knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m...@apache.org
Subject [33/64] [partial] knox git commit: KNOX-998 - Refactoring save 1
Date Fri, 01 Sep 2017 13:17:31 GMT
http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java
deleted file mode 100644
index 9a9d0c7..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/DecryptUriProcessor.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Arrays;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.hadoop.gateway.encrypturi.EncryptStepContextParams;
-import org.apache.hadoop.gateway.encrypturi.api.DecryptUriDescriptor;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteContext;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.EncryptionResult;
-import org.apache.hadoop.gateway.util.urltemplate.Expander;
-import org.apache.hadoop.gateway.util.urltemplate.Parser;
-import org.apache.hadoop.gateway.util.urltemplate.Template;
-
-public class DecryptUriProcessor
-    implements UrlRewriteStepProcessor<DecryptUriDescriptor> {
-
-  private String clusterName;
-  private CryptoService cryptoService;
-  private String param;
-
-  @Override
-  public String getType() {
-    return DecryptUriDescriptor.STEP_NAME;
-  }
-
-  @Override
-  public void initialize( UrlRewriteEnvironment environment, DecryptUriDescriptor descriptor ) throws Exception {
-    clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
-    GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
-    cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
-    param = descriptor.getParam();
-  }
-
-  @Override
-  public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
-    if( param != null && !param.isEmpty() ) {
-      Template template = Parser.parseTemplate( "{" + param + "}" );
-      String resolvedTemplate = Expander.expandToString( template, context.getParameters(), context.getEvaluator() );
-      String url = decode( resolvedTemplate );
-      EncryptStepContextParams params = new EncryptStepContextParams();
-      params.addParam( param, Arrays.asList( url ) );
-      context.addParameters( params );
-      return UrlRewriteStepStatus.SUCCESS;
-    }
-    return UrlRewriteStepStatus.FAILURE;
-  }
-
-  @Override
-  public void destroy() {
-  }
-
-  private String decode( String string ) throws UnsupportedEncodingException {
-    byte[] bytes = Base64.decodeBase64( string );
-    EncryptionResult result = EncryptionResult.fromByteArray(bytes);
-    byte[] clear = cryptoService.decryptForCluster(clusterName,
-        EncryptUriDescriptor.PASSWORD_ALIAS,
-        result.cipher,
-        result.iv,
-        result.salt);
-    if (clear != null) {
-      return new String(clear);
-    }
-    return null;
-  }
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
deleted file mode 100644
index 622fdff..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import org.apache.hadoop.gateway.deploy.DeploymentContext;
-import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor;
-import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributorBase;
-import org.apache.hadoop.gateway.descriptor.FilterParamDescriptor;
-import org.apache.hadoop.gateway.descriptor.ResourceDescriptor;
-import org.apache.hadoop.gateway.encrypturi.EncryptUriMessages;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;
-import org.apache.hadoop.gateway.services.security.AliasService;
-import org.apache.hadoop.gateway.services.security.AliasServiceException;
-import org.apache.hadoop.gateway.topology.Provider;
-import org.apache.hadoop.gateway.topology.Service;
-
-import java.util.List;
-
-public class EncryptUriDeploymentContributor
-    extends ProviderDeploymentContributorBase
-    implements ProviderDeploymentContributor {
-
-  private static EncryptUriMessages log = MessagesFactory.get( EncryptUriMessages.class );
-  public static final String PROVIDER_ROLE_NAME = "encrypt";
-  public static final String PROVIDER_IMPL_NAME = "default";
-  private AliasService as;
-
-  @Override
-  public String getRole() {
-    return PROVIDER_ROLE_NAME;
-  }
-
-  @Override
-  public String getName() {
-    return PROVIDER_IMPL_NAME;
-  }
-
-  public void setAliasService(AliasService as) {
-    this.as = as;
-  }
-
-  @Override
-  public void initializeContribution(DeploymentContext context) {
-    super.initializeContribution(context);
-
-    String clusterName = context.getTopology().getName();
-
-    // we don't want to overwrite an existing alias from a previous topology deployment
-    // so we can't just blindly generateAlias here.
-    // this version of getPassword will generate a value for it only if missing
-    try {
-      this.as.getPasswordFromAliasForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, true);
-    } catch (AliasServiceException e) {
-      log.unableCreatePasswordForEncryption(e);
-    }
-  }
-
-  @Override
-  public void contributeProvider( DeploymentContext context, Provider provider ) {
-  }
-
-  @Override
-  public void contributeFilter(
-      DeploymentContext context,
-      Provider provider,
-      Service service,
-      ResourceDescriptor resource,
-      List<FilterParamDescriptor> params ) {
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java
deleted file mode 100644
index 2b0554e..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriProcessor.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Arrays;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.hadoop.gateway.encrypturi.EncryptStepContextParams;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteContext;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.EncryptionResult;
-import org.apache.hadoop.gateway.util.urltemplate.Expander;
-import org.apache.hadoop.gateway.util.urltemplate.Parser;
-import org.apache.hadoop.gateway.util.urltemplate.Template;
-
-public class EncryptUriProcessor
-    implements UrlRewriteStepProcessor<EncryptUriDescriptor> {
-
-  private String clusterName;
-  private CryptoService cryptoService;
-  private String template;
-  private String param;
-
-  @Override
-  public String getType() {
-    return EncryptUriDescriptor.STEP_NAME;
-  }
-
-  @Override
-  public void initialize( UrlRewriteEnvironment environment, EncryptUriDescriptor descriptor ) throws Exception {
-    clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
-    GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
-    cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
-    template = descriptor.getTemplate();
-    param = descriptor.getParam();
-  }
-
-  @Override
-  public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
-    if( param != null && !param.isEmpty() && template != null && !template.isEmpty() ) {
-      Template uri = Parser.parseTemplate( template );
-      String resolvedTemplate = Expander.expandToString( uri, context.getParameters(), context.getEvaluator() );
-      if( resolvedTemplate != null && !resolvedTemplate.isEmpty() ) {
-        String endcoedUrl = encode( resolvedTemplate );
-        EncryptStepContextParams params = new EncryptStepContextParams();
-        params.addParam( param, Arrays.asList( endcoedUrl ) );
-        context.addParameters( params );
-        return UrlRewriteStepStatus.SUCCESS;
-      }
-    }
-    return UrlRewriteStepStatus.FAILURE;
-  }
-
-  @Override
-  public void destroy() {
-  }
-
-  private String encode( String string ) throws UnsupportedEncodingException {
-    EncryptionResult result = cryptoService.encryptForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, string.getBytes("UTF-8"));
-    string = Base64.encodeBase64URLSafeString(result.toByteAray());
-    return string;
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java
new file mode 100644
index 0000000..919660a
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptStepContextParams.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.knox.gateway.util.urltemplate.Params;
+
+public class EncryptStepContextParams implements Params {
+  Map<String, List<String>> params = new HashMap<>();
+
+  public EncryptStepContextParams() {
+  }
+
+  @Override
+  public List<String> resolve( String name ) {
+    return params.get( name );
+  }
+
+  @Override
+  public Set<String> getNames() {
+    return params.keySet();
+  }
+
+  public void addParam( String name, List<String> values ) {
+    params.put( name, values );
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java
new file mode 100644
index 0000000..afcc384
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/EncryptUriMessages.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi;
+
+import org.apache.knox.gateway.i18n.messages.Message;
+import org.apache.knox.gateway.i18n.messages.MessageLevel;
+import org.apache.knox.gateway.i18n.messages.Messages;
+import org.apache.knox.gateway.i18n.messages.StackTrace;
+
+@Messages(logger="org.apache.hadoop.gateway.encrypturi")
+public interface EncryptUriMessages {
+
+  @Message( level = MessageLevel.ERROR, text = "Failed to create or verify the presence of a password for URL encryption: {0}" )
+  void unableCreatePasswordForEncryption(@StackTrace( level = MessageLevel.DEBUG ) Exception e);
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java
new file mode 100644
index 0000000..886e181
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptor.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import org.apache.knox.gateway.filter.rewrite.ext.UrlRewriteActionDescriptor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteActionDescriptorBase;
+
+public class DecryptUriDescriptor extends UrlRewriteActionDescriptorBase
+    implements UrlRewriteActionDescriptor {
+  public static final String STEP_NAME = "decrypt";
+  private String param;
+
+  public DecryptUriDescriptor() {
+    super( STEP_NAME );
+  }
+
+  public String getParam() {
+    return param;
+  }
+
+  public void setParam( String param ) {
+    this.param = param;
+  }
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java
new file mode 100644
index 0000000..7dbae0a
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptor.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import org.apache.knox.gateway.filter.rewrite.ext.UrlRewriteActionDescriptor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteActionDescriptorBase;
+
+public class EncryptUriDescriptor extends UrlRewriteActionDescriptorBase
+    implements UrlRewriteActionDescriptor {
+  public static final String STEP_NAME = "encrypt";
+  public static final String PASSWORD_ALIAS = "encryptQueryString";
+  private String template;
+  private String param;
+
+  public EncryptUriDescriptor() {
+    super( STEP_NAME );
+  }
+
+  public String getTemplate() {
+    return template;
+  }
+
+  public void setTemplate( String template ) {
+    this.template = template;
+  }
+
+  public String getParam() {
+    return param;
+  }
+
+  public void setParam( String param ) {
+    this.param = param;
+  }
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java
new file mode 100644
index 0000000..c1b2e8e
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/DecryptUriProcessor.java
@@ -0,0 +1,90 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.knox.gateway.encrypturi.EncryptStepContextParams;
+import org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.EncryptionResult;
+import org.apache.knox.gateway.util.urltemplate.Expander;
+import org.apache.knox.gateway.util.urltemplate.Parser;
+import org.apache.knox.gateway.util.urltemplate.Template;
+
+public class DecryptUriProcessor
+    implements UrlRewriteStepProcessor<DecryptUriDescriptor> {
+
+  private String clusterName;
+  private CryptoService cryptoService;
+  private String param;
+
+  @Override
+  public String getType() {
+    return DecryptUriDescriptor.STEP_NAME;
+  }
+
+  @Override
+  public void initialize( UrlRewriteEnvironment environment, DecryptUriDescriptor descriptor ) throws Exception {
+    clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
+    GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
+    cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
+    param = descriptor.getParam();
+  }
+
+  @Override
+  public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
+    if( param != null && !param.isEmpty() ) {
+      Template template = Parser.parseTemplate( "{" + param + "}" );
+      String resolvedTemplate = Expander
+          .expandToString( template, context.getParameters(), context.getEvaluator() );
+      String url = decode( resolvedTemplate );
+      EncryptStepContextParams params = new EncryptStepContextParams();
+      params.addParam( param, Arrays.asList( url ) );
+      context.addParameters( params );
+      return UrlRewriteStepStatus.SUCCESS;
+    }
+    return UrlRewriteStepStatus.FAILURE;
+  }
+
+  @Override
+  public void destroy() {
+  }
+
+  private String decode( String string ) throws UnsupportedEncodingException {
+    byte[] bytes = Base64.decodeBase64( string );
+    EncryptionResult result = EncryptionResult.fromByteArray(bytes);
+    byte[] clear = cryptoService.decryptForCluster(clusterName,
+        EncryptUriDescriptor.PASSWORD_ALIAS,
+        result.cipher,
+        result.iv,
+        result.salt);
+    if (clear != null) {
+      return new String(clear);
+    }
+    return null;
+  }
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
new file mode 100644
index 0000000..b3ac725
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributor.java
@@ -0,0 +1,87 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import org.apache.knox.gateway.deploy.DeploymentContext;
+import org.apache.knox.gateway.deploy.ProviderDeploymentContributor;
+import org.apache.knox.gateway.deploy.ProviderDeploymentContributorBase;
+import org.apache.knox.gateway.descriptor.FilterParamDescriptor;
+import org.apache.knox.gateway.descriptor.ResourceDescriptor;
+import org.apache.knox.gateway.encrypturi.EncryptUriMessages;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.i18n.messages.MessagesFactory;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.AliasServiceException;
+import org.apache.knox.gateway.topology.Provider;
+import org.apache.knox.gateway.topology.Service;
+
+import java.util.List;
+
+public class EncryptUriDeploymentContributor
+    extends ProviderDeploymentContributorBase
+    implements ProviderDeploymentContributor {
+
+  private static EncryptUriMessages log = MessagesFactory.get( EncryptUriMessages.class );
+  public static final String PROVIDER_ROLE_NAME = "encrypt";
+  public static final String PROVIDER_IMPL_NAME = "default";
+  private AliasService as;
+
+  @Override
+  public String getRole() {
+    return PROVIDER_ROLE_NAME;
+  }
+
+  @Override
+  public String getName() {
+    return PROVIDER_IMPL_NAME;
+  }
+
+  public void setAliasService(AliasService as) {
+    this.as = as;
+  }
+
+  @Override
+  public void initializeContribution(DeploymentContext context) {
+    super.initializeContribution(context);
+
+    String clusterName = context.getTopology().getName();
+
+    // we don't want to overwrite an existing alias from a previous topology deployment
+    // so we can't just blindly generateAlias here.
+    // this version of getPassword will generate a value for it only if missing
+    try {
+      this.as.getPasswordFromAliasForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, true);
+    } catch (AliasServiceException e) {
+      log.unableCreatePasswordForEncryption(e);
+    }
+  }
+
+  @Override
+  public void contributeProvider( DeploymentContext context, Provider provider ) {
+  }
+
+  @Override
+  public void contributeFilter(
+      DeploymentContext context,
+      Provider provider,
+      Service service,
+      ResourceDescriptor resource,
+      List<FilterParamDescriptor> params ) {
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java
new file mode 100644
index 0000000..413ddfc
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriProcessor.java
@@ -0,0 +1,86 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.knox.gateway.encrypturi.EncryptStepContextParams;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.EncryptionResult;
+import org.apache.knox.gateway.util.urltemplate.Expander;
+import org.apache.knox.gateway.util.urltemplate.Parser;
+import org.apache.knox.gateway.util.urltemplate.Template;
+
+public class EncryptUriProcessor
+    implements UrlRewriteStepProcessor<EncryptUriDescriptor> {
+
+  private String clusterName;
+  private CryptoService cryptoService;
+  private String template;
+  private String param;
+
+  @Override
+  public String getType() {
+    return EncryptUriDescriptor.STEP_NAME;
+  }
+
+  @Override
+  public void initialize( UrlRewriteEnvironment environment, EncryptUriDescriptor descriptor ) throws Exception {
+    clusterName = environment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE );
+    GatewayServices services = environment.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
+    cryptoService = (CryptoService) services.getService(GatewayServices.CRYPTO_SERVICE);
+    template = descriptor.getTemplate();
+    param = descriptor.getParam();
+  }
+
+  @Override
+  public UrlRewriteStepStatus process( UrlRewriteContext context ) throws Exception {
+    if( param != null && !param.isEmpty() && template != null && !template.isEmpty() ) {
+      Template uri = Parser.parseTemplate( template );
+      String resolvedTemplate = Expander
+          .expandToString( uri, context.getParameters(), context.getEvaluator() );
+      if( resolvedTemplate != null && !resolvedTemplate.isEmpty() ) {
+        String endcoedUrl = encode( resolvedTemplate );
+        EncryptStepContextParams params = new EncryptStepContextParams();
+        params.addParam( param, Arrays.asList( endcoedUrl ) );
+        context.addParameters( params );
+        return UrlRewriteStepStatus.SUCCESS;
+      }
+    }
+    return UrlRewriteStepStatus.FAILURE;
+  }
+
+  @Override
+  public void destroy() {
+  }
+
+  private String encode( String string ) throws UnsupportedEncodingException {
+    EncryptionResult result = cryptoService.encryptForCluster(clusterName, EncryptUriDescriptor.PASSWORD_ALIAS, string.getBytes("UTF-8"));
+    string = Base64.encodeBase64URLSafeString(result.toByteAray());
+    return string;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor
deleted file mode 100644
index 328b0a0..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor
+++ /dev/null
@@ -1,19 +0,0 @@
-##########################################################################
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##########################################################################
-
-org.apache.hadoop.gateway.encrypturi.impl.EncryptUriDeploymentContributor

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
deleted file mode 100644
index 1404210..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
+++ /dev/null
@@ -1,20 +0,0 @@
-##########################################################################
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##########################################################################
-
-org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor
-org.apache.hadoop.gateway.encrypturi.api.DecryptUriDescriptor

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
deleted file mode 100644
index 14bd1d5..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
+++ /dev/null
@@ -1,20 +0,0 @@
-##########################################################################
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##########################################################################
-
-org.apache.hadoop.gateway.encrypturi.impl.EncryptUriProcessor
-org.apache.hadoop.gateway.encrypturi.impl.DecryptUriProcessor

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor
new file mode 100644
index 0000000..2486c9b
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.deploy.ProviderDeploymentContributor
@@ -0,0 +1,19 @@
+##########################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##########################################################################
+
+org.apache.knox.gateway.encrypturi.impl.EncryptUriDeploymentContributor

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
new file mode 100644
index 0000000..c7f1465
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor
@@ -0,0 +1,20 @@
+##########################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##########################################################################
+
+org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor
+org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
new file mode 100644
index 0000000..2678c6d
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/main/resources/META-INF/services/org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor
@@ -0,0 +1,20 @@
+##########################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##########################################################################
+
+org.apache.knox.gateway.encrypturi.impl.EncryptUriProcessor
+org.apache.knox.gateway.encrypturi.impl.DecryptUriProcessor

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java
deleted file mode 100644
index c51bbd7..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/DecryptUriDescriptorTest.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.api;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.nullValue;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.fail;
-
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
-import org.junit.Test;
-
-public class DecryptUriDescriptorTest {
-
-  @Test
-  @SuppressWarnings("rawtypes")
-  public void testServiceLoader() throws Exception {
-    ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
-    Iterator iterator = loader.iterator();
-    assertThat( "Service iterator empty.", iterator.hasNext() );
-    while( iterator.hasNext() ) {
-      Object object = iterator.next();
-      if( object instanceof DecryptUriDescriptor ) {
-        return;
-      }
-    }
-    fail( "Failed to find " + DecryptUriDescriptor.class.getName() + " via service loader." );
-  }
-
-  @Test
-  public void testGetAndSet() {
-    DecryptUriDescriptor descriptor = new DecryptUriDescriptor();
-    assertThat( descriptor.type(), is( "decrypt" ) );
-    assertThat( descriptor.getParam(), nullValue() );
-
-  }
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java
deleted file mode 100644
index ea0c61a..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/api/EncryptUriDescriptorTest.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.api;
-
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
-import org.junit.Test;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.nullValue;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.fail;
-
-public class EncryptUriDescriptorTest {
-
-  @Test
-  @SuppressWarnings("rawtypes")
-  public void testServiceLoader() throws Exception {
-    ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
-    Iterator iterator = loader.iterator();
-    assertThat( "Service iterator empty.", iterator.hasNext() );
-    while( iterator.hasNext() ) {
-      Object object = iterator.next();
-      if( object instanceof EncryptUriDescriptor ) {
-        return;
-      }
-    }
-    fail( "Failed to find " + EncryptUriDescriptor.class.getName() + " via service loader." );
-  }
-
-  @Test
-  public void testGetAndSet() {
-    EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
-    assertThat( descriptor.type(), is( "encrypt" ) );
-    assertThat( descriptor.getParam(), nullValue() );
-
-  }
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
deleted file mode 100644
index 9e9f93c..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
+++ /dev/null
@@ -1,157 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import org.apache.hadoop.gateway.encrypturi.EncryptStepContextParams;
-import org.apache.hadoop.gateway.encrypturi.api.DecryptUriDescriptor;
-import org.apache.hadoop.gateway.encrypturi.api.EncryptUriDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteContext;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.AliasService;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.impl.DefaultCryptoService;
-import org.easymock.Capture;
-import org.easymock.EasyMock;
-import org.junit.Test;
-
-import java.util.Arrays;
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.notNullValue;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.core.IsNot.not;
-import static org.hamcrest.text.IsEmptyString.isEmptyOrNullString;
-import static org.junit.Assert.fail;
-
-
-public class EncryptDecryptUriProcessorTest {
-
-  @SuppressWarnings("rawtypes")
-  @Test
-  public void testServiceLoader() throws Exception {
-    ServiceLoader loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
-    Iterator iterator = loader.iterator();
-    assertThat( "Service iterator empty.", iterator.hasNext() );
-    while( iterator.hasNext() ) {
-      Object object = iterator.next();
-      if( object instanceof EncryptUriProcessor ) {
-        return;
-      }
-    }
-    fail( "Failed to find " + EncryptUriProcessor.class.getName() + " via service loader." );
-
-    loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
-    iterator = loader.iterator();
-    assertThat( "Service iterator empty.", iterator.hasNext() );
-    while( iterator.hasNext() ) {
-      Object object = iterator.next();
-      if( object instanceof DecryptUriProcessor ) {
-        return;
-      }
-    }
-    fail( "Failed to find " + DecryptUriProcessor.class.getName() + " via service loader." );
-  }
-
-  @Test
-  public void testEncryptDecrypt() throws Exception {
-    String encryptedValueParamName = "address";
-    String clusterName = "test-cluster-name";
-    String passwordAlias = "encryptQueryString";
-
-    // Test encryption.  Result is in encryptedAdrress
-
-    AliasService as = EasyMock.createNiceMock( AliasService.class );
-    String secret = "asdf";
-    EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
-    CryptoService cryptoService = new DefaultCryptoService();
-    ((DefaultCryptoService)cryptoService).setAliasService( as );
-    GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
-    EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
-
-    UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
-    EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
-    EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
-    UrlRewriteContext encContext = EasyMock.createNiceMock( UrlRewriteContext.class );
-
-    EncryptStepContextParams hostPortParams = new EncryptStepContextParams();
-    hostPortParams.addParam( "host", Arrays.asList( "host.yarn.com" ) );
-    hostPortParams.addParam( "port", Arrays.asList( "8088" ) );
-    EasyMock.expect( encContext.getParameters() ).andReturn( hostPortParams );
-
-
-    Capture<EncryptStepContextParams> encodedValue = new Capture<EncryptStepContextParams>();
-    encContext.addParameters( EasyMock.capture( encodedValue ) );
-
-    EasyMock.replay( gatewayServices, as, encEnvironment, encContext );
-
-    EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
-    descriptor.setTemplate( "{host}:{port}" );
-    descriptor.setParam( encryptedValueParamName );
-    EncryptUriProcessor processor = new EncryptUriProcessor();
-    processor.initialize( encEnvironment, descriptor );
-    UrlRewriteStepStatus encStatus = processor.process( encContext );
-
-    assertThat( encStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
-    assertThat( encodedValue.getValue(), notNullValue() );
-    assertThat( encodedValue.getValue().resolve( encryptedValueParamName ).size(), is( 1 ) );
-    String encryptedAdrress = encodedValue.getValue().resolve( encryptedValueParamName ).get( 0 );
-    assertThat( encryptedAdrress, not( isEmptyOrNullString() ) );
-    assertThat( encryptedAdrress, not( "{host}:{port}" ) );
-    assertThat( encryptedAdrress, not( "hdp:8088" ) );
-
-    // Test decryption.  Result is in dectryptedAdrress.
-    String decParam = "foo";
-    gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
-    EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
-    as = EasyMock.createNiceMock( AliasService.class );
-    EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
-
-    UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
-    EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
-    EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
-    UrlRewriteContext decContext = EasyMock.createNiceMock( UrlRewriteContext.class );
-
-    EncryptStepContextParams encryptedParams = new EncryptStepContextParams();
-    encryptedParams.addParam( decParam, Arrays.asList( encryptedAdrress ) ); //Value was encrypted by EncryptUriProcessor
-    encryptedParams.addParam( "foo1", Arrays.asList( "test" ) );
-    EasyMock.expect( decContext.getParameters() ).andReturn( encryptedParams );
-
-    Capture<EncryptStepContextParams> decodedValue = new Capture<EncryptStepContextParams>();
-    decContext.addParameters( EasyMock.capture( decodedValue ) );
-
-    EasyMock.replay( gatewayServices, as, decEnvironment, decContext );
-
-    DecryptUriDescriptor decDescriptor = new DecryptUriDescriptor();
-    decDescriptor.setParam( decParam );
-
-    DecryptUriProcessor decProcessor = new DecryptUriProcessor();
-    decProcessor.initialize( decEnvironment, decDescriptor );
-    UrlRewriteStepStatus decStatus = decProcessor.process( decContext );
-    assertThat( decStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
-    assertThat( decodedValue.getValue(), notNullValue() );
-    assertThat( decodedValue.getValue().resolve( decParam ).size(), is( 1 ) );
-    String dectryptedAdrress = decodedValue.getValue().resolve( decParam ).get( 0 );
-    assertThat( dectryptedAdrress, is ( "host.yarn.com:8088" ) );
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
deleted file mode 100644
index 7f09224..0000000
--- a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/hadoop/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.encrypturi.impl;
-
-import org.apache.hadoop.gateway.deploy.DeploymentContext;
-import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor;
-import org.apache.hadoop.gateway.filter.rewrite.api.UrlRewriteEnvironment;
-import org.apache.hadoop.gateway.services.GatewayServices;
-import org.apache.hadoop.gateway.services.security.AliasService;
-import org.apache.hadoop.gateway.services.security.CryptoService;
-import org.apache.hadoop.gateway.services.security.impl.DefaultCryptoService;
-import org.apache.hadoop.gateway.topology.Provider;
-import org.apache.hadoop.gateway.topology.Topology;
-import org.easymock.EasyMock;
-import org.jboss.shrinkwrap.api.ShrinkWrap;
-import org.jboss.shrinkwrap.api.spec.WebArchive;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.util.Iterator;
-import java.util.ServiceLoader;
-
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.fail;
-
-public class EncryptUriDeploymentContributorTest {
-
-  @SuppressWarnings("rawtypes")
-  @Test
-  public void testServiceLoader() throws Exception {
-    ServiceLoader loader = ServiceLoader.load( ProviderDeploymentContributor.class );
-    Iterator iterator = loader.iterator();
-    assertThat( "Service iterator empty.", iterator.hasNext() );
-    while( iterator.hasNext() ) {
-      Object object = iterator.next();
-      if( object instanceof EncryptUriDeploymentContributor ) {
-        return;
-      }
-    }
-    fail( "Failed to find " + EncryptUriDeploymentContributor.class.getName() + " via service loader." );
-  }
-
-  @Test
-  public void testDeployment() throws IOException {
-    WebArchive webArchive = ShrinkWrap.create( WebArchive.class, "test-acrhive" );
-
-    Provider provider = new Provider();
-    provider.setEnabled( true );
-    provider.setName( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME );
-
-    Topology topology = new Topology();
-    topology.setName( "Sample" );
-
-    DeploymentContext context = EasyMock.createNiceMock( DeploymentContext.class );
-
-    EasyMock.expect( context.getWebArchive() ).andReturn( webArchive ).anyTimes();
-    EasyMock.expect( context.getTopology() ).andReturn( topology ).anyTimes();
-    EasyMock.replay( context );
-
-    AliasService as = EasyMock.createNiceMock( AliasService.class );
-    CryptoService cryptoService = new DefaultCryptoService();
-    ((DefaultCryptoService) cryptoService).setAliasService( as );
-
-    GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
-    EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService ).anyTimes();
-
-    UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
-    EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
-
-    EncryptUriDeploymentContributor contributor = new EncryptUriDeploymentContributor();
-    contributor.setAliasService( as );
-
-    assertThat( contributor.getRole(), is( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME ) );
-    assertThat( contributor.getName(), is( EncryptUriDeploymentContributor.PROVIDER_IMPL_NAME ) );
-
-    // Just make sure it doesn't blow up.
-    contributor.contributeFilter( null, null, null, null, null );
-
-    // Just make sure it doesn't blow up.
-    contributor.initializeContribution( context );
-
-    contributor.contributeProvider( context, provider );
-
-    // Just make sure it doesn't blow up.
-    contributor.finalizeContribution( context );
-
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java
new file mode 100644
index 0000000..af73679
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/DecryptUriDescriptorTest.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.fail;
+
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
+import org.junit.Test;
+
+public class DecryptUriDescriptorTest {
+
+  @Test
+  @SuppressWarnings("rawtypes")
+  public void testServiceLoader() throws Exception {
+    ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
+    Iterator iterator = loader.iterator();
+    assertThat( "Service iterator empty.", iterator.hasNext() );
+    while( iterator.hasNext() ) {
+      Object object = iterator.next();
+      if( object instanceof DecryptUriDescriptor ) {
+        return;
+      }
+    }
+    fail( "Failed to find " + DecryptUriDescriptor.class.getName() + " via service loader." );
+  }
+
+  @Test
+  public void testGetAndSet() {
+    DecryptUriDescriptor descriptor = new DecryptUriDescriptor();
+    assertThat( descriptor.type(), is( "decrypt" ) );
+    assertThat( descriptor.getParam(), nullValue() );
+
+  }
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java
new file mode 100644
index 0000000..60d4206
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/api/EncryptUriDescriptorTest.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.api;
+
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteStepDescriptor;
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.fail;
+
+public class EncryptUriDescriptorTest {
+
+  @Test
+  @SuppressWarnings("rawtypes")
+  public void testServiceLoader() throws Exception {
+    ServiceLoader loader = ServiceLoader.load( UrlRewriteStepDescriptor.class );
+    Iterator iterator = loader.iterator();
+    assertThat( "Service iterator empty.", iterator.hasNext() );
+    while( iterator.hasNext() ) {
+      Object object = iterator.next();
+      if( object instanceof EncryptUriDescriptor ) {
+        return;
+      }
+    }
+    fail( "Failed to find " + EncryptUriDescriptor.class.getName() + " via service loader." );
+  }
+
+  @Test
+  public void testGetAndSet() {
+    EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
+    assertThat( descriptor.type(), is( "encrypt" ) );
+    assertThat( descriptor.getParam(), nullValue() );
+
+  }
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
new file mode 100644
index 0000000..4758982
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptDecryptUriProcessorTest.java
@@ -0,0 +1,157 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import org.apache.knox.gateway.encrypturi.EncryptStepContextParams;
+import org.apache.knox.gateway.encrypturi.api.DecryptUriDescriptor;
+import org.apache.knox.gateway.encrypturi.api.EncryptUriDescriptor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteContext;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepProcessor;
+import org.apache.knox.gateway.filter.rewrite.spi.UrlRewriteStepStatus;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.impl.DefaultCryptoService;
+import org.easymock.Capture;
+import org.easymock.EasyMock;
+import org.junit.Test;
+
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.core.IsNot.not;
+import static org.hamcrest.text.IsEmptyString.isEmptyOrNullString;
+import static org.junit.Assert.fail;
+
+
+public class EncryptDecryptUriProcessorTest {
+
+  @SuppressWarnings("rawtypes")
+  @Test
+  public void testServiceLoader() throws Exception {
+    ServiceLoader loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
+    Iterator iterator = loader.iterator();
+    assertThat( "Service iterator empty.", iterator.hasNext() );
+    while( iterator.hasNext() ) {
+      Object object = iterator.next();
+      if( object instanceof EncryptUriProcessor ) {
+        return;
+      }
+    }
+    fail( "Failed to find " + EncryptUriProcessor.class.getName() + " via service loader." );
+
+    loader = ServiceLoader.load( UrlRewriteStepProcessor.class );
+    iterator = loader.iterator();
+    assertThat( "Service iterator empty.", iterator.hasNext() );
+    while( iterator.hasNext() ) {
+      Object object = iterator.next();
+      if( object instanceof DecryptUriProcessor ) {
+        return;
+      }
+    }
+    fail( "Failed to find " + DecryptUriProcessor.class.getName() + " via service loader." );
+  }
+
+  @Test
+  public void testEncryptDecrypt() throws Exception {
+    String encryptedValueParamName = "address";
+    String clusterName = "test-cluster-name";
+    String passwordAlias = "encryptQueryString";
+
+    // Test encryption.  Result is in encryptedAdrress
+
+    AliasService as = EasyMock.createNiceMock( AliasService.class );
+    String secret = "asdf";
+    EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
+    CryptoService cryptoService = new DefaultCryptoService();
+    ((DefaultCryptoService)cryptoService).setAliasService( as );
+    GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
+    EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
+
+    UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
+    EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
+    EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
+    UrlRewriteContext encContext = EasyMock.createNiceMock( UrlRewriteContext.class );
+
+    EncryptStepContextParams hostPortParams = new EncryptStepContextParams();
+    hostPortParams.addParam( "host", Arrays.asList( "host.yarn.com" ) );
+    hostPortParams.addParam( "port", Arrays.asList( "8088" ) );
+    EasyMock.expect( encContext.getParameters() ).andReturn( hostPortParams );
+
+
+    Capture<EncryptStepContextParams> encodedValue = new Capture<EncryptStepContextParams>();
+    encContext.addParameters( EasyMock.capture( encodedValue ) );
+
+    EasyMock.replay( gatewayServices, as, encEnvironment, encContext );
+
+    EncryptUriDescriptor descriptor = new EncryptUriDescriptor();
+    descriptor.setTemplate( "{host}:{port}" );
+    descriptor.setParam( encryptedValueParamName );
+    EncryptUriProcessor processor = new EncryptUriProcessor();
+    processor.initialize( encEnvironment, descriptor );
+    UrlRewriteStepStatus encStatus = processor.process( encContext );
+
+    assertThat( encStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
+    assertThat( encodedValue.getValue(), notNullValue() );
+    assertThat( encodedValue.getValue().resolve( encryptedValueParamName ).size(), is( 1 ) );
+    String encryptedAdrress = encodedValue.getValue().resolve( encryptedValueParamName ).get( 0 );
+    assertThat( encryptedAdrress, not( isEmptyOrNullString() ) );
+    assertThat( encryptedAdrress, not( "{host}:{port}" ) );
+    assertThat( encryptedAdrress, not( "hdp:8088" ) );
+
+    // Test decryption.  Result is in dectryptedAdrress.
+    String decParam = "foo";
+    gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
+    EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService );
+    as = EasyMock.createNiceMock( AliasService.class );
+    EasyMock.expect( as.getPasswordFromAliasForCluster( clusterName, passwordAlias ) ).andReturn( secret.toCharArray() ).anyTimes();
+
+    UrlRewriteEnvironment decEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
+    EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
+    EasyMock.expect( decEnvironment.getAttribute( GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE ) ).andReturn( clusterName ).anyTimes();
+    UrlRewriteContext decContext = EasyMock.createNiceMock( UrlRewriteContext.class );
+
+    EncryptStepContextParams encryptedParams = new EncryptStepContextParams();
+    encryptedParams.addParam( decParam, Arrays.asList( encryptedAdrress ) ); //Value was encrypted by EncryptUriProcessor
+    encryptedParams.addParam( "foo1", Arrays.asList( "test" ) );
+    EasyMock.expect( decContext.getParameters() ).andReturn( encryptedParams );
+
+    Capture<EncryptStepContextParams> decodedValue = new Capture<EncryptStepContextParams>();
+    decContext.addParameters( EasyMock.capture( decodedValue ) );
+
+    EasyMock.replay( gatewayServices, as, decEnvironment, decContext );
+
+    DecryptUriDescriptor decDescriptor = new DecryptUriDescriptor();
+    decDescriptor.setParam( decParam );
+
+    DecryptUriProcessor decProcessor = new DecryptUriProcessor();
+    decProcessor.initialize( decEnvironment, decDescriptor );
+    UrlRewriteStepStatus decStatus = decProcessor.process( decContext );
+    assertThat( decStatus, is ( UrlRewriteStepStatus.SUCCESS ) );
+    assertThat( decodedValue.getValue(), notNullValue() );
+    assertThat( decodedValue.getValue().resolve( decParam ).size(), is( 1 ) );
+    String dectryptedAdrress = decodedValue.getValue().resolve( decParam ).get( 0 );
+    assertThat( dectryptedAdrress, is ( "host.yarn.com:8088" ) );
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
new file mode 100644
index 0000000..8741119
--- /dev/null
+++ b/gateway-provider-rewrite-step-encrypt-uri/src/test/java/org/apache/knox/gateway/encrypturi/impl/EncryptUriDeploymentContributorTest.java
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.encrypturi.impl;
+
+import org.apache.knox.gateway.deploy.DeploymentContext;
+import org.apache.knox.gateway.deploy.ProviderDeploymentContributor;
+import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteEnvironment;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.CryptoService;
+import org.apache.knox.gateway.services.security.impl.DefaultCryptoService;
+import org.apache.knox.gateway.topology.Provider;
+import org.apache.knox.gateway.topology.Topology;
+import org.easymock.EasyMock;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.ServiceLoader;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.fail;
+
+public class EncryptUriDeploymentContributorTest {
+
+  @SuppressWarnings("rawtypes")
+  @Test
+  public void testServiceLoader() throws Exception {
+    ServiceLoader loader = ServiceLoader.load( ProviderDeploymentContributor.class );
+    Iterator iterator = loader.iterator();
+    assertThat( "Service iterator empty.", iterator.hasNext() );
+    while( iterator.hasNext() ) {
+      Object object = iterator.next();
+      if( object instanceof EncryptUriDeploymentContributor ) {
+        return;
+      }
+    }
+    fail( "Failed to find " + EncryptUriDeploymentContributor.class.getName() + " via service loader." );
+  }
+
+  @Test
+  public void testDeployment() throws IOException {
+    WebArchive webArchive = ShrinkWrap.create( WebArchive.class, "test-acrhive" );
+
+    Provider provider = new Provider();
+    provider.setEnabled( true );
+    provider.setName( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME );
+
+    Topology topology = new Topology();
+    topology.setName( "Sample" );
+
+    DeploymentContext context = EasyMock.createNiceMock( DeploymentContext.class );
+
+    EasyMock.expect( context.getWebArchive() ).andReturn( webArchive ).anyTimes();
+    EasyMock.expect( context.getTopology() ).andReturn( topology ).anyTimes();
+    EasyMock.replay( context );
+
+    AliasService as = EasyMock.createNiceMock( AliasService.class );
+    CryptoService cryptoService = new DefaultCryptoService();
+    ((DefaultCryptoService) cryptoService).setAliasService( as );
+
+    GatewayServices gatewayServices = EasyMock.createNiceMock( GatewayServices.class );
+    EasyMock.expect( gatewayServices.getService( GatewayServices.CRYPTO_SERVICE ) ).andReturn( cryptoService ).anyTimes();
+
+    UrlRewriteEnvironment encEnvironment = EasyMock.createNiceMock( UrlRewriteEnvironment.class );
+    EasyMock.expect( encEnvironment.getAttribute( GatewayServices.GATEWAY_SERVICES_ATTRIBUTE ) ).andReturn( gatewayServices ).anyTimes();
+
+    EncryptUriDeploymentContributor contributor = new EncryptUriDeploymentContributor();
+    contributor.setAliasService( as );
+
+    assertThat( contributor.getRole(), is( EncryptUriDeploymentContributor.PROVIDER_ROLE_NAME ) );
+    assertThat( contributor.getName(), is( EncryptUriDeploymentContributor.PROVIDER_IMPL_NAME ) );
+
+    // Just make sure it doesn't blow up.
+    contributor.contributeFilter( null, null, null, null, null );
+
+    // Just make sure it doesn't blow up.
+    contributor.initializeContribution( context );
+
+    contributor.contributeProvider( context, provider );
+
+    // Just make sure it doesn't blow up.
+    contributor.finalizeContribution( context );
+
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/af9b0c3d/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java b/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java
deleted file mode 100644
index f026e38..0000000
--- a/gateway-provider-rewrite-step-secure-query/src/main/java/org/apache/hadoop/gateway/securequery/SecureQueryDecodeDescriptor.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.securequery;
-
-import org.apache.hadoop.gateway.filter.rewrite.ext.UrlRewriteActionDescriptor;
-import org.apache.hadoop.gateway.filter.rewrite.spi.UrlRewriteActionDescriptorBase;
-
-public class SecureQueryDecodeDescriptor
-    extends UrlRewriteActionDescriptorBase
-    implements UrlRewriteActionDescriptor {
-
-  static final String STEP_NAME = "decode-query";
-
-  public SecureQueryDecodeDescriptor() {
-    super( STEP_NAME );
-  }
-
-  @Override
-  public String getParam() {
-    return null;
-  }
-
-}


Mime
View raw message