Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.security.provider;
019
020import static org.junit.jupiter.api.Assertions.assertEquals;
021import static org.junit.jupiter.api.Assertions.assertSame;
022import static org.junit.jupiter.api.Assertions.assertThrows;
023
024import java.io.IOException;
025import java.net.InetAddress;
026import java.util.HashMap;
027import java.util.Map;
028import javax.security.sasl.SaslClient;
029import org.apache.hadoop.conf.Configuration;
030import org.apache.hadoop.hbase.HBaseConfiguration;
031import org.apache.hadoop.hbase.security.SecurityInfo;
032import org.apache.hadoop.hbase.security.User;
033import org.apache.hadoop.hbase.testclassification.SecurityTests;
034import org.apache.hadoop.hbase.testclassification.SmallTests;
035import org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod;
036import org.apache.hadoop.security.token.Token;
037import org.apache.hadoop.security.token.TokenIdentifier;
038import org.junit.jupiter.api.Tag;
039import org.junit.jupiter.api.Test;
040
041import org.apache.hadoop.hbase.shaded.protobuf.generated.RPCProtos.UserInformation;
042
043@Tag(SmallTests.TAG)
044@Tag(SecurityTests.TAG)
045public class TestSaslClientAuthenticationProviders {
046
047  @Test
048  public void testCannotAddTheSameProviderTwice() {
049    HashMap<Byte, SaslClientAuthenticationProvider> registeredProviders = new HashMap<>();
050    SaslClientAuthenticationProvider p1 = new SimpleSaslClientAuthenticationProvider();
051    SaslClientAuthenticationProvider p2 = new SimpleSaslClientAuthenticationProvider();
052
053    SaslClientAuthenticationProviders.addProviderIfNotExists(p1, registeredProviders);
054    assertEquals(1, registeredProviders.size());
055
056    assertThrows(RuntimeException.class,
057      () -> SaslClientAuthenticationProviders.addProviderIfNotExists(p2, registeredProviders));
058
059    assertSame(p1, registeredProviders.entrySet().iterator().next().getValue(),
060      "Expected the original provider to be present");
061  }
062
063  @Test
064  public void testDifferentConflictingImplementationsFail() {
065    Configuration conf = HBaseConfiguration.create();
066    conf.setStrings(SaslClientAuthenticationProviders.EXTRA_PROVIDERS_KEY,
067      ConflictingProvider1.class.getName(), ConflictingProvider2.class.getName());
068    assertThrows(RuntimeException.class, () -> new SaslClientAuthenticationProviders(conf));
069  }
070
071  static class ConflictingProvider1 implements SaslClientAuthenticationProvider {
072    static final SaslAuthMethod METHOD1 =
073      new SaslAuthMethod("FOO", (byte) 12, "DIGEST-MD5", AuthenticationMethod.SIMPLE);
074
075    public ConflictingProvider1() {
076    }
077
078    @Override
079    public SaslAuthMethod getSaslAuthMethod() {
080      return METHOD1;
081    }
082
083    @Override
084    public String getTokenKind() {
085      return null;
086    }
087
088    @Override
089    public SaslClient createClient(Configuration conf, InetAddress serverAddr,
090      SecurityInfo securityInfo, Token<? extends TokenIdentifier> token, boolean fallbackAllowed,
091      Map<String, String> saslProps) throws IOException {
092      return null;
093    }
094
095    @Override
096    public UserInformation getUserInfo(User user) {
097      return null;
098    }
099  }
100
101  static class ConflictingProvider2 implements SaslClientAuthenticationProvider {
102    static final SaslAuthMethod METHOD2 =
103      new SaslAuthMethod("BAR", (byte) 12, "DIGEST-MD5", AuthenticationMethod.SIMPLE);
104
105    public ConflictingProvider2() {
106    }
107
108    @Override
109    public SaslAuthMethod getSaslAuthMethod() {
110      return METHOD2;
111    }
112
113    @Override
114    public String getTokenKind() {
115      return null;
116    }
117
118    @Override
119    public SaslClient createClient(Configuration conf, InetAddress serverAddr,
120      SecurityInfo securityInfo, Token<? extends TokenIdentifier> token, boolean fallbackAllowed,
121      Map<String, String> saslProps) throws IOException {
122      return null;
123    }
124
125    @Override
126    public UserInformation getUserInfo(User user) {
127      return null;
128    }
129  }
130}