exec/java-exec/src/test/java/org/apache/drill/storage/CredentialsProviderImplementationsTest.java - drill - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.drill.storage;

 import com.bettercloud.vault.VaultException;
 import org.apache.drill.common.config.DrillConfig;
 import org.apache.drill.common.logical.security.CredentialsProvider;
 import org.apache.drill.exec.store.security.EnvCredentialsProvider;
 import org.apache.drill.exec.store.security.HadoopCredentialsProvider;
 import org.apache.drill.exec.store.security.UsernamePasswordCredentials;
 import org.apache.drill.exec.store.security.vault.VaultCredentialsProvider;
 import org.apache.drill.shaded.guava.com.google.common.collect.ImmutableMap;
 import org.apache.drill.test.ClusterFixture;
 import org.apache.drill.test.ClusterTest;
 import org.apache.hadoop.conf.Configuration;
 import org.junit.BeforeClass;
 import org.junit.ClassRule;
 import org.junit.Test;
 import org.testcontainers.utility.DockerImageName;
 import org.testcontainers.vault.VaultContainer;

 import java.util.Collections;
 import java.util.Map;

 import static org.junit.Assert.assertEquals;

 public class CredentialsProviderImplementationsTest extends ClusterTest {

   private static final String VAULT_TOKEN_VALUE = "vault-token";

   private static final String SECRET_PATH = "secret/testing";

   @ClassRule
   public static final VaultContainer<?> vaultContainer =
       new VaultContainer<>(DockerImageName.parse("vault").withTag("1.1.3"))
           .withVaultToken(VAULT_TOKEN_VALUE)
           .withVaultPort(8200)
           .withSecretInVault(SECRET_PATH,
               "top_secret=password1",
               "db_password=dbpassword1");

   @BeforeClass
   public static void init() throws Exception {
     startCluster(ClusterFixture.builder(dirTestWatcher)
         .configProperty(VaultCredentialsProvider.VAULT_ADDRESS, "http://" + vaultContainer.getHost() + ":" + vaultContainer.getMappedPort(8200))
     .configProperty(VaultCredentialsProvider.VAULT_TOKEN, VAULT_TOKEN_VALUE));
   }

   @Test
   public void testEnvCredentialsProvider() {
     String variableName = "USER";
     String expectedValue = System.getenv(variableName);

     CredentialsProvider envCredentialsProvider = new EnvCredentialsProvider(ImmutableMap.of(
         UsernamePasswordCredentials.USERNAME, variableName));

     Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();

     assertEquals(Collections.singletonMap(UsernamePasswordCredentials.USERNAME, expectedValue),
         actualCredentials);
   }

   @Test
   public void testHadoopCredentialsProvider() {
     Configuration configuration = new Configuration();
     String expectedUsernameValue = "user1";
     String expectedPassValue = "pass123!@#";
     String usernamePropertyName = "username_key";
     String passwordPropertyName = "password_key";
     configuration.set(usernamePropertyName, expectedUsernameValue);
     configuration.set(passwordPropertyName, expectedPassValue);

     CredentialsProvider envCredentialsProvider = new HadoopCredentialsProvider(configuration,
         ImmutableMap.of(
             UsernamePasswordCredentials.USERNAME, usernamePropertyName,
             UsernamePasswordCredentials.PASSWORD, passwordPropertyName));

     Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();

     assertEquals(ImmutableMap.of(
         UsernamePasswordCredentials.USERNAME, expectedUsernameValue,
         UsernamePasswordCredentials.PASSWORD, expectedPassValue),
         actualCredentials);
   }

   @Test
   public void testVaultCredentialsProvider() throws VaultException {
     DrillConfig config = cluster.drillbit().getContext().getConfig();

     CredentialsProvider envCredentialsProvider = new VaultCredentialsProvider(
         SECRET_PATH,
         ImmutableMap.of(UsernamePasswordCredentials.USERNAME, "top_secret",
             UsernamePasswordCredentials.PASSWORD, "db_password"),
         config);

     Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();

     assertEquals(ImmutableMap.of(UsernamePasswordCredentials.USERNAME, "password1",
         UsernamePasswordCredentials.PASSWORD, "dbpassword1"),
         actualCredentials);
   }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.drill.storage;

	import com.bettercloud.vault.VaultException;
	import org.apache.drill.common.config.DrillConfig;
	import org.apache.drill.common.logical.security.CredentialsProvider;
	import org.apache.drill.exec.store.security.EnvCredentialsProvider;
	import org.apache.drill.exec.store.security.HadoopCredentialsProvider;
	import org.apache.drill.exec.store.security.UsernamePasswordCredentials;
	import org.apache.drill.exec.store.security.vault.VaultCredentialsProvider;
	import org.apache.drill.shaded.guava.com.google.common.collect.ImmutableMap;
	import org.apache.drill.test.ClusterFixture;
	import org.apache.drill.test.ClusterTest;
	import org.apache.hadoop.conf.Configuration;
	import org.junit.BeforeClass;
	import org.junit.ClassRule;
	import org.junit.Test;
	import org.testcontainers.utility.DockerImageName;
	import org.testcontainers.vault.VaultContainer;

	import java.util.Collections;
	import java.util.Map;

	import static org.junit.Assert.assertEquals;

	public class CredentialsProviderImplementationsTest extends ClusterTest {

	private static final String VAULT_TOKEN_VALUE = "vault-token";

	private static final String SECRET_PATH = "secret/testing";

	@ClassRule
	public static final VaultContainer<?> vaultContainer =
	new VaultContainer<>(DockerImageName.parse("vault").withTag("1.1.3"))
	.withVaultToken(VAULT_TOKEN_VALUE)
	.withVaultPort(8200)
	.withSecretInVault(SECRET_PATH,
	"top_secret=password1",
	"db_password=dbpassword1");

	@BeforeClass
	public static void init() throws Exception {
	startCluster(ClusterFixture.builder(dirTestWatcher)
	.configProperty(VaultCredentialsProvider.VAULT_ADDRESS, "http://" + vaultContainer.getHost() + ":" + vaultContainer.getMappedPort(8200))
	.configProperty(VaultCredentialsProvider.VAULT_TOKEN, VAULT_TOKEN_VALUE));
	}

	@Test
	public void testEnvCredentialsProvider() {
	String variableName = "USER";
	String expectedValue = System.getenv(variableName);

	CredentialsProvider envCredentialsProvider = new EnvCredentialsProvider(ImmutableMap.of(
	UsernamePasswordCredentials.USERNAME, variableName));

	Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();

	assertEquals(Collections.singletonMap(UsernamePasswordCredentials.USERNAME, expectedValue),
	actualCredentials);
	}

	@Test
	public void testHadoopCredentialsProvider() {
	Configuration configuration = new Configuration();
	String expectedUsernameValue = "user1";
	String expectedPassValue = "pass123!@#";
	String usernamePropertyName = "username_key";
	String passwordPropertyName = "password_key";
	configuration.set(usernamePropertyName, expectedUsernameValue);
	configuration.set(passwordPropertyName, expectedPassValue);

	CredentialsProvider envCredentialsProvider = new HadoopCredentialsProvider(configuration,
	ImmutableMap.of(
	UsernamePasswordCredentials.USERNAME, usernamePropertyName,
	UsernamePasswordCredentials.PASSWORD, passwordPropertyName));

	Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();

	assertEquals(ImmutableMap.of(
	UsernamePasswordCredentials.USERNAME, expectedUsernameValue,
	UsernamePasswordCredentials.PASSWORD, expectedPassValue),
	actualCredentials);
	}

	@Test
	public void testVaultCredentialsProvider() throws VaultException {
	DrillConfig config = cluster.drillbit().getContext().getConfig();

	CredentialsProvider envCredentialsProvider = new VaultCredentialsProvider(
	SECRET_PATH,
	ImmutableMap.of(UsernamePasswordCredentials.USERNAME, "top_secret",
	UsernamePasswordCredentials.PASSWORD, "db_password"),
	config);

	Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();

	assertEquals(ImmutableMap.of(UsernamePasswordCredentials.USERNAME, "password1",
	UsernamePasswordCredentials.PASSWORD, "dbpassword1"),
	actualCredentials);
	}
	}