001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.hbase.security.token; 019 020import static org.junit.jupiter.api.Assertions.assertNotNull; 021import static org.junit.jupiter.api.Assertions.assertNull; 022 023import org.apache.hadoop.conf.Configuration; 024import org.apache.hadoop.hbase.Abortable; 025import org.apache.hadoop.hbase.HBaseConfiguration; 026import org.apache.hadoop.hbase.HBaseTestingUtil; 027import org.apache.hadoop.hbase.testclassification.SecurityTests; 028import org.apache.hadoop.hbase.testclassification.SmallTests; 029import org.apache.hadoop.hbase.util.EnvironmentEdgeManager; 030import org.apache.hadoop.hbase.util.Writables; 031import org.apache.hadoop.hbase.zookeeper.ZKUtil; 032import org.apache.hadoop.hbase.zookeeper.ZKWatcher; 033import org.apache.hadoop.hbase.zookeeper.ZNodePaths; 034import org.junit.jupiter.api.AfterAll; 035import org.junit.jupiter.api.BeforeAll; 036import org.junit.jupiter.api.Tag; 037import org.junit.jupiter.api.Test; 038import org.slf4j.Logger; 039import org.slf4j.LoggerFactory; 040 041/** 042 * Test the refreshKeys in ZKSecretWatcher 043 */ 044@Tag(SecurityTests.TAG) 045@Tag(SmallTests.TAG) 046public class TestZKSecretWatcherRefreshKeys { 047 048 private static final Logger LOG = LoggerFactory.getLogger(TestZKSecretWatcherRefreshKeys.class); 049 private static HBaseTestingUtil TEST_UTIL; 050 051 private static class MockAbortable implements Abortable { 052 private boolean abort; 053 054 @Override 055 public void abort(String reason, Throwable e) { 056 LOG.info("Aborting: " + reason, e); 057 abort = true; 058 } 059 060 @Override 061 public boolean isAborted() { 062 return abort; 063 } 064 } 065 066 @BeforeAll 067 public static void setupBeforeClass() throws Exception { 068 TEST_UTIL = new HBaseTestingUtil(); 069 TEST_UTIL.startMiniZKCluster(); 070 } 071 072 @AfterAll 073 public static void tearDownAfterClass() throws Exception { 074 TEST_UTIL.shutdownMiniZKCluster(); 075 } 076 077 private static ZKWatcher newZK(Configuration conf, String name, Abortable abort) 078 throws Exception { 079 Configuration copy = HBaseConfiguration.create(conf); 080 ZKWatcher zk = new ZKWatcher(copy, name, abort); 081 return zk; 082 } 083 084 @Test 085 public void testRefreshKeys() throws Exception { 086 Configuration conf = TEST_UTIL.getConfiguration(); 087 ZKWatcher zk = newZK(conf, "127.0.0.1", new MockAbortable()); 088 AuthenticationTokenSecretManager keyManager = 089 new AuthenticationTokenSecretManager(conf, zk, "127.0.0.1", 60 * 60 * 1000, 60 * 1000); 090 ZKSecretWatcher watcher = new ZKSecretWatcher(conf, zk, keyManager); 091 ZKUtil.deleteChildrenRecursively(zk, watcher.getKeysParentZNode()); 092 Integer[] keys = { 1, 2, 3, 4, 5, 6 }; 093 for (Integer key : keys) { 094 AuthenticationKey ak = 095 new AuthenticationKey(key, EnvironmentEdgeManager.currentTime() + 600 * 1000, null); 096 ZKUtil.createWithParents(zk, 097 ZNodePaths.joinZNode(watcher.getKeysParentZNode(), key.toString()), Writables.getBytes(ak)); 098 } 099 assertNull(keyManager.getCurrentKey()); 100 watcher.refreshKeys(); 101 for (Integer key : keys) { 102 assertNotNull(keyManager.getKey(key.intValue())); 103 } 104 } 105}