nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/groovy/org/apache/nifi/web/security/spring/LoginIdentityProviderFactoryBeanTest.groovy - nifi - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.nifi.web.security.spring

 import org.apache.nifi.authentication.generated.Property
 import org.apache.nifi.authentication.generated.Provider
 import org.bouncycastle.jce.provider.BouncyCastleProvider
 import org.junit.Before
 import org.junit.BeforeClass
 import org.junit.Test
 import org.junit.runner.RunWith
 import org.junit.runners.JUnit4
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory

 import javax.crypto.Cipher
 import java.security.Security

 @RunWith(JUnit4.class)
 class LoginIdentityProviderFactoryBeanTest extends GroovyTestCase {
     private static final Logger logger = LoggerFactory.getLogger(LoginIdentityProviderFactoryBeanTest.class)

     // These blocks configure the constant values depending on JCE policies of the machine running the tests
     private static final String KEY_HEX_128 = "0123456789ABCDEFFEDCBA9876543210"
     private static final String KEY_HEX_256 = KEY_HEX_128 * 2
     public static final String KEY_HEX = isUnlimitedStrengthCryptoAvailable() ? KEY_HEX_256 : KEY_HEX_128

     private static final String CIPHER_TEXT_128 = "6pqdM1urBEPHtj+L||ds0Z7RpqOA2321c/+7iPMfxDrqmH5Qx6UwQG0eIYB//3Ng"
     private static final String CIPHER_TEXT_256 = "TepMCD7v3LAMF0KX||ydSRWPRl1/JXgTsZtfzCnDXu7a0lTLysjPL2I06EPUCHzw"
     public static final String CIPHER_TEXT = isUnlimitedStrengthCryptoAvailable() ? CIPHER_TEXT_256 : CIPHER_TEXT_128

     private static final String ENCRYPTION_SCHEME_128 = "aes/gcm/128"
     private static final String ENCRYPTION_SCHEME_256 = "aes/gcm/256"
     public static
     final String ENCRYPTION_SCHEME = isUnlimitedStrengthCryptoAvailable() ? ENCRYPTION_SCHEME_256 : ENCRYPTION_SCHEME_128

     private static final String PASSWORD = "thisIsABadPassword"

     private LoginIdentityProviderFactoryBean bean

     @BeforeClass
     static void setUpOnce() throws Exception {
         Security.addProvider(new BouncyCastleProvider())

         logger.metaClass.methodMissing = { String name, args ->
             logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
         }
     }

     @Before
     void setUp() {
         bean = new LoginIdentityProviderFactoryBean()
         bean.configureSensitivePropertyProviderFactory(KEY_HEX, null)
     }

     private static boolean isUnlimitedStrengthCryptoAvailable() {
         Cipher.getMaxAllowedKeyLength("AES") > 128
     }

     @Test
     void testShouldDecryptValue() {
         // Arrange
         logger.info("Encryption scheme: ${ENCRYPTION_SCHEME}")
         logger.info("Cipher text: ${CIPHER_TEXT}")

         // Act
         String decrypted = bean.decryptValue(CIPHER_TEXT, ENCRYPTION_SCHEME, "propertyName", "ldap-provider")
         logger.info("Decrypted ${CIPHER_TEXT} -> ${decrypted}")

         // Assert
         assert decrypted == PASSWORD
     }

     @Test
     void testShouldLoadEncryptedLoginIdentityProviderConfiguration() {
         // Arrange
         Provider encryptedProvider = new Provider()
         encryptedProvider.identifier ="ldap-provider"
         encryptedProvider.clazz = "org.apache.nifi.ldap.LdapProvider"
         def managerPasswordName = "Manager Password"
         Property managerPasswordProperty = new Property(name: managerPasswordName, value: CIPHER_TEXT, encryption: ENCRYPTION_SCHEME)
         encryptedProvider.property = [managerPasswordProperty]

         logger.info("Manager Password property: ${managerPasswordProperty.dump()}")

         // Act
         def context = bean.loadLoginIdentityProviderConfiguration(encryptedProvider)
         logger.info("Loaded context: ${context.dump()}")

         // Assert
         assert context.getProperty(managerPasswordName) == PASSWORD
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.nifi.web.security.spring

	import org.apache.nifi.authentication.generated.Property
	import org.apache.nifi.authentication.generated.Provider
	import org.bouncycastle.jce.provider.BouncyCastleProvider
	import org.junit.Before
	import org.junit.BeforeClass
	import org.junit.Test
	import org.junit.runner.RunWith
	import org.junit.runners.JUnit4
	import org.slf4j.Logger
	import org.slf4j.LoggerFactory

	import javax.crypto.Cipher
	import java.security.Security

	@RunWith(JUnit4.class)
	class LoginIdentityProviderFactoryBeanTest extends GroovyTestCase {
	private static final Logger logger = LoggerFactory.getLogger(LoginIdentityProviderFactoryBeanTest.class)

	// These blocks configure the constant values depending on JCE policies of the machine running the tests
	private static final String KEY_HEX_128 = "0123456789ABCDEFFEDCBA9876543210"
	private static final String KEY_HEX_256 = KEY_HEX_128 * 2
	public static final String KEY_HEX = isUnlimitedStrengthCryptoAvailable() ? KEY_HEX_256 : KEY_HEX_128

	private static final String CIPHER_TEXT_128 = "6pqdM1urBEPHtj+L\|\|ds0Z7RpqOA2321c/+7iPMfxDrqmH5Qx6UwQG0eIYB//3Ng"
	private static final String CIPHER_TEXT_256 = "TepMCD7v3LAMF0KX\|\|ydSRWPRl1/JXgTsZtfzCnDXu7a0lTLysjPL2I06EPUCHzw"
	public static final String CIPHER_TEXT = isUnlimitedStrengthCryptoAvailable() ? CIPHER_TEXT_256 : CIPHER_TEXT_128

	private static final String ENCRYPTION_SCHEME_128 = "aes/gcm/128"
	private static final String ENCRYPTION_SCHEME_256 = "aes/gcm/256"
	public static
	final String ENCRYPTION_SCHEME = isUnlimitedStrengthCryptoAvailable() ? ENCRYPTION_SCHEME_256 : ENCRYPTION_SCHEME_128

	private static final String PASSWORD = "thisIsABadPassword"

	private LoginIdentityProviderFactoryBean bean

	@BeforeClass
	static void setUpOnce() throws Exception {
	Security.addProvider(new BouncyCastleProvider())

	logger.metaClass.methodMissing = { String name, args ->
	logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
	}
	}

	@Before
	void setUp() {
	bean = new LoginIdentityProviderFactoryBean()
	bean.configureSensitivePropertyProviderFactory(KEY_HEX, null)
	}

	private static boolean isUnlimitedStrengthCryptoAvailable() {
	Cipher.getMaxAllowedKeyLength("AES") > 128
	}

	@Test
	void testShouldDecryptValue() {
	// Arrange
	logger.info("Encryption scheme: ${ENCRYPTION_SCHEME}")
	logger.info("Cipher text: ${CIPHER_TEXT}")

	// Act
	String decrypted = bean.decryptValue(CIPHER_TEXT, ENCRYPTION_SCHEME, "propertyName", "ldap-provider")
	logger.info("Decrypted ${CIPHER_TEXT} -> ${decrypted}")

	// Assert
	assert decrypted == PASSWORD
	}

	@Test
	void testShouldLoadEncryptedLoginIdentityProviderConfiguration() {
	// Arrange
	Provider encryptedProvider = new Provider()
	encryptedProvider.identifier ="ldap-provider"
	encryptedProvider.clazz = "org.apache.nifi.ldap.LdapProvider"
	def managerPasswordName = "Manager Password"
	Property managerPasswordProperty = new Property(name: managerPasswordName, value: CIPHER_TEXT, encryption: ENCRYPTION_SCHEME)
	encryptedProvider.property = [managerPasswordProperty]

	logger.info("Manager Password property: ${managerPasswordProperty.dump()}")

	// Act
	def context = bean.loadLoginIdentityProviderConfiguration(encryptedProvider)
	logger.info("Loaded context: ${context.dump()}")

	// Assert
	assert context.getProperty(managerPasswordName) == PASSWORD
	}
	}