reswqa commented on code in PR #21937:
URL: https://github.com/apache/flink/pull/21937#discussion_r1118750679
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -362,26 +388,25 @@ public void
testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exceptio
try (ServerSocket socket =
SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
- assertTrue(socket instanceof SSLServerSocket);
+ assertThat(socket instanceof SSLServerSocket).isTrue();
final SSLServerSocket sslSocket = (SSLServerSocket) socket;
String[] protocols = sslSocket.getEnabledProtocols();
String[] algorithms = sslSocket.getEnabledCipherSuites();
- assertEquals(1, protocols.length);
- assertEquals("TLSv1.1", protocols[0]);
- assertEquals(2, algorithms.length);
- assertThat(
- algorithms,
- arrayContainingInAnyOrder(
- "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA256"));
+ assertThat(protocols.length).isEqualTo(1);
Review Comment:
```suggestion
assertThat(protocols).hasSize(1);
```
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -362,26 +388,25 @@ public void
testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exceptio
try (ServerSocket socket =
SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
- assertTrue(socket instanceof SSLServerSocket);
+ assertThat(socket instanceof SSLServerSocket).isTrue();
Review Comment:
```suggestion
assertThat(socket).isInstanceOf(SSLServerSocket.class);
```
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -362,26 +388,25 @@ public void
testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exceptio
try (ServerSocket socket =
SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
- assertTrue(socket instanceof SSLServerSocket);
+ assertThat(socket instanceof SSLServerSocket).isTrue();
final SSLServerSocket sslSocket = (SSLServerSocket) socket;
String[] protocols = sslSocket.getEnabledProtocols();
String[] algorithms = sslSocket.getEnabledCipherSuites();
- assertEquals(1, protocols.length);
- assertEquals("TLSv1.1", protocols[0]);
- assertEquals(2, algorithms.length);
- assertThat(
- algorithms,
- arrayContainingInAnyOrder(
- "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA256"));
+ assertThat(protocols.length).isEqualTo(1);
+ assertThat(protocols[0]).isEqualTo("TLSv1.1");
+ assertThat(algorithms.length).isEqualTo(2);
Review Comment:
```suggestion
assertThat(algorithms).hasSize(2);
```
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -171,21 +169,38 @@ public void testRESTClientSSLWrongPassword() throws
Exception {
}
}
+ @ParameterizedTest
+ @MethodSource("parameters")
+ public void testRESTSSLConfigCipherAlgorithms(String sslProvider) throws
Exception {
+ String testSSLAlgorithms = "test_algorithm1,test_algorithm2";
+ Configuration config = createRestSslConfigWithTrustStore(sslProvider);
+ config.setBoolean(SecurityOptions.SSL_REST_ENABLED, true);
+ config.setString(SecurityOptions.SSL_ALGORITHMS.key(),
testSSLAlgorithms);
+ JdkSslContext nettySSLContext =
+ (JdkSslContext)
+ SSLUtils.createRestNettySSLContext(config, true,
ClientAuth.NONE, JDK);
+ List<String> cipherSuites =
checkNotNull(nettySSLContext).cipherSuites();
+ assertThat(cipherSuites.size()).isEqualTo(2);
+
assertThat(cipherSuites.toArray()).containsExactlyInAnyOrder(testSSLAlgorithms.split(","));
Review Comment:
```suggestion
assertThat(cipherSuites).containsExactlyInAnyOrder(testSSLAlgorithms.split(","));
```
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -408,20 +433,19 @@ public void testCreateSSLEngineFactory() throws Exception
{
final SslHandler sslHandler =
serverSSLHandlerFactory.createNettySSLHandler(UnpooledByteBufAllocator.DEFAULT);
- assertEquals(expectedSslProtocols.length,
sslHandler.engine().getEnabledProtocols().length);
- assertThat(
- sslHandler.engine().getEnabledProtocols(),
- arrayContainingInAnyOrder(expectedSslProtocols));
+ assertThat(sslHandler.engine().getEnabledProtocols().length)
+ .isEqualTo(expectedSslProtocols.length);
Review Comment:
```suggestion
assertThat(sslHandler.engine().getEnabledProtocols())
.hasSameSizeAs(expectedSslProtocols);
```
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -408,20 +433,19 @@ public void testCreateSSLEngineFactory() throws Exception
{
final SslHandler sslHandler =
serverSSLHandlerFactory.createNettySSLHandler(UnpooledByteBufAllocator.DEFAULT);
- assertEquals(expectedSslProtocols.length,
sslHandler.engine().getEnabledProtocols().length);
- assertThat(
- sslHandler.engine().getEnabledProtocols(),
- arrayContainingInAnyOrder(expectedSslProtocols));
+ assertThat(sslHandler.engine().getEnabledProtocols().length)
+ .isEqualTo(expectedSslProtocols.length);
+
assertThat(sslHandler.engine().getEnabledProtocols()).contains(expectedSslProtocols);
- assertEquals(sslAlgorithms.length,
sslHandler.engine().getEnabledCipherSuites().length);
- assertThat(
- sslHandler.engine().getEnabledCipherSuites(),
- arrayContainingInAnyOrder(sslAlgorithms));
+ assertThat(sslHandler.engine().getEnabledCipherSuites().length)
+ .isEqualTo(sslAlgorithms.length);
Review Comment:
```suggestion
assertThat(sslHandler.engine().getEnabledCipherSuites())
.hasSameSizeAs(sslAlgorithms);
```
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -432,21 +456,21 @@ public void testInvalidFingerprintParsing() throws
Exception {
SSLUtils.createInternalServerSSLEngineFactory(config);
fail("expected exception");
Review Comment:
We'd better avoid using `fail` in the junit test now. Please also check the
other place has same problem.
##########
flink-runtime/src/test/java/org/apache/flink/runtime/net/SSLUtilsTest.java:
##########
@@ -171,21 +169,38 @@ public void testRESTClientSSLWrongPassword() throws
Exception {
}
}
+ @ParameterizedTest
+ @MethodSource("parameters")
+ public void testRESTSSLConfigCipherAlgorithms(String sslProvider) throws
Exception {
+ String testSSLAlgorithms = "test_algorithm1,test_algorithm2";
+ Configuration config = createRestSslConfigWithTrustStore(sslProvider);
+ config.setBoolean(SecurityOptions.SSL_REST_ENABLED, true);
+ config.setString(SecurityOptions.SSL_ALGORITHMS.key(),
testSSLAlgorithms);
+ JdkSslContext nettySSLContext =
+ (JdkSslContext)
+ SSLUtils.createRestNettySSLContext(config, true,
ClientAuth.NONE, JDK);
+ List<String> cipherSuites =
checkNotNull(nettySSLContext).cipherSuites();
+ assertThat(cipherSuites.size()).isEqualTo(2);
Review Comment:
```suggestion
assertThat(cipherSuites).hasSize(2);
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
