You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jclouds.apache.org by na...@apache.org on 2015/04/15 21:41:35 UTC
[30/39] jclouds git commit: * Refactor OAuth so that it doesn't
require private keys when we aren't signing anything. * Rename constant
serviceAccountCredentials to p12PrivateKeyCredentials as this better
describes the credential value.
http://git-wip-us.apache.org/repos/asf/jclouds/blob/7a644f8b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsFromPKTest.java
----------------------------------------------------------------------
diff --git a/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsFromPKTest.java b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsFromPKTest.java
deleted file mode 100644
index 6355a40..0000000
--- a/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsFromPKTest.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.jclouds.oauth.v2.functions;
-
-import static com.google.common.base.Suppliers.ofInstance;
-import static org.jclouds.oauth.v2.config.CredentialType.SERVICE_ACCOUNT_CREDENTIALS;
-import static org.testng.Assert.assertEquals;
-import static org.testng.Assert.assertNotNull;
-
-import java.io.File;
-import java.io.IOException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
-import java.security.spec.InvalidKeySpecException;
-
-import com.google.common.base.Charsets;
-import com.google.common.io.Files;
-
-import org.jclouds.domain.Credentials;
-import org.jclouds.oauth.v2.domain.OAuthCredentials;
-import org.jclouds.oauth.v2.functions.OAuthCredentialsSupplier.OAuthCredentialsForCredentials;
-import org.testng.annotations.Test;
-
-/**
- * Test loading the credentials by extracting a pk from a PKCS12 keystore.
- */
-@Test(groups = "unit")
-public class OAuthCredentialsFromPKTest {
-
- public static OAuthCredentials loadOAuthCredentials() throws IOException, NoSuchAlgorithmException,
- CertificateException, InvalidKeySpecException {
- OAuthCredentialsSupplier loader = new OAuthCredentialsSupplier(ofInstance(new Credentials("foo",
- Files.asCharSource(new File("src/test/resources/testpk.pem"), Charsets.UTF_8).read())),
- new OAuthCredentialsForCredentials("RS256", SERVICE_ACCOUNT_CREDENTIALS), "RS256");
- return loader.get();
- }
-
-
- public void testLoadPKString() throws IOException, NoSuchAlgorithmException, KeyStoreException,
- CertificateException, UnrecoverableKeyException, InvalidKeySpecException {
- OAuthCredentials creds = loadOAuthCredentials();
- assertNotNull(creds);
- assertEquals(creds.identity, "foo");
- assertNotNull(creds.privateKey);
- }
-}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/7a644f8b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsSupplierTest.java
----------------------------------------------------------------------
diff --git a/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsSupplierTest.java b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsSupplierTest.java
deleted file mode 100644
index cadb85e..0000000
--- a/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/OAuthCredentialsSupplierTest.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.jclouds.oauth.v2.functions;
-
-import com.google.common.base.Suppliers;
-import org.jclouds.domain.Credentials;
-import org.jclouds.oauth.v2.OAuthTestUtils;
-import org.jclouds.rest.AuthorizationException;
-import org.testng.annotations.Test;
-
-import java.util.Properties;
-
-import static org.jclouds.oauth.v2.config.CredentialType.SERVICE_ACCOUNT_CREDENTIALS;
-import static org.jclouds.oauth.v2.functions.OAuthCredentialsSupplier.OAuthCredentialsForCredentials;
-import static org.testng.Assert.assertNotNull;
-
-@Test(groups = "unit")
-public class OAuthCredentialsSupplierTest {
-
- @Test(expectedExceptions = AuthorizationException.class)
- public void testAuthorizationExceptionIsThrownOnBadKeys() {
- OAuthCredentialsSupplier supplier = new OAuthCredentialsSupplier(Suppliers.ofInstance(new Credentials("MOMMA",
- "FileNotFoundCredential")), new OAuthCredentialsForCredentials("RS256", SERVICE_ACCOUNT_CREDENTIALS), "RS256");
- supplier.get();
- }
-
- @Test(expectedExceptions = IllegalArgumentException.class)
- public void testGSEChildExceptionsPropagateAsAuthorizationException() {
- OAuthCredentialsSupplier supplier = new OAuthCredentialsSupplier(Suppliers.ofInstance(new Credentials("MOMMA",
- "MIA")), new OAuthCredentialsForCredentials("MOMMA", SERVICE_ACCOUNT_CREDENTIALS), "MOMMA");
- supplier.get();
- }
-
- public void testCredentialsAreLoadedOnRightAlgoAndCredentials() {
- Properties propertied = OAuthTestUtils.defaultProperties(new Properties());
- Credentials validCredentials = new Credentials(propertied.getProperty("oauth.identity"),
- propertied.getProperty("oauth.credential"));
- OAuthCredentialsSupplier supplier = new OAuthCredentialsSupplier(Suppliers.ofInstance(validCredentials),
- new OAuthCredentialsForCredentials("RS256", SERVICE_ACCOUNT_CREDENTIALS), "RS256");
- assertNotNull(supplier.get());
- }
-}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/7a644f8b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/PrivateKeySupplierTest.java
----------------------------------------------------------------------
diff --git a/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/PrivateKeySupplierTest.java b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/PrivateKeySupplierTest.java
new file mode 100644
index 0000000..48d9209
--- /dev/null
+++ b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/PrivateKeySupplierTest.java
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jclouds.oauth.v2.functions;
+
+import static com.google.common.base.Suppliers.ofInstance;
+import static org.jclouds.oauth.v2.functions.PrivateKeySupplier.PrivateKeyForCredentials;
+import static org.testng.Assert.assertNotNull;
+
+import java.io.File;
+import java.io.IOException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.security.spec.InvalidKeySpecException;
+import java.util.Properties;
+
+import org.jclouds.domain.Credentials;
+import org.jclouds.oauth.v2.OAuthTestUtils;
+import org.jclouds.rest.AuthorizationException;
+import org.testng.annotations.Test;
+
+import com.google.common.base.Charsets;
+import com.google.common.base.Suppliers;
+import com.google.common.io.Files;
+
+@Test(groups = "unit")
+public class PrivateKeySupplierTest {
+
+ /** Test loading the credentials by extracting a pk from a PKCS12 keystore. */
+ public void testLoadPKString() throws IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException,
+ UnrecoverableKeyException, InvalidKeySpecException {
+ assertNotNull(loadPrivateKey());
+ }
+
+ @Test(expectedExceptions = AuthorizationException.class)
+ public void testAuthorizationExceptionIsThrownOnBadKeys() {
+ PrivateKeySupplier supplier = new PrivateKeySupplier(
+ Suppliers.ofInstance(new Credentials("MOMMA", "FileNotFoundCredential")),
+ new PrivateKeyForCredentials("RS256"));
+ supplier.get();
+ }
+
+ @Test(expectedExceptions = AuthorizationException.class)
+ public void testGSEChildExceptionsPropagateAsAuthorizationException() {
+ PrivateKeySupplier supplier = new PrivateKeySupplier(Suppliers.ofInstance(new Credentials("MOMMA", "MIA")),
+ new PrivateKeyForCredentials("MOMMA"));
+ supplier.get();
+ }
+
+ public void testCredentialsAreLoadedOnRightAlgoAndCredentials() {
+ Properties propertied = OAuthTestUtils.defaultProperties(new Properties());
+ Credentials validCredentials = new Credentials(propertied.getProperty("oauth.identity"),
+ propertied.getProperty("oauth.credential"));
+ PrivateKeySupplier supplier = new PrivateKeySupplier(Suppliers.ofInstance(validCredentials),
+ new PrivateKeyForCredentials("RS256"));
+ assertNotNull(supplier.get());
+ }
+
+ public static PrivateKey loadPrivateKey()
+ throws IOException, NoSuchAlgorithmException, CertificateException, InvalidKeySpecException {
+ PrivateKeySupplier supplier = new PrivateKeySupplier(ofInstance(new Credentials("foo",
+ Files.asCharSource(new File("src/test/resources/testpk.pem"), Charsets.UTF_8).read())),
+ new PrivateKeyForCredentials("RS256"));
+ return supplier.get();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/7a644f8b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/SignerFunctionTest.java
----------------------------------------------------------------------
diff --git a/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/SignerFunctionTest.java b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/SignerFunctionTest.java
index 2a64822..a1c8a85 100644
--- a/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/SignerFunctionTest.java
+++ b/apis/oauth/src/test/java/org/jclouds/oauth/v2/functions/SignerFunctionTest.java
@@ -29,9 +29,6 @@ import java.security.spec.InvalidKeySpecException;
import org.testng.annotations.Test;
-/**
- * Tests the SignOrProduceMacForToken
- */
@Test(groups = "unit")
public class SignerFunctionTest {
@@ -50,10 +47,8 @@ public class SignerFunctionTest {
public void testSignPayload() throws InvalidKeyException, IOException, NoSuchAlgorithmException,
CertificateException, InvalidKeySpecException {
SignOrProduceMacForToken signer = new SignOrProduceMacForToken("RS256",
- ofInstance(OAuthCredentialsFromPKTest
- .loadOAuthCredentials()));
- signer.loadSignatureOrMacOrNone();
- byte[] payloadSignature = signer.apply(PAYLOAD.getBytes(UTF_8));
+ ofInstance(PrivateKeySupplierTest.loadPrivateKey()));
+ byte[] payloadSignature = signer.get().apply(PAYLOAD.getBytes(UTF_8));
assertNotNull(payloadSignature);
assertEquals(base64Url().omitPadding().encode(payloadSignature), SHA256withRSA_PAYLOAD_SIGNATURE_RESULT);
http://git-wip-us.apache.org/repos/asf/jclouds/blob/7a644f8b/apis/oauth/src/test/java/org/jclouds/oauth/v2/handlers/OAuthErrorHandlerTest.java
----------------------------------------------------------------------
diff --git a/apis/oauth/src/test/java/org/jclouds/oauth/v2/handlers/OAuthErrorHandlerTest.java b/apis/oauth/src/test/java/org/jclouds/oauth/v2/handlers/OAuthErrorHandlerTest.java
index 255c5c7..c3a61fe 100644
--- a/apis/oauth/src/test/java/org/jclouds/oauth/v2/handlers/OAuthErrorHandlerTest.java
+++ b/apis/oauth/src/test/java/org/jclouds/oauth/v2/handlers/OAuthErrorHandlerTest.java
@@ -16,20 +16,20 @@
*/
package org.jclouds.oauth.v2.handlers;
-import org.easymock.IArgumentMatcher;
-import org.jclouds.http.HttpCommand;
-import org.jclouds.http.HttpRequest;
-import org.jclouds.http.HttpResponse;
-import org.testng.annotations.Test;
-
-import java.net.URI;
-
import static org.easymock.EasyMock.createMock;
import static org.easymock.EasyMock.expect;
import static org.easymock.EasyMock.replay;
import static org.easymock.EasyMock.reportMatcher;
import static org.easymock.EasyMock.verify;
+import java.net.URI;
+
+import org.easymock.IArgumentMatcher;
+import org.jclouds.http.HttpCommand;
+import org.jclouds.http.HttpRequest;
+import org.jclouds.http.HttpResponse;
+import org.testng.annotations.Test;
+
@Test(groups = "unit")
public class OAuthErrorHandlerTest {
http://git-wip-us.apache.org/repos/asf/jclouds/blob/7a644f8b/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthApiLiveTest.java
----------------------------------------------------------------------
diff --git a/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthApiLiveTest.java b/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthApiLiveTest.java
index ba1c616..0a50dfe 100644
--- a/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthApiLiveTest.java
+++ b/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthApiLiveTest.java
@@ -19,8 +19,7 @@ package org.jclouds.oauth.v2.internal;
import static com.google.common.base.Preconditions.checkNotNull;
import static org.jclouds.oauth.v2.OAuthTestUtils.setCredential;
import static org.jclouds.oauth.v2.config.OAuthProperties.AUDIENCE;
-import static org.jclouds.oauth.v2.config.OAuthProperties.SCOPES;
-import static org.jclouds.oauth.v2.config.OAuthProperties.SIGNATURE_OR_MAC_ALGORITHM;
+import static org.jclouds.oauth.v2.config.OAuthProperties.JWS_ALG;
import java.util.Properties;
import java.util.concurrent.TimeUnit;
@@ -43,8 +42,8 @@ public class BaseOAuthApiLiveTest extends BaseApiLiveTest<OAuthApi> {
setCredential(props, "oauth.credential");
checkNotNull(setIfTestSystemPropertyPresent(props, "oauth.endpoint"), "test.oauth.endpoint must be set");
checkNotNull(setIfTestSystemPropertyPresent(props, AUDIENCE), "test.jclouds.oauth.audience must be set");
- setIfTestSystemPropertyPresent(props, SCOPES);
- setIfTestSystemPropertyPresent(props, SIGNATURE_OR_MAC_ALGORITHM);
+ setIfTestSystemPropertyPresent(props, "jclouds.oauth.scopes");
+ setIfTestSystemPropertyPresent(props, JWS_ALG);
return props;
}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/7a644f8b/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthAuthenticatedApiLiveTest.java
----------------------------------------------------------------------
diff --git a/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthAuthenticatedApiLiveTest.java b/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthAuthenticatedApiLiveTest.java
index c88f65f..558d313 100644
--- a/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthAuthenticatedApiLiveTest.java
+++ b/apis/oauth/src/test/java/org/jclouds/oauth/v2/internal/BaseOAuthAuthenticatedApiLiveTest.java
@@ -21,7 +21,7 @@ import static com.google.common.base.Preconditions.checkState;
import static java.util.concurrent.TimeUnit.MILLISECONDS;
import static java.util.concurrent.TimeUnit.SECONDS;
import static org.jclouds.oauth.v2.config.OAuthProperties.AUDIENCE;
-import static org.jclouds.oauth.v2.config.OAuthProperties.SIGNATURE_OR_MAC_ALGORITHM;
+import static org.jclouds.oauth.v2.config.OAuthProperties.JWS_ALG;
import static org.jclouds.oauth.v2.domain.Claims.EXPIRATION_TIME;
import static org.jclouds.oauth.v2.domain.Claims.ISSUED_AT;
import static org.testng.Assert.assertNotNull;
@@ -32,8 +32,8 @@ import java.util.Properties;
import org.jclouds.apis.BaseApiLiveTest;
import org.jclouds.config.ValueOfConfigurationKeyOrNull;
+import org.jclouds.oauth.v2.JWSAlgorithms;
import org.jclouds.oauth.v2.OAuthApi;
-import org.jclouds.oauth.v2.OAuthConstants;
import org.jclouds.oauth.v2.domain.Header;
import org.jclouds.oauth.v2.domain.Token;
import org.jclouds.oauth.v2.domain.TokenRequest;
@@ -51,7 +51,7 @@ import com.google.inject.Module;
* <p/>
* - oauth.endpoint
* - oauth.audience
- * - oauth.signature-or-mac-algorithm
+ * - oauth.jws-alg
* <p/>
* - oauth.scopes is provided by the subclass
* <p/>
@@ -68,18 +68,16 @@ public abstract class BaseOAuthAuthenticatedApiLiveTest<A extends Closeable> ext
public void testAuthenticate() {
// obtain the necessary properties from the context
- String signatureAlgorithm = checkNotNull(propFunction.apply(SIGNATURE_OR_MAC_ALGORITHM),
- SIGNATURE_OR_MAC_ALGORITHM);
+ String jwsAlg = checkNotNull(propFunction.apply(JWS_ALG), JWS_ALG);
- checkState(OAuthConstants.OAUTH_ALGORITHM_NAMES_TO_SIGNATURE_ALGORITHM_NAMES.containsKey(signatureAlgorithm)
- , String.format("Algorithm not supported: " + signatureAlgorithm));
+ checkState(JWSAlgorithms.supportedAlgs().contains(jwsAlg), "Algorithm not supported: %s", jwsAlg);
String audience = checkNotNull(propFunction.apply(AUDIENCE), AUDIENCE);
// obtain the scopes from the subclass
String scopes = getScopes();
- Header header = Header.create(signatureAlgorithm, "JWT");
+ Header header = Header.create(jwsAlg, "JWT");
long now = SECONDS.convert(System.currentTimeMillis(), MILLISECONDS);