Do some refactor for IdentityContextBuilder
This commit is contained in:
parent
956df153d6
commit
7b7db3496b
@ -38,40 +38,40 @@ public class AuthPluginManager {
|
|||||||
private static final AuthPluginManager INSTANCE = new AuthPluginManager();
|
private static final AuthPluginManager INSTANCE = new AuthPluginManager();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The relationship of context type and {@link AuthService}.
|
* The relationship of context type and {@link AuthPluginService}.
|
||||||
*/
|
*/
|
||||||
private Map<String, AuthService> authServiceMap = new HashMap<>();
|
private final Map<String, AuthPluginService> authServiceMap = new HashMap<>();
|
||||||
|
|
||||||
public AuthPluginManager() {
|
public AuthPluginManager() {
|
||||||
initAuthServices();
|
initAuthServices();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void initAuthServices() {
|
||||||
|
Collection<AuthPluginService> authPluginServices = NacosServiceLoader.load(AuthPluginService.class);
|
||||||
|
for (AuthPluginService each : authPluginServices) {
|
||||||
|
if (StringUtils.isEmpty(each.getAuthServiceName())) {
|
||||||
|
LOGGER.warn(
|
||||||
|
"[AuthPluginManager] Load AuthPluginService({}) AuthServiceName(null/empty) fail. Please Add AuthServiceName to resolve.",
|
||||||
|
each.getClass());
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
authServiceMap.put(each.getAuthServiceName(), each);
|
||||||
|
LOGGER.info("[AuthPluginManager] Load AuthPluginService({}) AuthServiceName({}) successfully.",
|
||||||
|
each.getClass(), each.getAuthServiceName());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public static AuthPluginManager getInstance() {
|
public static AuthPluginManager getInstance() {
|
||||||
return INSTANCE;
|
return INSTANCE;
|
||||||
}
|
}
|
||||||
|
|
||||||
private void initAuthServices() {
|
|
||||||
Collection<AuthService> authServices = NacosServiceLoader.load(AuthService.class);
|
|
||||||
for (AuthService authService : authServices) {
|
|
||||||
if (StringUtils.isEmpty(authService.getAuthServiceName())) {
|
|
||||||
LOGGER.warn(
|
|
||||||
"[AuthPluginManager] Load AuthService({}) AuthServiceName(null/empty) fail. Please Add AuthServiceName to resolve.",
|
|
||||||
authService.getClass());
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
authServiceMap.put(authService.getAuthServiceName(), authService);
|
|
||||||
LOGGER.info("[AuthPluginManager] Load AuthService({}) AuthServiceName({}) successfully.",
|
|
||||||
authService.getClass(), authService.getAuthServiceName());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get AuthService instance which AuthService.getType() is type.
|
* get AuthPluginService instance which AuthPluginService.getType() is type.
|
||||||
*
|
*
|
||||||
* @param authServiceName AuthServiceName, mark a AuthService instance.
|
* @param authServiceName AuthServiceName, mark a AuthPluginService instance.
|
||||||
* @return AuthService instance.
|
* @return AuthPluginService instance.
|
||||||
*/
|
*/
|
||||||
public Optional<AuthService> findAuthServiceSpiImpl(String authServiceName) {
|
public Optional<AuthPluginService> findAuthServiceSpiImpl(String authServiceName) {
|
||||||
return Optional.ofNullable(authServiceMap.get(authServiceName));
|
return Optional.ofNullable(authServiceMap.get(authServiceName));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -17,36 +17,47 @@
|
|||||||
package com.alibaba.nacos.auth;
|
package com.alibaba.nacos.auth;
|
||||||
|
|
||||||
import com.alibaba.nacos.auth.api.IdentityContext;
|
import com.alibaba.nacos.auth.api.IdentityContext;
|
||||||
import com.alibaba.nacos.auth.exception.AccessException;
|
|
||||||
import com.alibaba.nacos.auth.api.Permission;
|
import com.alibaba.nacos.auth.api.Permission;
|
||||||
|
import com.alibaba.nacos.auth.exception.AccessException;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Auth service.
|
* Auth service.
|
||||||
*
|
*
|
||||||
* @author Wuyfee
|
* @author Wuyfee
|
||||||
*/
|
*/
|
||||||
public interface AuthService {
|
public interface AuthPluginService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Authentication of request, identify the user who request the resource.
|
* Define which identity information needed from request. e.q: username, password, accessToken.
|
||||||
|
*
|
||||||
|
* @return identity names
|
||||||
|
*/
|
||||||
|
Collection<String> identityNames();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* To validate whether the identity context from request is legal or illegal.
|
||||||
*
|
*
|
||||||
* @param identityContext where we can find the user information
|
* @param identityContext where we can find the user information
|
||||||
* @return IdentityContext user auth result
|
* @return IdentityContext user auth result
|
||||||
* @throws AccessException if authentication is failed
|
* @throws AccessException if authentication is failed
|
||||||
*/
|
*/
|
||||||
IdentityContext login(IdentityContext identityContext) throws AccessException;
|
IdentityContext validateIdentity(IdentityContext identityContext) throws AccessException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* identity whether the user has the resource authority.
|
* Validate the identity whether has the resource authority.
|
||||||
|
*
|
||||||
* @param identityContext where we can find the user information.
|
* @param identityContext where we can find the user information.
|
||||||
* @param permission permission to auth.
|
* @param permission permission to auth.
|
||||||
* @return Boolean if the user has the resource authority.
|
* @return Boolean if the user has the resource authority.
|
||||||
*/
|
*/
|
||||||
Boolean authorityAccess(IdentityContext identityContext, Permission permission);
|
Boolean validateAuthority(IdentityContext identityContext, Permission permission);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* AuthService Name which for conveniently find AuthService instance.
|
* AuthPluginService Name which for conveniently find AuthPluginService instance.
|
||||||
* @return AuthServiceName mark a AuthService instance.
|
*
|
||||||
|
* @return AuthServiceName mark a AuthPluginService instance.
|
||||||
*/
|
*/
|
||||||
String getAuthServiceName();
|
String getAuthServiceName();
|
||||||
|
|
@ -33,17 +33,41 @@ public class IdentityContext {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* get key from context.
|
* get key from context.
|
||||||
|
*
|
||||||
* @param key key of request
|
* @param key key of request
|
||||||
* @return value of param key
|
* @return value of param key
|
||||||
*/
|
*/
|
||||||
public Object getParameter(String key) {
|
public Object getParameter(String key) {
|
||||||
return param.get(key); }
|
return param.get(key);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get identity by key.
|
||||||
|
*
|
||||||
|
* @param key identity name
|
||||||
|
* @param defaultValue default value when the value is {@code null} or the value is not expected class type
|
||||||
|
* @param <T> classes type of identity value
|
||||||
|
* @return identity value
|
||||||
|
*/
|
||||||
|
public <T> T getParameter(String key, T defaultValue) {
|
||||||
|
try {
|
||||||
|
T result = (T) param.get(key);
|
||||||
|
if (null != result) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
return defaultValue;
|
||||||
|
} catch (ClassCastException exception) {
|
||||||
|
return defaultValue;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* put key and value to param.
|
* put key and value to param.
|
||||||
|
*
|
||||||
* @param key key of request
|
* @param key key of request
|
||||||
* @param value value of request's key
|
* @param value value of request's key
|
||||||
*/
|
*/
|
||||||
public void setParameter(String key, Object value) {
|
public void setParameter(String key, Object value) {
|
||||||
param.put(key, value); }
|
param.put(key, value);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -49,12 +49,6 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
|
|||||||
@JustForTest
|
@JustForTest
|
||||||
private static Boolean cachingEnabled = null;
|
private static Boolean cachingEnabled = null;
|
||||||
|
|
||||||
/**
|
|
||||||
* Authority key set.
|
|
||||||
*/
|
|
||||||
@Value("${" + Constants.Auth.NACOS_CORE_AUTH_AUTHORITY_KEY + ":}")
|
|
||||||
private String[] authorityKey;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Whether auth enabled.
|
* Whether auth enabled.
|
||||||
*/
|
*/
|
||||||
@ -109,10 +103,6 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
|
|||||||
return secretKeyBytes;
|
return secretKeyBytes;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String[] getAuthorityKey() {
|
|
||||||
return authorityKey;
|
|
||||||
}
|
|
||||||
|
|
||||||
public long getTokenValidityInSeconds() {
|
public long getTokenValidityInSeconds() {
|
||||||
return tokenValidityInSeconds;
|
return tokenValidityInSeconds;
|
||||||
}
|
}
|
||||||
@ -171,7 +161,6 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
|
|||||||
enableUserAgentAuthWhite = EnvUtil.getProperty(
|
enableUserAgentAuthWhite = EnvUtil.getProperty(
|
||||||
Constants.Auth.NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE, Boolean.class,
|
Constants.Auth.NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE, Boolean.class,
|
||||||
false);
|
false);
|
||||||
authorityKey = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_AUTHORITY_KEY, "").split(",");
|
|
||||||
nacosAuthSystemType = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SYSTEM_TYPE, "");
|
nacosAuthSystemType = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SYSTEM_TYPE, "");
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
LOGGER.warn("Upgrade auth config from env failed, use old value", e);
|
LOGGER.warn("Upgrade auth config from env failed, use old value", e);
|
||||||
|
@ -40,8 +40,6 @@ public class Constants {
|
|||||||
public static final String NACOS_CORE_AUTH_SERVER_IDENTITY_VALUE = "nacos.core.auth.server.identity.value";
|
public static final String NACOS_CORE_AUTH_SERVER_IDENTITY_VALUE = "nacos.core.auth.server.identity.value";
|
||||||
|
|
||||||
public static final String NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE = "nacos.core.auth.enable.userAgentAuthWhite";
|
public static final String NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE = "nacos.core.auth.enable.userAgentAuthWhite";
|
||||||
|
|
||||||
public static final String NACOS_CORE_AUTH_AUTHORITY_KEY = "nacos.core.auth.authorityKey";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class Resource {
|
public static class Resource {
|
||||||
|
@ -17,12 +17,14 @@
|
|||||||
package com.alibaba.nacos.auth.context;
|
package com.alibaba.nacos.auth.context;
|
||||||
|
|
||||||
import com.alibaba.nacos.api.remote.request.Request;
|
import com.alibaba.nacos.api.remote.request.Request;
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginManager;
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginService;
|
||||||
import com.alibaba.nacos.auth.api.IdentityContext;
|
import com.alibaba.nacos.auth.api.IdentityContext;
|
||||||
import com.alibaba.nacos.auth.common.AuthConfigs;
|
import com.alibaba.nacos.auth.common.AuthConfigs;
|
||||||
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
import java.util.Optional;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -32,31 +34,34 @@ import java.util.Set;
|
|||||||
*/
|
*/
|
||||||
public class GrpcIdentityContextBuilder implements IdentityContextBuilder<Request> {
|
public class GrpcIdentityContextBuilder implements IdentityContextBuilder<Request> {
|
||||||
|
|
||||||
AuthConfigs authConfigs;
|
private final AuthConfigs authConfigs;
|
||||||
|
|
||||||
public GrpcIdentityContextBuilder() {
|
|
||||||
authConfigs = new AuthConfigs();
|
|
||||||
}
|
|
||||||
|
|
||||||
public GrpcIdentityContextBuilder(AuthConfigs authConfigs) {
|
public GrpcIdentityContextBuilder(AuthConfigs authConfigs) {
|
||||||
this.authConfigs = authConfigs;
|
this.authConfigs = authConfigs;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get identity context from grpc.
|
* get identity context from grpc.
|
||||||
|
*
|
||||||
* @param request grpc request
|
* @param request grpc request
|
||||||
* @return IdentityContext request context
|
* @return IdentityContext request context
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public IdentityContext build(Request request) {
|
public IdentityContext build(Request request) {
|
||||||
Set<String> keySet = new HashSet<String>(Arrays.asList(authConfigs.getAuthorityKey()));
|
Optional<AuthPluginService> authPluginService = AuthPluginManager.getInstance()
|
||||||
IdentityContext identityContext = new IdentityContext();
|
.findAuthServiceSpiImpl(authConfigs.getNacosAuthSystemType());
|
||||||
|
IdentityContext result = new IdentityContext();
|
||||||
|
if (!authPluginService.isPresent()) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
Set<String> identityNames = new HashSet<>(authPluginService.get().identityNames());
|
||||||
Map<String, String> map = request.getHeaders();
|
Map<String, String> map = request.getHeaders();
|
||||||
for (Map.Entry<String, String> entry : map.entrySet()) {
|
for (Map.Entry<String, String> entry : map.entrySet()) {
|
||||||
if (keySet.contains(entry.getKey())) {
|
if (identityNames.contains(entry.getKey())) {
|
||||||
identityContext.setParameter(entry.getKey(), entry.getValue());
|
result.setParameter(entry.getKey(), entry.getValue());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return identityContext;
|
return result;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -16,14 +16,16 @@
|
|||||||
|
|
||||||
package com.alibaba.nacos.auth.context;
|
package com.alibaba.nacos.auth.context;
|
||||||
|
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginManager;
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginService;
|
||||||
import com.alibaba.nacos.auth.api.IdentityContext;
|
import com.alibaba.nacos.auth.api.IdentityContext;
|
||||||
import com.alibaba.nacos.auth.common.AuthConfigs;
|
import com.alibaba.nacos.auth.common.AuthConfigs;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.Enumeration;
|
import java.util.Enumeration;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
import java.util.Optional;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -33,11 +35,7 @@ import java.util.Set;
|
|||||||
*/
|
*/
|
||||||
public class HttpIdentityContextBuilder implements IdentityContextBuilder<HttpServletRequest> {
|
public class HttpIdentityContextBuilder implements IdentityContextBuilder<HttpServletRequest> {
|
||||||
|
|
||||||
private AuthConfigs authConfigs;
|
private final AuthConfigs authConfigs;
|
||||||
|
|
||||||
public HttpIdentityContextBuilder() {
|
|
||||||
authConfigs = new AuthConfigs();
|
|
||||||
}
|
|
||||||
|
|
||||||
public HttpIdentityContextBuilder(AuthConfigs authConfigs) {
|
public HttpIdentityContextBuilder(AuthConfigs authConfigs) {
|
||||||
this.authConfigs = authConfigs;
|
this.authConfigs = authConfigs;
|
||||||
@ -51,30 +49,35 @@ public class HttpIdentityContextBuilder implements IdentityContextBuilder<HttpSe
|
|||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public IdentityContext build(HttpServletRequest request) {
|
public IdentityContext build(HttpServletRequest request) {
|
||||||
IdentityContext identityContext = new IdentityContext();
|
IdentityContext result = new IdentityContext();
|
||||||
Set<String> keySet = new HashSet<>(Arrays.asList(authConfigs.getAuthorityKey()));
|
Optional<AuthPluginService> authPluginService = AuthPluginManager.getInstance()
|
||||||
Enumeration<String> headerEnu = request.getHeaderNames();
|
.findAuthServiceSpiImpl(authConfigs.getNacosAuthSystemType());
|
||||||
|
if (!authPluginService.isPresent()) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
Set<String> identityNames = new HashSet<>(authPluginService.get().identityNames());
|
||||||
|
getIdentityFromHeader(request, result, identityNames);
|
||||||
|
getIdentityFromParameter(request, result, identityNames);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void getIdentityFromHeader(HttpServletRequest request, IdentityContext result, Set<String> identityNames) {
|
||||||
|
Enumeration<String> headerEnu = request.getHeaderNames();
|
||||||
while (headerEnu.hasMoreElements()) {
|
while (headerEnu.hasMoreElements()) {
|
||||||
String paraName = headerEnu.nextElement();
|
String paraName = headerEnu.nextElement();
|
||||||
if (keySet.contains(paraName)) {
|
if (identityNames.contains(paraName)) {
|
||||||
identityContext.setParameter(paraName, request.getHeader(paraName));
|
result.setParameter(paraName, request.getHeader(paraName));
|
||||||
keySet.remove(paraName);
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (keySet.isEmpty()) {
|
private void getIdentityFromParameter(HttpServletRequest request, IdentityContext result, Set<String> identityNames) {
|
||||||
return identityContext;
|
|
||||||
}
|
|
||||||
|
|
||||||
Enumeration<String> paramEnu = request.getParameterNames();
|
Enumeration<String> paramEnu = request.getParameterNames();
|
||||||
while (paramEnu.hasMoreElements()) {
|
while (paramEnu.hasMoreElements()) {
|
||||||
String paraName = paramEnu.nextElement();
|
String paraName = paramEnu.nextElement();
|
||||||
if (keySet.contains(paraName)) {
|
if (identityNames.contains(paraName)) {
|
||||||
identityContext.setParameter(paraName, request.getParameter(paraName));
|
result.setParameter(paraName, request.getParameter(paraName));
|
||||||
keySet.remove(paraName);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return identityContext;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -39,8 +39,6 @@ public class AuthConfigsTest {
|
|||||||
|
|
||||||
private static final boolean TEST_ENABLE_UA_WHITE = true;
|
private static final boolean TEST_ENABLE_UA_WHITE = true;
|
||||||
|
|
||||||
private static final String AUTHORITYKEY = "username,password,token,tenant";
|
|
||||||
|
|
||||||
private AuthConfigs authConfigs;
|
private AuthConfigs authConfigs;
|
||||||
|
|
||||||
private MockEnvironment environment;
|
private MockEnvironment environment;
|
||||||
@ -59,7 +57,6 @@ public class AuthConfigsTest {
|
|||||||
environment.setProperty("nacos.core.auth.server.identity.key", TEST_SERVER_IDENTITY_KEY);
|
environment.setProperty("nacos.core.auth.server.identity.key", TEST_SERVER_IDENTITY_KEY);
|
||||||
environment.setProperty("nacos.core.auth.server.identity.value", TEST_SERVER_IDENTITY_VALUE);
|
environment.setProperty("nacos.core.auth.server.identity.value", TEST_SERVER_IDENTITY_VALUE);
|
||||||
environment.setProperty("nacos.core.auth.enable.userAgentAuthWhite", String.valueOf(TEST_ENABLE_UA_WHITE));
|
environment.setProperty("nacos.core.auth.enable.userAgentAuthWhite", String.valueOf(TEST_ENABLE_UA_WHITE));
|
||||||
environment.setProperty("nacos.core.auth.authorityKey", AUTHORITYKEY);
|
|
||||||
|
|
||||||
authConfigs.onEvent(ServerConfigChangeEvent.newEvent());
|
authConfigs.onEvent(ServerConfigChangeEvent.newEvent());
|
||||||
assertEquals(TEST_AUTH_ENABLED, authConfigs.isAuthEnabled());
|
assertEquals(TEST_AUTH_ENABLED, authConfigs.isAuthEnabled());
|
||||||
@ -67,6 +64,5 @@ public class AuthConfigsTest {
|
|||||||
assertEquals(TEST_SERVER_IDENTITY_KEY, authConfigs.getServerIdentityKey());
|
assertEquals(TEST_SERVER_IDENTITY_KEY, authConfigs.getServerIdentityKey());
|
||||||
assertEquals(TEST_SERVER_IDENTITY_VALUE, authConfigs.getServerIdentityValue());
|
assertEquals(TEST_SERVER_IDENTITY_VALUE, authConfigs.getServerIdentityValue());
|
||||||
assertEquals(TEST_ENABLE_UA_WHITE, authConfigs.isEnableUserAgentAuthWhite());
|
assertEquals(TEST_ENABLE_UA_WHITE, authConfigs.isEnableUserAgentAuthWhite());
|
||||||
Assert.assertTrue(Arrays.equals(AUTHORITYKEY.split(","), authConfigs.getAuthorityKey()));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
package com.alibaba.nacos.auth.common;
|
package com.alibaba.nacos.auth.common;
|
||||||
|
|
||||||
import com.alibaba.nacos.auth.AuthPluginManager;
|
import com.alibaba.nacos.auth.AuthPluginManager;
|
||||||
import com.alibaba.nacos.auth.AuthService;
|
import com.alibaba.nacos.auth.AuthPluginService;
|
||||||
import com.alibaba.nacos.auth.api.IdentityContext;
|
import com.alibaba.nacos.auth.api.IdentityContext;
|
||||||
import com.alibaba.nacos.auth.api.Permission;
|
import com.alibaba.nacos.auth.api.Permission;
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
@ -44,7 +44,7 @@ public class AuthPluginManagerTest {
|
|||||||
private AuthPluginManager authPluginManager;
|
private AuthPluginManager authPluginManager;
|
||||||
|
|
||||||
@Mock
|
@Mock
|
||||||
private AuthService authService;
|
private AuthPluginService authPluginService;
|
||||||
|
|
||||||
private static final String TYPE = "test";
|
private static final String TYPE = "test";
|
||||||
|
|
||||||
@ -60,8 +60,8 @@ public class AuthPluginManagerTest {
|
|||||||
Class<AuthPluginManager> authPluginManagerClass = AuthPluginManager.class;
|
Class<AuthPluginManager> authPluginManagerClass = AuthPluginManager.class;
|
||||||
Field authPlugins = authPluginManagerClass.getDeclaredField("authServiceMap");
|
Field authPlugins = authPluginManagerClass.getDeclaredField("authServiceMap");
|
||||||
authPlugins.setAccessible(true);
|
authPlugins.setAccessible(true);
|
||||||
Map<String, AuthService> authServiceMap = (Map<String, AuthService>) authPlugins.get(authPluginManager);
|
Map<String, AuthPluginService> authServiceMap = (Map<String, AuthPluginService>) authPlugins.get(authPluginManager);
|
||||||
authServiceMap.put(TYPE, authService);
|
authServiceMap.put(TYPE, authPluginService);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@ -73,7 +73,7 @@ public class AuthPluginManagerTest {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testFindAuthServiceSpiImpl() {
|
public void testFindAuthServiceSpiImpl() {
|
||||||
Optional<AuthService> authServiceImpl = authPluginManager.findAuthServiceSpiImpl(TYPE);
|
Optional<AuthPluginService> authServiceImpl = authPluginManager.findAuthServiceSpiImpl(TYPE);
|
||||||
Assert.assertTrue(authServiceImpl.isPresent());
|
Assert.assertTrue(authServiceImpl.isPresent());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -0,0 +1,86 @@
|
|||||||
|
/*
|
||||||
|
* Copyright 1999-2021 Alibaba Group Holding Ltd.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package com.alibaba.nacos.auth.context;
|
||||||
|
|
||||||
|
import com.alibaba.nacos.api.remote.request.Request;
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginManager;
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginService;
|
||||||
|
import com.alibaba.nacos.auth.api.IdentityContext;
|
||||||
|
import com.alibaba.nacos.auth.common.AuthConfigs;
|
||||||
|
import org.junit.Before;
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.junit.runner.RunWith;
|
||||||
|
import org.mockito.Mock;
|
||||||
|
import org.mockito.junit.MockitoJUnitRunner;
|
||||||
|
|
||||||
|
import java.lang.reflect.Field;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
import static org.junit.Assert.assertNull;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
|
||||||
|
@RunWith(MockitoJUnitRunner.class)
|
||||||
|
public class GrpcIdentityContextBuilderTest {
|
||||||
|
|
||||||
|
private static final String TEST_PLUGIN = "test";
|
||||||
|
|
||||||
|
private static final String IDENTITY_TEST_KEY = "identity-test-key";
|
||||||
|
|
||||||
|
private static final String IDENTITY_TEST_VALUE = "identity-test-value";
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private AuthConfigs authConfigs;
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private AuthPluginService authPluginService;
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private Request request;
|
||||||
|
|
||||||
|
private GrpcIdentityContextBuilder identityContextBuilder;
|
||||||
|
|
||||||
|
@Before
|
||||||
|
public void setUp() throws Exception {
|
||||||
|
identityContextBuilder = new GrpcIdentityContextBuilder(authConfigs);
|
||||||
|
Field authServiceMapField = AuthPluginManager.class.getDeclaredField("authServiceMap");
|
||||||
|
authServiceMapField.setAccessible(true);
|
||||||
|
Map<String, AuthPluginService> authServiceMap = (Map<String, AuthPluginService>) authServiceMapField
|
||||||
|
.get(AuthPluginManager.getInstance());
|
||||||
|
authServiceMap.put(TEST_PLUGIN, authPluginService);
|
||||||
|
when(authConfigs.getNacosAuthSystemType()).thenReturn(TEST_PLUGIN);
|
||||||
|
when(authPluginService.identityNames()).thenReturn(Collections.singletonList(IDENTITY_TEST_KEY));
|
||||||
|
Map<String, String> headers = new HashMap<>();
|
||||||
|
headers.put(IDENTITY_TEST_KEY, IDENTITY_TEST_VALUE);
|
||||||
|
when(request.getHeaders()).thenReturn(headers);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testBuildWithoutPlugin() {
|
||||||
|
when(authConfigs.getNacosAuthSystemType()).thenReturn("non-exist");
|
||||||
|
IdentityContext actual = identityContextBuilder.build(request);
|
||||||
|
assertNull(actual.getParameter(IDENTITY_TEST_KEY));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testBuild() {
|
||||||
|
IdentityContext actual = identityContextBuilder.build(request);
|
||||||
|
assertEquals(IDENTITY_TEST_VALUE, actual.getParameter(IDENTITY_TEST_KEY));
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,119 @@
|
|||||||
|
/*
|
||||||
|
* Copyright 1999-2021 Alibaba Group Holding Ltd.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package com.alibaba.nacos.auth.context;
|
||||||
|
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginManager;
|
||||||
|
import com.alibaba.nacos.auth.AuthPluginService;
|
||||||
|
import com.alibaba.nacos.auth.api.IdentityContext;
|
||||||
|
import com.alibaba.nacos.auth.common.AuthConfigs;
|
||||||
|
import org.junit.Before;
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.junit.runner.RunWith;
|
||||||
|
import org.mockito.Mock;
|
||||||
|
import org.mockito.junit.MockitoJUnitRunner;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import java.lang.reflect.Field;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.Enumeration;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
import static org.junit.Assert.assertNull;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
|
||||||
|
@RunWith(MockitoJUnitRunner.class)
|
||||||
|
public class HtppIdentityContextBuilderTest {
|
||||||
|
|
||||||
|
private static final String TEST_PLUGIN = "test";
|
||||||
|
|
||||||
|
private static final String IDENTITY_TEST_KEY = "identity-test-key";
|
||||||
|
|
||||||
|
private static final String IDENTITY_TEST_VALUE = "identity-test-value";
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private AuthConfigs authConfigs;
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private AuthPluginService authPluginService;
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private HttpServletRequest request;
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private Enumeration<String> headerNames;
|
||||||
|
|
||||||
|
@Mock
|
||||||
|
private Enumeration<String> parameterNames;
|
||||||
|
|
||||||
|
private HttpIdentityContextBuilder identityContextBuilder;
|
||||||
|
|
||||||
|
@Before
|
||||||
|
public void setUp() throws Exception {
|
||||||
|
identityContextBuilder = new HttpIdentityContextBuilder(authConfigs);
|
||||||
|
Field authServiceMapField = AuthPluginManager.class.getDeclaredField("authServiceMap");
|
||||||
|
authServiceMapField.setAccessible(true);
|
||||||
|
Map<String, AuthPluginService> authServiceMap = (Map<String, AuthPluginService>) authServiceMapField
|
||||||
|
.get(AuthPluginManager.getInstance());
|
||||||
|
authServiceMap.put(TEST_PLUGIN, authPluginService);
|
||||||
|
when(authConfigs.getNacosAuthSystemType()).thenReturn(TEST_PLUGIN);
|
||||||
|
when(authPluginService.identityNames()).thenReturn(Collections.singletonList(IDENTITY_TEST_KEY));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testBuildWithoutPlugin() {
|
||||||
|
mockHeader(true);
|
||||||
|
mockParameter(true);
|
||||||
|
when(authConfigs.getNacosAuthSystemType()).thenReturn("non-exist");
|
||||||
|
IdentityContext actual = identityContextBuilder.build(request);
|
||||||
|
assertNull(actual.getParameter(IDENTITY_TEST_KEY));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testBuildWithHeader() {
|
||||||
|
mockHeader(true);
|
||||||
|
mockParameter(false);
|
||||||
|
IdentityContext actual = identityContextBuilder.build(request);
|
||||||
|
assertEquals(IDENTITY_TEST_VALUE, actual.getParameter(IDENTITY_TEST_KEY));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testBuildWithParameter() {
|
||||||
|
mockHeader(false);
|
||||||
|
mockParameter(true);
|
||||||
|
IdentityContext actual = identityContextBuilder.build(request);
|
||||||
|
assertEquals(IDENTITY_TEST_VALUE, actual.getParameter(IDENTITY_TEST_KEY));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void mockHeader(boolean contained) {
|
||||||
|
when(request.getHeaderNames()).thenReturn(headerNames);
|
||||||
|
if (contained) {
|
||||||
|
when(headerNames.hasMoreElements()).thenReturn(true, false);
|
||||||
|
when(headerNames.nextElement()).thenReturn(IDENTITY_TEST_KEY, (String) null);
|
||||||
|
when(request.getHeader(IDENTITY_TEST_KEY)).thenReturn(IDENTITY_TEST_VALUE);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void mockParameter(boolean contained) {
|
||||||
|
when(request.getParameterNames()).thenReturn(parameterNames);
|
||||||
|
if (contained) {
|
||||||
|
when(parameterNames.hasMoreElements()).thenReturn(true, false);
|
||||||
|
when(parameterNames.nextElement()).thenReturn(IDENTITY_TEST_KEY, (String) null);
|
||||||
|
when(request.getParameter(IDENTITY_TEST_KEY)).thenReturn(IDENTITY_TEST_VALUE);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user