HADOOP-12481. JWTRedirectAuthenticationHandler doesn't Retain Original Query String. Contributed by Larry McCay.

This commit is contained in:
cnauroth 2015-10-15 16:44:59 -07:00
parent fdd7406224
commit a121fa1d39
3 changed files with 50 additions and 2 deletions

View File

@ -233,10 +233,15 @@ protected String constructLoginURL(HttpServletRequest request) {
}
String loginURL = authenticationProviderUrl + delimiter
+ ORIGINAL_URL_QUERY_PARAM
+ request.getRequestURL().toString();
+ request.getRequestURL().toString() + getOriginalQueryString(request);
return loginURL;
}
private String getOriginalQueryString(HttpServletRequest request) {
String originalQueryString = request.getQueryString();
return (originalQueryString == null) ? "" : "?" + originalQueryString;
}
/**
* This method provides a single method for validating the JWT for use in
* request processing. It provides for the override of specific aspects of

View File

@ -356,6 +356,40 @@ public void testValidJWT() throws Exception {
}
}
@Test
public void testOrigURLWithQueryString() throws Exception {
handler.setPublicKey(publicKey);
Properties props = getProperties();
handler.init(props);
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
Mockito.when(request.getRequestURL()).thenReturn(
new StringBuffer(SERVICE_URL));
Mockito.when(request.getQueryString()).thenReturn("name=value");
String loginURL = ((TestJWTRedirectAuthenticationHandler)handler).testConstructLoginURL(request);
Assert.assertNotNull("loginURL should not be null.", loginURL);
Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL + "?name=value", loginURL);
}
@Test
public void testOrigURLNoQueryString() throws Exception {
handler.setPublicKey(publicKey);
Properties props = getProperties();
handler.init(props);
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
Mockito.when(request.getRequestURL()).thenReturn(
new StringBuffer(SERVICE_URL));
Mockito.when(request.getQueryString()).thenReturn(null);
String loginURL = ((TestJWTRedirectAuthenticationHandler)handler).testConstructLoginURL(request);
Assert.assertNotNull("LoginURL should not be null.", loginURL);
Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL, loginURL);
}
@Before
public void setup() throws Exception, NoSuchAlgorithmException {
setupKerberosRequirements();
@ -367,7 +401,7 @@ public void setup() throws Exception, NoSuchAlgorithmException {
publicKey = (RSAPublicKey) kp.getPublic();
privateKey = (RSAPrivateKey) kp.getPrivate();
handler = new JWTRedirectAuthenticationHandler();
handler = new TestJWTRedirectAuthenticationHandler();
}
protected void setupKerberosRequirements() throws Exception {
@ -415,4 +449,10 @@ protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey)
return signedJWT;
}
class TestJWTRedirectAuthenticationHandler extends JWTRedirectAuthenticationHandler {
public String testConstructLoginURL(HttpServletRequest req) {
return constructLoginURL(req);
}
};
}

View File

@ -891,6 +891,9 @@ Release 2.8.0 - UNRELEASED
HADOOP-10775. Shell operations to fail with meaningful errors on windows if
winutils.exe not found. (stevel)
HADOOP-12481. JWTRedirectAuthenticationHandler doesn't Retain Original Query
String (Larry McCay via cnauroth)
OPTIMIZATIONS
HADOOP-11785. Reduce the number of listStatus operation in distcp