This is an automated email from the ASF dual-hosted git repository.
bbende pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new e4ff6f9 NIFI-8783 Moved SingleUserAuthorizer Login Provider check to
initialize() (#5216)
e4ff6f9 is described below
commit e4ff6f95a0c3630ea4fc3f18d5563c33cdf243b4
Author: exceptionfactory <[email protected]>
AuthorDate: Thu Jul 15 15:19:04 2021 -0500
NIFI-8783 Moved SingleUserAuthorizer Login Provider check to initialize()
(#5216)
---
.../single/user/SingleUserAuthorizer.java | 29 ++++++++++-----
.../single/user/SingleUserAuthorizerTest.java | 42 +++++++++++++++++++---
2 files changed, 58 insertions(+), 13 deletions(-)
diff --git
a/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/main/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizer.java
b/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/main/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizer.java
index 1f78a41..9aeb130 100644
---
a/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/main/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizer.java
+++
b/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/main/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizer.java
@@ -53,6 +53,8 @@ public class SingleUserAuthorizer implements Authorizer {
private static final String BLANK_PROVIDER = "provider";
+ private NiFiProperties niFiProperties;
+
/**
* Set NiFi Properties using method injection
*
@@ -60,14 +62,7 @@ public class SingleUserAuthorizer implements Authorizer {
*/
@AuthorizerContext
public void setProperties(final NiFiProperties niFiProperties) {
- final File configuration =
niFiProperties.getLoginIdentityProviderConfigurationFile();
- final String identifier =
niFiProperties.getProperty(NiFiProperties.SECURITY_USER_LOGIN_IDENTITY_PROVIDER,
BLANK_PROVIDER);
- if (isSingleUserLoginIdentityProviderConfigured(identifier,
configuration)) {
- LOGGER.debug("Required Login Identity Provider Configured [{}]",
REQUIRED_PROVIDER);
- } else {
- final String message = String.format("%s requires %s to be
configured", getClass().getSimpleName(), REQUIRED_PROVIDER);
- throw new AuthorizerCreationException(message);
- }
+ this.niFiProperties = niFiProperties;
}
@Override
@@ -75,9 +70,27 @@ public class SingleUserAuthorizer implements Authorizer {
return AuthorizationResult.approved();
}
+ /**
+ * Initialize Provider and confirm that the Single User Login Identity
Provider is also configured
+ *
+ * @param initializationContext Initialization Context
+ */
@Override
public void initialize(final AuthorizerInitializationContext
initializationContext) {
LOGGER.info("Initializing Authorizer");
+
+ final String securityUserAuthorizer =
niFiProperties.getProperty(NiFiProperties.SECURITY_USER_AUTHORIZER);
+ final String authorizerIdentifier =
initializationContext.getIdentifier();
+ if (authorizerIdentifier.equals(securityUserAuthorizer)) {
+ final File configuration =
niFiProperties.getLoginIdentityProviderConfigurationFile();
+ final String identifier =
niFiProperties.getProperty(NiFiProperties.SECURITY_USER_LOGIN_IDENTITY_PROVIDER,
BLANK_PROVIDER);
+ if (isSingleUserLoginIdentityProviderConfigured(identifier,
configuration)) {
+ LOGGER.debug("Required Login Identity Provider Configured
[{}]", REQUIRED_PROVIDER);
+ } else {
+ final String message = String.format("%s requires %s to be
configured", getClass().getSimpleName(), REQUIRED_PROVIDER);
+ throw new AuthorizerCreationException(message);
+ }
+ }
}
@Override
diff --git
a/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/test/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizerTest.java
b/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/test/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizerTest.java
index db0fbb8..ac46b17 100644
---
a/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/test/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizerTest.java
+++
b/nifi-nar-bundles/nifi-single-user-iaa-providers-bundle/nifi-single-user-iaa-providers/src/test/java/org/apache/nifi/authorization/single/user/SingleUserAuthorizerTest.java
@@ -16,10 +16,14 @@
*/
package org.apache.nifi.authorization.single.user;
+import org.apache.nifi.authorization.AuthorizerInitializationContext;
import org.apache.nifi.authorization.exception.AuthorizerCreationException;
import org.apache.nifi.util.NiFiProperties;
import org.junit.Before;
import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
import java.net.URISyntaxException;
import java.nio.file.Path;
@@ -27,7 +31,9 @@ import java.nio.file.Paths;
import java.util.Properties;
import static org.junit.Assert.assertThrows;
+import static org.mockito.Mockito.when;
+@RunWith(MockitoJUnitRunner.class)
public class SingleUserAuthorizerTest {
private static final String BLANK_PROVIDERS =
"/conf/login-identity-providers.xml";
@@ -37,41 +43,67 @@ public class SingleUserAuthorizerTest {
private static final String UNSUPPORTED_PROVIDER_IDENTIFIER =
"unsupported-provider";
+ private static final String AUTHORIZER_IDENTIFIER =
"single-user-authorizer";
+
+ private static final String OTHER_AUTHORIZER_IDENTIFIER =
"other-authorizer";
+
private static final String EMPTY_PROPERTIES_PATH = "";
private SingleUserAuthorizer authorizer;
+ @Mock
+ private AuthorizerInitializationContext initializationContext;
+
@Before
public void setAuthorizer() {
authorizer = new SingleUserAuthorizer();
+
when(initializationContext.getIdentifier()).thenReturn(AUTHORIZER_IDENTIFIER);
+ }
+
+ @Test
+ public void testInitializeSingleUserAuthorizerNotConfigured() throws
URISyntaxException {
+ final Path providersPath =
Paths.get(getClass().getResource(BLANK_PROVIDERS).toURI());
+ final Properties properties = new Properties();
+
properties.put(NiFiProperties.LOGIN_IDENTITY_PROVIDER_CONFIGURATION_FILE,
providersPath.toString());
+ properties.put(NiFiProperties.SECURITY_USER_LOGIN_IDENTITY_PROVIDER,
PROVIDER_IDENTIFIER);
+ properties.put(NiFiProperties.SECURITY_USER_AUTHORIZER,
OTHER_AUTHORIZER_IDENTIFIER);
+ final NiFiProperties niFiProperties =
NiFiProperties.createBasicNiFiProperties(EMPTY_PROPERTIES_PATH, properties);
+ authorizer.setProperties(niFiProperties);
+ authorizer.initialize(initializationContext);
}
@Test
- public void testSetPropertiesSingleUserIdentityProviderConfigured() throws
URISyntaxException {
+ public void testInitializeSingleUserIdentityProviderConfigured() throws
URISyntaxException {
final Path providersPath =
Paths.get(getClass().getResource(BLANK_PROVIDERS).toURI());
final Properties properties = new Properties();
properties.put(NiFiProperties.LOGIN_IDENTITY_PROVIDER_CONFIGURATION_FILE,
providersPath.toString());
properties.put(NiFiProperties.SECURITY_USER_LOGIN_IDENTITY_PROVIDER,
PROVIDER_IDENTIFIER);
+ properties.put(NiFiProperties.SECURITY_USER_AUTHORIZER,
AUTHORIZER_IDENTIFIER);
final NiFiProperties niFiProperties =
NiFiProperties.createBasicNiFiProperties(EMPTY_PROPERTIES_PATH, properties);
authorizer.setProperties(niFiProperties);
+ authorizer.initialize(initializationContext);
}
@Test
- public void testSetPropertiesSingleUserIdentityProviderNotSpecified()
throws URISyntaxException {
+ public void testInitializeSingleUserIdentityProviderNotSpecified() throws
URISyntaxException {
final Path providersPath =
Paths.get(getClass().getResource(BLANK_PROVIDERS).toURI());
final Properties properties = new Properties();
properties.put(NiFiProperties.LOGIN_IDENTITY_PROVIDER_CONFIGURATION_FILE,
providersPath.toString());
+ properties.put(NiFiProperties.SECURITY_USER_AUTHORIZER,
AUTHORIZER_IDENTIFIER);
final NiFiProperties niFiProperties =
NiFiProperties.createBasicNiFiProperties(EMPTY_PROPERTIES_PATH, properties);
- assertThrows(AuthorizerCreationException.class, () ->
authorizer.setProperties(niFiProperties));
+ authorizer.setProperties(niFiProperties);
+ assertThrows(AuthorizerCreationException.class, () ->
authorizer.initialize(initializationContext));
}
@Test
- public void testSetPropertiesAuthorizerCreationException() throws
URISyntaxException {
+ public void testInitializeAuthorizerCreationException() throws
URISyntaxException {
final Path providersPath =
Paths.get(getClass().getResource(UNSUPPORTED_PROVIDERS).toURI());
final Properties properties = new Properties();
properties.put(NiFiProperties.LOGIN_IDENTITY_PROVIDER_CONFIGURATION_FILE,
providersPath.toString());
properties.put(NiFiProperties.SECURITY_USER_LOGIN_IDENTITY_PROVIDER,
UNSUPPORTED_PROVIDER_IDENTIFIER);
+ properties.put(NiFiProperties.SECURITY_USER_AUTHORIZER,
AUTHORIZER_IDENTIFIER);
final NiFiProperties niFiProperties =
NiFiProperties.createBasicNiFiProperties(EMPTY_PROPERTIES_PATH, properties);
- assertThrows(AuthorizerCreationException.class, () ->
authorizer.setProperties(niFiProperties));
+ authorizer.setProperties(niFiProperties);
+ assertThrows(AuthorizerCreationException.class, () ->
authorizer.initialize(initializationContext));
}
}
