Beispiel #1
0
    def fetch_derived_token(self, ezSecurityToken, targetApp,
                            excludedAuths=None, skipCache=False):
        """
        Used when an application receives an EzSecurityToken as part of it's
        API but needs to call another service that itself takes an
        EzSecurityToken.

        :param ezSecurityToken:
        :param targetApp:
        :param excludedAuths:
        :return:
        """

        # get the security id for target app (depending on if its a common
        # service or an application)
        dc = ServiceDiscoveryClient(self.zk_con_str)
        targetSecurityId = dc.get_security_id(targetApp)
        token_request = TokenRequest(
            self.appConfig.getSecurityID(),
            util.current_time_millis()
        )
        token_request.tokenPrincipal = ezSecurityToken
        token_request.targetSecurityId = targetSecurityId
        token_request.excludeAuthorizations = excludedAuths

        # look in the cache (and return immediately if in cache)
        dn = ezSecurityToken.tokenPrincipal.principal
        request_chain = ezSecurityToken.tokenPrincipal.requestChain
        cache_key = self._get_cache_key(ezSecurityToken.type, dn, excludedAuths, request_chain, targetSecurityId)
        if not skipCache:
            token = self.__get_from_cache(cache_key)
            if token:
                return token

        # get token (since it wasn't found in the cache)
        headers = {
            HTTP_HEADER_USER_INFO: dn,
            HTTP_HEADER_SIGNATURE: self._sign(dn)
        }
        request, signature = self.build_request(headers, targetApp, exclude_authorizations=excludedAuths)
        return self._request_token_and_store(request, signature, "derived", dn, cache_key)
Beispiel #2
0
class ServiceDiscoveryClientTest(KazooTestCase):
    """Basic set of tests for ServiceDiscoveryClient."""

    def setUp(self):
        """Replace the Zookeeper client on the module."""
        super(ServiceDiscoveryClientTest, self).setUp()
        self.ezDiscovery = ServiceDiscoveryClient(self.hosts)

    def tearDown(self):
        """Clean up the Zookeeper entries."""
        super(ServiceDiscoveryClientTest, self).tearDown()

    def test_register_endpoint(self):
        """Register an endpoint and make sure it ends up in Zookeeper."""
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8080)
        endpoints = self.ezDiscovery.get_endpoints("foo", "bar")
        self.assertEqual(endpoints[0], "localhost:8080")

    def test_register_common_endpoint(self):
        """Register a common endpoint and make sure it ends up in Zookeeper."""
        self.ezDiscovery.register_common_endpoint('bar', 'localhost', 8080)
        endpoints = self.ezDiscovery.get_common_endpoints("bar")
        self.assertEqual(endpoints[0], "localhost:8080")

    def test_unregister_endpoint(self):
        """Register and unregister an endpoint and make sure it is gone."""
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8080)
        self.ezDiscovery.unregister_endpoint('foo', 'bar', 'localhost', 8080)
        endpoints = self.ezDiscovery.get_endpoints("foo", "bar")
        self.assertEqual(len(endpoints), 0)

    def test_unregister_common_endpoint(self):
        """Register and unregister a common endpoint and make sure it is gone. """
        self.ezDiscovery.register_common_endpoint('bar', 'localhost', 8080)
        self.ezDiscovery.unregister_common_endpoint('bar', 'localhost', 8080)
        endpoints = self.ezDiscovery.get_common_endpoints("bar")
        self.assertEqual(len(endpoints), 0)

    def test_unregister_none_exist_endpoint(self):
        """ make sure no exception is raised """
        self.ezDiscovery.unregister_endpoint('foo', 'bar', 'localhost', 8000)

    def test_unregister_multiple_endpoints(self):
        """Test that when multiple endpoints get made and some removed the tree
        of endpoints stays correct.
        """
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8000)
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8888)

        # Unregister the first endpoint.
        self.ezDiscovery.unregister_endpoint('foo', 'bar', 'localhost', 8000)
        endpoints = self.ezDiscovery.get_endpoints('foo', 'bar')
        self.assertEqual(len(endpoints), 1)
        self.assertEqual(endpoints[0], 'localhost:8888')

        # Unregister the second endpoint.
        self.ezDiscovery.unregister_endpoint('foo', 'bar', 'localhost', 8888)
        endpoints = self.ezDiscovery.get_endpoints('foo', 'bar')
        self.assertEqual(len(endpoints), 0)

        base_path = '/'.join([
            ServiceDiscoveryClient.NAMESPACE,
            'foo',
            'bar',
            ServiceDiscoveryClient.ENDPOINTS
        ])
        self.assertTrue(self.client.exists(base_path))

    def test_get_applications(self):
        """Test application list."""
        # Create a few application endpoints.
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8000)
        self.ezDiscovery.register_endpoint('harry', 'sally', 'localhost', 8080)
        self.assertEqual(2, len(self.ezDiscovery.get_applications()))

    def test_get_services(self):
        """Test the application services list."""
        # Create a few application endpoints.
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8000)
        self.ezDiscovery.register_endpoint('foo', 'baz', 'localhost', 8001)
        self.ezDiscovery.register_endpoint('harry', 'sally', 'localhost', 8080)

        # Make sure it returns the right count for a single service.
        self.assertEqual(2, len(self.ezDiscovery.get_services('foo')))

        self.assertEqual(1, len(self.ezDiscovery.get_services('harry')))
        self.assertEqual('sally', self.ezDiscovery.get_services('harry')[0])

    def test_get_common_services(self):
        """Test fetching common services."""
        # Make a few common services and and an external, ensure they return
        # properly.
        self.ezDiscovery.register_common_endpoint('foo', 'localhost', 8000)
        self.ezDiscovery.register_common_endpoint('bar', 'localhost', 8001)
        self.ezDiscovery.register_endpoint('harry', 'sally', 'localhost', 8080)
        self.assertEqual(2, len(self.ezDiscovery.get_common_services()))

    def test_get_endpoints(self):
        """Test endpoint list fetching."""
        # Create a few application endpoints.
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8000)
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8001)
        self.ezDiscovery.register_endpoint('harry', 'sally', 'localhost', 8080)
        self.assertEqual(2, len(self.ezDiscovery.get_endpoints('foo', 'bar')))

    def test_get_common_endpoints(self):
        """Test fetching common endpoints."""
        # Create a few common endpoints and one not, test results.
        self.ezDiscovery.register_common_endpoint('foo', 'localhost', 8000)
        self.ezDiscovery.register_common_endpoint('foo', 'localhost', 8001)
        self.ezDiscovery.register_endpoint('harry', 'sally', 'localhost', 8080)
        self.assertEqual(2, len(self.ezDiscovery.get_common_endpoints('foo')))
        self.assertEquals(0, len(self.ezDiscovery.get_common_endpoints('sally')))

    def test_is_service_common(self):
        """Ensure only common services return true."""
        # Test one that does not exist.
        self.assertFalse(self.ezDiscovery.is_service_common('foo'))
        self.ezDiscovery.register_common_endpoint('foo', 'localhost', 8000)
        self.assertTrue(self.ezDiscovery.is_service_common('foo'))
        self.ezDiscovery.register_endpoint('harry', 'sally', 'localhost', 8080)
        self.assertFalse(self.ezDiscovery.is_service_common('sally'))

    def test_set_security_id_for_application(self):
        """Ensure security id's get set for applications."""
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8000)
        self.ezDiscovery.set_security_id_for_application('foo', 'sid')

        path = '/'.join([
            ServiceDiscoveryClient.NAMESPACE,
            'foo',
            ServiceDiscoveryClient.SECURITY,
            ServiceDiscoveryClient.SECURITY_ID
        ])
        self.assertTrue(self.client.exists(path))
        self.assertEquals('sid', self.client.get(path)[0])

    def test_set_security_id_for_common_service(self):
        """Ensure security id's get set for common services."""
        self.ezDiscovery.register_common_endpoint('foo', 'localhost', 8000)
        self.ezDiscovery.set_security_id_for_common_service('foo', 'sid')
        path = '/'.join([
            ServiceDiscoveryClient.NAMESPACE,
            '/'.join([ServiceDiscoveryClient.COMMON_APP_NAME, 'foo']),
            ServiceDiscoveryClient.SECURITY,
            ServiceDiscoveryClient.SECURITY_ID
        ])
        self.assertTrue(self.client.exists(path))
        self.assertEquals('sid', self.client.get(path)[0])

    def test_get_security_id_for_application(self):
        """Ensure fetching application security id's returns properly."""
        # Fetch one that does not exist.
        self.assertEquals(
            None,
            self.ezDiscovery.get_security_id('foo')
        )
        self.ezDiscovery.register_endpoint('foo', 'bar', 'localhost', 8000)
        self.ezDiscovery.set_security_id_for_application('foo', 'sid')
        self.assertEquals(
            'sid',
            self.ezDiscovery.get_security_id('foo')
        )

    def test_get_security_id_for_common_service(self):
        """Ensure fetching application security id's returns properly."""

        # clear the cache
        self.ezDiscovery.securityIdCache.clear()

        # Fetch one does not exist.
        self.assertEquals(
            None,
            self.ezDiscovery.get_security_id('foo')
        )
        self.ezDiscovery.register_common_endpoint('foo', 'localhost', 8000)
        self.ezDiscovery.set_security_id_for_common_service('foo', 'sid')
        self.assertEquals(
            'sid',
            self.ezDiscovery.get_security_id('foo')
        )