zhuyijun/nacos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add ldap auth it test case. (#9354)

Browse Source
This commit is contained in:
Karson 2022-10-21 09:46:45 +08:00 committed by GitHub
parent 68811a7ad9
commit 864b1f1852
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 153 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

281
test/core-test/src/test/java/com/alibaba/nacos/test/core/auth/AuthBase.java
View File

@ -13,6 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.test.core.auth;
import com.alibaba.nacos.api.PropertyKeyConst;
@ -36,42 +37,46 @@ import java.util.concurrent.TimeUnit;
* @since 1.2.0
*/
public class AuthBase extends HttpClient4Test {
protected String accessToken;
protected String username1 = "username1";
protected String password1 = "password1";
protected String username2 = "username2";
protected String password2 = "password2";
protected String username3 = "username3";
protected String password3 = "password3";
protected String role1 = "role1";
protected String role2 = "role2";
protected String role3 = "role3";
protected Properties properties;
protected String namespace1 = "namespace1";
public String login() {
public String login(String username, String password) {
ResponseEntity<String> response = request("/nacos/v1/auth/users/login",
Params.newParams()
.appendParam("username", "nacos")
.appendParam("password", "nacos")
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("username", username).appendParam("password", password).done(),
String.class, HttpMethod.POST);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
JsonNode json = JacksonUtils.toObj(response.getBody());
Assert.assertTrue(json.has("accessToken"));
return json.get("accessToken").textValue();
}
public String login() {
return login("nacos", "nacos");
}
protected void init(int port) throws Exception {
AuthConfigs.setCachingEnabled(false);
TimeUnit.SECONDS.sleep(5L);
@ -79,240 +84,150 @@ public class AuthBase extends HttpClient4Test {
System.setProperty("nacos.core.auth.enabled", "true");
this.base = new URL(url);
accessToken = login();
// Create a user:
ResponseEntity<String> response = request("/nacos/v1/auth/users",
Params.newParams()
.appendParam("username", username1)
.appendParam("password", password1)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("username", username1).appendParam("password", password1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Create a user:
response = request("/nacos/v1/auth/users",
Params.newParams()
.appendParam("username", username2)
.appendParam("password", password2)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Create a user:
response = request("/nacos/v1/auth/users",
Params.newParams()
.appendParam("username", username3)
.appendParam("password", password3)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams()
.appendParam("role", role1)
.appendParam("username", username1)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("role", role1).appendParam("username", username1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams()
.appendParam("role", role2)
.appendParam("username", username2)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("role", role2).appendParam("username", username2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams()
.appendParam("role", role3)
.appendParam("username", username3)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("role", role3).appendParam("username", username3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Add read permission of namespace1 to role1:
response = request("/nacos/v1/auth/permissions",
Params.newParams()
.appendParam("role", role1)
.appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r")
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Add write permission of namespace1 to role2:
response = request("/nacos/v1/auth/permissions",
Params.newParams()
.appendParam("role", role2)
.appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w")
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Add read/write permission of namespace1 to role3:
response = request("/nacos/v1/auth/permissions",
Params.newParams()
.appendParam("role", role3)
.appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw")
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.POST);
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Init properties:
properties = new Properties();
properties.put(PropertyKeyConst.NAMESPACE, namespace1);
properties.put(PropertyKeyConst.SERVER_ADDR, "127.0.0.1" + ":" + port);
}
protected void destroy() {
// Delete permission:
ResponseEntity<String> response = request("/nacos/v1/auth/permissions",
Params.newParams()
.appendParam("role", role1)
.appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r")
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete permission:
response = request("/nacos/v1/auth/permissions",
Params.newParams()
.appendParam("role", role2)
.appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w")
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete permission:
response = request("/nacos/v1/auth/permissions",
Params.newParams()
.appendParam("role", role3)
.appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw")
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams()
.appendParam("role", role1)
.appendParam("username", username1)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("role", role1).appendParam("username", username1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams()
.appendParam("role", role2)
.appendParam("username", username2)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("role", role2).appendParam("username", username2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams()
.appendParam("role", role3)
.appendParam("username", username3)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("role", role3).appendParam("username", username3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete a user:
response = request("/nacos/v1/auth/users",
Params.newParams()
.appendParam("username", username1)
.appendParam("password", password1)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("username", username1).appendParam("password", password1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete a user:
response = request("/nacos/v1/auth/users",
Params.newParams()
.appendParam("username", username2)
.appendParam("password", password2)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
// Delete a user:
response = request("/nacos/v1/auth/users",
Params.newParams()
.appendParam("username", username3)
.appendParam("password", password3)
.appendParam("accessToken", accessToken)
.done(),
String.class,
HttpMethod.DELETE);
Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Assert.assertTrue(response.getStatusCode().is2xxSuccessful());
System.setProperty("nacos.core.auth.enabled", "false");
}
}

54
test/core-test/src/test/java/com/alibaba/nacos/test/core/auth/LdapAuth_ITCase.java Normal file
View File

@ -0,0 +1,54 @@
/*
* Copyright 1999-2018 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.test.core.auth;
import com.alibaba.nacos.Nacos;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mockito;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.boot.web.server.LocalServerPort;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.test.context.junit4.SpringRunner;
@RunWith(SpringRunner.class)
@SpringBootTest(classes = Nacos.class, properties = {"server.servlet.context-path=/nacos",
"nacos.core.auth.system.type=ldap"}, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
public class LdapAuth_ITCase extends AuthBase {
@LocalServerPort
private int port;
private String filterPrefix = "uid";
@MockBean
private LdapTemplate ldapTemplate;
@Before
public void init() throws Exception {
Mockito.when(ldapTemplate.authenticate("", "(" + filterPrefix + "=" + "karson" + ")", "karson"))
.thenReturn(true);
}
@Test
public void testLdapAuth() throws Exception {
super.login("karson", "karson");
}
}

2
test/core-test/src/test/resources/application.properties
View File

@ -51,5 +51,5 @@ nacos.core.auth.default.token.expire.seconds=18000
### The default token:
nacos.core.auth.default.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789
nacos.core.auth.plugin.nacos.token.secret.key=${nacos.core.auth.default.token.secret.key}
tldSkipPatterns=derbyLocale_*.jar,jaxb-api.jar,jsr173_1.0_api.jar,jaxb1-impl.jar,activation.jar