[GitHub] [hadoop] tomicooler commented on a change in pull request #3209: HDFS-16129. Fixing the signature secret file misusage in HttpFS.

Wed, 04 Aug 2021 05:29:40 -0700 


tomicooler commented on a change in pull request #3209:
URL: https://github.com/apache/hadoop/pull/3209#discussion_r682568677



##########
File path: 
hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServerWebServer.java
##########
@@ -71,53 +82,195 @@ public static void beforeClass() throws Exception {
     System.setProperty("httpfs.home.dir", homeDir.getAbsolutePath());
     System.setProperty("httpfs.log.dir", logsDir.getAbsolutePath());
     System.setProperty("httpfs.config.dir", confDir.getAbsolutePath());
-    FileUtils.writeStringToFile(new File(confDir, "httpfs-signature.secret"),
-        "foo", StandardCharsets.UTF_8);
+    secretFile = new File(System.getProperty("httpfs.config.dir"),
+        "httpfs-signature-custom.secret");
   }
 
-  @Before
-  public void setUp() throws Exception {
-    Configuration conf = new Configuration();
-    conf.set(HttpFSServerWebServer.HTTP_HOSTNAME_KEY, "localhost");
-    conf.setInt(HttpFSServerWebServer.HTTP_PORT_KEY, 0);
-    conf.set(AuthenticationFilter.SIGNATURE_SECRET_FILE,
-        "httpfs-signature.secret");
-    Configuration sslConf = new Configuration();
-    webServer = new HttpFSServerWebServer(conf, sslConf);
+  @After
+  public void teardown() throws Exception {
+    if (webServer != null) {
+      webServer.stop();
+    }
   }
 
   @Test
   public void testStartStop() throws Exception {
+    webServer = createWebServer(createConfigurationWithRandomSecret());
     webServer.start();
-    String user = HadoopUsersConfTestHelper.getHadoopUsers()[0];
-    URL url = new URL(webServer.getUrl(), MessageFormat.format(
-        "/webhdfs/v1/?user.name={0}&op=liststatus", user));
-    HttpURLConnection conn = (HttpURLConnection) url.openConnection();
-    Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
-    BufferedReader reader = new BufferedReader(
-        new InputStreamReader(conn.getInputStream()));
-    reader.readLine();
-    reader.close();
     webServer.stop();
   }
 
   @Test
   public void testJustStop() throws Exception {
+    webServer = createWebServer(createConfigurationWithRandomSecret());
     webServer.stop();
   }
 
   @Test
   public void testDoubleStop() throws Exception {
+    webServer = createWebServer(createConfigurationWithRandomSecret());
     webServer.start();
     webServer.stop();
     webServer.stop();
   }
 
   @Test
   public void testDoubleStart() throws Exception {
+    webServer = createWebServer(createConfigurationWithRandomSecret());
+    webServer.start();
+    webServer.start();
+    webServer.stop();
+  }
+
+  @Test
+  public void testServiceWithSecretFile() throws Exception {
+    createSecretFile("foo");
+    webServer = createWebServer(createConfigurationWithSecretFile());
+    webServer.start();
+    assertServiceRespondsWithOK(webServer.getUrl());
+    assertSignerSecretProviderType(webServer.getHttpServer(),
+        FileSignerSecretProvider.class);
+    webServer.stop();
+  }
+
+  @Test
+  public void testServiceWithSecretFileWithDeprecatedConfigOnly()
+      throws Exception {
+    createSecretFile("foo");
+    Configuration conf = createConfiguration();
+    setDeprecatedSecretFile(conf, secretFile.getAbsolutePath());
+    webServer = createWebServer(conf);
+
+    // HttpFSAuthenticationFilter gets the configuration from the webapp, the 
defaults are loaded
+    // so the custom file location is overwritten with a non-existing default 
one.
+    Exception exception =
+        Assert.assertThrows(IOException.class, new ThrowingRunnable() {
+          @Override
+          public void run() throws Throwable {
+            webServer.start();
+          }
+        });
+    Assert.assertTrue(exception.getMessage().startsWith(
+        "Unable to initialize"));
+  }
+
+  @Test
+  public void testServiceWithSecretFileWithBothConfigOption() throws Exception 
{
+    createSecretFile("foo");
+    Configuration conf = createConfigurationWithSecretFile();
+    setDeprecatedSecretFile(conf, secretFile.getAbsolutePath());
+    webServer = createWebServer(conf);
+    webServer.start();
+    assertServiceRespondsWithOK(webServer.getUrl());
+    assertSignerSecretProviderType(webServer.getHttpServer(),
+        FileSignerSecretProvider.class);
+    webServer.stop();
+  }
+
+  @Test
+  public void testServiceWithSecretFileWithBothConfigOptionOverWriteCheck()

Review comment:
       Done.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to