@After public void tearDown() throws Exception { Utils.setTimeDriftThreshold(Utils.DEFAULT_TIME_DRIFT_THRESHOLD_MICROS); if (this.host == null) { return; } try { this.host.setSystemAuthorizationContext(); this.host.logServiceStats(this.host.getDocumentIndexServiceUri(), this.testResults); this.host.logServiceStats(this.inMemoryIndexServiceUri, this.testResults); } catch (Throwable e) { this.host.log("Error logging stats: %s", e.toString()); } this.host.tearDown(); this.host = null; LuceneDocumentIndexService.setIndexFileCountThresholdForWriterRefresh( LuceneDocumentIndexService.DEFAULT_INDEX_FILE_COUNT_THRESHOLD_FOR_WRITER_REFRESH); LuceneDocumentIndexService.setExpiredDocumentSearchThreshold( LuceneDocumentIndexService.DEFAULT_EXPIRED_DOCUMENT_SEARCH_THRESHOLD); TestRequestSender.clearAuthToken(); }
@After public void tearDown() throws Exception { Utils.setTimeDriftThreshold(Utils.DEFAULT_TIME_DRIFT_THRESHOLD_MICROS); if (this.host == null) { return; } try { this.host.setSystemAuthorizationContext(); this.host.logServiceStats(this.host.getDocumentIndexServiceUri(), this.testResults); this.host.logServiceStats(this.inMemoryIndexServiceUri, this.testResults); } catch (Throwable e) { this.host.log("Error logging stats: %s", e.toString()); } this.host.tearDown(); this.host = null; LuceneDocumentIndexService.setIndexFileCountThresholdForWriterRefresh( LuceneDocumentIndexService.DEFAULT_INDEX_FILE_COUNT_THRESHOLD_FOR_WRITER_REFRESH); LuceneDocumentIndexService.setExpiredDocumentSearchThreshold( LuceneDocumentIndexService.DEFAULT_EXPIRED_DOCUMENT_SEARCH_THRESHOLD); TestRequestSender.clearAuthToken(); }
public static void logout(ServiceHost host) { // make logout request URI uri = UriUtils.buildUri(host, ServiceUriPaths.CORE_AUTHN_BASIC); AuthenticationRequest body = new AuthenticationRequest(); body.requestType = AuthenticationRequestType.LOGOUT; Operation post = Operation.createPost(uri).setBody(body); TestRequestSender sender = new TestRequestSender(host); sender.sendAndWait(post); // clear auth token set in request sender TestRequestSender.clearAuthToken(); // clear cookie ServiceClient client = host.getClient(); if (client instanceof NettyHttpServiceClient) { // since login response contains xenon-auth-cookie, client cookieJar keeps that entry. // clear all cookies for now. ((NettyHttpServiceClient) client).clearCookieJar(); } }
public static void logout(ServiceHost host) { // make logout request URI uri = UriUtils.buildUri(host, ServiceUriPaths.CORE_AUTHN_BASIC); AuthenticationRequest body = new AuthenticationRequest(); body.requestType = AuthenticationRequestType.LOGOUT; Operation post = Operation.createPost(uri).setBody(body); TestRequestSender sender = new TestRequestSender(host); sender.sendAndWait(post); // clear auth token set in request sender TestRequestSender.clearAuthToken(); // clear cookie ServiceClient client = host.getClient(); if (client instanceof NettyHttpServiceClient) { // since login response contains xenon-auth-cookie, client cookieJar keeps that entry. // clear all cookies for now. ((NettyHttpServiceClient) client).clearCookieJar(); } }
@Test public void testVerificationInvalidBasicAuthAccessToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, null); host.log("Testing verification of invalid token for Basic auth"); // invalid accesstoken String invalidAccessToken = "aasfsfsf"; TestRequestSender.setAuthToken(invalidAccessToken); TestRequestSender sender = new TestRequestSender(host); // make a request to verification service Operation requestOp = Operation.createPost(host, BasicAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); assertNotNull(failureResponse.failure); TestRequestSender.clearAuthToken(); host.log("Verification of invalid token for Basic auth fails as expected"); }
@Test public void testVerificationInvalidBasicAuthAccessToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, null); host.log("Testing verification of invalid token for Basic auth"); // invalid accesstoken String invalidAccessToken = "aasfsfsf"; TestRequestSender.setAuthToken(invalidAccessToken); TestRequestSender sender = new TestRequestSender(host); // make a request to verification service Operation requestOp = Operation.createPost(host, BasicAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); assertNotNull(failureResponse.failure); TestRequestSender.clearAuthToken(); host.log("Verification of invalid token for Basic auth fails as expected"); }
private void testExternalAuthReplicationMultinode(ServiceHost host) { // prepare operation sender(client) TestRequestSender.setAuthToken(TestAuthenticationService.ACCESS_TOKEN); TestRequestSender sender = new TestRequestSender(host); // POST request ExampleServiceState body = new ExampleServiceState(); body.documentSelfLink = "/foo"; body.name = "foo"; Operation post = Operation.createPost(host, "/core/examples").setBody(body); // verify post response ExampleServiceState result = sender.sendAndWait(post, ExampleServiceState.class); assertEquals("foo", result.name); // make get and validate result Operation get = Operation.createGet(host, "/core/examples/foo"); ExampleServiceState getResult = sender.sendAndWait(get, ExampleServiceState.class); // validate get result... assertEquals("foo", getResult.name); TestRequestSender.clearAuthToken(); }
private void testExternalAuthReplicationMultinode(ServiceHost host) { // prepare operation sender(client) TestRequestSender.setAuthToken(TestAuthenticationService.ACCESS_TOKEN); TestRequestSender sender = new TestRequestSender(host); // POST request ExampleServiceState body = new ExampleServiceState(); body.documentSelfLink = "/foo"; body.name = "foo"; Operation post = Operation.createPost(host, "/core/examples").setBody(body); // verify post response ExampleServiceState result = sender.sendAndWait(post, ExampleServiceState.class); assertEquals("foo", result.name); // make get and validate result Operation get = Operation.createGet(host, "/core/examples/foo"); ExampleServiceState getResult = sender.sendAndWait(get, ExampleServiceState.class); // validate get result... assertEquals("foo", getResult.name); TestRequestSender.clearAuthToken(); }
@Test public void testVerificationValidAuthServiceToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing verification of valid token for external auth"); TestRequestSender sender = new TestRequestSender(host); TestRequestSender.setAuthToken(TestAuthenticationService.ACCESS_TOKEN); // make a request to verification service Operation requestOp = Operation.createPost(host, TestAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); Operation responseOp = sender.sendAndWait(requestOp); Claims claims = responseOp.getBody(Claims.class); assertNotNull(claims); assertNotNull(responseOp.getResponseHeader(RANDOM_CUSTOM_HEADER)); assertNotNull(responseOp.getCookies().get(RANDOM_COOKIE)); TestRequestSender.clearAuthToken(); host.log("Verification of valid token for external auth succeeded"); }
@Test public void testVerificationInvalidAuthServiceToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing verification of invalid token for external auth"); // invalid accesstoken String invalidAccessToken = "aasfsfsf"; TestRequestSender sender = new TestRequestSender(host); TestRequestSender.setAuthToken(invalidAccessToken); // make a request to verification service Operation requestOp = Operation.createPost(host, TestAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); assertNotNull(failureResponse.failure); TestRequestSender.clearAuthToken(); host.log("Verification of invalid token for external auth fails as expected"); }
@Test public void testVerificationInvalidAuthServiceToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing verification of invalid token for external auth"); // invalid accesstoken String invalidAccessToken = "aasfsfsf"; TestRequestSender sender = new TestRequestSender(host); TestRequestSender.setAuthToken(invalidAccessToken); // make a request to verification service Operation requestOp = Operation.createPost(host, TestAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); assertNotNull(failureResponse.failure); TestRequestSender.clearAuthToken(); host.log("Verification of invalid token for external auth fails as expected"); }
@Test public void testVerificationValidAuthServiceToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing verification of valid token for external auth"); TestRequestSender sender = new TestRequestSender(host); TestRequestSender.setAuthToken(TestAuthenticationService.ACCESS_TOKEN); // make a request to verification service Operation requestOp = Operation.createPost(host, TestAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); Operation responseOp = sender.sendAndWait(requestOp); Claims claims = responseOp.getBody(Claims.class); assertNotNull(claims); assertNotNull(responseOp.getResponseHeader(RANDOM_CUSTOM_HEADER)); assertNotNull(responseOp.getCookies().get(RANDOM_COOKIE)); TestRequestSender.clearAuthToken(); host.log("Verification of valid token for external auth succeeded"); }
@Test public void testAuthenticatedRequestInvalidToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing external authentication request with invalid token"); // create user foo@vmware.com createTestUsers(host); // send invalid accesstoken TestRequestSender.setAuthToken("aasfsfsf"); TestRequestSender sender = new TestRequestSender(host); // request for foo@vmware.com user document Operation requestOp = Operation.createGet(host, ServiceUriPaths.CORE_AUTHZ_USERS + FOO_USER_PATH); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); // as per the TestAuthenticationService its a invalid token assertEquals(Operation.STATUS_CODE_FORBIDDEN, failureResponse.op.getStatusCode()); TestRequestSender.clearAuthToken(); host.log("Expected behavoir for external authentication request with invalid token"); }
@Test public void testAuthenticatedRequestInvalidToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing external authentication request with invalid token"); // create user foo@vmware.com createTestUsers(host); // send invalid accesstoken TestRequestSender.setAuthToken("aasfsfsf"); TestRequestSender sender = new TestRequestSender(host); // request for foo@vmware.com user document Operation requestOp = Operation.createGet(host, ServiceUriPaths.CORE_AUTHZ_USERS + FOO_USER_PATH); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); // as per the TestAuthenticationService its a invalid token assertEquals(Operation.STATUS_CODE_FORBIDDEN, failureResponse.op.getStatusCode()); TestRequestSender.clearAuthToken(); host.log("Expected behavoir for external authentication request with invalid token"); }
@Test public void testAuthenticatedRequestValidToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing external authentication request with valid token"); // create user foo@vmware.com createTestUsers(host); // send a valid accesstoken TestRequestSender.setAuthToken(TestAuthenticationService.ACCESS_TOKEN); TestRequestSender sender = new TestRequestSender(host); // request for foo@vmware.com user document Operation requestOp = Operation.createGet(host, ServiceUriPaths.CORE_AUTHZ_USERS + FOO_USER_PATH); Operation response = sender.sendAndWait(requestOp); // as per the TestAuthenticationService its a valid token assertEquals(Operation.STATUS_CODE_OK, response.getStatusCode()); TestRequestSender.clearAuthToken(); host.log("Expected behavoir for external authentication request with valid token"); }
@Test public void testAuthenticatedRequestValidToken() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing external authentication request with valid token"); // create user foo@vmware.com createTestUsers(host); // send a valid accesstoken TestRequestSender.setAuthToken(TestAuthenticationService.ACCESS_TOKEN); TestRequestSender sender = new TestRequestSender(host); // request for foo@vmware.com user document Operation requestOp = Operation.createGet(host, ServiceUriPaths.CORE_AUTHZ_USERS + FOO_USER_PATH); Operation response = sender.sendAndWait(requestOp); // as per the TestAuthenticationService its a valid token assertEquals(Operation.STATUS_CODE_OK, response.getStatusCode()); TestRequestSender.clearAuthToken(); host.log("Expected behavoir for external authentication request with valid token"); }
@Test public void testAuthenticationViaBasicAuth() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); // create user foo@vmware.com createTestUsers(host); TestRequestSender sender = new TestRequestSender(host); // login as foo@vmware.com String headerVal = constructBasicAuth(FOO_USER_ID, FOO_PASSWORD); AuthenticationRequest authReq = new AuthenticationRequest(); authReq.requestType = AuthenticationRequestType.LOGIN; Operation requestOp = Operation .createPost(UriUtils.buildUri(host, BasicAuthenticationService.SELF_LINK)) .setBody(authReq) .forceRemote() .addRequestHeader(Operation.AUTHORIZATION_HEADER, headerVal); Operation response = sender.sendAndWait(requestOp); assertEquals(Operation.STATUS_CODE_OK, response.getStatusCode()); assertNotNull(response.getResponseHeader(SET_COOKIE_HEADER)); TestRequestSender.clearAuthToken(); }
@Test public void testVerificationExternalAuthServiceWithSkipBasicAuth() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing verification of skipping basic auth"); // create user foo@vmware.com createTestUsers(host); TestRequestSender sender = new TestRequestSender(host); TestRequestSender.setAuthToken(TestAuthenticationService.INVALID_TOKEN); // make a request to verification service Operation requestOp = Operation.createPost(host, TestAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); assertNotNull(failureResponse.failure); assertEquals(Operation.STATUS_CODE_BAD_REQUEST, failureResponse.op.getStatusCode()); assertEquals(ServiceErrorResponse.ERROR_CODE_EXTERNAL_AUTH_FAILED, failureResponse.op.getBody(ServiceErrorResponse.class).getErrorCode()); TestRequestSender.clearAuthToken(); host.log("Verification of skipping basic auth succeeded as expected"); }
@Test public void testVerificationExternalAuthServiceWithSkipBasicAuth() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); host.log("Testing verification of skipping basic auth"); // create user foo@vmware.com createTestUsers(host); TestRequestSender sender = new TestRequestSender(host); TestRequestSender.setAuthToken(TestAuthenticationService.INVALID_TOKEN); // make a request to verification service Operation requestOp = Operation.createPost(host, TestAuthenticationService.SELF_LINK) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_VERIFY_TOKEN); FailureResponse failureResponse = sender.sendAndWaitFailure(requestOp); assertNotNull(failureResponse.failure); assertEquals(Operation.STATUS_CODE_BAD_REQUEST, failureResponse.op.getStatusCode()); assertEquals(ServiceErrorResponse.ERROR_CODE_EXTERNAL_AUTH_FAILED, failureResponse.op.getBody(ServiceErrorResponse.class).getErrorCode()); TestRequestSender.clearAuthToken(); host.log("Verification of skipping basic auth succeeded as expected"); }
@Test public void testAuthenticationViaBasicAuth() throws Throwable { VerificationHost host = createAndStartHost(true, false, new TestAuthenticationService()); // create user foo@vmware.com createTestUsers(host); TestRequestSender sender = new TestRequestSender(host); // login as foo@vmware.com String headerVal = constructBasicAuth(FOO_USER_ID, FOO_PASSWORD); AuthenticationRequest authReq = new AuthenticationRequest(); authReq.requestType = AuthenticationRequestType.LOGIN; Operation requestOp = Operation .createPost(UriUtils.buildUri(host, BasicAuthenticationService.SELF_LINK)) .setBody(authReq) .forceRemote() .addRequestHeader(Operation.AUTHORIZATION_HEADER, headerVal); Operation response = sender.sendAndWait(requestOp); assertEquals(Operation.STATUS_CODE_OK, response.getStatusCode()); assertNotNull(response.getResponseHeader(SET_COOKIE_HEADER)); TestRequestSender.clearAuthToken(); }