knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject knox git commit: added targetUrl to json for token response
Date Sat, 04 Feb 2017 21:31:16 GMT
Repository: knox
Updated Branches:
  refs/heads/knoxinit 54281ba58 -> 9032f6416


added targetUrl to json for token response

Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/9032f641
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/9032f641
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/9032f641

Branch: refs/heads/knoxinit
Commit: 9032f6416320679ffb2802a89bb610803fd4bbf0
Parents: 54281ba
Author: Larry McCay <lmccay@hortonworks.com>
Authored: Sat Feb 4 16:31:03 2017 -0500
Committer: Larry McCay <lmccay@hortonworks.com>
Committed: Sat Feb 4 16:31:03 2017 -0500

----------------------------------------------------------------------
 .../service/knoxtoken/TokenResource.java        | 10 ++-
 .../knoxsso/TokenServiceResourceTest.java       | 32 +++++++++
 .../service/knoxsso/WebSSOResourceTest.java     | 71 --------------------
 .../shell/KnoxTokenCredentialCollector.java     |  7 ++
 4 files changed, 48 insertions(+), 72 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/9032f641/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
b/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
index 0d7688a..16b3852 100644
--- a/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
+++ b/gateway-service-knoxtoken/src/main/java/org/apache/hadoop/gateway/service/knoxtoken/TokenResource.java
@@ -45,13 +45,16 @@ public class TokenResource {
   private static final String EXPIRES_IN = "expires_in";
   private static final String TOKEN_TYPE = "token_type";
   private static final String ACCESS_TOKEN = "access_token";
+  private static final String TARGET_URL = "target_url";
   private static final String BEARER = "Bearer ";
   private static final String TOKEN_TTL_PARAM = "knox.token.ttl";
   private static final String TOKEN_AUDIENCES_PARAM = "knox.token.audiences";
+  private static final String TOKEN_TARGET_URL = "knox.token.target.url";
   static final String RESOURCE_PATH = "knoxtoken/api/v1/token";
   private static TokenServiceMessages log = MessagesFactory.get( TokenServiceMessages.class
);
   private long tokenTTL = 30000l;
   private String[] targetAudiences = null;
+  private String tokenTargetUrl = null;
 
   @Context
   private HttpServletRequest request;
@@ -79,6 +82,8 @@ public class TokenResource {
         log.invalidTokenTTLEncountered(ttl);
       }
     }
+    
+    tokenTargetUrl = context.getInitParameter(TOKEN_TARGET_URL);
   }
 
   @GET
@@ -120,7 +125,10 @@ public class TokenResource {
       map.put(ACCESS_TOKEN, accessToken);
       map.put(TOKEN_TYPE, BEARER);
       map.put(EXPIRES_IN, expires);
-      
+      if (tokenTargetUrl != null) {
+        map.put(TARGET_URL, tokenTargetUrl);
+      }
+
       String jsonResponse = JsonUtils.renderAsJsonString(map);
       
       response.getWriter().write(jsonResponse);

http://git-wip-us.apache.org/repos/asf/knox/blob/9032f641/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/TokenServiceResourceTest.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/TokenServiceResourceTest.java
b/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/TokenServiceResourceTest.java
new file mode 100644
index 0000000..f9aa676
--- /dev/null
+++ b/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/TokenServiceResourceTest.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.service.knoxsso;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+/**
+ *
+ */
+public class TokenServiceResourceTest {
+
+  @Test
+  public void testTokenService() throws Exception {
+    Assert.assertTrue(true);
+  }
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/9032f641/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
----------------------------------------------------------------------
diff --git a/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
b/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
deleted file mode 100644
index 73910dd..0000000
--- a/gateway-service-knoxtoken/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.service.knoxsso;
-
-import org.apache.hadoop.gateway.util.RegExUtils;
-import org.junit.Assert;
-import org.junit.Test;
-
-/**
- *
- */
-public class WebSSOResourceTest {
-
-  @Test
-  public void testWhitelistMatching() throws Exception {
-    String whitelist = "^https?://.*example.com:8080/.*$;" +
-        "^https?://.*example.com/.*$;" +
-        "^https?://.*example2.com:\\d{0,9}/.*$;" +
-        "^https://.*example3.com:\\d{0,9}/.*$;" +
-        "^https?://localhost:\\d{0,9}/.*$;^/.*$";
-
-    // match on explicit hostname/domain and port
-    Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist, 
-        "http://host.example.com:8080/"));
-    // match on non-required port
-    Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist, 
-        "http://host.example.com/"));
-    // match on required but any port
-    Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist, 
-        "http://host.example2.com:1234/"));
-    // fail on missing port
-    Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,

-        "http://host.example2.com/"));
-    // fail on invalid port
-    Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,

-        "http://host.example.com:8081/"));
-    // fail on alphanumeric port
-    Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,

-        "http://host.example.com:A080/"));
-    // fail on invalid hostname/domain
-    Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,

-        "http://host.example.net:8080/"));
-    // fail on required port
-    Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,

-        "http://host.example2.com/"));
-    // fail on required https
-    Assert.assertFalse("Matched whitelist inappropriately", RegExUtils.checkWhitelist(whitelist,

-        "http://host.example3.com/"));
-    // match on localhost and port
-    Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist, 
-        "http://localhost:8080/"));
-    // match on local/relative path
-    Assert.assertTrue("Failed to match whitelist", RegExUtils.checkWhitelist(whitelist, 
-        "/local/resource/"));
-  }
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/9032f641/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/KnoxTokenCredentialCollector.java
----------------------------------------------------------------------
diff --git a/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/KnoxTokenCredentialCollector.java
b/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/KnoxTokenCredentialCollector.java
index 9972da2..5fcf31a 100644
--- a/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/KnoxTokenCredentialCollector.java
+++ b/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/KnoxTokenCredentialCollector.java
@@ -35,6 +35,8 @@ public class KnoxTokenCredentialCollector extends AbstractCredentialCollector
{
    */
   private static final String KNOXTOKENCACHE = ".knoxtokencache";
   public static final String COLLECTOR_TYPE = "KnoxToken";
+  public String targetUrl = null;
+
   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.shell.CredentialCollector#collect()
    */
@@ -49,6 +51,7 @@ public class KnoxTokenCredentialCollector extends AbstractCredentialCollector
{
         lines = Files.readAllLines(path, StandardCharsets.UTF_8);
         Map<String, String> attrs = JsonUtils.getMapFromJsonString(lines.get(0));
         value = attrs.get("access_token");
+        targetUrl = attrs.get("target_url");
         Date expires = new Date(Long.parseLong(attrs.get("expires_in")));
         if (expires.before(new Date())) {
           System.out.println("Cached knox token has expired. Please relogin through knoxinit.");
@@ -65,6 +68,10 @@ public class KnoxTokenCredentialCollector extends AbstractCredentialCollector
{
     }
   }
 
+  public String getTargetUrl() {
+    return targetUrl;
+  }
+
   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.shell.CredentialCollector#name()
    */


Mime
View raw message