This is an automated email from the ASF dual-hosted git repository. liubao pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/servicecomb-java-chassis.git
commit afddef34770073169acd77ad57bba7019ac8292f Author: liubao <[email protected]> AuthorDate: Sun Sep 24 17:36:38 2023 +0800 [SCB-2008]change DynamicPropertyFactory to Environment: in public key --- .../org/apache/servicecomb/config/ConfigUtil.java | 19 +++ .../AuthenticationConfiguration.java | 7 + .../authentication/provider/AccessController.java | 59 ++++--- .../provider/ProviderTokenManager.java | 7 +- .../authentication/TestAccessController.java | 184 ++++++++++++++++----- .../provider/TestProviderTokenManager.java | 14 ++ 6 files changed, 228 insertions(+), 62 deletions(-) diff --git a/foundations/foundation-config/src/main/java/org/apache/servicecomb/config/ConfigUtil.java b/foundations/foundation-config/src/main/java/org/apache/servicecomb/config/ConfigUtil.java index 3c52615a7..c9c3908fd 100644 --- a/foundations/foundation-config/src/main/java/org/apache/servicecomb/config/ConfigUtil.java +++ b/foundations/foundation-config/src/main/java/org/apache/servicecomb/config/ConfigUtil.java @@ -20,11 +20,13 @@ package org.apache.servicecomb.config; import static org.apache.servicecomb.foundation.common.base.ServiceCombConstants.CONFIG_KEY_SPLITER; import java.util.HashMap; +import java.util.HashSet; import java.util.Iterator; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.Objects; +import java.util.Set; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.CopyOnWriteArraySet; import java.util.stream.Collectors; @@ -49,6 +51,9 @@ import org.apache.servicecomb.foundation.common.event.EventManager; import org.apache.servicecomb.foundation.common.utils.SPIServiceUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.EnumerablePropertySource; +import org.springframework.core.env.PropertySource; import com.netflix.config.ConcurrentCompositeConfiguration; import com.netflix.config.ConcurrentMapConfiguration; @@ -283,4 +288,18 @@ public final class ConfigUtil { throw new IllegalStateException(e); } } + + public static Set<String> propertiesWithPrefix(ConfigurableEnvironment environment, String prefix) { + Set<String> result = new HashSet<>(); + for (PropertySource<?> propertySource : environment.getPropertySources()) { + if (propertySource instanceof EnumerablePropertySource) { + for (String key : ((EnumerablePropertySource<?>) propertySource).getPropertyNames()) { + if (key.startsWith(prefix)) { + result.add(key); + } + } + } + } + return result; + } } diff --git a/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java b/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java index 0029e0239..172a640a8 100644 --- a/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java +++ b/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/AuthenticationConfiguration.java @@ -18,11 +18,13 @@ package org.apache.servicecomb.authentication; import org.apache.servicecomb.authentication.consumer.ConsumerAuthFilter; import org.apache.servicecomb.authentication.consumer.ConsumerTokenManager; +import org.apache.servicecomb.authentication.provider.AccessController; import org.apache.servicecomb.authentication.provider.ProviderAuthFilter; import org.apache.servicecomb.authentication.provider.ProviderTokenManager; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.core.env.Environment; @Configuration @ConditionalOnProperty(value = AuthenticationConfiguration.ACCESS_CONTROL_ENABLED, @@ -56,4 +58,9 @@ public class AuthenticationConfiguration { public ProviderTokenManager providerTokenManager() { return new ProviderTokenManager(); } + + @Bean + public AccessController accessController(Environment environment) { + return new AccessController(environment); + } } diff --git a/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/AccessController.java b/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/AccessController.java index 4315ba0db..07edae566 100644 --- a/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/AccessController.java +++ b/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/AccessController.java @@ -17,17 +17,21 @@ package org.apache.servicecomb.authentication.provider; import java.util.HashMap; -import java.util.Iterator; import java.util.Map; import java.util.Map.Entry; +import java.util.Set; import org.apache.commons.lang3.StringUtils; +import org.apache.servicecomb.config.ConfigUtil; +import org.apache.servicecomb.config.ConfigurationChangedEvent; +import org.apache.servicecomb.foundation.common.event.EventManager; import org.apache.servicecomb.registry.api.DiscoveryInstance; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.Environment; -import com.netflix.config.ConcurrentCompositeConfiguration; -import com.netflix.config.DynamicPropertyFactory; +import com.google.common.eventbus.Subscribe; /** * Add black / white list control to service access @@ -55,13 +59,17 @@ public class AccessController { private static final String KEY_RULE_POSTFIX = ".rule"; + private final Environment environment; + private Map<String, ConfigurationItem> whiteList = new HashMap<>(); private Map<String, ConfigurationItem> blackList = new HashMap<>(); - public AccessController() { + public AccessController(Environment environment) { + this.environment = environment; loadConfigurations(KEY_BLACK_LIST_PREFIX); loadConfigurations(KEY_WHITE_LIST_PREFIX); + EventManager.register(this); } public boolean isAllowed(DiscoveryInstance microservice) { @@ -128,40 +136,45 @@ public class AccessController { return value.equals(pattern); } - private void loadConfigurations(String prefix) { - ConcurrentCompositeConfiguration config = (ConcurrentCompositeConfiguration) DynamicPropertyFactory - .getBackingConfigurationSource(); - loadConfigurations(config, prefix); - config.addConfigurationListener(event -> { - if (event.getPropertyName().startsWith(prefix)) { - LOG.info("Access rule have been changed. Reload configurations. Event=" + event.getType()); - loadConfigurations(config, prefix); + @Subscribe + public void onConfigurationChangedEvent(ConfigurationChangedEvent event) { + Map<String, Object> changed = new HashMap<>(); + changed.putAll(event.getDeleted()); + changed.putAll(event.getAdded()); + changed.putAll(event.getUpdated()); + + for (Entry<String, Object> entry : changed.entrySet()) { + if (entry.getKey().startsWith(KEY_WHITE_LIST_PREFIX)) { + loadConfigurations(KEY_WHITE_LIST_PREFIX); + break; + } + } + for (Entry<String, Object> entry : changed.entrySet()) { + if (entry.getKey().startsWith(KEY_BLACK_LIST_PREFIX)) { + loadConfigurations(KEY_BLACK_LIST_PREFIX); + break; } - }); + } } - private void loadConfigurations(ConcurrentCompositeConfiguration config, String prefix) { + private void loadConfigurations(String prefix) { Map<String, ConfigurationItem> configurations = new HashMap<>(); - Iterator<String> configsItems = config.getKeys(prefix); - while (configsItems.hasNext()) { - String pathKey = configsItems.next(); + Set<String> configsItems = ConfigUtil.propertiesWithPrefix((ConfigurableEnvironment) environment, prefix); + for (String pathKey : configsItems) { if (pathKey.endsWith(KEY_RULE_POSTFIX)) { ConfigurationItem configurationItem = new ConfigurationItem(); - String rule = DynamicPropertyFactory.getInstance() - .getStringProperty(pathKey, null).get(); + String rule = environment.getProperty(pathKey); if (StringUtils.isEmpty(rule)) { continue; } configurationItem.rule = rule; String pathKeyItem = pathKey .substring(prefix.length() + 1, pathKey.length() - KEY_RULE_POSTFIX.length()); - configurationItem.propertyName = DynamicPropertyFactory.getInstance() - .getStringProperty(String.format(KEY_PROPERTY_NAME, prefix, pathKeyItem), null).get(); + configurationItem.propertyName = environment.getProperty(String.format(KEY_PROPERTY_NAME, prefix, pathKeyItem)); if (StringUtils.isEmpty(configurationItem.propertyName)) { continue; } - configurationItem.category = DynamicPropertyFactory.getInstance() - .getStringProperty(String.format(KEY_CATEGORY, prefix, pathKeyItem), null).get(); + configurationItem.category = environment.getProperty(String.format(KEY_CATEGORY, prefix, pathKeyItem)); if (StringUtils.isEmpty(configurationItem.category)) { continue; } diff --git a/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderTokenManager.java b/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderTokenManager.java index 0fb40ebad..ebedacb7b 100644 --- a/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderTokenManager.java +++ b/handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderTokenManager.java @@ -43,7 +43,7 @@ public class ProviderTokenManager { .expireAfterAccess(getExpiredTime(), TimeUnit.MILLISECONDS) .build(); - private final AccessController accessController = new AccessController(); + private AccessController accessController; private MicroserviceInstanceCache microserviceInstanceCache; @@ -52,6 +52,11 @@ public class ProviderTokenManager { this.microserviceInstanceCache = microserviceInstanceCache; } + @Autowired + public void setAccessController(AccessController accessController) { + this.accessController = accessController; + } + public boolean valid(String token) { try { RSAAuthenticationToken rsaToken = RSAAuthenticationToken.fromStr(token); diff --git a/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/TestAccessController.java b/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/TestAccessController.java index cb2124ae1..ad4b47326 100644 --- a/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/TestAccessController.java +++ b/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/TestAccessController.java @@ -20,25 +20,46 @@ import java.util.HashMap; import java.util.Map; import org.apache.servicecomb.authentication.provider.AccessController; +import org.apache.servicecomb.config.ConfigurationChangedEvent; import org.apache.servicecomb.foundation.test.scaffolding.config.ArchaiusUtils; import org.apache.servicecomb.registry.api.DiscoveryInstance; -import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.mockito.Mockito; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.EnumerablePropertySource; +import org.springframework.core.env.MutablePropertySources; public class TestAccessController { - @AfterEach + ConfigurableEnvironment environment; + + EnumerablePropertySource<?> propertySource; + + @BeforeEach public void tearDown() { - ArchaiusUtils.resetConfig(); + environment = Mockito.mock(ConfigurableEnvironment.class); + propertySource = Mockito.mock(EnumerablePropertySource.class); } @Test public void testIsValidOfWhiteByServiceName() { - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.propertyName", "serviceName"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.rule", "trust*"); - AccessController controller = new AccessController(); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + mutablePropertySources.addLast(propertySource); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + Mockito.when(propertySource.getPropertyNames()).thenReturn(new String[] { + "servicecomb.publicKey.accessControl.white.list1.propertyName", + "servicecomb.publicKey.accessControl.white.list1.category", + "servicecomb.publicKey.accessControl.white.list1.rule" + }); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.propertyName")) + .thenReturn("serviceName"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.rule")) + .thenReturn("trust*"); + + AccessController controller = new AccessController(environment); DiscoveryInstance service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("trustCustomer"); Assertions.assertTrue(controller.isAllowed(service)); @@ -47,7 +68,11 @@ public class TestAccessController { Mockito.when(service.getServiceName()).thenReturn("nottrustCustomer"); Assertions.assertFalse(controller.isAllowed(service)); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.rule", "*trust"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.rule")) + .thenReturn("*trust"); + Map<String, Object> latest = new HashMap<>(); + latest.put("servicecomb.publicKey.accessControl.white.list1.rule", "*trust"); + controller.onConfigurationChangedEvent(ConfigurationChangedEvent.createIncremental(latest, new HashMap<>())); service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("Customer_trust"); Assertions.assertTrue(controller.isAllowed(service)); @@ -56,7 +81,11 @@ public class TestAccessController { Mockito.when(service.getServiceName()).thenReturn("Customer_trust_not"); Assertions.assertFalse(controller.isAllowed(service)); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.rule", "trust"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.rule")) + .thenReturn("trust"); + latest.put("servicecomb.publicKey.accessControl.white.list1.rule", "trust"); + controller.onConfigurationChangedEvent(ConfigurationChangedEvent.createIncremental(latest, new HashMap<>())); + service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("trust"); Assertions.assertTrue(controller.isAllowed(service)); @@ -68,10 +97,22 @@ public class TestAccessController { @Test public void testIsValidOfBlackByServiceName() { - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.propertyName", "serviceName"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.rule", "trust*"); - AccessController controller = new AccessController(); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + mutablePropertySources.addLast(propertySource); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + Mockito.when(propertySource.getPropertyNames()).thenReturn(new String[] { + "servicecomb.publicKey.accessControl.black.list1.propertyName", + "servicecomb.publicKey.accessControl.black.list1.category", + "servicecomb.publicKey.accessControl.black.list1.rule" + }); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.propertyName")) + .thenReturn("serviceName"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.rule")) + .thenReturn("trust*"); + + AccessController controller = new AccessController(environment); DiscoveryInstance service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("trustCustomer"); @@ -81,7 +122,11 @@ public class TestAccessController { Mockito.when(service.getServiceName()).thenReturn("nottrustCustomer"); Assertions.assertTrue(controller.isAllowed(service)); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.rule", "*trust"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.rule")) + .thenReturn("*trust"); + Map<String, Object> latest = new HashMap<>(); + latest.put("servicecomb.publicKey.accessControl.black.list1.rule", "*trust"); + controller.onConfigurationChangedEvent(ConfigurationChangedEvent.createIncremental(latest, new HashMap<>())); service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("Customer_trust"); Assertions.assertFalse(controller.isAllowed(service)); @@ -91,6 +136,11 @@ public class TestAccessController { Assertions.assertTrue(controller.isAllowed(service)); ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.rule", "trust"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.rule")) + .thenReturn("trust"); + latest = new HashMap<>(); + latest.put("servicecomb.publicKey.accessControl.black.list1.rule", "trust"); + controller.onConfigurationChangedEvent(ConfigurationChangedEvent.createIncremental(latest, new HashMap<>())); service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("trust"); Assertions.assertFalse(controller.isAllowed(service)); @@ -102,14 +152,31 @@ public class TestAccessController { @Test public void testIsValidOfBlackAndWhiteByServiceName() { - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.propertyName", "serviceName"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.rule", "trust*"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.propertyName", "serviceName"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.rule", "*hacker"); - - AccessController controller = new AccessController(); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + mutablePropertySources.addLast(propertySource); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + Mockito.when(propertySource.getPropertyNames()).thenReturn(new String[] { + "servicecomb.publicKey.accessControl.black.list1.propertyName", + "servicecomb.publicKey.accessControl.black.list1.category", + "servicecomb.publicKey.accessControl.black.list1.rule", + "servicecomb.publicKey.accessControl.white.list1.propertyName", + "servicecomb.publicKey.accessControl.white.list1.category", + "servicecomb.publicKey.accessControl.white.list1.rule" + }); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.propertyName")) + .thenReturn("serviceName"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.rule")) + .thenReturn("trust*"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.propertyName")) + .thenReturn("serviceName"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.rule")) + .thenReturn("*hacker"); + + AccessController controller = new AccessController(environment); DiscoveryInstance service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("trustCustomer"); Assertions.assertTrue(controller.isAllowed(service)); @@ -121,10 +188,22 @@ public class TestAccessController { @Test public void testIsValidOfBlackByProperties() { - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.propertyName", "tag"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.rule", "test"); - AccessController controller = new AccessController(); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + mutablePropertySources.addLast(propertySource); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + Mockito.when(propertySource.getPropertyNames()).thenReturn(new String[] { + "servicecomb.publicKey.accessControl.black.list1.propertyName", + "servicecomb.publicKey.accessControl.black.list1.category", + "servicecomb.publicKey.accessControl.black.list1.rule", + }); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.propertyName")) + .thenReturn("tag"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.rule")) + .thenReturn("test"); + + AccessController controller = new AccessController(environment); DiscoveryInstance service = Mockito.mock(DiscoveryInstance.class); Map<String, String> map = new HashMap<>(); map.put("tag", "test"); @@ -139,10 +218,22 @@ public class TestAccessController { @Test public void testIsValidOfWhiteByProperties() { - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.propertyName", "tag"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.rule", "test"); - AccessController controller = new AccessController(); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + mutablePropertySources.addLast(propertySource); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + Mockito.when(propertySource.getPropertyNames()).thenReturn(new String[] { + "servicecomb.publicKey.accessControl.white.list1.propertyName", + "servicecomb.publicKey.accessControl.white.list1.category", + "servicecomb.publicKey.accessControl.white.list1.rule", + }); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.propertyName")) + .thenReturn("tag"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.rule")) + .thenReturn("test"); + + AccessController controller = new AccessController(environment); DiscoveryInstance service = Mockito.mock(DiscoveryInstance.class); Map<String, String> map = new HashMap<>(); map.put("tag", "test"); @@ -156,14 +247,31 @@ public class TestAccessController { @Test public void testIsValidOfBlackAndWhiteByServiceNameAndVersion() { - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.propertyName", "serviceName"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.white.list1.rule", "trust*"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.propertyName", "version"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.category", "property"); - ArchaiusUtils.setProperty("servicecomb.publicKey.accessControl.black.list1.rule", "0.0.1"); - - AccessController controller = new AccessController(); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + mutablePropertySources.addLast(propertySource); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + Mockito.when(propertySource.getPropertyNames()).thenReturn(new String[] { + "servicecomb.publicKey.accessControl.black.list1.propertyName", + "servicecomb.publicKey.accessControl.black.list1.category", + "servicecomb.publicKey.accessControl.black.list1.rule", + "servicecomb.publicKey.accessControl.white.list1.propertyName", + "servicecomb.publicKey.accessControl.white.list1.category", + "servicecomb.publicKey.accessControl.white.list1.rule" + }); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.propertyName")) + .thenReturn("serviceName"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.white.list1.rule")) + .thenReturn("trust*"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.propertyName")) + .thenReturn("version"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.category")) + .thenReturn("property"); + Mockito.when(environment.getProperty("servicecomb.publicKey.accessControl.black.list1.rule")) + .thenReturn("0.0.1"); + + AccessController controller = new AccessController(environment); DiscoveryInstance service = Mockito.mock(DiscoveryInstance.class); Mockito.when(service.getServiceName()).thenReturn("trustCustomer"); Mockito.when(service.getVersion()).thenReturn("0.0.1"); diff --git a/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/provider/TestProviderTokenManager.java b/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/provider/TestProviderTokenManager.java index f50023ac9..4e584c7ca 100644 --- a/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/provider/TestProviderTokenManager.java +++ b/handlers/handler-publickey-auth/src/test/java/org/apache/servicecomb/authentication/provider/TestProviderTokenManager.java @@ -17,6 +17,7 @@ package org.apache.servicecomb.authentication.provider; import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.endsWith; import java.util.HashMap; import java.util.Map; @@ -38,6 +39,9 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.mockito.MockedStatic; import org.mockito.Mockito; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.Environment; +import org.springframework.core.env.MutablePropertySources; import com.google.common.cache.Cache; @@ -80,6 +84,10 @@ public class TestProviderTokenManager { return 500; } }); + ConfigurableEnvironment environment = Mockito.mock(ConfigurableEnvironment.class); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + tokenManager.setAccessController(new AccessController(environment)); MicroserviceInstanceCache microserviceInstanceCache = Mockito.mock(MicroserviceInstanceCache.class); DiscoveryInstance microserviceInstance = Mockito.mock(DiscoveryInstance.class); Mockito.when(microserviceInstance.getInstanceId()).thenReturn(""); @@ -113,6 +121,7 @@ public class TestProviderTokenManager { String serviceId = "test"; String instanceId = "test"; ConsumerTokenManager consumerTokenManager = new ConsumerTokenManager(); + MicroserviceProperties microserviceProperties = Mockito.mock(MicroserviceProperties.class); Mockito.when(microserviceProperties.getName()).thenReturn("test"); Mockito.when(microserviceProperties.getApplication()).thenReturn("test"); @@ -130,6 +139,11 @@ public class TestProviderTokenManager { // use cache token Assertions.assertEquals(token, consumerTokenManager.getToken()); ProviderTokenManager rsaProviderTokenManager = new ProviderTokenManager(); + ConfigurableEnvironment environment = Mockito.mock(ConfigurableEnvironment.class); + MutablePropertySources mutablePropertySources = new MutablePropertySources(); + Mockito.when(environment.getPropertySources()).thenReturn(mutablePropertySources); + rsaProviderTokenManager.setAccessController(new AccessController(environment)); + rsaProviderTokenManager.setMicroserviceInstanceCache(microserviceInstanceCache); //first validate need to verify use RSA Assertions.assertTrue(rsaProviderTokenManager.valid(token));
