Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.security.provider;
019
020import static org.junit.jupiter.api.Assertions.assertEquals;
021import static org.junit.jupiter.api.Assertions.assertSame;
022import static org.junit.jupiter.api.Assertions.assertThrows;
023import static org.junit.jupiter.api.Assertions.assertTrue;
024
025import java.io.IOException;
026import java.util.HashMap;
027import java.util.Map;
028import org.apache.hadoop.conf.Configuration;
029import org.apache.hadoop.hbase.HBaseConfiguration;
030import org.apache.hadoop.hbase.testclassification.SecurityTests;
031import org.apache.hadoop.hbase.testclassification.SmallTests;
032import org.apache.hadoop.security.UserGroupInformation;
033import org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod;
034import org.apache.hadoop.security.token.SecretManager;
035import org.apache.hadoop.security.token.TokenIdentifier;
036import org.junit.jupiter.api.Tag;
037import org.junit.jupiter.api.Test;
038
039@Tag(SmallTests.TAG)
040@Tag(SecurityTests.TAG)
041public class TestSaslServerAuthenticationProviders {
042
043  @Test
044  public void testCannotAddTheSameProviderTwice() {
045    HashMap<Byte, SaslServerAuthenticationProvider> registeredProviders = new HashMap<>();
046    SimpleSaslServerAuthenticationProvider p1 = new SimpleSaslServerAuthenticationProvider();
047    SimpleSaslServerAuthenticationProvider p2 = new SimpleSaslServerAuthenticationProvider();
048
049    SaslServerAuthenticationProviders.addProviderIfNotExists(p1, registeredProviders);
050    assertEquals(1, registeredProviders.size());
051
052    assertThrows(RuntimeException.class,
053      () -> SaslServerAuthenticationProviders.addProviderIfNotExists(p2, registeredProviders));
054
055    assertSame(p1, registeredProviders.entrySet().iterator().next().getValue(),
056      "Expected the original provider to be present");
057  }
058
059  @Test
060  public void instancesAreInitialized() {
061    Configuration conf = HBaseConfiguration.create();
062    conf.set(SaslServerAuthenticationProviders.EXTRA_PROVIDERS_KEY,
063      InitCheckingSaslServerAuthenticationProvider.class.getName());
064
065    SaslServerAuthenticationProviders providers = new SaslServerAuthenticationProviders(conf);
066
067    SaslServerAuthenticationProvider provider =
068      providers.selectProvider(InitCheckingSaslServerAuthenticationProvider.ID);
069    assertEquals(InitCheckingSaslServerAuthenticationProvider.class, provider.getClass());
070
071    assertTrue(((InitCheckingSaslServerAuthenticationProvider) provider).isInitialized(),
072      "Provider was not inititalized");
073  }
074
075  public static class InitCheckingSaslServerAuthenticationProvider
076    implements SaslServerAuthenticationProvider {
077    public static final byte ID = (byte) 88;
078    private boolean initialized = false;
079
080    public synchronized void init(Configuration conf) {
081      this.initialized = true;
082    }
083
084    public synchronized boolean isInitialized() {
085      return initialized;
086    }
087
088    @Override
089    public SaslAuthMethod getSaslAuthMethod() {
090      return new SaslAuthMethod("INIT_CHECKING", ID, "DIGEST-MD5", AuthenticationMethod.TOKEN);
091    }
092
093    @Override
094    public String getTokenKind() {
095      return "INIT_CHECKING_TOKEN";
096    }
097
098    @Override
099    public AttemptingUserProvidingSaslServer
100      createServer(SecretManager<TokenIdentifier> secretManager, Map<String, String> saslProps)
101        throws IOException {
102      throw new UnsupportedOperationException();
103    }
104
105    @Override
106    public boolean supportsProtocolAuthentication() {
107      return false;
108    }
109
110    @Override
111    public UserGroupInformation getAuthorizedUgi(String authzId,
112      SecretManager<TokenIdentifier> secretManager) throws IOException {
113      throw new UnsupportedOperationException();
114    }
115  }
116}