Extract common code in test
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/0853a353 Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/0853a353 Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/0853a353 Branch: refs/heads/model_features Commit: 0853a353afa4c8eabad38327e3943b1543fd4c0a Parents: 3b72701 Author: Christian Schneider <ch...@die-schneider.net> Authored: Wed Aug 16 13:41:17 2017 +0200 Committer: Christian Schneider <ch...@die-schneider.net> Committed: Wed Aug 16 13:41:17 2017 +0200 ---------------------------------------------------------------------- .../jaas/modules/krb5/KarafKerberosITest.java | 51 ++++++++++ .../jaas/modules/krb5/Krb5LoginModuleTest.java | 102 +++---------------- .../modules/ldap/GSSAPILdapLoginModuleTest.java | 29 +----- 3 files changed, 66 insertions(+), 116 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/karaf/blob/0853a353/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java ---------------------------------------------------------------------- diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java new file mode 100644 index 0000000..0b57930 --- /dev/null +++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java @@ -0,0 +1,51 @@ +/* + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * under the License. + */ +package org.apache.karaf.jaas.modules.krb5; + +import java.io.File; +import java.io.IOException; +import java.io.PrintStream; + +import org.apache.directory.api.util.Strings; +import org.apache.directory.server.kerberos.kdc.AbstractKerberosITest; +import org.apache.directory.shared.kerberos.codec.types.EncryptionType; +import org.apache.directory.shared.kerberos.crypto.checksum.ChecksumType; + +public class KarafKerberosITest extends AbstractKerberosITest { + + protected String createKrb5Conf(ChecksumType checksumType, EncryptionType encryptionType, boolean isTcp) throws IOException { + File file = folder.newFile("krb5.conf"); + PrintStream out = new PrintStream(file); + out.println("[libdefaults]"); + out.println("default_realm = " + REALM); + out.println("default_tkt_enctypes = " + encryptionType.getName()); + out.println("default_tgs_enctypes = " + encryptionType.getName()); + out.println("permitted_enctypes = " + encryptionType.getName()); + out.println("default-checksum_type = " + checksumType.getName()); + if (isTcp) { + out.println("udp_preference_limit = 1"); + } + out.println("[realms]"); + out.println(REALM + " = {"); + out.println("kdc = " + HOSTNAME + ":" + kdcServer.getTransports()[0].getPort()); + out.println("}"); + out.println("[domain_realm]"); + out.println("." + Strings.lowerCaseAscii(REALM) + " = " + REALM); + out.println(Strings.lowerCaseAscii(REALM) + " = " + REALM); + out.close(); + return file.getAbsolutePath(); + } + +} http://git-wip-us.apache.org/repos/asf/karaf/blob/0853a353/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java ---------------------------------------------------------------------- diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java index e6caf7b..d88955d 100644 --- a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java +++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java @@ -16,13 +16,10 @@ */ package org.apache.karaf.jaas.modules.krb5; -import org.apache.commons.io.FileUtils; -import org.apache.commons.lang.SystemUtils; import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms; import org.apache.directory.api.ldap.model.entry.DefaultEntry; import org.apache.directory.api.ldap.model.entry.Entry; import org.apache.directory.api.ldap.model.exception.LdapException; -import org.apache.directory.api.util.Strings; import org.apache.directory.ldap.client.api.Krb5LoginConfiguration; import org.apache.directory.server.annotations.CreateKdcServer; import org.apache.directory.server.annotations.CreateLdapServer; @@ -35,7 +32,6 @@ import org.apache.directory.server.core.annotations.CreateIndex; import org.apache.directory.server.core.annotations.CreatePartition; import org.apache.directory.server.core.integ.FrameworkRunner; import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor; -import org.apache.directory.server.kerberos.kdc.AbstractKerberosITest; import org.apache.directory.server.kerberos.kdc.KerberosTestUtils; import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory; import org.apache.directory.server.kerberos.shared.keytab.Keytab; @@ -65,8 +61,6 @@ import javax.security.auth.kerberos.KerberosTicket; import javax.security.auth.login.Configuration; import javax.security.auth.login.LoginException; import java.io.File; -import java.io.IOException; -import java.security.Principal; import java.text.ParseException; import java.util.ArrayList; import java.util.Collections; @@ -75,8 +69,10 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import static org.apache.karaf.jaas.modules.PrincipalHelper.names; +import static org.hamcrest.Matchers.containsInAnyOrder; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertThat; @RunWith(FrameworkRunner.class) @CreateDS(name = "Krb5LoginModuleTest-class", @@ -130,8 +126,7 @@ import static org.junit.Assert.assertTrue; "objectClass: organizationalUnit", "ou: users" }) -public class Krb5LoginModuleTest extends AbstractKerberosITest { - +public class Krb5LoginModuleTest extends KarafKerberosITest { @Before public void setUp() throws Exception { @@ -155,7 +150,6 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest { @Test public void testKeytabSuccess() throws Exception { - Map<String, Object> props = new HashMap<>(); props.put("debug", "true"); props.put("useKeyTab", "true"); @@ -164,11 +158,9 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest { props.put("doNotPrompt", "true"); props.put("storeKey", "true"); props.put("detailed.login.exception", "true"); - - Subject subject = new Subject(); - Krb5LoginModule module = new Krb5LoginModule(); + module.initialize(subject, null, null, props); assertEquals("Precondition", 0, subject.getPrincipals().size()); @@ -177,27 +169,11 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest { Assert.assertTrue(module.commit()); assertEquals(1, subject.getPrincipals().size()); + assertThat(names(subject.getPrincipals(KerberosPrincipal.class)), containsInAnyOrder("hnel...@example.com")); - boolean foundUser = false; - for (Principal pr : subject.getPrincipals()) { - if (pr instanceof KerberosPrincipal) { - assertEquals("hnel...@example.com", pr.getName()); - foundUser = true; - break; - } - } - assertTrue(foundUser); - - boolean foundToken = false; - for (Object crd : subject.getPrivateCredentials()) { - if (crd instanceof KerberosTicket) { - assertEquals("hnel...@example.com", ((KerberosTicket) crd).getClient().getName()); - assertEquals("krbtgt/example....@example.com", ((KerberosTicket) crd).getServer().getName()); - foundToken = true; - break; - } - } - assertTrue(foundToken); + KerberosTicket ticket = subject.getPrivateCredentials(KerberosTicket.class).iterator().next(); + assertEquals("hnel...@example.com", ticket.getClient().getName()); + assertEquals("krbtgt/example....@example.com", ticket.getServer().getName()); Assert.assertTrue(module.logout()); @@ -215,9 +191,7 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest { props.put("storeKey", "true"); props.put("detailed.login.exception", "true"); - Subject subject = new Subject(); - Krb5LoginModule module = new Krb5LoginModule(); module.initialize(subject, null, null, props); @@ -230,7 +204,6 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest { @Test public void testLoginSuccess() throws Exception { Subject subject = new Subject(); - Krb5LoginModule module = new Krb5LoginModule(); module.initialize(subject, new NamePasswordCallbackHandler("hnelson", "secret"), null, new HashMap<>()); @@ -240,27 +213,11 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest { Assert.assertTrue(module.commit()); assertEquals(1, subject.getPrincipals().size()); + assertThat(names(subject.getPrincipals(KerberosPrincipal.class)), containsInAnyOrder("hnel...@example.com")); - boolean foundUser = false; - for (Principal pr : subject.getPrincipals()) { - if (pr instanceof KerberosPrincipal) { - assertEquals("hnel...@example.com", pr.getName()); - foundUser = true; - break; - } - } - assertTrue(foundUser); - - boolean foundToken = false; - for (Object crd : subject.getPrivateCredentials()) { - if (crd instanceof KerberosTicket) { - assertEquals("hnel...@example.com", ((KerberosTicket) crd).getClient().getName()); - assertEquals("krbtgt/example....@example.com", ((KerberosTicket) crd).getServer().getName()); - foundToken = true; - break; - } - } - assertTrue(foundToken); + KerberosTicket ticket = subject.getPrivateCredentials(KerberosTicket.class).iterator().next(); + assertEquals("hnel...@example.com", ticket.getClient().getName()); + assertEquals("krbtgt/example....@example.com", ticket.getServer().getName()); Assert.assertTrue(module.logout()); @@ -328,39 +285,6 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest { conn.add(entry); } - private String createKrb5Conf(ChecksumType checksumType, EncryptionType encryptionType, boolean isTcp) throws IOException { - File file = folder.newFile("krb5.conf"); - - String data = ""; - - data += "[libdefaults]" + SystemUtils.LINE_SEPARATOR; - data += "default_realm = " + REALM + SystemUtils.LINE_SEPARATOR; - data += "default_tkt_enctypes = " + encryptionType.getName() + SystemUtils.LINE_SEPARATOR; - data += "default_tgs_enctypes = " + encryptionType.getName() + SystemUtils.LINE_SEPARATOR; - data += "permitted_enctypes = " + encryptionType.getName() + SystemUtils.LINE_SEPARATOR; - // data += "default_checksum = " + checksumType.getName() + SystemUtils.LINE_SEPARATOR; - // data += "ap_req_checksum_type = " + checksumType.getName() + SystemUtils.LINE_SEPARATOR; - data += "default-checksum_type = " + checksumType.getName() + SystemUtils.LINE_SEPARATOR; - - if (isTcp) { - data += "udp_preference_limit = 1" + SystemUtils.LINE_SEPARATOR; - } - - - data += "[realms]" + SystemUtils.LINE_SEPARATOR; - data += REALM + " = {" + SystemUtils.LINE_SEPARATOR; - data += "kdc = " + HOSTNAME + ":" + kdcServer.getTransports()[0].getPort() + SystemUtils.LINE_SEPARATOR; - data += "}" + SystemUtils.LINE_SEPARATOR; - - data += "[domain_realm]" + SystemUtils.LINE_SEPARATOR; - data += "." + Strings.lowerCaseAscii(REALM) + " = " + REALM + SystemUtils.LINE_SEPARATOR; - data += Strings.lowerCaseAscii(REALM) + " = " + REALM + SystemUtils.LINE_SEPARATOR; - - FileUtils.writeStringToFile(file, data); - - return file.getAbsolutePath(); - } - private KeytabEntry createKeytabEntry() throws ParseException { String principalName = "hnel...@example.com"; int principalType = 1; http://git-wip-us.apache.org/repos/asf/karaf/blob/0853a353/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java ---------------------------------------------------------------------- diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java index 11daa72..b664bc3 100644 --- a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java +++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java @@ -22,7 +22,6 @@ import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; -import java.io.PrintStream; import java.security.Principal; import java.util.Collections; @@ -36,7 +35,6 @@ import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms; import org.apache.directory.api.ldap.model.entry.DefaultEntry; import org.apache.directory.api.ldap.model.entry.Entry; import org.apache.directory.api.ldap.model.exception.LdapException; -import org.apache.directory.api.util.Strings; import org.apache.directory.server.annotations.CreateKdcServer; import org.apache.directory.server.annotations.CreateLdapServer; import org.apache.directory.server.annotations.CreateTransport; @@ -48,7 +46,6 @@ import org.apache.directory.server.core.annotations.CreateIndex; import org.apache.directory.server.core.annotations.CreatePartition; import org.apache.directory.server.core.integ.FrameworkRunner; import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor; -import org.apache.directory.server.kerberos.kdc.AbstractKerberosITest; import org.apache.directory.server.kerberos.kdc.KerberosTestUtils; import org.apache.directory.server.ldap.handlers.sasl.cramMD5.CramMd5MechanismHandler; import org.apache.directory.server.ldap.handlers.sasl.digestMD5.DigestMd5MechanismHandler; @@ -63,6 +60,7 @@ import org.apache.felix.utils.properties.Properties; import org.apache.karaf.jaas.boot.principal.RolePrincipal; import org.apache.karaf.jaas.boot.principal.UserPrincipal; import org.apache.karaf.jaas.modules.NamePasswordCallbackHandler; +import org.apache.karaf.jaas.modules.krb5.KarafKerberosITest; import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -131,7 +129,7 @@ import org.junit.runner.RunWith; "cn: admin", "member: uid=hnelson,ou=users,dc=example,dc=com" }) -public class GSSAPILdapLoginModuleTest extends AbstractKerberosITest { +public class GSSAPILdapLoginModuleTest extends KarafKerberosITest { private static boolean loginConfigUpdated; @@ -314,29 +312,6 @@ public class GSSAPILdapLoginModuleTest extends AbstractKerberosITest { "ldap", "randall", servicePrincipal); } - private String createKrb5Conf(ChecksumType checksumType, EncryptionType encryptionType, boolean isTcp) throws IOException { - File file = folder.newFile("krb5.conf"); - PrintStream out = new PrintStream(file); - out.println("[libdefaults]"); - out.println("default_realm = " + REALM); - out.println("default_tkt_enctypes = " + encryptionType.getName()); - out.println("default_tgs_enctypes = " + encryptionType.getName()); - out.println("permitted_enctypes = " + encryptionType.getName()); - out.println("default-checksum_type = " + checksumType.getName()); - if (isTcp) { - out.println("udp_preference_limit = 1"); - } - out.println("[realms]"); - out.println(REALM + " = {"); - out.println("kdc = " + HOSTNAME + ":" + kdcServer.getTransports()[0].getPort()); - out.println("}"); - out.println("[domain_realm]"); - out.println("." + Strings.lowerCaseAscii(REALM) + " = " + REALM); - out.println(Strings.lowerCaseAscii(REALM) + " = " + REALM); - out.close(); - return file.getAbsolutePath(); - } - private void createPrincipal(String rdn, String sn, String cn, String uid, String userPassword, String principalName) throws LdapException { Entry entry = new DefaultEntry();