solr/core/src/test/org/apache/solr/security/TestSha256AuthenticationProvider.java - lucene-solr - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.solr.security;

 import java.io.IOException;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;

 import org.apache.solr.SolrTestCaseJ4;
 import org.apache.solr.common.util.CommandOperation;
 import org.junit.Test;

 import static java.util.Collections.singletonMap;

 public class TestSha256AuthenticationProvider extends SolrTestCaseJ4 {
   public void testAuthenticate(){
     Sha256AuthenticationProvider zkAuthenticationProvider = new Sha256AuthenticationProvider();
     zkAuthenticationProvider.init(createConfigMap("ignore", "me"));

     String pwd = "Friendly";
     String user = "marcus";
     @SuppressWarnings({"rawtypes"})
     Map latestConf = createConfigMap(user, pwd);
     Map<String, Object> params = singletonMap(user, pwd);
     @SuppressWarnings({"unchecked"})
     Map<String, Object> result = zkAuthenticationProvider.edit(latestConf,
         Collections.singletonList(new CommandOperation("set-user",params )));
     zkAuthenticationProvider = new Sha256AuthenticationProvider();
     zkAuthenticationProvider.init(result);

     assertTrue(zkAuthenticationProvider.authenticate(user, pwd));
     assertFalse(zkAuthenticationProvider.authenticate(user, "WrongPassword"));
     assertFalse(zkAuthenticationProvider.authenticate("unknownuser", "WrongPassword"));

   }

   @SuppressWarnings({"unchecked"})
   public void testBasicAuthCommands() throws IOException {
     try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
       basicAuthPlugin.init(createConfigMap("ignore", "me"));

       @SuppressWarnings({"rawtypes"})
       Map latestConf = createConfigMap("solr", "SolrRocks");

       CommandOperation blockUnknown = new CommandOperation("set-property", singletonMap("blockUnknown", true));
       basicAuthPlugin.edit(latestConf, Collections.singletonList(blockUnknown));
       assertEquals(Boolean.TRUE, latestConf.get("blockUnknown"));
       basicAuthPlugin.init(latestConf);
       assertTrue(basicAuthPlugin.getBlockUnknown());
       blockUnknown = new CommandOperation("set-property", singletonMap("blockUnknown", false));
       basicAuthPlugin.edit(latestConf, Collections.singletonList(blockUnknown));
       assertEquals(Boolean.FALSE, latestConf.get("blockUnknown"));
       basicAuthPlugin.init(latestConf);
       assertFalse(basicAuthPlugin.getBlockUnknown());
     }
   }

   public void testBasicAuthWithCredentials() throws IOException {
     try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
       Map<String, Object> config = createConfigMap("solr", "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=");
       basicAuthPlugin.init(config);
       assertTrue(basicAuthPlugin.authenticate("solr", "SolrRocks"));
     }
   }

   @Test(expected = IllegalStateException.class)
   public void testBasicAuthUserNotFound() throws IOException {
     try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
       Map<String, Object> config = createConfigMap(null, null);
       basicAuthPlugin.init(config);
     }
   }

   public void testBasicAuthDeleteFinalUser() throws IOException {
     try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
       Map<String, Object> config = createConfigMap("solr", "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=");
       basicAuthPlugin.init(config);
       assertTrue(basicAuthPlugin.authenticate("solr", "SolrRocks"));

       CommandOperation deleteUser = new CommandOperation("delete-user", "solr");
       assertFalse(deleteUser.hasError());
       basicAuthPlugin.edit(config, Arrays.asList(deleteUser));
       assertTrue(deleteUser.hasError());
       assertTrue(deleteUser.getErrors().contains(Sha256AuthenticationProvider.CANNOT_DELETE_LAST_USER_ERROR));
     }
   }

   private Map<String, Object> createConfigMap(String user, String pw) {
     Map<String, Object> config = new HashMap<>();
     Map<String, String> credentials = new HashMap<>();
     if (user != null) {
       credentials.put(user, pw);
     }
     config.put("credentials", credentials);
     return config;
   }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.solr.security;

	import java.io.IOException;
	import java.util.Arrays;
	import java.util.Collections;
	import java.util.HashMap;
	import java.util.Map;

	import org.apache.solr.SolrTestCaseJ4;
	import org.apache.solr.common.util.CommandOperation;
	import org.junit.Test;

	import static java.util.Collections.singletonMap;

	public class TestSha256AuthenticationProvider extends SolrTestCaseJ4 {
	public void testAuthenticate(){
	Sha256AuthenticationProvider zkAuthenticationProvider = new Sha256AuthenticationProvider();
	zkAuthenticationProvider.init(createConfigMap("ignore", "me"));

	String pwd = "Friendly";
	String user = "marcus";
	@SuppressWarnings({"rawtypes"})
	Map latestConf = createConfigMap(user, pwd);
	Map<String, Object> params = singletonMap(user, pwd);
	@SuppressWarnings({"unchecked"})
	Map<String, Object> result = zkAuthenticationProvider.edit(latestConf,
	Collections.singletonList(new CommandOperation("set-user",params )));
	zkAuthenticationProvider = new Sha256AuthenticationProvider();
	zkAuthenticationProvider.init(result);

	assertTrue(zkAuthenticationProvider.authenticate(user, pwd));
	assertFalse(zkAuthenticationProvider.authenticate(user, "WrongPassword"));
	assertFalse(zkAuthenticationProvider.authenticate("unknownuser", "WrongPassword"));

	}

	@SuppressWarnings({"unchecked"})
	public void testBasicAuthCommands() throws IOException {
	try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
	basicAuthPlugin.init(createConfigMap("ignore", "me"));

	@SuppressWarnings({"rawtypes"})
	Map latestConf = createConfigMap("solr", "SolrRocks");

	CommandOperation blockUnknown = new CommandOperation("set-property", singletonMap("blockUnknown", true));
	basicAuthPlugin.edit(latestConf, Collections.singletonList(blockUnknown));
	assertEquals(Boolean.TRUE, latestConf.get("blockUnknown"));
	basicAuthPlugin.init(latestConf);
	assertTrue(basicAuthPlugin.getBlockUnknown());
	blockUnknown = new CommandOperation("set-property", singletonMap("blockUnknown", false));
	basicAuthPlugin.edit(latestConf, Collections.singletonList(blockUnknown));
	assertEquals(Boolean.FALSE, latestConf.get("blockUnknown"));
	basicAuthPlugin.init(latestConf);
	assertFalse(basicAuthPlugin.getBlockUnknown());
	}
	}

	public void testBasicAuthWithCredentials() throws IOException {
	try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
	Map<String, Object> config = createConfigMap("solr", "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=");
	basicAuthPlugin.init(config);
	assertTrue(basicAuthPlugin.authenticate("solr", "SolrRocks"));
	}
	}

	@Test(expected = IllegalStateException.class)
	public void testBasicAuthUserNotFound() throws IOException {
	try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
	Map<String, Object> config = createConfigMap(null, null);
	basicAuthPlugin.init(config);
	}
	}

	public void testBasicAuthDeleteFinalUser() throws IOException {
	try (BasicAuthPlugin basicAuthPlugin = new BasicAuthPlugin()) {
	Map<String, Object> config = createConfigMap("solr", "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=");
	basicAuthPlugin.init(config);
	assertTrue(basicAuthPlugin.authenticate("solr", "SolrRocks"));

	CommandOperation deleteUser = new CommandOperation("delete-user", "solr");
	assertFalse(deleteUser.hasError());
	basicAuthPlugin.edit(config, Arrays.asList(deleteUser));
	assertTrue(deleteUser.hasError());
	assertTrue(deleteUser.getErrors().contains(Sha256AuthenticationProvider.CANNOT_DELETE_LAST_USER_ERROR));
	}
	}

	private Map<String, Object> createConfigMap(String user, String pw) {
	Map<String, Object> config = new HashMap<>();
	Map<String, String> credentials = new HashMap<>();
	if (user != null) {
	credentials.put(user, pw);
	}
	config.put("credentials", credentials);
	return config;
	}

	}