def __init__(self, cdap_router_uri, cdap_api_version):
self._cdap_username = None
self._cdap_password = None
self._auth_header = None
self.is_set_credentials = False
self.host_url = "%s/%s" % (cdap_router_uri, cdap_api_version)
self.client = BasicAuthenticationClient()
cdap_host, cdap_router_port = re.sub('^https?://', '', cdap_router_uri).strip('/').split(':')
self.client.set_connection_info(cdap_host, int(cdap_router_port), False)
def test_auth_disabled_is_auth_enabled(self):
dis_auth_client = BasicAuthenticationClient()
dis_auth_client.set_connection_info(u'localhost',
test_constants.SERVER_PORT + 2,
False)
properties = read_from_file(self.AUTH_CONFIG_FILE)
dis_auth_client.configure(properties)
self.assertFalse(dis_auth_client.is_auth_enabled())
def test_empty_url_list(self):
empty_auth_client = BasicAuthenticationClient()
empty_auth_client.set_connection_info(u'localhost',
test_constants.SERVER_PORT + 1,
False)
properties = read_from_file(self.AUTH_CONFIG_FILE)
empty_auth_client.configure(properties)
self.assertRaises(IOError, empty_auth_client.is_auth_enabled)
def setUp(self):
self.__authentication_client = BasicAuthenticationClient()
self.__local_test_server = SimpleTCPServer(
(u"localhost", test_constants.SERVER_PORT), AuthenticationHandler)
self.__server_thread = threading. \
Thread(target=self.__local_test_server.serve_forever)
self.__server_thread.start()
self.__authentication_client. \
set_connection_info(u'localhost',
test_constants.SERVER_PORT, False)
AuthenticationHandler.AUTH_HOST = u'localhost'
AuthenticationHandler.AUTH_PORT = test_constants.SERVER_PORT
self.empty_response_server = SimpleTCPServer(
(u"localhost", test_constants.SERVER_PORT + 1),
EmptyUrlListHandler)
threading.Thread(target=self.empty_response_server.serve_forever) \
.start()
self.auth_disabled_server = \
SimpleTCPServer((u"localhost", test_constants.SERVER_PORT + 2),
AuthDisabledHandler)
threading.Thread(target=self.auth_disabled_server.serve_forever) \
.start()
def base_set_up(self):
with open(self.config_file) as config_file:
auth_config = json.loads(config_file.read())
self.config = StreamTestBase.read_from_file(self.config_file)
auth_client = BasicAuthenticationClient()
auth_client.set_connection_info(self.config.host,
self.config.port, self.config.ssl)
if auth_client.is_auth_enabled():
auth_client.configure(auth_config)
self.config.set_auth_client(auth_client)
self.sc = StreamClient(self.config)
class auth_client:
"""
An authorization Client to connect to CDAP rest service running on a secure cluster
It get initialized by client = auth_client("host:port/api_version")
And user should provide credentials by client.authenticate(username, password)
to get the access token of a secure cdap cluster
Once the token expires, the client will get a new token from the server automatically
"""
def __init__(self, cdap_router_uri, cdap_api_version):
self._cdap_username = None
self._cdap_password = None
self._auth_header = None
self.is_set_credentials = False
self.host_url = "%s/%s" % (cdap_router_uri, cdap_api_version)
self.client = BasicAuthenticationClient()
cdap_host, cdap_router_port = re.sub('^https?://', '', cdap_router_uri).strip('/').split(':')
self.client.set_connection_info(cdap_host, int(cdap_router_port), False)
def authenticate(self, username=None, password=None):
"""
Fetch access token using username and password. If on an insecure cluster, skip this process.
Leave all the excpetions to be caught outside this function.
"""
if self.client.is_auth_enabled():
self._cdap_username = username
self._cdap_password = password
properties = {
'security_auth_client_username': username,
'security_auth_client_password': password,
'security_ssl_cert_check': True
}
self.client.configure(properties)
token = self.client.get_access_token()
self._auth_header = {'Authorization': token.token_type + ' ' + token.value}
self.is_set_credentials = True
def get(self, url):
"""
Get data from certain rest endpoint
:return: Json Object
"""
if self.client.is_token_expired():
# Update the token if is expired
self.authenticate(self._cdap_username, self._cdap_password)
return json.loads(requests.get(self.host_url + url, headers=self._auth_header).text)
class BasicAuthenticationClientTest(unittest.TestCase):
AUTH_CONFIG_FILE = os.path.join(os.path.dirname(__file__),
u"auth_config.json")
EMPTY_USERNAME_CONFIG = os.path.join(os.path.dirname(__file__),
u"empty_username_config.json")
def setUp(self):
self.__authentication_client = BasicAuthenticationClient()
self.__local_test_server = SimpleTCPServer(
(u"localhost", test_constants.SERVER_PORT), AuthenticationHandler)
self.__server_thread = threading. \
Thread(target=self.__local_test_server.serve_forever)
self.__server_thread.start()
self.__authentication_client. \
set_connection_info(u'localhost',
test_constants.SERVER_PORT, False)
AuthenticationHandler.AUTH_HOST = u'localhost'
AuthenticationHandler.AUTH_PORT = test_constants.SERVER_PORT
self.empty_response_server = SimpleTCPServer(
(u"localhost", test_constants.SERVER_PORT + 1),
EmptyUrlListHandler)
threading.Thread(target=self.empty_response_server.serve_forever) \
.start()
self.auth_disabled_server = \
SimpleTCPServer((u"localhost", test_constants.SERVER_PORT + 2),
AuthDisabledHandler)
threading.Thread(target=self.auth_disabled_server.serve_forever) \
.start()
def tearDown(self):
self.__local_test_server.shutdown()
self.__local_test_server.server_close()
self.empty_response_server.shutdown()
self.empty_response_server.server_close()
self.auth_disabled_server.shutdown()
self.auth_disabled_server.server_close()
def test_auth_is_auth_enabled(self):
properties = read_from_file(self.AUTH_CONFIG_FILE)
self.__authentication_client.configure(properties)
assert (self.__authentication_client.is_auth_enabled())
def test_success_get_access_token(self):
properties = read_from_file(self.AUTH_CONFIG_FILE)
self.__authentication_client.configure(properties)
access_token = self.__authentication_client.get_access_token()
cached_access_token = self.__authentication_client.get_access_token()
self.assertEqual(access_token, cached_access_token)
self.assertIsNotNone(access_token)
self.assertEqual(test_constants.TOKEN, access_token.value)
self.assertEqual(test_constants.TOKEN_TYPE, access_token.token_type)
self.assertEqual(test_constants.TOKEN_LIFE_TIME,
access_token.expires_in)
def test_not_authorization_get_access_token(self):
self.__authentication_client.username = u"fail"
self.__authentication_client.password = u"fail"
self.assertRaises(Exception,
self.__authentication_client.get_access_token)
def test_empty_token_get_access_token(self):
self.__authentication_client.username = \
test_constants.EMPTY_TOKEN_USERNAME
self.__authentication_client.password = test_constants.PASSWORD
self.assertRaises(IOError,
self.__authentication_client.get_access_token)
def test_expired_token_get_access_token(self):
AuthenticationHandler.request_counter = 0
self.__authentication_client.username = \
test_constants.EXPIRED_TOKEN_USERNAME
self.__authentication_client.password = test_constants.PASSWORD
access_token = self.__authentication_client.get_access_token()
self.assertEqual(test_constants.TOKEN, access_token.value)
access_token = self.__authentication_client.get_access_token()
self.assertIsNotNone(access_token)
self.assertEqual(test_constants.NEW_TOKEN, access_token.value)
self.assertEqual(test_constants.TOKEN_TYPE, access_token.token_type)
def test_empty_username_configure(self):
properties = read_from_file(self.EMPTY_USERNAME_CONFIG)
self.assertRaises(ValueError, self.__authentication_client.configure,
properties)
def test_is_auth_enabled(self):
properties = read_from_file(self.AUTH_CONFIG_FILE)
self.__authentication_client.configure(properties)
self.assertTrue(self.__authentication_client.is_auth_enabled())
def test_empty_url_list(self):
empty_auth_client = BasicAuthenticationClient()
empty_auth_client.set_connection_info(u'localhost',
test_constants.SERVER_PORT + 1,
False)
properties = read_from_file(self.AUTH_CONFIG_FILE)
empty_auth_client.configure(properties)
self.assertRaises(IOError, empty_auth_client.is_auth_enabled)
def test_auth_disabled_is_auth_enabled(self):
dis_auth_client = BasicAuthenticationClient()
dis_auth_client.set_connection_info(u'localhost',
test_constants.SERVER_PORT + 2,
False)
properties = read_from_file(self.AUTH_CONFIG_FILE)
dis_auth_client.configure(properties)
self.assertFalse(dis_auth_client.is_auth_enabled())