Repository: knox Updated Branches: refs/heads/master 3fde508f2 -> fc1f085f3
KNOX-1680 - KnoxTokenCredentialCollector results in IndexOutOfBounds exception Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/fc1f085f Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/fc1f085f Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/fc1f085f Branch: refs/heads/master Commit: fc1f085f30d9bdb9ba75d640c487e8bb1a8c0607 Parents: 3fde508 Author: pzampino <pzamp...@apache.org> Authored: Mon Dec 17 13:55:54 2018 -0500 Committer: pzampino <pzamp...@apache.org> Committed: Mon Dec 17 14:52:51 2018 -0500 ---------------------------------------------------------------------- .../shell/KnoxTokenCredentialCollector.java | 16 ++-- .../shell/KnoxTokenCredentialCollectorTest.java | 96 ++++++++++++++++++++ 2 files changed, 105 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/fc1f085f/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollector.java ---------------------------------------------------------------------- diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollector.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollector.java index a9607dc..412764b 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollector.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollector.java @@ -48,13 +48,15 @@ public class KnoxTokenCredentialCollector extends AbstractCredentialCollector { List<String> lines; try { lines = Files.readAllLines(path, StandardCharsets.UTF_8); - Map<String, String> attrs = JsonUtils.getMapFromJsonString(lines.get(0)); - value = attrs.get("access_token"); - targetUrl = attrs.get("target_url"); - tokenType = attrs.get("token_type"); - Date expires = new Date(Long.parseLong(attrs.get("expires_in"))); - if (expires.before(new Date())) { - throw new CredentialCollectionException("Cached knox token has expired. Please relogin through knoxinit."); + if (!lines.isEmpty()) { + Map<String, String> attrs = JsonUtils.getMapFromJsonString(lines.get(0)); + value = attrs.get("access_token"); + targetUrl = attrs.get("target_url"); + tokenType = attrs.get("token_type"); + Date expires = new Date(Long.parseLong(attrs.get("expires_in"))); + if (expires.before(new Date())) { + throw new CredentialCollectionException("Cached knox token has expired. Please relogin through knoxinit."); + } } } catch (IOException e) { throw new CredentialCollectionException("Cached knox token cannot be read. Please login through knoxinit.", e); http://git-wip-us.apache.org/repos/asf/knox/blob/fc1f085f/gateway-shell/src/test/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollectorTest.java ---------------------------------------------------------------------- diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollectorTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollectorTest.java new file mode 100644 index 0000000..5ca06bc --- /dev/null +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/KnoxTokenCredentialCollectorTest.java @@ -0,0 +1,96 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with this + * work for additional information regarding copyright ownership. The ASF + * licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.knox.gateway.shell; + +import org.apache.commons.io.FileUtils; +import org.junit.AfterClass; +import org.junit.BeforeClass; +import org.junit.Test; + +import java.io.File; +import java.lang.reflect.Field; + +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +public class KnoxTokenCredentialCollectorTest { + + private static final File tokenCacheBackup = new File("tokenCacheBackup.bin"); + + @BeforeClass + public static void backupTokenCache() throws Exception { + File tokenCacheFile = getTokenCacheFile(); + if (tokenCacheFile.exists()) { + FileUtils.copyFile(getTokenCacheFile(), tokenCacheBackup); + } + } + + @AfterClass + public static void restoreTokenCache() throws Exception { + if (tokenCacheBackup.exists()) { + FileUtils.moveFile(tokenCacheBackup, getTokenCacheFile()); + tokenCacheBackup.delete(); + } + } + + private static File getTokenCacheFile() throws Exception { + return new File(System.getProperty("user.home"), getTokenCacheFileName()); + } + + private static String getTokenCacheFileName() throws Exception { + Field f = KnoxTokenCredentialCollector.class.getDeclaredField("KNOXTOKENCACHE"); + f.setAccessible(true); + Object fieldValue = f.get(KnoxTokenCredentialCollector.class); + assertTrue(fieldValue instanceof String); + return (String) fieldValue; + } + + /** + * KNOX-1680 + */ + @Test + public void testEmptyTokenCache() { + + // Delete the existing token cache file, and replace it with an empty one + try { + File tokenCacheFile = getTokenCacheFile(); + if (tokenCacheFile.exists()) { + tokenCacheFile.delete(); + } + assertTrue(tokenCacheFile.createNewFile()); + } catch (Exception e) { + // If the empty file could not be created, then this test does not make + // any sense. + fail("Could not create empty Knox token cache file: " + e.getMessage()); + } + + // Attempt to collect the Knox token + KnoxTokenCredentialCollector collector = new KnoxTokenCredentialCollector(); + try { + collector.collect(); + } catch (Exception e) { + fail(e.getMessage()); + } finally { + try { + getTokenCacheFile().delete(); + } catch (Exception e) { + // Ignore + } + } + } + +}