@Override protected void startUp() throws Exception { tokenManager.startAndWait(); }
@Override protected void shutDown() throws Exception { tokenManager.stopAndWait(); }
/** * Initialize the TokenManager. */ public void init() { tokenManager.start(); }
@Test public void testTokenSerialization() throws Exception { ImmutablePair<TokenManager, Codec<AccessToken>> pair = getTokenManagerAndCodec(); TokenManager tokenManager = pair.getFirst(); tokenManager.startAndWait(); Codec<AccessToken> tokenCodec = pair.getSecond(); long now = System.currentTimeMillis(); String user = "testuser"; List<String> groups = Lists.newArrayList("users", "admins"); AccessTokenIdentifier ident1 = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION); AccessToken token1 = tokenManager.signIdentifier(ident1); byte[] tokenBytes = tokenCodec.encode(token1); AccessToken token2 = tokenCodec.decode(tokenBytes); assertEquals(token1, token2); LOG.info("Deserialized token is: " + Bytes.toStringBinary(tokenCodec.encode(token2))); // should be valid since we just signed it tokenManager.validateSecret(token2); tokenManager.stopAndWait(); } }
new FileBasedSecurityModule(), new InMemoryDiscoveryModule()).getInstance(TokenManager.class); tokenManager.startAndWait(); new FileBasedSecurityModule(), new InMemoryDiscoveryModule()).getInstance(TokenManager.class); tokenManager2.startAndWait(); AccessTokenIdentifier identifier = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION); AccessToken token = tokenManager.signIdentifier(identifier); tokenManager.validateSecret(token); tokenManager2.validateSecret(token);
@Override protected ImmutablePair<TokenManager, Codec<AccessToken>> getTokenManagerAndCodec() throws Exception { DistributedKeyManager keyManager = getKeyManager(injector1, true); TokenManager tokenManager = new TokenManager(keyManager, injector1.getInstance(AccessTokenIdentifierCodec.class)); tokenManager.startAndWait(); return new ImmutablePair<TokenManager, Codec<AccessToken>>(tokenManager, injector1.getInstance(AccessTokenCodec.class)); }
@Override public TokenState validate(String token) { AccessToken accessToken; TokenState state = TokenState.VALID; if (token == null) { LOG.debug("Token is missing"); return TokenState.MISSING; } byte[] decodedToken = Base64.decodeBase64(token); try { accessToken = accessTokenCodec.decode(decodedToken); tokenManager.validateSecret(accessToken); } catch (IOException ioe) { state = TokenState.INVALID; LOG.debug("Unknown Schema version for Access Token. {}", ioe); } catch (InvalidTokenException ite) { state = ite.getReason(); LOG.debug("{} {}", state, ite); } return state; } }
AccessToken token = tokenManager.signIdentifier(tokenIdentifier); LOG.debug("Issued token for user {}", username);
/** * Stop the TokenManager. */ public void destroy() { tokenManager.stop(); }
ImmutablePair<TokenManager, Codec<AccessToken>> pair = getTokenManagerAndCodec(); TokenManager tokenManager = pair.getFirst(); tokenManager.startAndWait(); Codec<AccessToken> tokenCodec = pair.getSecond(); AccessTokenIdentifier ident1 = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION); AccessToken token1 = tokenManager.signIdentifier(ident1); LOG.info("Signed token is: " + Bytes.toStringBinary(tokenCodec.encode(token1))); tokenManager.validateSecret(token1); AccessToken expiredToken = tokenManager.signIdentifier(expiredIdent); try { tokenManager.validateSecret(expiredToken); fail("Token should have been expired but passed validation: " + Bytes.toStringBinary(tokenCodec.encode(expiredToken))); AccessToken invalidToken = new AccessToken(token1.getIdentifier(), token1.getKeyId(), invalidDigest); try { tokenManager.validateSecret(invalidToken); fail("Token should have been rejected for invalid digest but passed: " + Bytes.toStringBinary(tokenCodec.encode(invalidToken))); token1.getDigestBytes()); try { tokenManager.validateSecret(invalidKeyToken); fail("Token should have been rejected for invalid key ID but passed: " + Bytes.toStringBinary(tokenCodec.encode(invalidToken)));
@Override protected ImmutablePair<TokenManager, Codec<AccessToken>> getTokenManagerAndCodec() { Injector injector = Guice.createInjector(new IOModule(), new SecurityModules().getInMemoryModules(), new ConfigModule(), new InMemoryDiscoveryModule()); TokenManager tokenManager = injector.getInstance(TokenManager.class); tokenManager.startAndWait(); Codec<AccessToken> tokenCodec = injector.getInstance(AccessTokenCodec.class); return new ImmutablePair<>(tokenManager, tokenCodec); } }
@Override protected ImmutablePair<TokenManager, Codec<AccessToken>> getTokenManagerAndCodec() throws IOException { CConfiguration cConf = CConfiguration.create(); cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath()); Injector injector = Guice.createInjector(new IOModule(), new ConfigModule(cConf), new FileBasedSecurityModule(), new InMemoryDiscoveryModule()); TokenManager tokenManager = injector.getInstance(TokenManager.class); tokenManager.startAndWait(); Codec<AccessToken> tokenCodec = injector.getInstance(AccessTokenCodec.class); return new ImmutablePair<>(tokenManager, tokenCodec); }