Move client spi to nacos-auth-plugin module
This commit is contained in:
KomachiSion
parent
89cc6caade
commit
135ab364fe
@ -66,6 +66,12 @@
|
||||
<artifactId>nacos-common</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>${project.groupId}</groupId>
|
||||
<artifactId>nacos-auth-plugin</artifactId>
|
||||
<version>${version}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>${project.groupId}</groupId>
|
||||
|
||||
@ -18,10 +18,10 @@ package com.alibaba.nacos.client.auth.impl;
|
||||
|
||||
import com.alibaba.nacos.api.PropertyKeyConst;
|
||||
import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.impl.process.HttpLoginProcessor;
|
||||
import com.alibaba.nacos.client.auth.spi.AbstractClientAuthService;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.spi.client.AbstractClientAuthService;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.common.utils.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
@ -19,7 +19,7 @@ package com.alibaba.nacos.client.auth.impl.process;
|
||||
import com.alibaba.nacos.api.PropertyKeyConst;
|
||||
import com.alibaba.nacos.api.common.Constants;
|
||||
import com.alibaba.nacos.client.auth.impl.NacosAuthLoginConstant;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.utils.ContextPathUtil;
|
||||
import com.alibaba.nacos.common.http.HttpRestResult;
|
||||
import com.alibaba.nacos.common.http.client.NacosRestTemplate;
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
|
||||
package com.alibaba.nacos.client.auth.impl.process;
|
||||
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
|
||||
@ -18,15 +18,16 @@ package com.alibaba.nacos.client.auth.ram;
|
||||
|
||||
import com.alibaba.nacos.api.PropertyKeyConst;
|
||||
import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.ram.identify.StsConfig;
|
||||
import com.alibaba.nacos.client.auth.ram.injector.AbstractResourceInjector;
|
||||
import com.alibaba.nacos.client.auth.ram.injector.ConfigResourceInjector;
|
||||
import com.alibaba.nacos.client.auth.ram.injector.NamingResourceInjector;
|
||||
import com.alibaba.nacos.client.auth.spi.AbstractClientAuthService;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.client.auth.ram.utils.SpasAdapter;
|
||||
import com.alibaba.nacos.client.auth.ram.identify.StsConfig;
|
||||
import com.alibaba.nacos.common.utils.StringUtils;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.constant.SignType;
|
||||
import com.alibaba.nacos.plugin.auth.spi.client.AbstractClientAuthService;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
@ -50,8 +51,8 @@ public class RamClientAuthServiceImpl extends AbstractClientAuthService {
|
||||
public RamClientAuthServiceImpl() {
|
||||
ramContext = new RamContext();
|
||||
resourceInjectors = new HashMap<>();
|
||||
resourceInjectors.put(RequestResource.NAMING, new NamingResourceInjector());
|
||||
resourceInjectors.put(RequestResource.CONFIG, new ConfigResourceInjector());
|
||||
resourceInjectors.put(SignType.NAMING, new NamingResourceInjector());
|
||||
resourceInjectors.put(SignType.CONFIG, new ConfigResourceInjector());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -16,9 +16,9 @@
|
||||
|
||||
package com.alibaba.nacos.client.auth.ram.injector;
|
||||
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.ram.RamContext;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
|
||||
/**
|
||||
* Abstract aliyun RAM resource injector.
|
||||
|
||||
@ -18,9 +18,9 @@ package com.alibaba.nacos.client.auth.ram.injector;
|
||||
|
||||
import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.api.exception.runtime.NacosRuntimeException;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.ram.RamContext;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.config.impl.ConfigHttpClientManager;
|
||||
import com.alibaba.nacos.client.auth.ram.utils.SpasAdapter;
|
||||
import com.alibaba.nacos.client.auth.ram.identify.StsConfig;
|
||||
|
||||
@ -18,9 +18,9 @@ package com.alibaba.nacos.client.auth.ram.injector;
|
||||
|
||||
import com.alibaba.nacos.api.common.Constants;
|
||||
import com.alibaba.nacos.api.naming.utils.NamingUtils;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.ram.RamContext;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.auth.ram.utils.SignUtil;
|
||||
import com.alibaba.nacos.common.utils.StringUtils;
|
||||
|
||||
|
||||
@ -37,7 +37,7 @@ import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.api.remote.RemoteConstants;
|
||||
import com.alibaba.nacos.api.remote.request.Request;
|
||||
import com.alibaba.nacos.api.remote.response.Response;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.config.common.GroupKey;
|
||||
import com.alibaba.nacos.client.config.filter.impl.ConfigFilterChainManager;
|
||||
import com.alibaba.nacos.client.config.filter.impl.ConfigResponse;
|
||||
|
||||
@ -19,7 +19,7 @@ package com.alibaba.nacos.client.config.impl;
|
||||
import com.alibaba.nacos.api.PropertyKeyConst;
|
||||
import com.alibaba.nacos.api.common.Constants;
|
||||
import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.config.filter.impl.ConfigResponse;
|
||||
import com.alibaba.nacos.client.security.SecurityProxy;
|
||||
import com.alibaba.nacos.client.utils.ParamUtil;
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
|
||||
package com.alibaba.nacos.client.naming.remote;
|
||||
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.naming.event.ServerListChangedEvent;
|
||||
import com.alibaba.nacos.client.security.SecurityProxy;
|
||||
import com.alibaba.nacos.client.utils.AppNameUtils;
|
||||
|
||||
@ -17,10 +17,10 @@
|
||||
package com.alibaba.nacos.client.security;
|
||||
|
||||
import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.client.auth.ClientAuthPluginManager;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.spi.ClientAuthService;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.spi.client.ClientAuthPluginManager;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.spi.client.ClientAuthService;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.common.http.client.NacosRestTemplate;
|
||||
import com.alibaba.nacos.common.lifecycle.Closeable;
|
||||
|
||||
|
||||
@ -17,9 +17,9 @@
|
||||
package com.alibaba.nacos.client.auth.ram;
|
||||
|
||||
import com.alibaba.nacos.api.PropertyKeyConst;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.ram.injector.AbstractResourceInjector;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.common.utils.ReflectUtils;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
@ -17,10 +17,11 @@
|
||||
package com.alibaba.nacos.client.auth.ram.injector;
|
||||
|
||||
import com.alibaba.nacos.api.PropertyKeyConst;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.ram.RamContext;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.auth.ram.identify.StsConfig;
|
||||
import com.alibaba.nacos.plugin.auth.constant.SignType;
|
||||
import org.junit.After;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
@ -45,7 +46,7 @@ public class ConfigResourceInjectorTest {
|
||||
ramContext.setAccessKey(PropertyKeyConst.ACCESS_KEY);
|
||||
ramContext.setSecretKey(PropertyKeyConst.SECRET_KEY);
|
||||
resource = new RequestResource();
|
||||
resource.setType(RequestResource.CONFIG);
|
||||
resource.setType(SignType.CONFIG);
|
||||
resource.setNamespace("tenant");
|
||||
resource.setGroup("group");
|
||||
cachedSecurityCredentialsUrl = StsConfig.getInstance().getSecurityCredentialsUrl();
|
||||
|
||||
@ -17,9 +17,9 @@
|
||||
package com.alibaba.nacos.client.auth.ram.injector;
|
||||
|
||||
import com.alibaba.nacos.api.PropertyKeyConst;
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.client.auth.ram.RamContext;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.auth.ram.utils.SignUtil;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
|
||||
@ -26,7 +26,7 @@ import com.alibaba.nacos.api.naming.pojo.Service;
|
||||
import com.alibaba.nacos.api.naming.pojo.ServiceInfo;
|
||||
import com.alibaba.nacos.api.selector.AbstractSelector;
|
||||
import com.alibaba.nacos.client.auth.ram.utils.SignUtil;
|
||||
import com.alibaba.nacos.client.auth.spi.RequestResource;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
import com.alibaba.nacos.client.naming.event.ServerListChangedEvent;
|
||||
import com.alibaba.nacos.client.security.SecurityProxy;
|
||||
import com.alibaba.nacos.client.utils.AppNameUtils;
|
||||
|
||||
@ -146,9 +146,6 @@ nacos.core.auth.system.type=nacos
|
||||
### If turn on auth system:
|
||||
nacos.core.auth.enabled=false
|
||||
|
||||
### authority key in request:
|
||||
nacos.core.auth.authorityKey=authority,username,password
|
||||
|
||||
### worked when nacos.core.auth.system.type=ldap,{0} is Placeholder,replace login username
|
||||
# nacos.core.auth.ldap.url=ldap://localhost:389
|
||||
# nacos.core.auth.ldap.userdn=cn={0},ou=user,dc=company,dc=com
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
@ -14,7 +14,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.client.auth;
|
||||
package com.alibaba.nacos.plugin.auth.api;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
@ -14,7 +14,9 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.client.auth.spi;
|
||||
package com.alibaba.nacos.plugin.auth.api;
|
||||
|
||||
import com.alibaba.nacos.plugin.auth.constant.SignType;
|
||||
|
||||
/**
|
||||
* Request resources.
|
||||
@ -23,10 +25,6 @@ package com.alibaba.nacos.client.auth.spi;
|
||||
*/
|
||||
public class RequestResource {
|
||||
|
||||
public static final String NAMING = "naming";
|
||||
|
||||
public static final String CONFIG = "config";
|
||||
|
||||
/**
|
||||
* Request type: naming or config.
|
||||
*/
|
||||
@ -81,7 +79,7 @@ public class RequestResource {
|
||||
*/
|
||||
public static Builder namingBuilder() {
|
||||
Builder result = new Builder();
|
||||
result.setType(NAMING);
|
||||
result.setType(SignType.NAMING);
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -92,7 +90,7 @@ public class RequestResource {
|
||||
*/
|
||||
public static Builder configBuilder() {
|
||||
Builder result = new Builder();
|
||||
result.setType(CONFIG);
|
||||
result.setType(SignType.CONFIG);
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.client.auth.spi;
|
||||
package com.alibaba.nacos.plugin.auth.spi.client;
|
||||
|
||||
import com.alibaba.nacos.common.http.client.NacosRestTemplate;
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
@ -14,11 +14,9 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.client.auth;
|
||||
package com.alibaba.nacos.plugin.auth.spi.client;
|
||||
|
||||
import com.alibaba.nacos.api.exception.NacosException;
|
||||
import com.alibaba.nacos.client.auth.spi.AbstractClientAuthService;
|
||||
import com.alibaba.nacos.client.auth.spi.ClientAuthService;
|
||||
import com.alibaba.nacos.common.http.client.NacosRestTemplate;
|
||||
import com.alibaba.nacos.common.lifecycle.Closeable;
|
||||
import com.alibaba.nacos.common.spi.NacosServiceLoader;
|
||||
@ -14,11 +14,12 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.client.auth.spi;
|
||||
package com.alibaba.nacos.plugin.auth.spi.client;
|
||||
|
||||
import com.alibaba.nacos.client.auth.LoginIdentityContext;
|
||||
import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
|
||||
import com.alibaba.nacos.common.http.client.NacosRestTemplate;
|
||||
import com.alibaba.nacos.common.lifecycle.Closeable;
|
||||
import com.alibaba.nacos.plugin.auth.api.RequestResource;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Properties;
|
||||
@ -5,7 +5,7 @@
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
@ -14,9 +14,8 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.client.auth;
|
||||
package com.alibaba.nacos.plugin.auth.spi.client;
|
||||
|
||||
import com.alibaba.nacos.client.auth.spi.ClientAuthService;
|
||||
import com.alibaba.nacos.common.http.client.NacosRestTemplate;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
@ -29,7 +28,7 @@ import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* {@link com.alibaba.nacos.client.auth.ClientAuthPluginManager} unit test.
|
||||
* {@link ClientAuthPluginManager} unit test.
|
||||
*
|
||||
* @author wuyfee
|
||||
* @date 2021-08-12 12:56
|
||||
@ -39,7 +38,7 @@ import java.util.Set;
|
||||
public class ClientAuthPluginManagerTest {
|
||||
|
||||
private ClientAuthPluginManager clientAuthPluginManager;
|
||||
|
||||
|
||||
@Mock
|
||||
private List<String> serverlist;
|
||||
|
||||
@ -13,17 +13,17 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.alibaba.nacos.test.core.auth;
|
||||
|
||||
import com.alibaba.nacos.Nacos;
|
||||
import com.alibaba.nacos.plugin.auth.api.Permission;
|
||||
import com.alibaba.nacos.common.utils.JacksonUtils;
|
||||
import com.alibaba.nacos.config.server.model.Page;
|
||||
import com.alibaba.nacos.plugin.auth.api.Permission;
|
||||
import com.alibaba.nacos.test.base.HttpClient4Test;
|
||||
import com.alibaba.nacos.test.base.Params;
|
||||
import com.fasterxml.jackson.core.type.TypeReference;
|
||||
import com.fasterxml.jackson.databind.JsonNode;
|
||||
|
||||
import org.junit.After;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
@ -43,167 +43,119 @@ import java.util.concurrent.TimeUnit;
|
||||
* @since 1.2.0
|
||||
*/
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest(classes = Nacos.class, properties = {"server.servlet.context-path=/nacos"},
|
||||
webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
|
||||
@SpringBootTest(classes = Nacos.class, properties = {
|
||||
"server.servlet.context-path=/nacos"}, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
|
||||
public class Permission_ITCase extends HttpClient4Test {
|
||||
|
||||
|
||||
@LocalServerPort
|
||||
private int port;
|
||||
|
||||
|
||||
private String accessToken;
|
||||
|
||||
|
||||
@Before
|
||||
public void init() throws Exception {
|
||||
TimeUnit.SECONDS.sleep(5L);
|
||||
String url = String.format("http://localhost:%d/", port);
|
||||
this.base = new URL(url);
|
||||
}
|
||||
|
||||
|
||||
@After
|
||||
public void destroy() {
|
||||
|
||||
|
||||
// Delete permission:
|
||||
ResponseEntity<String> response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("resource", "public:*:*")
|
||||
.appendParam("action", "rw")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("resource", "public:*:*")
|
||||
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Delete permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("resource", "test1:*:*")
|
||||
.appendParam("action", "r")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("resource", "test1:*:*")
|
||||
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Delete role:
|
||||
response = request("/nacos/v1/auth/roles",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("username", "username3")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("username", "username3")
|
||||
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Delete a user:
|
||||
response = request("/nacos/v1/auth/users",
|
||||
Params.newParams()
|
||||
.appendParam("username", "username3")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Params.newParams().appendParam("username", "username3").appendParam("accessToken", accessToken).done(),
|
||||
String.class, HttpMethod.DELETE);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void login() {
|
||||
|
||||
|
||||
ResponseEntity<String> response = request("/nacos/v1/auth/users/login",
|
||||
Params.newParams()
|
||||
.appendParam("username", "nacos")
|
||||
.appendParam("password", "nacos")
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.POST);
|
||||
|
||||
Params.newParams().appendParam("username", "nacos").appendParam("password", "nacos").done(),
|
||||
String.class, HttpMethod.POST);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
JsonNode json = JacksonUtils.toObj(response.getBody());
|
||||
Assert.assertTrue(json.has("accessToken"));
|
||||
accessToken = json.get("accessToken").textValue();
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void createDeleteQueryPermission() {
|
||||
|
||||
|
||||
login();
|
||||
|
||||
|
||||
// Create a user:
|
||||
ResponseEntity<String> response = request("/nacos/v1/auth/users",
|
||||
Params.newParams()
|
||||
.appendParam("username", "username3")
|
||||
.appendParam("password", "password1")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.POST);
|
||||
|
||||
Params.newParams().appendParam("username", "username3").appendParam("password", "password1")
|
||||
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Create role:
|
||||
response = request("/nacos/v1/auth/roles",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("username", "username3")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.POST);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("username", "username3")
|
||||
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Create permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("resource", "public:*:*")
|
||||
.appendParam("action", "rw")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.POST);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("resource", "public:*:*")
|
||||
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
|
||||
HttpMethod.POST);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Create another permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("resource", "test1:*:*")
|
||||
.appendParam("action", "r")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.POST);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("resource", "test1:*:*")
|
||||
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
|
||||
HttpMethod.POST);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Query permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("pageNo", "1")
|
||||
.appendParam("pageSize", "10")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.GET);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("pageNo", "1").appendParam("pageSize", "10")
|
||||
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.GET);
|
||||
|
||||
System.out.println(response);
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
Page<Permission> permissionPage = JacksonUtils.toObj(response.getBody(), new TypeReference<Page<Permission>>() {});
|
||||
|
||||
|
||||
Page<Permission> permissionPage = JacksonUtils.toObj(response.getBody(), new TypeReference<Page<Permission>>() {
|
||||
});
|
||||
|
||||
Assert.assertNotNull(permissionPage);
|
||||
Assert.assertNotNull(permissionPage.getPageItems());
|
||||
|
||||
boolean found1=false,found2=false;
|
||||
|
||||
boolean found1 = false, found2 = false;
|
||||
for (Permission permission : permissionPage.getPageItems()) {
|
||||
if (permission.getResource().equals("public:*:*") && permission.getAction().equals("rw")) {
|
||||
found1 = true;
|
||||
@ -217,41 +169,31 @@ public class Permission_ITCase extends HttpClient4Test {
|
||||
}
|
||||
Assert.assertTrue(found1);
|
||||
Assert.assertTrue(found2);
|
||||
|
||||
|
||||
// Delete permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("resource", "public:*:*")
|
||||
.appendParam("action", "rw")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("resource", "public:*:*")
|
||||
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Query permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("pageNo", "1")
|
||||
.appendParam("pageSize", "10")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.GET);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("pageNo", "1").appendParam("pageSize", "10")
|
||||
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.GET);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
permissionPage = JacksonUtils.toObj(response.getBody(), new TypeReference<Page<Permission>>() {});
|
||||
|
||||
|
||||
permissionPage = JacksonUtils.toObj(response.getBody(), new TypeReference<Page<Permission>>() {
|
||||
});
|
||||
|
||||
Assert.assertNotNull(permissionPage);
|
||||
Assert.assertNotNull(permissionPage.getPageItems());
|
||||
|
||||
found1=false;
|
||||
found2=false;
|
||||
|
||||
|
||||
found1 = false;
|
||||
found2 = false;
|
||||
|
||||
for (Permission permission : permissionPage.getPageItems()) {
|
||||
if (permission.getResource().equals("public:*:*") && permission.getAction().equals("rw")) {
|
||||
found1 = true;
|
||||
@ -262,41 +204,31 @@ public class Permission_ITCase extends HttpClient4Test {
|
||||
}
|
||||
Assert.assertFalse(found1);
|
||||
Assert.assertTrue(found2);
|
||||
|
||||
|
||||
// Delete permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("resource", "test1:*:*")
|
||||
.appendParam("action", "r")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("resource", "test1:*:*")
|
||||
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
|
||||
HttpMethod.DELETE);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
|
||||
// Query permission:
|
||||
response = request("/nacos/v1/auth/permissions",
|
||||
Params.newParams()
|
||||
.appendParam("role", "role1")
|
||||
.appendParam("pageNo", "1")
|
||||
.appendParam("pageSize", "10")
|
||||
.appendParam("accessToken", accessToken)
|
||||
.done(),
|
||||
String.class,
|
||||
HttpMethod.GET);
|
||||
|
||||
Params.newParams().appendParam("role", "role1").appendParam("pageNo", "1").appendParam("pageSize", "10")
|
||||
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.GET);
|
||||
|
||||
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
|
||||
|
||||
permissionPage = JacksonUtils.toObj(response.getBody(), new TypeReference<Page<Permission>>() {});
|
||||
|
||||
|
||||
permissionPage = JacksonUtils.toObj(response.getBody(), new TypeReference<Page<Permission>>() {
|
||||
});
|
||||
|
||||
Assert.assertNotNull(permissionPage);
|
||||
Assert.assertNotNull(permissionPage.getPageItems());
|
||||
|
||||
found1=false;
|
||||
found2=false;
|
||||
|
||||
|
||||
found1 = false;
|
||||
found2 = false;
|
||||
|
||||
for (Permission permission : permissionPage.getPageItems()) {
|
||||
if (permission.getResource().equals("public:*:*") && permission.getAction().equals("rw")) {
|
||||
found1 = true;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user