Google Git
Sign in
apache / geode-native / 8a3877ed20be0ff5c74deb08641960f469188729 / . / tests / cpp / security / CredentialGenerator.cpp
blob: a5ff5f3ea2627ba4e9c4b9771f9481c80521d4ee [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "CredentialGenerator.hpp"
// Disable warning for "extra qualifications" here. One of the boost log
// headers triggers this warning. Note: use of disable pragma here is
// intentional - attempts to use push/pop as you ordinarily should just
// yielded a gripe from the MS tools that "warning number '4596' is not a
// valid compiler warning". re-enabling the warning after the include
// fails in the same way, so just leave it disabled for the rest of the
// file. This is safe, since the warning can only trigger inside a class
// declaration, of which there are none in this file.
#ifdef WIN32
#pragma warning(disable : 4596)
#endif
#include <boost/log/trivial.hpp>
#include "DummyCredentialGenerator.hpp"
#include "DummyCredentialGenerator2.hpp"
#include "DummyCredentialGenerator3.hpp"
#include "LdapUserCredentialGenerator.hpp"
#include "NoopCredentialGenerator.hpp"
#include "PkcsCredentialGenerator.hpp"
#include "Utils.hpp"
namespace apache {
namespace geode {
namespace client {
namespace testframework {
namespace security {
CredentialGenerator::registeredClassMap* CredentialGenerator::generatormap =
nullptr;
std::shared_ptr<CredentialGenerator> CredentialGenerator::create(
std::string scheme) {
if (generators().find(scheme) != generators().end()) {
return generators()[scheme];
// first call to create, nothing will be registered until now.
} else if (generators().size() == 0) {
registerScheme(
std::shared_ptr<CredentialGenerator>(new CredentialGenerator()));
registerScheme(
std::shared_ptr<CredentialGenerator>(new DummyCredentialGenerator()));
registerScheme(
std::shared_ptr<CredentialGenerator>(new DummyCredentialGenerator2()));
registerScheme(
std::shared_ptr<CredentialGenerator>(new DummyCredentialGenerator3()));
registerScheme(std::shared_ptr<CredentialGenerator>(
new LdapUserCredentialGenerator()));
registerScheme(
std::shared_ptr<CredentialGenerator>(new PKCSCredentialGenerator()));
registerScheme(
std::shared_ptr<CredentialGenerator>(new NoopCredentialGenerator()));
return create(scheme);
} else {
return std::shared_ptr<CredentialGenerator>(new CredentialGenerator());
}
}
void CredentialGenerator::dump() {
BOOST_LOG_TRIVIAL(info) << "dumping all registered classes ";
registeredClassMap::iterator it = generators().begin();
while (it != generators().end()) {
BOOST_LOG_TRIVIAL(info) << ((*it).second)->toString();
it++;
}
}
void CredentialGenerator::getAuthInit(std::shared_ptr<Properties>& prop) {
std::string authinit = getClientAuthInitLoaderFactory();
if (!authinit.empty()) {
BOOST_LOG_TRIVIAL(info) << "Authentication initializer : " << authinit
<< " library " << getClientAuthInitLoaderLibrary();
prop->insert("security-client-auth-factory", authinit.c_str());
prop->insert("security-client-auth-library",
getClientAuthInitLoaderLibrary().c_str());
}
}
std::string CredentialGenerator::getPublickeyfile() {
auto path = Utils::getEnv("TESTSRC");
if (path.empty()) {
path = Utils::getEnv("BUILDDIR") + "/framework/data";
}
return path + "/keystore/publickeyfile";
}
std::string CredentialGenerator::getServerCmdParams(std::string securityParams,
std::string workingDir,
bool userMode) {
std::string securityCmdStr;
BOOST_LOG_TRIVIAL(info) << "User mode is " << userMode;
if (securityParams.find("authenticator") != std::string::npos &&
!getClientAuthenticator().empty()) {
securityCmdStr = getInitArgs(workingDir, userMode);
securityCmdStr +=
std::string(" --J=-Dgemfire.security-client-authenticator=") +
getClientAuthenticator();
}
if ((securityParams.find("authorizer") != std::string::npos) &&
(!getClientAuthorizer().empty())) {
securityCmdStr += std::string(" --J=-Dgemfire.security-client-accessor=") +
getClientAuthorizer();
}
if ((securityParams.find("authorizerPP") != std::string::npos) &&
(!getClientAuthorizer().empty())) {
securityCmdStr +=
std::string(" --J=-Dgemfire.security-client-accessor-pp=") +
getClientAuthorizer();
}
if (m_id == ID_PKI) {
securityCmdStr +=
std::string(" --J=-Dgemfire.security-publickey-filepath=") +
getPublickeyfile();
securityCmdStr +=
std::string(" --J=-Dgemfire.security-publickey-pass=geode");
}
if ((securityParams.find("dummy") != std::string::npos) &&
(!getClientDummyAuthorizer().empty())) {
securityCmdStr += std::string(" --J=-Dgemfire.security-client-accessor=") +
getClientDummyAuthorizer();
}
#ifdef __COMPILE_DUNIT_ // lets suppress -N option in case of unit tests.
int idx;
while ((idx = securityCmdStr.find("--J=-Dgemfire.", 0)) >= 0) {
securityCmdStr.replace(idx, 2, "");
}
#endif
return securityCmdStr;
}
void CredentialGenerator::getValidCredentials(std::shared_ptr<Properties>&) {}
void CredentialGenerator::getInvalidCredentials(std::shared_ptr<Properties>&) {}
void CredentialGenerator::getAllowedCredentialsForOps(
opCodeList&, std::shared_ptr<Properties>&, stringList*) {}
void CredentialGenerator::getDisallowedCredentialsForOps(
opCodeList&, std::shared_ptr<Properties>&, stringList*) {}
std::string CredentialGenerator::getInitArgs(std::string, bool) { return ""; }
} // namespace security
} // namespace testframework
} // namespace client
} // namespace geode
} // namespace apache