Improved SimpleKdcServer with token client and pkinit client, and refactored related tests
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AnonymousPkinitKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AnonymousPkinitKdcTest.java
index 7f1f5c2..bfd8746 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AnonymousPkinitKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AnonymousPkinitKdcTest.java
@@ -27,18 +27,21 @@
import org.apache.kerby.kerberos.kerb.server.KdcTestBase;
import org.apache.kerby.kerberos.kerb.type.ticket.SgtTicket;
import org.apache.kerby.kerberos.kerb.type.ticket.TgtTicket;
+import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import static org.assertj.core.api.Assertions.assertThat;
public class AnonymousPkinitKdcTest extends KdcTestBase {
-
private String serverPrincipal;
+ private KrbPkinitClient pkinitClient;
@Before
public void setUp() throws Exception {
super.setUp();
+
+ pkinitClient = getPkinitClient();
}
@Override
@@ -63,23 +66,19 @@
@Test
public void testAnonymity() throws Exception {
-
- getKrbClient().init();
-
-
TgtTicket tgt;
- KrbPkinitClient pkinitClient = new KrbPkinitClient(getKrbClient());
+
try {
tgt = pkinitClient.requestTgt();
} catch (KrbException te) {
te.printStackTrace();
- assertThat(te.getMessage().contains("timeout")).isTrue();
+ Assert.fail();
return;
}
assertThat(tgt).isNotNull();
serverPrincipal = getServerPrincipal();
- SgtTicket tkt = getKrbClient().requestSgt(tgt, serverPrincipal);
+ SgtTicket tkt = pkinitClient.requestSgt(tgt, serverPrincipal);
assertThat(tkt).isNotNull();
}
}
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java
index 3971265..e829625 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java
@@ -136,7 +136,7 @@
private void performTest() throws Exception {
createCredentialCache(getClientPrincipal(), getClientPassword());
- KrbTokenClient tokenClient = new KrbTokenClient(getKrbClient());
+ KrbTokenClient tokenClient = getTokenClient();
try {
SgtTicket sgtTicket = tokenClient.requestSgt(
getKrbToken(), getServerPrincipal(), getcCacheFile().getPath());
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java
index 1705bf9..05183ea 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java
@@ -50,11 +50,15 @@
private Certificate userCert;
private PrivateKey userKey; //NOPMD
+ private KrbPkinitClient pkinitClient;
+
@Before
public void setUp() throws Exception {
pkiLoader = new PkiLoader();
super.setUp();
+
+ pkinitClient = getPkinitClient();
}
@Override
@@ -80,10 +84,7 @@
public void testPkinit() throws Exception {
assertThat(userCert).isNotNull();
- getKrbClient().init();
-
TgtTicket tgt;
- KrbPkinitClient pkinitClient = new KrbPkinitClient(getKrbClient());
try {
String userCertPath = getClass().getResource("/usercert.pem").getPath();
String userKeyPath = getClass().getResource("/userkey.pem").getPath();
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java
index 5eaa176..acac0a0 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java
@@ -137,7 +137,7 @@
createCredentialCache(getClientPrincipal(), getClientPassword());
TgtTicket tgt;
- KrbTokenClient tokenClient = new KrbTokenClient(getKrbClient());
+ KrbTokenClient tokenClient = getTokenClient();
try {
tgt = tokenClient.requestTgt(getKrbToken(),
getcCacheFile().getPath());
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java
index f33309f..bed9e7d 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java
@@ -120,10 +120,10 @@
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider().createTokenEncoder();
if (tokenEncoder instanceof JwtTokenEncoder && signingKey != null) {
- ((JwtTokenEncoder) tokenEncoder).setSignKey(signingKey);
+ tokenEncoder.setSignKey(signingKey);
}
if (tokenEncoder instanceof JwtTokenEncoder && encryptionKey != null) {
- ((JwtTokenEncoder) tokenEncoder).setEncryptionKey(encryptionKey);
+ tokenEncoder.setEncryptionKey(encryptionKey);
}
krbToken = new KrbToken();
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
index 49bf5cf..8bc4205 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
@@ -21,6 +21,8 @@
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.client.KrbClient;
+import org.apache.kerby.kerberos.kerb.client.KrbPkinitClient;
+import org.apache.kerby.kerberos.kerb.client.KrbTokenClient;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
@@ -71,6 +73,14 @@
return kdcServer.getKrbClient();
}
+ protected KrbPkinitClient getPkinitClient() {
+ return kdcServer.getPkinitClient();
+ }
+
+ protected KrbTokenClient getTokenClient() {
+ return kdcServer.getTokenClient();
+ }
+
protected String getClientPrincipalName() {
return clientPrincipalName;
}
diff --git a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
index 0a7ad1d..5e83207 100644
--- a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
+++ b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
@@ -23,6 +23,8 @@
import org.apache.kerby.kerberos.kerb.admin.Kadmin;
import org.apache.kerby.kerberos.kerb.client.Krb5Conf;
import org.apache.kerby.kerberos.kerb.client.KrbClient;
+import org.apache.kerby.kerberos.kerb.client.KrbPkinitClient;
+import org.apache.kerby.kerberos.kerb.client.KrbTokenClient;
import org.apache.kerby.util.NetworkUtil;
import java.io.File;
@@ -36,9 +38,11 @@
private final KrbClient krbClnt;
private Kadmin kadmin;
private Krb5Conf krb5Conf;
-
private File workDir;
+ private KrbPkinitClient pkinitClient;
+ private KrbTokenClient tokenClient;
+
/**
* Default constructor.
*
@@ -155,6 +159,26 @@
}
/**
+ * @return PKINIT client
+ */
+ public KrbPkinitClient getPkinitClient() {
+ if (pkinitClient == null) {
+ pkinitClient = new KrbPkinitClient(krbClnt);
+ }
+ return pkinitClient;
+ }
+
+ /**
+ * @return Token client
+ */
+ public KrbTokenClient getTokenClient() {
+ if (tokenClient == null) {
+ tokenClient = new KrbTokenClient(krbClnt);
+ }
+ return tokenClient;
+ }
+
+ /**
* Get Kadmin operation interface.
* @return Kadmin
*/