HADOOP-14799. Update nimbus-jose-jwt to 4.41.1. (rchiang)
This commit is contained in:
parent
ad74691807
commit
556812c179
@ -28,6 +28,7 @@
|
|||||||
|
|
||||||
import java.security.interfaces.RSAPublicKey;
|
import java.security.interfaces.RSAPublicKey;
|
||||||
|
|
||||||
|
import com.google.common.annotations.VisibleForTesting;
|
||||||
import org.apache.hadoop.security.authentication.client.AuthenticationException;
|
import org.apache.hadoop.security.authentication.client.AuthenticationException;
|
||||||
import org.apache.hadoop.security.authentication.util.CertificateUtil;
|
import org.apache.hadoop.security.authentication.util.CertificateUtil;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
@ -216,7 +217,8 @@ protected String getJWTFromCookie(HttpServletRequest req) {
|
|||||||
* @param request for getting the original request URL
|
* @param request for getting the original request URL
|
||||||
* @return url to use as login url for redirect
|
* @return url to use as login url for redirect
|
||||||
*/
|
*/
|
||||||
protected String constructLoginURL(HttpServletRequest request) {
|
@VisibleForTesting
|
||||||
|
String constructLoginURL(HttpServletRequest request) {
|
||||||
String delimiter = "?";
|
String delimiter = "?";
|
||||||
if (authenticationProviderUrl.contains("?")) {
|
if (authenticationProviderUrl.contains("?")) {
|
||||||
delimiter = "&";
|
delimiter = "&";
|
||||||
|
@ -47,7 +47,7 @@
|
|||||||
import com.nimbusds.jwt.SignedJWT;
|
import com.nimbusds.jwt.SignedJWT;
|
||||||
import com.nimbusds.jose.crypto.RSASSASigner;
|
import com.nimbusds.jose.crypto.RSASSASigner;
|
||||||
|
|
||||||
public class TestJWTRedirectAuthentictionHandler extends
|
public class TestJWTRedirectAuthenticationHandler extends
|
||||||
KerberosSecurityTestcase {
|
KerberosSecurityTestcase {
|
||||||
private static final String SERVICE_URL = "https://localhost:8888/resource";
|
private static final String SERVICE_URL = "https://localhost:8888/resource";
|
||||||
private static final String REDIRECT_LOCATION =
|
private static final String REDIRECT_LOCATION =
|
||||||
@ -392,7 +392,7 @@ public void testOrigURLWithQueryString() throws Exception {
|
|||||||
new StringBuffer(SERVICE_URL));
|
new StringBuffer(SERVICE_URL));
|
||||||
Mockito.when(request.getQueryString()).thenReturn("name=value");
|
Mockito.when(request.getQueryString()).thenReturn("name=value");
|
||||||
|
|
||||||
String loginURL = ((TestJWTRedirectAuthenticationHandler)handler).testConstructLoginURL(request);
|
String loginURL = handler.constructLoginURL(request);
|
||||||
Assert.assertNotNull("loginURL should not be null.", loginURL);
|
Assert.assertNotNull("loginURL should not be null.", loginURL);
|
||||||
Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL + "?name=value", loginURL);
|
Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL + "?name=value", loginURL);
|
||||||
}
|
}
|
||||||
@ -409,7 +409,7 @@ public void testOrigURLNoQueryString() throws Exception {
|
|||||||
new StringBuffer(SERVICE_URL));
|
new StringBuffer(SERVICE_URL));
|
||||||
Mockito.when(request.getQueryString()).thenReturn(null);
|
Mockito.when(request.getQueryString()).thenReturn(null);
|
||||||
|
|
||||||
String loginURL = ((TestJWTRedirectAuthenticationHandler)handler).testConstructLoginURL(request);
|
String loginURL = handler.constructLoginURL(request);
|
||||||
Assert.assertNotNull("LoginURL should not be null.", loginURL);
|
Assert.assertNotNull("LoginURL should not be null.", loginURL);
|
||||||
Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL, loginURL);
|
Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL, loginURL);
|
||||||
}
|
}
|
||||||
@ -425,7 +425,7 @@ public void setup() throws Exception, NoSuchAlgorithmException {
|
|||||||
publicKey = (RSAPublicKey) kp.getPublic();
|
publicKey = (RSAPublicKey) kp.getPublic();
|
||||||
privateKey = (RSAPrivateKey) kp.getPrivate();
|
privateKey = (RSAPrivateKey) kp.getPrivate();
|
||||||
|
|
||||||
handler = new TestJWTRedirectAuthenticationHandler();
|
handler = new JWTRedirectAuthenticationHandler();
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void setupKerberosRequirements() throws Exception {
|
protected void setupKerberosRequirements() throws Exception {
|
||||||
@ -453,15 +453,16 @@ protected Properties getProperties() {
|
|||||||
|
|
||||||
protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey)
|
protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey)
|
||||||
throws Exception {
|
throws Exception {
|
||||||
JWTClaimsSet claimsSet = new JWTClaimsSet();
|
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
|
||||||
claimsSet.setSubject(sub);
|
.subject(sub)
|
||||||
claimsSet.setIssueTime(new Date(new Date().getTime()));
|
.issueTime(new Date(new Date().getTime()))
|
||||||
claimsSet.setIssuer("https://c2id.com");
|
.issuer("https://c2id.com")
|
||||||
claimsSet.setCustomClaim("scope", "openid");
|
.claim("scope", "openid")
|
||||||
claimsSet.setExpirationTime(expires);
|
.audience("bar")
|
||||||
|
.expirationTime(expires)
|
||||||
|
.build();
|
||||||
List<String> aud = new ArrayList<String>();
|
List<String> aud = new ArrayList<String>();
|
||||||
aud.add("bar");
|
aud.add("bar");
|
||||||
claimsSet.setAudience("bar");
|
|
||||||
|
|
||||||
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build();
|
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build();
|
||||||
|
|
||||||
@ -472,10 +473,4 @@ protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey)
|
|||||||
|
|
||||||
return signedJWT;
|
return signedJWT;
|
||||||
}
|
}
|
||||||
|
|
||||||
class TestJWTRedirectAuthenticationHandler extends JWTRedirectAuthenticationHandler {
|
|
||||||
public String testConstructLoginURL(HttpServletRequest req) {
|
|
||||||
return constructLoginURL(req);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
}
|
@ -25,9 +25,7 @@
|
|||||||
import org.apache.hadoop.fs.ChecksumException;
|
import org.apache.hadoop.fs.ChecksumException;
|
||||||
import org.apache.hadoop.fs.FileSystem;
|
import org.apache.hadoop.fs.FileSystem;
|
||||||
import org.apache.hadoop.fs.Path;
|
import org.apache.hadoop.fs.Path;
|
||||||
import org.apache.hadoop.mapred.MapOutputFile;
|
|
||||||
import org.apache.hadoop.mapreduce.MRJobConfig;
|
import org.apache.hadoop.mapreduce.MRJobConfig;
|
||||||
import org.apache.hadoop.mapreduce.TaskID;
|
|
||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
@ -66,8 +64,6 @@
|
|||||||
import org.mockito.invocation.InvocationOnMock;
|
import org.mockito.invocation.InvocationOnMock;
|
||||||
import org.mockito.stubbing.Answer;
|
import org.mockito.stubbing.Answer;
|
||||||
|
|
||||||
import com.nimbusds.jose.util.StringUtils;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test that the Fetcher does what we expect it to.
|
* Test that the Fetcher does what we expect it to.
|
||||||
*/
|
*/
|
||||||
|
@ -1200,7 +1200,7 @@
|
|||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.nimbusds</groupId>
|
<groupId>com.nimbusds</groupId>
|
||||||
<artifactId>nimbus-jose-jwt</artifactId>
|
<artifactId>nimbus-jose-jwt</artifactId>
|
||||||
<version>3.9</version>
|
<version>4.41.1</version>
|
||||||
<scope>compile</scope>
|
<scope>compile</scope>
|
||||||
<exclusions>
|
<exclusions>
|
||||||
<exclusion>
|
<exclusion>
|
||||||
|
Loading…
Reference in New Issue
Block a user