadoop.gateway.encrypturi.impl.DecryptUriProcessor
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor
new file mode 100644
index 0000000..2486c9b
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor
@@ -0,0 +1,19 @@
+##########################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##########################################################################
+
+org.apache.knox.gateway.encrypturi.impl.EncryptUriDeploymentContributor
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
new file mode 100644
index 0000000..c7f1465
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
@@ -0,0 +1,20 @@
+##########################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##########################################################################
+
+org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor
+org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
new file mode 100644
index 0000000..2678c6d
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
@@ -0,0 +1,20 @@
+##########################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##########################################################################
+
+org.apache.knox.gateway.encrypturi.impl.EncryptUriProcessor
+org.apache.knox.gateway.encrypturi.impl.DecryptUriProcessor
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java
deleted file mode 100644
index c51bbd7..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.api;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.nullValue;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.fail;
-
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
-import org.junit.Test;
-
-public class DecryptUriDescriptorTest {
-
- @Test
- @SuppressWarnings("rawtypes")
- public void testServiceLoader() throws Exception {
- ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
- Iterator iterator = loader.iterator();
- assertThat( "Service iterator empty.", iterator.hasNext() );
- while( iterator.hasNext() ) {
- Object object = iterator.next();
- if( object instanceof DecryptUriDescriptor ) {
- return;
- }
- }
- fail( "Failed to find " + DecryptUriDescriptor.class.getName() + " via service loader." );
- }
-
- @Test
- public void testGetAndSet() {
- DecryptUriDescriptor descriptor = new DecryptUriDescriptor();
- assertThat( descriptor.type(), is( "decrypt" ) );
- assertThat( descriptor.getParam(), nullValue() );
-
- }
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java
deleted file mode 100644
index ea0c61a..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.api;
-
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
-import org.junit.Test;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.nullValue;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.fail;
-
-public class EncryptUriDescriptorTest {
-
- @Test
- @SuppressWarnings("rawtypes")
- public void testServiceLoader() throws Exception {
- ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
- Iterator iterator = loader.iterator();
- assertThat( "Service iterator empty.", iterator.hasNext() );
- while( iterator.hasNext() ) {
- Object object = iterator.next();
- if( object instanceof EncryptUriDescriptor ) {
- return;
- }
- }
- fail( "Failed to find " + EncryptUriDescriptor.class.getName() + " via service loader." );
- }
-
- @Test
- public void testGetAndSet() {
- EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
- assertThat( descriptor.type(), is( "encrypt" ) );
- assertThat( descriptor.getParam(), nullValue() );
-
- }
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
deleted file mode 100644
index 9e9f93c..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
+++ /dev/null
@@ -1,157 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import org.apache.hadoop.gateway.encrypturi.EncryptStepContextParams;
-import org.apache.hadoop.gateway.encrypturi.api.DecryptUriDescriptor;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteContext;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.AliasService;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.impl.DefaultCryptoService;
-import org.easymock.Capture;
-import org.easymock.EasyMock;
-import org.junit.Test;
-
-import java.util.Arrays;
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.notNullValue;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.core.IsNot.not;
-import static org.hamcrest.text.IsEmptyString.isEmptyOrNullString;
-import static org.junit.Assert.fail;
-
-
-public class EncryptDecryptUriProcessorTest {
-
- @SuppressWarnings("rawtypes")
- @Test
- public void testServiceLoader() throws Exception {
- ServiceLoader loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
- Iterator iterator = loader.iterator();
- assertThat( "Service iterator empty.", iterator.hasNext() );
- while( iterator.hasNext() ) {
- Object object = iterator.next();
- if( object instanceof EncryptUriProcessor ) {
- return;
- }
- }
- fail( "Failed to find " + EncryptUriProcessor.class.getName() + " via service loader." );
-
- loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
- iterator = loader.iterator();
- assertThat( "Service iterator empty.", iterator.hasNext() );
- while( iterator.hasNext() ) {
- Object object = iterator.next();
- if( object instanceof DecryptUriProcessor ) {
- return;
- }
- }
- fail( "Failed to find " + DecryptUriProcessor.class.getName() + " via service loader." );
- }
-
- @Test
- public void testEncryptDecrypt() throws Exception {
- String encryptedValueParamName = "address";
- String clusterName = "test-cluster-name";
- String passwordAlias = "encryptQueryString";
-
- // Test encryption. Result is in encryptedAdrress
-
- AliasService as = EasyMock.createNiceMock( AliasService.class );
- String secret = "asdf";
- EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
- CryptoService cryptoService = new DefaultCryptoService();
- ((DefaultCryptoService)cryptoService).setAliasService( as );
- GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
- EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
-
- UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
- EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
- EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
- UrlRewriteContext encContext = EasyMock.createNiceMock( UrlRewriteContext.class );
-
- EncryptStepContextParams hostPortParams = new EncryptStepContextParams();
- hostPortParams.addParam( "host", Arrays.asList( "host.yarn.com" ) );
- hostPortParams.addParam( "port", Arrays.asList( "8088" ) );
- EasyMock.expect( encContext.getParameters() ).andReturn( hostPortParams );
-
-
- Capture<EncryptStepContextParams> encodedValue = new Capture<EncryptStepContextParams>();
- encContext.addParameters( EasyMock.capture( encodedValue ) );
-
- EasyMock.replay( gatewayServices, as, encEnvironment, encContext );
-
- EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
- descriptor.setTemplate( "{host}:{port}" );
- descriptor.setParam( encryptedValueParamName );
- EncryptUriProcessor processor = new EncryptUriProcessor();
- processor.initialize( encEnvironment, descriptor );
- UrlRewriteStepStatus encStatus = processor.process( encContext );
-
- assertThat( encStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
- assertThat( encodedValue.getValue(), notNullValue() );
- assertThat( encodedValue.getValue().resolve( encryptedValueParamName ).size(), is( 1 ) );
- String encryptedAdrress = encodedValue.getValue().resolve( encryptedValueParamName ).get( 0 );
- assertThat( encryptedAdrress, not( isEmptyOrNullString() ) );
- assertThat( encryptedAdrress, not( "{host}:{port}" ) );
- assertThat( encryptedAdrress, not( "hdp:8088" ) );
-
- // Test decryption. Result is in dectryptedAdrress.
- String decParam = "foo";
- gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
- EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
- as = EasyMock.createNiceMock( AliasService.class );
- EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
-
- UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
- EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
- EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
- UrlRewriteContext decContext = EasyMock.createNiceMock( UrlRewriteContext.class );
-
- EncryptStepContextParams encryptedParams = new EncryptStepContextParams();
- encryptedParams.addParam( decParam, Arrays.asList( encryptedAdrress ) ); //Value was encrypted by EncryptUriProcessor
- encryptedParams.addParam( "foo1", Arrays.asList( "test" ) );
- EasyMock.expect( decContext.getParameters() ).andReturn( encryptedParams );
-
- Capture<EncryptStepContextParams> decodedValue = new Capture<EncryptStepContextParams>();
- decContext.addParameters( EasyMock.capture( decodedValue ) );
-
- EasyMock.replay( gatewayServices, as, decEnvironment, decContext );
-
- DecryptUriDescriptor decDescriptor = new DecryptUriDescriptor();
- decDescriptor.setParam( decParam );
-
- DecryptUriProcessor decProcessor = new DecryptUriProcessor();
- decProcessor.initialize( decEnvironment, decDescriptor );
- UrlRewriteStepStatus decStatus = decProcessor.process( decContext );
- assertThat( decStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
- assertThat( decodedValue.getValue(), notNullValue() );
- assertThat( decodedValue.getValue().resolve( decParam ).size(), is( 1 ) );
- String dectryptedAdrress = decodedValue.getValue().resolve( decParam ).get( 0 );
- assertThat( dectryptedAdrress, is ( "host.yarn.com:8088" ) );
- }
-
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
deleted file mode 100644
index 7f09224..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import org.apache.hadoop.gateway.deploy.DeploymentContext;
-import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.AliasService;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.impl.DefaultCryptoService;
-import org.apache.hadoop.gateway.topology.Provider;
-import org.apache.hadoop.gateway.topology.Topology;
-import org.easymock.EasyMock;
-import org.jboss.shrinkwrap.api.ShrinkWrap;
-import org.jboss.shrinkwrap.api.spec.WebArchive;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.fail;
-
-public class EncryptUriDeploymentContributorTest {
-
- @SuppressWarnings("rawtypes")
- @Test
- public void testServiceLoader() throws Exception {
- ServiceLoader loader = ServiceLoader.load( ProviderDeploymentContributor.class );
- Iterator iterator = loader.iterator();
- assertThat( "Service iterator empty.", iterator.hasNext() );
- while( iterator.hasNext() ) {
- Object object = iterator.next();
- if( object instanceof EncryptUriDeploymentContributor ) {
- return;
- }
- }
- fail( "Failed to find " + EncryptUriDeploymentContributor.class.getName() + " via service loader." );
- }
-
- @Test
- public void testDeployment() throws IOException {
- WebArchive webArchive = ShrinkWrap.create( WebArchive.class, "test-acrhive" );
-
- Provider provider = new Provider();
- provider.setEnabled( true );
- provider.setName( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME );
-
- Topology topology = new Topology();
- topology.setName( "Sample" );
-
- DeploymentContext context = EasyMock.createNiceMock( DeploymentContext.class );
-
- EasyMock.expect( context.getWebArchive() ).andReturn( webArchive ).anyTimes();
- EasyMock.expect( context.getTopology() ).andReturn( topology ).anyTimes();
- EasyMock.replay( context );
-
- AliasService as = EasyMock.createNiceMock( AliasService.class );
- CryptoService cryptoService = new DefaultCryptoService();
- ((DefaultCryptoService) cryptoService).setAliasService( as );
-
- GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
- EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService ).anyTimes();
-
- UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
- EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
-
- EncryptUriDeploymentContributor contributor = new EncryptUriDeploymentContributor();
- contributor.setAliasService( as );
-
- assertThat( contributor.getRole(), is( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME ) );
- assertThat( contributor.getName(), is( EncryptUriDeploymentContributor.PROVIDER_IMPL_NAME ) );
-
- // Just make sure it doesn't blow up.
- contributor.contributeFilter( null, null, null, null, null );
-
- // Just make sure it doesn't blow up.
- contributor.initializeContribution( context );
-
- contributor.contributeProvider( context, provider );
-
- // Just make sure it doesn't blow up.
- contributor.finalizeContribution( context );
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java
new file mode 100644
index 0000000..af73679
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.fail;
+
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
+import org.junit.Test;
+
+public class DecryptUriDescriptorTest {
+
+ @Test
+ @SuppressWarnings("rawtypes")
+ public void testServiceLoader() throws Exception {
+ ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
+ Iterator iterator = loader.iterator();
+ assertThat( "Service iterator empty.", iterator.hasNext() );
+ while( iterator.hasNext() ) {
+ Object object = iterator.next();
+ if( object instanceof DecryptUriDescriptor ) {
+ return;
+ }
+ }
+ fail( "Failed to find " + DecryptUriDescriptor.class.getName() + " via service loader." );
+ }
+
+ @Test
+ public void testGetAndSet() {
+ DecryptUriDescriptor descriptor = new DecryptUriDescriptor();
+ assertThat( descriptor.type(), is( "decrypt" ) );
+ assertThat( descriptor.getParam(), nullValue() );
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java
new file mode 100644
index 0000000..60d4206
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.fail;
+
+public class EncryptUriDescriptorTest {
+
+ @Test
+ @SuppressWarnings("rawtypes")
+ public void testServiceLoader() throws Exception {
+ ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
+ Iterator iterator = loader.iterator();
+ assertThat( "Service iterator empty.", iterator.hasNext() );
+ while( iterator.hasNext() ) {
+ Object object = iterator.next();
+ if( object instanceof EncryptUriDescriptor ) {
+ return;
+ }
+ }
+ fail( "Failed to find " + EncryptUriDescriptor.class.getName() + " via service loader." );
+ }
+
+ @Test
+ public void testGetAndSet() {
+ EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
+ assertThat( descriptor.type(), is( "encrypt" ) );
+ assertThat( descriptor.getParam(), nullValue() );
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
new file mode 100644
index 0000000..4758982
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
@@ -0,0 +1,157 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import org.apache.knox.gateway.encrypturi.EncryptStepContextParams;
+import org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.impl.DefaultCryptoService;
+import org.easymock.Capture;
+import org.easymock.EasyMock;
+import org.junit.Test;
+
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.core.IsNot.not;
+import static org.hamcrest.text.IsEmptyString.isEmptyOrNullString;
+import static org.junit.Assert.fail;
+
+
+public class EncryptDecryptUriProcessorTest {
+
+ @SuppressWarnings("rawtypes")
+ @Test
+ public void testServiceLoader() throws Exception {
+ ServiceLoader loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
+ Iterator iterator = loader.iterator();
+ assertThat( "Service iterator empty.", iterator.hasNext() );
+ while( iterator.hasNext() ) {
+ Object object = iterator.next();
+ if( object instanceof EncryptUriProcessor ) {
+ return;
+ }
+ }
+ fail( "Failed to find " + EncryptUriProcessor.class.getName() + " via service loader." );
+
+ loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
+ iterator = loader.iterator();
+ assertThat( "Service iterator empty.", iterator.hasNext() );
+ while( iterator.hasNext() ) {
+ Object object = iterator.next();
+ if( object instanceof DecryptUriProcessor ) {
+ return;
+ }
+ }
+ fail( "Failed to find " + DecryptUriProcessor.class.getName() + " via service loader." );
+ }
+
+ @Test
+ public void testEncryptDecrypt() throws Exception {
+ String encryptedValueParamName = "address";
+ String clusterName = "test-cluster-name";
+ String passwordAlias = "encryptQueryString";
+
+ // Test encryption. Result is in encryptedAdrress
+
+ AliasService as = EasyMock.createNiceMock( AliasService.class );
+ String secret = "asdf";
+ EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
+ CryptoService cryptoService = new DefaultCryptoService();
+ ((DefaultCryptoService)cryptoService).setAliasService( as );
+ GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
+ EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
+
+ UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
+ EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
+ EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
+ UrlRewriteContext encContext = EasyMock.createNiceMock( UrlRewriteContext.class );
+
+ EncryptStepContextParams hostPortParams = new EncryptStepContextParams();
+ hostPortParams.addParam( "host", Arrays.asList( "host.yarn.com" ) );
+ hostPortParams.addParam( "port", Arrays.asList( "8088" ) );
+ EasyMock.expect( encContext.getParameters() ).andReturn( hostPortParams );
+
+
+ Capture<EncryptStepContextParams> encodedValue = new Capture<EncryptStepContextParams>();
+ encContext.addParameters( EasyMock.capture( encodedValue ) );
+
+ EasyMock.replay( gatewayServices, as, encEnvironment, encContext );
+
+ EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
+ descriptor.setTemplate( "{host}:{port}" );
+ descriptor.setParam( encryptedValueParamName );
+ EncryptUriProcessor processor = new EncryptUriProcessor();
+ processor.initialize( encEnvironment, descriptor );
+ UrlRewriteStepStatus encStatus = processor.process( encContext );
+
+ assertThat( encStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
+ assertThat( encodedValue.getValue(), notNullValue() );
+ assertThat( encodedValue.getValue().resolve( encryptedValueParamName ).size(), is( 1 ) );
+ String encryptedAdrress = encodedValue.getValue().resolve( encryptedValueParamName ).get( 0 );
+ assertThat( encryptedAdrress, not( isEmptyOrNullString() ) );
+ assertThat( encryptedAdrress, not( "{host}:{port}" ) );
+ assertThat( encryptedAdrress, not( "hdp:8088" ) );
+
+ // Test decryption. Result is in dectryptedAdrress.
+ String decParam = "foo";
+ gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
+ EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
+ as = EasyMock.createNiceMock( AliasService.class );
+ EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
+
+ UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
+ EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
+ EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
+ UrlRewriteContext decContext = EasyMock.createNiceMock( UrlRewriteContext.class );
+
+ EncryptStepContextParams encryptedParams = new EncryptStepContextParams();
+ encryptedParams.addParam( decParam, Arrays.asList( encryptedAdrress ) ); //Value was encrypted by EncryptUriProcessor
+ encryptedParams.addParam( "foo1", Arrays.asList( "test" ) );
+ EasyMock.expect( decContext.getParameters() ).andReturn( encryptedParams );
+
+ Capture<EncryptStepContextParams> decodedValue = new Capture<EncryptStepContextParams>();
+ decContext.addParameters( EasyMock.capture( decodedValue ) );
+
+ EasyMock.replay( gatewayServices, as, decEnvironment, decContext );
+
+ DecryptUriDescriptor decDescriptor = new DecryptUriDescriptor();
+ decDescriptor.setParam( decParam );
+
+ DecryptUriProcessor decProcessor = new DecryptUriProcessor();
+ decProcessor.initialize( decEnvironment, decDescriptor );
+ UrlRewriteStepStatus decStatus = decProcessor.process( decContext );
+ assertThat( decStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
+ assertThat( decodedValue.getValue(), notNullValue() );
+ assertThat( decodedValue.getValue().resolve( decParam ).size(), is( 1 ) );
+ String dectryptedAdrress = decodedValue.getValue().resolve( decParam ).get( 0 );
+ assertThat( dectryptedAdrress, is ( "host.yarn.com:8088" ) );
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
new file mode 100644
index 0000000..8741119
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import org.apache.knox.gateway.deploy.DeploymentContext;
+import org.apache.knox.gateway.deploy.ProviderDeploymentContributor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.impl.DefaultCryptoService;
+import org.apache.knox.gateway.topology.Provider;
+import org.apache.knox.gateway.topology.Topology;
+import org.easymock.EasyMock;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.fail;
+
+public class EncryptUriDeploymentContributorTest {
+
+ @SuppressWarnings("rawtypes")
+ @Test
+ public void testServiceLoader() throws Exception {
+ ServiceLoader loader = ServiceLoader.load( ProviderDeploymentContributor.class );
+ Iterator iterator = loader.iterator();
+ assertThat( "Service iterator empty.", iterator.hasNext() );
+ while( iterator.hasNext() ) {
+ Object object = iterator.next();
+ if( object instanceof EncryptUriDeploymentContributor ) {
+ return;
+ }
+ }
+ fail( "Failed to find " + EncryptUriDeploymentContributor.class.getName() + " via service loader." );
+ }
+
+ @Test
+ public void testDeployment() throws IOException {
+ WebArchive webArchive = ShrinkWrap.create( WebArchive.class, "test-acrhive" );
+
+ Provider provider = new Provider();
+ provider.setEnabled( true );
+ provider.setName( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME );
+
+ Topology topology = new Topology();
+ topology.setName( "Sample" );
+
+ DeploymentContext context = EasyMock.createNiceMock( DeploymentContext.class );
+
+ EasyMock.expect( context.getWebArchive() ).andReturn( webArchive ).anyTimes();
+ EasyMock.expect( context.getTopology() ).andReturn( topology ).anyTimes();
+ EasyMock.replay( context );
+
+ AliasService as = EasyMock.createNiceMock( AliasService.class );
+ CryptoService cryptoService = new DefaultCryptoService();
+ ((DefaultCryptoService) cryptoService).setAliasService( as );
+
+ GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
+ EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService ).anyTimes();
+
+ UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
+ EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
+
+ EncryptUriDeploymentContributor contributor = new EncryptUriDeploymentContributor();
+ contributor.setAliasService( as );
+
+ assertThat( contributor.getRole(), is( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME ) );
+ assertThat( contributor.getName(), is( EncryptUriDeploymentContributor.PROVIDER_IMPL_NAME ) );
+
+ // Just make sure it doesn't blow up.
+ contributor.contributeFilter( null, null, null, null, null );
+
+ // Just make sure it doesn't blow up.
+ contributor.initializeContribution( context );
+
+ contributor.contributeProvider( context, provider );
+
+ // Just make sure it doesn't blow up.
+ contributor.finalizeContribution( context );
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java b/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java
deleted file mode 100644
index f026e38..0000000
--- a/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.securequery;
-
-import org.apache.hadoop.gateway.filter.rewrite.ext.UrlRewriteActionDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteActionDescriptorBase;
-
-public class SecureQueryDecodeDescriptor
- extends UrlRewriteActionDescriptorBase
- implements UrlRewriteActionDescriptor {
-
- static final String STEP_NAME = "decode-query";
-
- public SecureQueryDecodeDescriptor() {
- super( STEP_NAME );
- }
-
- @Override
- public String getParam() {
- return null;
- }
-
-}