pzampino opened a new pull request #424: URL: https://github.com/apache/knox/pull/424
## What changes were proposed in this pull request? Added JWTProvider support for specifying the unique identifier associated with Knox JWTs as a HTTP Basic password (username=TokenPasscode, password=UUID) when server-managed token state is enabled. Example: curl -ivku TokenPasscode:$PASSCODE "https://localhost:8443/gateway/proxy-token/webhdfs/v1/tmp?op=LISTSTATUS"; ## How was this patch tested? I've added org.apache.knox.gateway.provider.federation.TokenIDAsHTTPBasicCredsFederationFilterTest and executed all the exising Knox tests (mvn -Ppackage,release clean package). I've manually tested by: - Enabling server-managed token state in the homepage deployment of KNOXTOKEN - Defining a provider configuration with the JWTProvider (with server-managed token state enabled) - Defining a descriptor that references that provider config - Generated a token using the homepage facility - curl -ivku TokenPasscode:$PASSCODE "https://localhost:8443/gateway/proxy-token/webhdfs/v1/tmp?op=LISTSTATUS"; I've also done some manual testing with server-managed token state DISABLED to verify the behavior. I could not find any existing tests for org.apache.knox.gateway.hadoopauth.filter.HadoopAuthPostFilter, so I haven't yet added any tests to verify the associated changes. I may add more negative test cases to org.apache.knox.gateway.provider.federation.TokenIDAsHTTPBasicCredsFederationFilterTest -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
