You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by mo...@apache.org on 2017/09/13 13:58:06 UTC
[09/11] knox git commit: KNOX-998 - Merging from master
KNOX-998 - Merging from master
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/582cc7e3
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/582cc7e3
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/582cc7e3
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: 582cc7e38a99f4dc624325cccd66e12a0923ec6f
Parents: 50f46e9 e2e1251
Author: Sandeep More <mo...@apache.org>
Authored: Wed Sep 13 09:36:13 2017 -0400
Committer: Sandeep More <mo...@apache.org>
Committed: Wed Sep 13 09:36:13 2017 -0400
----------------------------------------------------------------------
.../provider/federation/JWTTokenTest.java | 132 ------------
gateway-server/pom.xml | 22 --
.../resources/services/hbase/0.98.0/service.xml | 2 +-
.../definition/ServiceDefinitionTest.java | 4 +-
.../security/token/impl/JWTTokenTest.java | 213 +++++++++++++++++++
.../security/impl/CMFKeystoreServiceTest.java | 11 +-
gateway-test/pom.xml | 12 +-
.../gateway/AmbariServiceDefinitionTest.java | 6 +-
.../knox/gateway/GatewayAdminFuncTest.java | 2 +-
.../gateway/GatewayAdminTopologyFuncTest.java | 43 ++--
.../apache/knox/gateway/GatewayAppFuncTest.java | 6 +-
.../knox/gateway/GatewayBasicFuncTest.java | 94 ++++----
.../knox/gateway/GatewayDeployFuncTest.java | 4 +-
.../knox/gateway/GatewayHealthFuncTest.java | 4 +-
.../GatewayLdapDynamicGroupFuncTest.java | 2 +-
.../knox/gateway/GatewayLdapGroupFuncTest.java | 4 +-
.../gateway/GatewayLdapPosixGroupFuncTest.java | 2 +-
.../gateway/GatewayLocalServiceFuncTest.java | 2 +-
.../knox/gateway/GatewayMultiFuncTest.java | 16 +-
.../GatewayPortMappingDisableFeatureTest.java | 2 +-
.../gateway/GatewayPortMappingFailTest.java | 2 +-
.../gateway/GatewayPortMappingFuncTest.java | 2 +-
.../knox/gateway/GatewaySampleFuncTest.java | 2 +-
.../apache/knox/gateway/GatewaySslFuncTest.java | 4 +-
.../apache/knox/gateway/Knox242FuncTest.java | 2 +-
.../apache/knox/gateway/WebHdfsHaFuncTest.java | 2 +-
pom.xml | 14 +-
27 files changed, 332 insertions(+), 279 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/582cc7e3/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTTokenTest.java
----------------------------------------------------------------------
diff --cc gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTTokenTest.java
index 7359a8d,0000000..e69de29
mode 100644,000000..100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTTokenTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/JWTTokenTest.java
http://git-wip-us.apache.org/repos/asf/knox/blob/582cc7e3/gateway-service-definitions/src/test/java/org/apache/knox/gateway/service/definition/ServiceDefinitionTest.java
----------------------------------------------------------------------
diff --cc gateway-service-definitions/src/test/java/org/apache/knox/gateway/service/definition/ServiceDefinitionTest.java
index 60f2d70,0000000..75b18f7
mode 100644,000000..100644
--- a/gateway-service-definitions/src/test/java/org/apache/knox/gateway/service/definition/ServiceDefinitionTest.java
+++ b/gateway-service-definitions/src/test/java/org/apache/knox/gateway/service/definition/ServiceDefinitionTest.java
@@@ -1,90 -1,0 +1,90 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.service.definition;
+
+import org.junit.Test;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Unmarshaller;
+import java.net.URL;
+import java.util.List;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+public class ServiceDefinitionTest {
+
+ @Test
+ public void testUnmarshalling() throws Exception {
+ JAXBContext context = JAXBContext.newInstance(ServiceDefinition.class);
+ Unmarshaller unmarshaller = context.createUnmarshaller();
+ URL url = ClassLoader.getSystemResource("services/foo/1.0.0/service.xml");
+ ServiceDefinition definition = (ServiceDefinition) unmarshaller.unmarshal(url.openStream());
+ assertEquals("foo", definition.getName());
+ assertEquals("FOO", definition.getRole());
+ assertEquals("1.0.0", definition.getVersion());
+ assertEquals("custom-client", definition.getDispatch().getContributorName());
+ assertEquals("ha-client", definition.getDispatch().getHaContributorName());
+ assertEquals("org.apache.knox.gateway.MockHttpClientFactory", definition.getDispatch().getHttpClientFactory());
+ List<Policy> policies = definition.getPolicies();
+ assertEquals(5, policies.size());
+ String[] policyOrder = new String[]{"webappsec", "authentication", "rewrite", "identity-assertion", "authorization"};
+ for (int i=0; i< policyOrder.length; i++ ) {
+ assertEquals(policyOrder[i], policies.get(i).getRole());
+ }
+ List<Route> routes = definition.getRoutes();
+ assertNotNull(routes);
+ assertEquals(1, routes.size());
+ Route route = routes.get(0);
+ assertEquals("/foo/?**", route.getPath());
+ assertEquals("http-client", route.getDispatch().getContributorName());
+ policies = route.getPolicies();
+ assertEquals(5, policies.size());
+ policyOrder = new String[]{"webappsec", "federation", "identity-assertion", "authorization", "rewrite"};
+ for (int i=0; i< policyOrder.length; i++ ) {
+ assertEquals(policyOrder[i], policies.get(i).getRole());
+ }
+ assertNotNull(definition.getTestURLs());
+ assertEquals(2, definition.getTestURLs().size());
+ }
+
+ @Test
+ public void testUnmarshallingCommonServices() throws Exception {
+ JAXBContext context = JAXBContext.newInstance(ServiceDefinition.class);
+ Unmarshaller unmarshaller = context.createUnmarshaller();
+ URL url = ClassLoader.getSystemResource("services/yarn-rm/2.5.0/service.xml");
+ ServiceDefinition definition = (ServiceDefinition) unmarshaller.unmarshal(url.openStream());
+ assertEquals("resourcemanager", definition.getName());
+ assertEquals("RESOURCEMANAGER", definition.getRole());
+ assertEquals("2.5.0", definition.getVersion());
+ List<Route> routes = definition.getRoutes();
+ assertNotNull(routes);
+ assertEquals(12, routes.size());
+ assertNotNull(routes.get(0).getPath());
+ url = ClassLoader.getSystemResource("services/hbase/0.98.0/service.xml");
+ definition = (ServiceDefinition) unmarshaller.unmarshal(url.openStream());
- assertNotNull(definition.getDispatch());
- assertEquals("org.apache.knox.gateway.hbase.HBaseDispatch", definition.getDispatch().getClassName());
++ assertNotNull(definition.getName());
++ assertEquals("webhbase", definition.getName());
+ url = ClassLoader.getSystemResource("services/webhdfs/2.4.0/service.xml");
+ definition = (ServiceDefinition) unmarshaller.unmarshal(url.openStream());
+ assertNotNull(definition.getDispatch());
+ assertEquals("org.apache.knox.gateway.hdfs.dispatch.HdfsHttpClientDispatch", definition.getDispatch().getClassName());
+ assertEquals("org.apache.knox.gateway.hdfs.dispatch.WebHdfsHaDispatch", definition.getDispatch().getHaClassName());
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/582cc7e3/gateway-spi/src/test/java/org/apache/knox/gateway/services/security/impl/CMFKeystoreServiceTest.java
----------------------------------------------------------------------
diff --cc gateway-spi/src/test/java/org/apache/knox/gateway/services/security/impl/CMFKeystoreServiceTest.java
index 73306f4,0000000..7386f74
mode 100644,000000..100644
--- a/gateway-spi/src/test/java/org/apache/knox/gateway/services/security/impl/CMFKeystoreServiceTest.java
+++ b/gateway-spi/src/test/java/org/apache/knox/gateway/services/security/impl/CMFKeystoreServiceTest.java
@@@ -1,162 -1,0 +1,161 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.services.security.impl;
+
+import java.io.File;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.util.Map;
+
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.security.KeystoreServiceException;
+import org.apache.knox.gateway.services.security.MasterService;
+import org.apache.hadoop.test.category.FastTests;
+import org.apache.hadoop.test.category.UnitTests;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import static org.junit.Assert.assertTrue;
- import static org.junit.Assert.fail;
+
+/**
+*
+*/
+@Category( { UnitTests.class, FastTests.class } )
+public class CMFKeystoreServiceTest {
+ CMFKeystoreService ks;
+ String aliasName = "TestAliasName";
+ String secretValue = "AliasSecretValue";
+ char[] password = { 'P', 'A', 'S', 'S' };
+ File credentialsStoreFile = new File("ambari-credentials.jceks");
+ File keyStoreFile = new File("ambari.jks");
+ File certificateFile = new File("ambari");
+
+ @Before
+ public void setup() {
+ try {
+ ks = new CMFKeystoreService(".", "ambari");
+ ks.setMasterService(new MasterService() {
+
+ public void init(GatewayConfig config, Map<String, String> options)
+ throws ServiceLifecycleException {
+ // TODO Auto-generated method stub
-
++
+ }
+
+ public void start() throws ServiceLifecycleException {
+ // TODO Auto-generated method stub
-
++
+ }
+
+ public void stop() throws ServiceLifecycleException {
+ // TODO Auto-generated method stub
-
++
+ }
+
+ public char[] getMasterSecret() {
+ // TODO Auto-generated method stub
+ return "testmaster".toCharArray();
+ }
-
++
+ });
+ } catch (ServiceLifecycleException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
-
++
+ @Test
+ public void testCreationOfStoreForCredential() throws KeystoreServiceException {
+ try {
+ ks.createCredentialStore();
+ assertTrue("Credential Store file is not created", ks.isCredentialStoreAvailable()
+ && credentialsStoreFile.exists());
+ KeyStore credentialStore = ks.getCredentialStore();
+ assertTrue("Credential Store file is not created with proper file type",
+ ("JCEKS").equalsIgnoreCase(credentialStore.getType()));
+ } finally {
+ credentialsStoreFile.deleteOnExit();
+ }
+ }
+
+ @Test
+ public void testCreationOfKeyStore() throws KeystoreServiceException {
+ try {
+ ks.createKeystore();
+ assertTrue("Key Store file is not created", ks.isKeystoreAvailable() && keyStoreFile.exists());
+ KeyStore keystore = ks.getKeystore();
+ assertTrue("Key Store file is not created with proper file type",
+ ("JKS").equalsIgnoreCase(keystore.getType()));
+ ks.createCredentialStore();
+ ks.addCredential(aliasName, "secretValue");
+ } finally {
+ keyStoreFile.deleteOnExit();
+ credentialsStoreFile.deleteOnExit();
+ }
+ }
+
+ @Test
+ public void testAdditionOfCredentialsToKeyStore() throws KeystoreServiceException {
+ try {
+ ks.createKeystore();
+ ks.createCredentialStore();
+ ks.addCredential(aliasName, "secretValue");
+ char[] secret = ks.getCredential(aliasName);
+ assertTrue("Addition of Credentials failed", new String(secret).equals("secretValue"));
+ } finally {
+ credentialsStoreFile.deleteOnExit();
+ keyStoreFile.deleteOnExit();
+ }
+ }
+
+ @Test
+ public void testAdditionOfAliasWithSelfSignedCertificate() throws KeystoreServiceException,
+ KeyStoreException {
+ try {
+ ks.createKeystore();
+ ks.createCredentialStore();
+ ks.addCredential(aliasName, "secretValue");
+ ks.addSelfSignedCert(aliasName, password);
+ KeyStore keystore = ks.getKeystore();
+ assertTrue("Addition of Alias with Self Signed Certificate failed",
+ !keystore.getCertificate(aliasName).toString().isEmpty() && certificateFile.exists());
+ } finally {
+ credentialsStoreFile.deleteOnExit();
+ keyStoreFile.deleteOnExit();
+ certificateFile.deleteOnExit();
+ }
+ }
+
+ @Test
+ public void testFetchOfAliasKey() throws KeystoreServiceException {
+ try {
+ ks.createKeystore();
+ ks.createCredentialStore();
+ ks.addCredential(aliasName, "secretValue");
+ ks.addSelfSignedCert(aliasName, password);
+ assertTrue("Fetch of AliasKey failed", !ks.getKey(aliasName, password).toString().isEmpty()
+ && certificateFile.exists());
+ } finally {
+ credentialsStoreFile.deleteOnExit();
+ keyStoreFile.deleteOnExit();
+ certificateFile.deleteOnExit();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/582cc7e3/gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
index aad94a7,0000000..8b26dce
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/AmbariServiceDefinitionTest.java
@@@ -1,352 -1,0 +1,354 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.IOUtils;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.topology.TopologyService;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.hadoop.test.mock.MockServer;
+import org.apache.http.HttpStatus;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+import org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader;
+import org.hamcrest.MatcherAssert;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.StringWriter;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.UUID;
+
- import static com.jayway.restassured.RestAssured.given;
++import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static uk.co.datumedge.hamcrest.json.SameJSONAs.sameJSONAs;
+
+public class AmbariServiceDefinitionTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( AmbariServiceDefinitionTest.class );
+ private static Class<?> DAT = AmbariServiceDefinitionTest.class;
+
+ private static GatewayTestConfig config;
+ private static DefaultGatewayServices services;
+ private static GatewayServer gateway;
+ private static int gatewayPort;
+ private static String gatewayUrl;
+ private static String clusterUrl;
+ private static String clusterPath;
+ private static Properties params;
+ private static TopologyService topos;
+ private static MockServer mockAmbari;
+
+ private static VelocityEngine velocity;
+ private static VelocityContext context;
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ LOG_ENTER();
+ setupGateway();
+ String topoStr = TestUtils.merge( DAT, "test-topology.xml", params );
+ File topoFile = new File( config.getGatewayTopologyDir(), "test-topology.xml" );
+ FileUtils.writeStringToFile( topoFile, topoStr );
+ topos.reloadTopologies();
+ LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ LOG_ENTER();
+ gateway.stop();
+ FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ LOG_EXIT();
+ }
+
+ @After
+ public void cleanupTest() throws Exception {
+ FileUtils.cleanDirectory( new File( config.getGatewayTopologyDir() ) );
- FileUtils.cleanDirectory( new File( config.getGatewayDeploymentDir() ) );
++ // Test run should not fail if deleting deployment files is not successful.
++ // Deletion has been already done by TopologyService.
++ FileUtils.deleteQuietly( new File( config.getGatewayDeploymentDir() ) );
+ }
+
+ public static void setupGateway() throws Exception {
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ config = new GatewayTestConfig();
+ config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( config.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( config.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ setupMockServers();
+ startGatewayServer();
+ }
+
+ public static void setupMockServers() throws Exception {
+ mockAmbari = new MockServer( "AMBARI", true );
+ }
+
+ public static void startGatewayServer() throws Exception {
+ services = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ services.init( config, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ topos = services.getService(GatewayServices.TOPOLOGY_SERVICE);
+
+ gateway = GatewayServer.startGateway( config, services );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ gatewayPort = gateway.getAddresses()[0].getPort();
+ gatewayUrl = "http://localhost:" + gatewayPort + "/" + config.getGatewayPath();
+ String topologyPath = "/test-topology";
+ clusterPath = "/" + config.getGatewayPath() + topologyPath;
+ clusterUrl = gatewayUrl + topologyPath;
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ params = new Properties();
+ params.put( "AMBARI_URL", "http://localhost:" + mockAmbari.getPort() );
+
+ velocity = new VelocityEngine();
+ velocity.setProperty( RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, "org.apache.velocity.runtime.log.NullLogSystem" );
+ velocity.setProperty( RuntimeConstants.RESOURCE_LOADER, "classpath" );
+ velocity.setProperty( "classpath.resource.loader.class", ClasspathResourceLoader.class.getName() );
+ velocity.init();
+
+ context = new VelocityContext();
+ context.put( "cluster_url", clusterUrl );
+ context.put( "cluster_path", clusterPath );
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void clusters() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/clusters";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/clusters" )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "clusters-response.json" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+// .log().all()
+ .auth().preemptive().basic( username, password )
+ .expect()
+// .log().all()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+
+ String name = TestUtils.getResourceName( this.getClass(), "clusters-response-expected.json" );
+ Template template = velocity.getTemplate( name );
+ StringWriter sw = new StringWriter();
+ template.merge( context, sw );
+ String expected = sw.toString();
+
+ MatcherAssert.assertThat(body, sameJSONAs(expected));
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void historyServer() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/clusters/test/hosts/c6401.ambari.apache.org/host_components/HISTORYSERVER";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/clusters/test/hosts/c6401.ambari.apache.org/host_components/HISTORYSERVER" )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "history-server-response.json" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
+ .expect()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+
+ String name = TestUtils.getResourceName( this.getClass(), "history-server-response-expected.json" );
+ Template template = velocity.getTemplate( name );
+ StringWriter sw = new StringWriter();
+ template.merge( context, sw );
+ String expected = sw.toString();
+
+ MatcherAssert.assertThat(body, sameJSONAs(expected));
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void unwiseCharacterRequest() throws Exception {
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/clusters/test/components";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/clusters/test/components" )
+ .queryParam("ServiceComponentInfo/component_name", "APP_TIMELINE_SERVER|ServiceComponentInfo/category=MASTER")
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "unwise-character-response.json" ) )
+ .contentType( "text/plain" );
+ //only assertion here is to make sure the request can be made successfully with the unwise characters present
+ //in the request url
+ given()
+ .auth().preemptive().basic( username, password )
+ .queryParam("ServiceComponentInfo/component_name", "APP_TIMELINE_SERVER|ServiceComponentInfo/category=MASTER")
+ .expect()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void encryptedResponse() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/persist/CLUSTER_CURRENT_STATUS?_=1457977721091";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/persist/CLUSTER_CURRENT_STATUS" )
+ .queryParam("_","1457977721091")
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "encrypted-response.txt" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
+ .expect()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+ Assert.assertNotNull(body);
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void postDataWithWrongContentType() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/ambari/api/v1/stacks/HDP/versions/2.3/recommendations";
+
+ mockAmbari.expect()
+ .method( "POST" )
+ .pathInfo( "/api/v1/stacks/HDP/versions/2.3/recommendations" )
+ .content( TestUtils.getResourceStream( DAT, "post-data-wrong-type.json" ) )
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .contentType( "application/x-www-form-urlencoded" );
+
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
+ .content(IOUtils.toByteArray(TestUtils.getResourceStream( DAT, "post-data-wrong-type.json")))
+ .expect()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "application/x-www-form-urlencoded" )
+ .when().post( serviceUrl ).asString();
+
+ Assert.assertNotNull(body);
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void contextPathInViewsResponse() throws Exception {
+ LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+
+ String serviceUrl = clusterUrl + "/ambari/api/v1/views?fields=versions/instances/ViewInstanceInfo,versions/" +
+ "ViewVersionInfo/label&versions/ViewVersionInfo/system=false&_=1461186937589";
+
+ mockAmbari.expect()
+ .method( "GET" )
+ .pathInfo( "/api/v1/views" )
+ .queryParam("_", "1461186937589")
+ .queryParam("versions/ViewVersionInfo/system", "false")
+ .queryParam("fields", "versions/instances/ViewInstanceInfo,versions/ViewVersionInfo/label")
+ .respond()
+ .status( HttpStatus.SC_OK )
+ .content( TestUtils.getResourceStream( DAT, "views-response.json" ) )
+ .contentType( "text/plain" );
+
+ String body = given()
+ .auth().preemptive().basic( username, password )
+ .expect()
+ .statusCode( HttpStatus.SC_OK )
+ .contentType( "text/plain" )
+ .when().get( serviceUrl ).asString();
+
+
+ String name = TestUtils.getResourceName( this.getClass(), "views-response-expected.json" );
+ Template template = velocity.getTemplate( name );
+ StringWriter sw = new StringWriter();
+ template.merge( context, sw );
+ String expected = sw.toString();
+
+ MatcherAssert.assertThat(body, sameJSONAs(expected));
+ LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/582cc7e3/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
index 4710c37,0000000..810626b
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminFuncTest.java
@@@ -1,176 -1,0 +1,176 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.ws.rs.core.MediaType;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
- import static com.jayway.restassured.RestAssured.given;
++import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.notNullValue;
+
+public class GatewayAdminFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayAdminFuncTest.class );
+
+ //public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ TestUtils.LOG_ENTER();
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway();
+ TestUtils.LOG_EXIT();
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ TestUtils.LOG_ENTER();
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ TestUtils.LOG_EXIT();
+ }
+
+ public static void setupGateway() throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ GatewayTestConfig testConfig = new GatewayTestConfig();
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ File descriptor = new File( topoDir, "test-cluster.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createTopology().toStream( stream );
+ stream.close();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/test-cluster";
+ }
+
+ private static XMLTag createTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .addTag( "provider" )
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "KNOX" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ //@Test
+ public void waitForManualTesting() throws IOException {
+ System.out.println( clusterUrl );
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.MEDIUM_TIMEOUT )
+ public void testAdminService() throws ClassNotFoundException {
+ TestUtils.LOG_ENTER();
+
+ String username = "guest";
+ String password = "guest-password";
+ String serviceUrl = clusterUrl + "/api/v1/version";
+ given()
+ //.log().all()
+ .auth().preemptive().basic( username, password )
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ //.body( is( "{\"hash\":\"unknown\",\"version\":\"unknown\"}" ) )
+ .when().get( serviceUrl );
+
+ TestUtils.LOG_EXIT();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/582cc7e3/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
----------------------------------------------------------------------
diff --cc gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
index 5f828e5,0000000..e5c16be
mode 100644,000000..100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/GatewayAdminTopologyFuncTest.java
@@@ -1,799 -1,0 +1,802 @@@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.StringReader;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+import javax.ws.rs.core.MediaType;
+
- import com.jayway.restassured.http.ContentType;
++import io.restassured.http.ContentType;
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.knox.gateway.services.DefaultGatewayServices;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceLifecycleException;
+import org.apache.knox.gateway.services.topology.TopologyService;
+import org.apache.knox.gateway.topology.Param;
+import org.apache.knox.gateway.topology.Provider;
+import org.apache.knox.gateway.topology.Service;
+import org.apache.knox.gateway.topology.Topology;
+import org.apache.knox.gateway.util.XmlUtils;
+import org.apache.hadoop.test.TestUtils;
+import org.apache.http.HttpStatus;
+import org.apache.log4j.Appender;
+import org.hamcrest.MatcherAssert;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.xml.sax.InputSource;
+
- import static com.jayway.restassured.RestAssured.given;
++import static io.restassured.RestAssured.given;
+import static org.apache.hadoop.test.TestUtils.LOG_ENTER;
+import static org.apache.hadoop.test.TestUtils.LOG_EXIT;
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.not;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.xml.HasXPath.hasXPath;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.fail;
+
+public class GatewayAdminTopologyFuncTest {
+
+ private static Logger LOG = LoggerFactory.getLogger( GatewayAdminTopologyFuncTest.class );
+
+ public static Enumeration<Appender> appenders;
+ public static GatewayConfig config;
+ public static GatewayServer gateway;
+ public static String gatewayUrl;
+ public static String clusterUrl;
+ private static GatewayTestDriver driver = new GatewayTestDriver();
+
+ @BeforeClass
+ public static void setupSuite() throws Exception {
+ //appenders = NoOpAppender.setUp();
+ driver.setupLdap(0);
+ setupGateway(new GatewayTestConfig());
+ }
+
+ @AfterClass
+ public static void cleanupSuite() throws Exception {
+ gateway.stop();
+ driver.cleanup();
+ //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
+ //NoOpAppender.tearDown( appenders );
+ }
+
+ public static void setupGateway(GatewayTestConfig testConfig) throws Exception {
+
+ File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+ File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+ gatewayDir.mkdirs();
+
+ config = testConfig;
+ testConfig.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+ File topoDir = new File( testConfig.getGatewayTopologyDir() );
+ topoDir.mkdirs();
+
+ File deployDir = new File( testConfig.getGatewayDeploymentDir() );
+ deployDir.mkdirs();
+
+ File descriptor = new File( topoDir, "admin.xml" );
+ FileOutputStream stream = new FileOutputStream( descriptor );
+ createKnoxTopology().toStream( stream );
+ stream.close();
+
+ File descriptor2 = new File( topoDir, "test-cluster.xml" );
+ FileOutputStream stream2 = new FileOutputStream( descriptor2 );
+ createNormalTopology().toStream( stream2 );
+ stream.close();
+
+ DefaultGatewayServices srvcs = new DefaultGatewayServices();
+ Map<String,String> options = new HashMap<>();
+ options.put( "persist-master", "false" );
+ options.put( "master", "password" );
+
+ try {
+ srvcs.init( testConfig, options );
+ } catch ( ServiceLifecycleException e ) {
+ e.printStackTrace(); // I18N not required.
+ }
+ gateway = GatewayServer.startGateway( testConfig, srvcs );
+ MatcherAssert.assertThat( "Failed to start gateway.", gateway, notNullValue() );
+
+ LOG.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+
+ gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
+ clusterUrl = gatewayUrl + "/admin";
+ }
+
+ private static XMLTag createNormalTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "webappsec" )
+ .addTag( "name" ).addText( "WebAppSec" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "csrf.enabled" )
+ .addTag( "value" ).addText( "true" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "AclsAuthz" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "webhdfs-acl" )
+ .addTag( "value" ).addText( "hdfs;*;*" ).gotoParent()
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "WEBHDFS" )
+ .addTag( "url" ).addText( "http://localhost:50070/webhdfs/v1" ).gotoParent()
+ .gotoRoot();
+// System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ private static XMLTag createKnoxTopology() {
+ XMLTag xml = XMLDoc.newDocument( true )
+ .addRoot( "topology" )
+ .addTag( "gateway" )
+ .addTag( "provider" )
+ .addTag( "role" ).addText( "authentication" )
+ .addTag( "name" ).addText( "ShiroProvider" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm" )
+ .addTag( "value" ).addText( "org.apache.knox.gateway.shirorealm.KnoxLdapRealm" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.userDnTemplate" )
+ .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
+ .addTag( "value" ).addText( driver.getLdapUrl() ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism" )
+ .addTag( "value" ).addText( "simple" ).gotoParent()
+ .addTag( "param" )
+ .addTag( "name" ).addText( "urls./**" )
+ .addTag( "value" ).addText( "authcBasic" ).gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag( "role" ).addText( "authorization" )
+ .addTag( "name" ).addText( "AclsAuthz" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag("param")
+ .addTag("name").addText("knox.acl")
+ .addTag("value").addText("admin;*;*").gotoParent().gotoParent()
+ .addTag("provider")
+ .addTag( "role" ).addText( "identity-assertion" )
+ .addTag( "enabled" ).addText( "true" )
+ .addTag( "name" ).addText( "Default" ).gotoParent()
+ .gotoRoot()
+ .addTag( "service" )
+ .addTag( "role" ).addText( "KNOX" )
+ .gotoRoot();
+ // System.out.println( "GATEWAY=" + xml.toString() );
+ return xml;
+ }
+
+ //@Test
+ public void waitForManualTesting() throws IOException {
+ System.in.read();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testTopologyCollection() throws ClassNotFoundException {
+ LOG_ENTER();
+
+ String username = "admin";
+ String password = "admin-password";
+ String serviceUrl = clusterUrl + "/api/v1/topologies";
+ String href1 = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .contentType(MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .body("topologies.topology[0].name", not(nullValue()))
+ .body("topologies.topology[1].name", not(nullValue()))
+ .body("topologies.topology[0].uri", not(nullValue()))
+ .body("topologies.topology[1].uri", not(nullValue()))
+ .body("topologies.topology[0].href", not(nullValue()))
+ .body("topologies.topology[1].href", not(nullValue()))
+ .body("topologies.topology[0].timestamp", not(nullValue()))
+ .body("topologies.topology[1].timestamp", not(nullValue()))
+ .when().get(serviceUrl).thenReturn().getBody().path("topologies.topology.href[1]");
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .expect()
+ //.log().all()
+ .body("topologies.topology.href[1]", equalTo(href1))
+ .statusCode(HttpStatus.SC_OK)
+ .when().get(serviceUrl);
+
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.APPLICATION_XML)
- .get(serviceUrl);
++ .when().get(serviceUrl);
+
+
+ given().auth().preemptive().basic(username, password)
++ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType("application/json")
+ .body("topology.name", equalTo("test-cluster"))
+ .when().get(href1);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testTopologyObject() throws ClassNotFoundException {
+ LOG_ENTER();
+
+ String username = "admin";
+ String password = "admin-password";
+ String serviceUrl = clusterUrl + "/api/v1/topologies";
+ String hrefJson = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .when().get(serviceUrl).thenReturn().getBody().path("topologies.topology[1].href");
+
+ String timestampJson = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType("application/json")
+ .when().get(serviceUrl).andReturn()
+ .getBody().path("topologies.topology[1].timestamp");
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .body("topology.name", equalTo("test-cluster"))
+ .body("topology.timestamp", equalTo(Long.parseLong(timestampJson)))
+ .when()
+ .get(hrefJson);
+
+
+ String hrefXml = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .when().get(serviceUrl).thenReturn().getBody().path("topologies.topology[1].href");
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .when()
+ .get(hrefXml);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testPositiveAuthorization() throws ClassNotFoundException{
+ LOG_ENTER();
+
+ String adminUser = "admin";
+ String adminPass = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(adminUser, adminPass)
++ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(ContentType.JSON)
+ .body("topologies.topology[0].name", not(nullValue()))
+ .body("topologies.topology[1].name", not(nullValue()))
+ .body("topologies.topology[0].uri", not(nullValue()))
+ .body("topologies.topology[1].uri", not(nullValue()))
+ .body("topologies.topology[0].href", not(nullValue()))
+ .body("topologies.topology[1].href", not(nullValue()))
+ .body("topologies.topology[0].timestamp", not(nullValue()))
+ .body("topologies.topology[1].timestamp", not(nullValue()))
- .get(url);
++ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testNegativeAuthorization() throws ClassNotFoundException{
+ LOG_ENTER();
+
+ String guestUser = "guest";
+ String guestPass = "guest-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+ given()
+ //.log().all()
+ .auth().basic(guestUser, guestPass)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_FORBIDDEN)
- .get(url);
++ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ private Topology createTestTopology(){
+ Topology topology = new Topology();
+ topology.setName("test-topology");
+
+ try {
+ topology.setUri(new URI(gatewayUrl + "/" + topology.getName()));
+ } catch (URISyntaxException ex) {
+ assertThat(topology.getUri(), not(nullValue()));
+ }
+
+ Provider identityProvider = new Provider();
+ identityProvider.setName("Default");
+ identityProvider.setRole("identity-assertion");
+ identityProvider.setEnabled(true);
+
+ Provider AuthenicationProvider = new Provider();
+ AuthenicationProvider.setName("ShiroProvider");
+ AuthenicationProvider.setRole("authentication");
+ AuthenicationProvider.setEnabled(true);
+
+ Param ldapMain = new Param();
+ ldapMain.setName("main.ldapRealm");
+ ldapMain.setValue("org.apache.knox.gateway.shirorealm.KnoxLdapRealm");
+
+ Param ldapGroupContextFactory = new Param();
+ ldapGroupContextFactory.setName("main.ldapGroupContextFactory");
+ ldapGroupContextFactory.setValue("org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory");
+
+ Param ldapRealmContext = new Param();
+ ldapRealmContext.setName("main.ldapRealm.contextFactory");
+ ldapRealmContext.setValue("$ldapGroupContextFactory");
+
+ Param ldapURL = new Param();
+ ldapURL.setName("main.ldapRealm.contextFactory.url");
+ ldapURL.setValue(driver.getLdapUrl());
+
+ Param ldapUserTemplate = new Param();
+ ldapUserTemplate.setName("main.ldapRealm.userDnTemplate");
+ ldapUserTemplate.setValue("uid={0},ou=people,dc=hadoop,dc=apache,dc=org");
+
+ Param authcBasic = new Param();
+ authcBasic.setName("urls./**");
+ authcBasic.setValue("authcBasic");
+
+ AuthenicationProvider.addParam(ldapGroupContextFactory);
+ AuthenicationProvider.addParam(ldapMain);
+ AuthenicationProvider.addParam(ldapRealmContext);
+ AuthenicationProvider.addParam(ldapURL);
+ AuthenicationProvider.addParam(ldapUserTemplate);
+ AuthenicationProvider.addParam(authcBasic);
+
+ Service testService = new Service();
+ testService.setRole("test-service-role");
+
+ topology.addProvider(AuthenicationProvider);
+ topology.addProvider(identityProvider);
+ topology.addService(testService);
+ topology.setTimestamp(System.nanoTime());
+
+ return topology;
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testDeployTopology() throws Exception {
+ LOG_ENTER();
+
+ Topology testTopology = createTestTopology();
+
+ String user = "guest";
+ String password = "guest-password";
+
+ String url = gatewayUrl + "/" + testTopology.getName() + "/test-service-path/test-service-resource";
+
+ GatewayServices srvs = GatewayServer.getGatewayServices();
+
+ TopologyService ts = srvs.getService(GatewayServices.TOPOLOGY_SERVICE);
+ try {
+ ts.stopMonitor();
+
+ assertThat( testTopology, not( nullValue() ) );
+ assertThat( testTopology.getName(), is( "test-topology" ) );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( "admin", "admin-password" ).header( "Accept", MediaType.APPLICATION_JSON ).expect()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK ).body( containsString( "ServerVersion" ) ).when().get( gatewayUrl + "/admin/api/v1/version" );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( user, password ).expect()
+ //.log().all()
+ .statusCode( HttpStatus.SC_NOT_FOUND ).when().get( url );
+
+ ts.deployTopology( testTopology );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( user, password ).expect()
+ //.log().all()
+ .statusCode( HttpStatus.SC_OK ).contentType( "text/plain" ).body( is( "test-service-response" ) ).when().get( url ).getBody();
+
+ ts.deleteTopology( testTopology );
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic( user, password ).expect()
+ //.log().all()
+ .statusCode( HttpStatus.SC_NOT_FOUND ).when().get( url );
+ } finally {
+ ts.startMonitor();
+ }
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testDeleteTopology() throws ClassNotFoundException {
+ LOG_ENTER();
+
+ Topology test = createTestTopology();
+
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies/" + test.getName();
+
+ GatewayServices gs = GatewayServer.getGatewayServices();
+
+ TopologyService ts = gs.getService(GatewayServices.TOPOLOGY_SERVICE);
+
+ ts.deployTopology(test);
+
+ given()
+ .auth().preemptive().basic(username, password)
++ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.APPLICATION_JSON)
- .get(url);
++ .when().get(url);
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_OK)
+ .contentType(MediaType.APPLICATION_JSON)
- .delete(url);
++ .when().delete(url);
+
+ given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .expect()
+ //.log().all()
+ .statusCode(HttpStatus.SC_NO_CONTENT)
- .get(url);
++ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testPutTopology() throws Exception {
+ LOG_ENTER() ;
+
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies/test-put";
+
+ String JsonPut =
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .get(clusterUrl + "/api/v1/topologies/test-cluster")
+ .getBody().asString();
+
+ String XML = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .contentType(MediaType.APPLICATION_JSON)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .body(JsonPut)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ //.log().all()
- .put(url).getBody().asString();
++ .when().put(url).getBody().asString();
+
+ InputSource source = new InputSource( new StringReader( XML ) );
+ Document doc = XmlUtils.readXml( source );
+
+ assertThat( doc, hasXPath( "/topology/gateway/provider[1]/name", containsString( "WebAppSec" ) ) );
+ assertThat( doc, hasXPath( "/topology/gateway/provider[1]/param/name", containsString( "csrf.enabled" ) ) );
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(equalTo(XML))
- .get(url)
++ .when().get(url)
+ .getBody().asString();
+
+ String XmlPut =
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .get(clusterUrl + "/api/v1/topologies/test-cluster")
+ .getBody().asString();
+
+ String JSON = given()
+ //.log().all()
+ .auth().preemptive().basic(username, password)
+ .contentType(MediaType.APPLICATION_XML)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .body(XmlPut)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ //.log().all()
- .put(url).getBody().asString();
++ .when().put(url).getBody().asString();
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_JSON)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(equalTo(JSON))
- .get(url)
++ .when().get(url)
+ .getBody().asString();
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testXForwardedHeaders() {
+ LOG_ENTER();
+
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+// X-Forward header values
+ String port = String.valueOf(777);
+ String server = "myserver";
+ String host = server + ":" + port;
+ String proto = "protocol";
+ String context = "/mycontext";
+ String newUrl = proto + "://" + host + context;
+// String port = String.valueOf(gateway.getAddresses()[0].getPort());
+
+// Case 1: Add in all x-forward headers (host, port, server, context, proto)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Port", port )
+ .header("X-Forwarded-Server", server )
+ .header("X-Forwarded-Context", context)
+ .header("X-Forwarded-Proto", proto)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(newUrl))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
- .get(url);
++ .when().get(url);
+
+
+// Case 2: add in x-forward headers (host, server, proto, context)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Server", server )
+ .header("X-Forwarded-Context", context )
+ .header("X-Forwarded-Proto", proto )
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(server))
+ .body(containsString(context))
+ .body(containsString(proto))
+ .body(containsString(host))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
- .get(url);
++ .when().get(url);
+
+// Case 3: add in x-forward headers (host, proto, port, context)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Port", port )
+ .header("X-Forwarded-Context", context )
+ .header("X-Forwarded-Proto", proto)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(host))
+ .body(containsString(port))
+ .body(containsString(context))
+ .body(containsString(proto))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
- .get(url);
++ .when().get(url);
+
+// Case 4: add in x-forward headers (host, proto, port, context) no port in host.
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", server)
+ .header("X-Forwarded-Port", port)
+ .header("X-Forwarded-Context", context)
+ .header("X-Forwarded-Proto", proto)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(server))
+ .body(containsString(port))
+ .body(containsString(context))
+ .body(containsString(proto))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
- .get(url);
++ .when().get(url);
+
+// Case 5: add in x-forward headers (host, port)
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .header("X-Forwarded-Host", host )
+ .header("X-Forwarded-Port", port )
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(host))
+ .body(containsString(port))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
- .get(url);
++ .when().get(url);
+
+// Case 6: Normal Request
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(url))
+ .body(containsString("test-cluster"))
+ .body(containsString("admin"))
- .get(url);
++ .when().get(url);
+
+ LOG_EXIT();
+ }
+
+ @Test( timeout = TestUtils.LONG_TIMEOUT )
+ public void testGatewayPathChange() throws Exception {
+ LOG_ENTER();
+ String username = "admin";
+ String password = "admin-password";
+ String url = clusterUrl + "/api/v1/topologies";
+
+// Case 1: Normal Request (No Change in gateway.path). Ensure HTTP OK resp + valid URL.
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(url + "/test-cluster"))
- .get(url);
++ .when().get(url);
+
+
+// Case 2: Change gateway.path to another String. Ensure HTTP OK resp + valid URL.
+ try {
+ gateway.stop();
+
+ GatewayTestConfig conf = new GatewayTestConfig();
+ conf.setGatewayPath("new-gateway-path");
+ setupGateway(conf);
+
+ String newUrl = clusterUrl + "/api/v1/topologies";
+
+ given()
+ .auth().preemptive().basic(username, password)
+ .header("Accept", MediaType.APPLICATION_XML)
+ .expect()
+ .statusCode(HttpStatus.SC_OK)
+ .body(containsString(newUrl + "/test-cluster"))
- .get(newUrl);
++ .when().get(newUrl);
+ } catch(Exception e){
+ fail(e.getMessage());
+ }
+ finally {
+// Restart the gateway with old settings.
+ gateway.stop();
+ setupGateway(new GatewayTestConfig());
+ }
+
+ LOG_EXIT();
+ }
+
+ private static final String CLASS = GatewayAdminTopologyFuncTest.class.getCanonicalName();
+
+}