Author: angela
Date: Thu Nov 26 10:01:18 2020
New Revision: 1883834
URL: http://svn.apache.org/viewvc?rev=1883834&view=rev
Log:
OAK-9275 : restore test coverage of oak-auth-ldap (wip)
Added:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/AbstractLdapIdentityProviderTest.java
(with props)
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapGroupTest.java
(with props)
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityTest.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/pom.xml
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapServerClassLoader.java
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityPropertiesTest.java
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProviderOsgiTest.java
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfigTest.java
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactoryTest.java
Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/pom.xml?rev=1883834&r1=1883833&r2=1883834&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-ldap/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Thu Nov 26 10:01:18 2020
@@ -35,8 +35,8 @@
<apacheds.test.version>2.0.0-M24</apacheds.test.version>
<!-- enable execution of jacoco and set minimal line coverage -->
<skip.coverage>false</skip.coverage>
- <minimum.line.coverage>0.86</minimum.line.coverage>
- <minimum.branch.coverage>0.74</minimum.branch.coverage>
+ <minimum.line.coverage>0.89</minimum.line.coverage>
+ <minimum.branch.coverage>0.82</minimum.branch.coverage>
</properties>
<build>
@@ -185,11 +185,6 @@
<scope>test</scope>
</dependency>
<dependency>
- <groupId>org.easymock</groupId>
- <artifactId>easymock</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
<groupId>org.slf4j</groupId>
<artifactId>jul-to-slf4j</artifactId>
<scope>test</scope>
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java?rev=1883834&r1=1883833&r2=1883834&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
Thu Nov 26 10:01:18 2020
@@ -17,127 +17,37 @@
package org.apache.jackrabbit.oak.security.authentication.ldap;
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertThat;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-
-import javax.jcr.SimpleCredentials;
-import javax.security.auth.login.LoginException;
-
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Iterators;
import org.apache.directory.api.util.Strings;
-import org.apache.directory.server.constants.ServerDNConstants;
+import
org.apache.jackrabbit.oak.security.authentication.ldap.impl.AbstractLdapIdentityProviderTest;
import
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentity;
import
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider;
-import
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig;
import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapUser;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser;
-import org.apache.jackrabbit.util.Text;
import org.hamcrest.Matchers;
-import org.junit.After;
-import org.junit.Before;
import org.junit.Test;
-public class LdapProviderTest {
-
- //loaded by a separate ClassLoader unavailable to the client (needed
because the server is using old libraries)
- protected LdapServerClassLoader.Proxy proxy;
-
- private static final String TUTORIAL_LDIF = "apache-ds-tutorial.ldif";
- private static final String ERRONEOUS_LDIF = "erroneous.ldif";
- public static final String IDP_NAME = "ldap";
-
- protected LdapIdentityProvider idp;
- protected LdapProviderConfig providerConfig;
-
- @Before
- public void before() throws Exception {
- LdapServerClassLoader serverClassLoader =
LdapServerClassLoader.createServerClassLoader();
- proxy = serverClassLoader.createAndSetupServer();
- proxy.loadLdif(getClass().getResourceAsStream(TUTORIAL_LDIF));
- idp = createIDP();
- }
-
- @After
- public void after() throws Exception {
- proxy.tearDown();
- if (idp != null) {
- idp.close();
- idp = null;
- }
- }
-
- protected LdapIdentityProvider createIDP() {
- //The attribute "mail" is excluded deliberately
- return createIDP(new String[] { "objectclass", "uid", "givenname",
"description", "sn", "cn"});
- }
-
- protected LdapIdentityProvider createIDP(String[] userProperties) {
- providerConfig = new LdapProviderConfig()
- .setName(IDP_NAME)
- .setHostname("127.0.0.1")
- .setPort(proxy.port)
- .setBindDN(ServerDNConstants.ADMIN_SYSTEM_DN)
- .setBindPassword(InternalLdapServer.ADMIN_PW)
- .setGroupMemberAttribute("uniquemember")
- .setCustomAttributes(userProperties);
-
- providerConfig.getUserConfig()
- .setBaseDN(ServerDNConstants.USERS_SYSTEM_DN)
- .setObjectClasses("inetOrgPerson");
- providerConfig.getGroupConfig()
- .setBaseDN(ServerDNConstants.GROUPS_SYSTEM_DN)
- .setObjectClasses("groupOfUniqueNames");
-
- providerConfig.getAdminPoolConfig().setMaxActive(0);
- providerConfig.getUserPoolConfig().setMaxActive(0);
- return new LdapIdentityProvider(providerConfig);
- }
-
- public static final String TEST_USER0_DN = "cn=Rat
Ratterson,ou=users,ou=system";
- public static final String TEST_USER0_UID = "ratty";
-
- public static final String TEST_USER1_DN = "cn=Horatio
Hornblower,ou=users,ou=system";
- public static final String TEST_USER1_UID = "hhornblo";
- public static final String TEST_USER1_PATH = "cn=Horatio
Hornblower/ou=users/ou=system";
-
- public static final String TEST_USER2_DN = "cn=William
Bush,ou=users,ou=system";
- public static final String TEST_USER3_DN = "cn=Thomas
Quist,ou=users,ou=system";
- public static final String TEST_USER4_DN = "cn=Moultrie
Crystal,ou=users,ou=system";
-
- public static final String TEST_USER5_UID = "=007=";
- public static final String TEST_USER5_DN = "cn=Special\\, Agent
[007],ou=users,ou=system";
- public static final String TEST_USER5_PATH = "cn=Special\\, Agent
%5B007%5D/ou=users/ou=system";
-
- public static final String TEST_GROUP1_DN = "cn=HMS
Lydia,ou=crews,ou=groups,ou=system";
- public static final String TEST_GROUP1_NAME = "HMS Lydia";
- public static final String[] TEST_GROUP1_MEMBERS = {
- TEST_USER0_DN, TEST_USER1_DN, TEST_USER2_DN, TEST_USER3_DN,
TEST_USER4_DN
- };
-
- public static final String TEST_GROUP2_DN = "cn=HMS
Victory,ou=crews,ou=groups,ou=system";
- public static final String TEST_GROUP2_NAME = "HMS Victory";
+import javax.jcr.SimpleCredentials;
+import javax.security.auth.login.LoginException;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
- public static final String TEST_GROUP3_DN = "cn=HMS
Bounty,ou=crews,ou=groups,ou=system";
- public static final String TEST_GROUP3_NAME = "HMS Bounty";
+import static org.junit.Assert.assertArrayEquals;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
- public static final String[] TEST_USER0_GROUPS = {TEST_GROUP1_DN,
TEST_GROUP2_DN, TEST_GROUP3_DN};
- public static final String[] TEST_USER1_GROUPS = {TEST_GROUP1_DN};
+public class LdapProviderTest extends AbstractLdapIdentityProviderTest {
@Test
public void testGetUserByRef() throws Exception {
@@ -199,14 +109,6 @@ public class LdapProviderTest {
assertThat(properties, Matchers.not(Matchers.<String,
Object>hasEntry("mail", "[email protected]")));
}
- private void authenticateInternal(LdapIdentityProvider idp, String id)
throws Exception {
- SimpleCredentials creds = new SimpleCredentials(TEST_USER1_UID,
"pass".toCharArray());
- ExternalUser user = idp.authenticate(creds);
- assertNotNull("User 1 must authenticate", user);
- assertEquals("User Ref", TEST_USER1_DN,
((LdapUser)user).getEntry().getDn().getName());
- assertEquals("User Ref", id, user.getExternalId().getId());
- }
-
@Test
public void testAuthenticate() throws Exception {
authenticateInternal(idp, TEST_USER1_DN);
@@ -217,16 +119,6 @@ public class LdapProviderTest {
authenticateInternal(idp, TEST_USER1_UID);
}
- private void authenticateValidateInternal(LdapIdentityProvider idp, String
id) throws Exception {
- SimpleCredentials creds = new SimpleCredentials(TEST_USER1_UID,
"pass".toCharArray());
- for (int i=0; i<8; i++) {
- ExternalUser user = this.idp.authenticate(creds);
- assertNotNull("User 1 must authenticate (i=" + i + ")", user);
- assertEquals("User Ref", TEST_USER1_DN,
((LdapUser)user).getEntry().getDn().getName());
- assertEquals("User Ref", id, user.getExternalId().getId());
- }
- }
-
@Test
public void testAuthenticateValidateFalseFalse() throws Exception {
providerConfig.getAdminPoolConfig()
@@ -381,6 +273,12 @@ public class LdapProviderTest {
}
@Test
+ public void testGetGroupByUnknownName() throws Exception {
+ ExternalGroup group = idp.getGroup("unknown");
+ assertNull(group);
+ }
+
+ @Test
public void testGetMembers() throws Exception {
ExternalIdentityRef ref = new ExternalIdentityRef(TEST_GROUP1_DN,
IDP_NAME);
ExternalIdentity id = idp.getIdentity(ref);
@@ -480,16 +378,12 @@ public class LdapProviderTest {
idp.fromExternalIdentityRef(new ExternalIdentityRef("anyId",
"anotherProviderName"));
}
- public static void assertIfEquals(String message, String[] expected,
Iterable<ExternalIdentityRef> result) {
- List<String> dns = new LinkedList<String>();
- for (ExternalIdentityRef ref: result) {
- dns.add(ref.getId());
- }
- Collections.sort(dns);
- Arrays.sort(expected);
- String exp = Text.implode(expected, ",\n");
- String res = Text.implode(dns.toArray(new String[dns.size()]), ",\n");
- assertEquals(message, exp, res);
- }
+ @Test
+ public void testListGroups() throws Exception {
+ Iterator<ExternalGroup> groups = idp.listGroups();
+ Iterator<String> ids = Iterators.transform(groups, externalGroup ->
externalGroup.getId());
+ Set<String> expectedIds = ImmutableSet.of(TEST_GROUP1_NAME,
TEST_GROUP2_NAME, TEST_GROUP3_NAME, "Administrators");
+ assertEquals(expectedIds, ImmutableSet.copyOf(ids));
+ }
}
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapServerClassLoader.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapServerClassLoader.java?rev=1883834&r1=1883833&r2=1883834&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapServerClassLoader.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapServerClassLoader.java
Thu Nov 26 10:01:18 2020
@@ -105,6 +105,7 @@ public class LdapServerClassLoader exten
public static Class serverClass;
public Object server;
public int port;
+ public String host = "127.0.0.1";
public void tearDown() throws NoSuchMethodException,
InvocationTargetException, IllegalAccessException {
serverClass.getMethod("tearDown", new Class[0]).invoke(server);
Added:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/AbstractLdapIdentityProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/AbstractLdapIdentityProviderTest.java?rev=1883834&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/AbstractLdapIdentityProviderTest.java
(added)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/AbstractLdapIdentityProviderTest.java
Thu Nov 26 10:01:18 2020
@@ -0,0 +1,159 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.authentication.ldap.impl;
+
+import org.apache.directory.server.constants.ServerDNConstants;
+import
org.apache.jackrabbit.oak.security.authentication.ldap.InternalLdapServer;
+import
org.apache.jackrabbit.oak.security.authentication.ldap.LdapServerClassLoader;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser;
+import org.apache.jackrabbit.util.Text;
+import org.junit.After;
+import org.junit.Before;
+
+import javax.jcr.SimpleCredentials;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.LinkedList;
+import java.util.List;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+public abstract class AbstractLdapIdentityProviderTest {
+
+ public static final String TEST_USER0_DN = "cn=Rat
Ratterson,ou=users,ou=system";
+ public static final String TEST_USER0_UID = "ratty";
+
+ public static final String TEST_USER1_DN = "cn=Horatio
Hornblower,ou=users,ou=system";
+ public static final String TEST_USER1_UID = "hhornblo";
+ public static final String TEST_USER1_PATH = "cn=Horatio
Hornblower/ou=users/ou=system";
+
+ public static final String TEST_USER2_DN = "cn=William
Bush,ou=users,ou=system";
+ public static final String TEST_USER3_DN = "cn=Thomas
Quist,ou=users,ou=system";
+ public static final String TEST_USER4_DN = "cn=Moultrie
Crystal,ou=users,ou=system";
+
+ public static final String TEST_USER5_UID = "=007=";
+ public static final String TEST_USER5_DN = "cn=Special\\, Agent
[007],ou=users,ou=system";
+ public static final String TEST_USER5_PATH = "cn=Special\\, Agent
%5B007%5D/ou=users/ou=system";
+
+ public static final String TEST_GROUP1_DN = "cn=HMS
Lydia,ou=crews,ou=groups,ou=system";
+ public static final String TEST_GROUP1_NAME = "HMS Lydia";
+ public static final String[] TEST_GROUP1_MEMBERS = {
+ TEST_USER0_DN, TEST_USER1_DN, TEST_USER2_DN, TEST_USER3_DN,
TEST_USER4_DN
+ };
+
+ public static final String TEST_GROUP2_DN = "cn=HMS
Victory,ou=crews,ou=groups,ou=system";
+ public static final String TEST_GROUP2_NAME = "HMS Victory";
+
+ public static final String TEST_GROUP3_DN = "cn=HMS
Bounty,ou=crews,ou=groups,ou=system";
+ public static final String TEST_GROUP3_NAME = "HMS Bounty";
+
+ public static final String[] TEST_USER0_GROUPS = {TEST_GROUP1_DN,
TEST_GROUP2_DN, TEST_GROUP3_DN};
+ public static final String[] TEST_USER1_GROUPS = {TEST_GROUP1_DN};
+
+ //loaded by a separate ClassLoader unavailable to the client (needed
because the server is using old libraries)
+ protected LdapServerClassLoader.Proxy proxy;
+
+ private static final String TUTORIAL_LDIF = "apache-ds-tutorial.ldif";
+ public static final String ERRONEOUS_LDIF = "erroneous.ldif";
+ public static final String IDP_NAME = "ldap";
+
+ public static final String[] DEFAULT_USER_PROPERTIES = new String[] {
"objectclass", "uid", "givenname", "description", "sn", "cn"};
+
+ protected LdapIdentityProvider idp;
+ protected LdapProviderConfig providerConfig;
+
+ @Before
+ public void before() throws Exception {
+ LdapServerClassLoader serverClassLoader =
LdapServerClassLoader.createServerClassLoader();
+ proxy = serverClassLoader.createAndSetupServer();
+ proxy.loadLdif(getClass().getResourceAsStream(TUTORIAL_LDIF));
+ idp = createIDP();
+ }
+
+ @After
+ public void after() throws Exception {
+ proxy.tearDown();
+ if (idp != null) {
+ idp.close();
+ idp = null;
+ }
+ }
+
+ protected LdapIdentityProvider createIDP() {
+ //The attribute "mail" is excluded deliberately
+ return createIDP(DEFAULT_USER_PROPERTIES);
+ }
+
+ protected LdapIdentityProvider createIDP(String[] userProperties) {
+ providerConfig = createProviderConfig(userProperties);
+ return new LdapIdentityProvider(providerConfig);
+ }
+
+ protected LdapProviderConfig createProviderConfig(String[] userProperties)
{
+ LdapProviderConfig providerConfig = new LdapProviderConfig()
+ .setName(IDP_NAME)
+ .setHostname("127.0.0.1")
+ .setPort(proxy.port)
+ .setBindDN(ServerDNConstants.ADMIN_SYSTEM_DN)
+ .setBindPassword(InternalLdapServer.ADMIN_PW)
+ .setGroupMemberAttribute("uniquemember")
+ .setCustomAttributes(userProperties);
+
+ providerConfig.getUserConfig()
+ .setBaseDN(ServerDNConstants.USERS_SYSTEM_DN)
+ .setObjectClasses("inetOrgPerson");
+ providerConfig.getGroupConfig()
+ .setBaseDN(ServerDNConstants.GROUPS_SYSTEM_DN)
+ .setObjectClasses("groupOfUniqueNames");
+
+ providerConfig.getAdminPoolConfig().setMaxActive(0);
+ providerConfig.getUserPoolConfig().setMaxActive(0);
+ return providerConfig;
+ }
+
+ public static void authenticateInternal(LdapIdentityProvider idp, String
id) throws Exception {
+ SimpleCredentials creds = new SimpleCredentials(TEST_USER1_UID,
"pass".toCharArray());
+ ExternalUser user = idp.authenticate(creds);
+ assertNotNull("User 1 must authenticate", user);
+ assertEquals("User Ref", TEST_USER1_DN,
((LdapUser)user).getEntry().getDn().getName());
+ assertEquals("User Ref", id, user.getExternalId().getId());
+ }
+
+ public static void authenticateValidateInternal(LdapIdentityProvider idp,
String id) throws Exception {
+ SimpleCredentials creds = new SimpleCredentials(TEST_USER1_UID,
"pass".toCharArray());
+ for (int i=0; i<8; i++) {
+ ExternalUser user = idp.authenticate(creds);
+ assertNotNull("User 1 must authenticate (i=" + i + ")", user);
+ assertEquals("User Ref", TEST_USER1_DN,
((LdapUser)user).getEntry().getDn().getName());
+ assertEquals("User Ref", id, user.getExternalId().getId());
+ }
+ }
+
+ public static void assertIfEquals(String message, String[] expected,
Iterable<ExternalIdentityRef> result) {
+ List<String> dns = new LinkedList<String>();
+ for (ExternalIdentityRef ref: result) {
+ dns.add(ref.getId());
+ }
+ Collections.sort(dns);
+ Arrays.sort(expected);
+ String exp = Text.implode(expected, ",\n");
+ String res = Text.implode(dns.toArray(new String[dns.size()]), ",\n");
+ assertEquals(message, exp, res);
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/AbstractLdapIdentityProviderTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapGroupTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapGroupTest.java?rev=1883834&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapGroupTest.java
(added)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapGroupTest.java
Thu Nov 26 10:01:18 2020
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.authentication.ldap.impl;
+
+import com.google.common.collect.ImmutableMap;
+import org.apache.directory.api.ldap.model.entry.Entry;
+import org.apache.directory.api.ldap.model.name.Dn;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Test;
+
+import java.util.Collection;
+import java.util.Map;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+public class LdapGroupTest extends LdapIdentityTest {
+
+ @Override
+ LdapGroup mockIdentity(@NotNull LdapIdentityProvider idp, @NotNull
ExternalIdentityRef ref, @NotNull String id, @NotNull String path, @NotNull
Entry entry) {
+ return new LdapGroup(idp, ref, id, path, entry);
+ }
+
+ @Test
+ public void testGetDeclaredMembers() throws Exception {
+ Dn dn = when(mock(Dn.class).getName()).thenReturn("dn").getMock();
+ when(entry.getDn()).thenReturn(dn);
+
+ Map<String, ExternalIdentityRef> memberRefs = ImmutableMap.of("m",
mock(ExternalIdentityRef.class));
+ when(idp.getDeclaredMemberRefs(ref, "dn")).thenReturn(memberRefs);
+
+ Collection<ExternalIdentityRef> expected = memberRefs.values();
+ assertEquals(expected, ((LdapGroup) identity).getDeclaredMembers());
+ // result must be cached.... second invokation doesn't reach idp
+ assertEquals(expected, ((LdapGroup) identity).getDeclaredMembers());
+
+ verify(idp).getDeclaredMemberRefs(ref, "dn");
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapGroupTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityPropertiesTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityPropertiesTest.java?rev=1883834&r1=1883833&r2=1883834&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityPropertiesTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityPropertiesTest.java
Thu Nov 26 10:01:18 2020
@@ -28,7 +28,7 @@ import static org.junit.Assert.assertTru
public class LdapIdentityPropertiesTest {
- private LdapIdentityProperties properties = new LdapIdentityProperties();
+ private final LdapIdentityProperties properties = new
LdapIdentityProperties();
@Before
public void before() {
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProviderOsgiTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProviderOsgiTest.java?rev=1883834&r1=1883833&r2=1883834&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProviderOsgiTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProviderOsgiTest.java
Thu Nov 26 10:01:18 2020
@@ -18,7 +18,6 @@ package org.apache.jackrabbit.oak.securi
import javax.jcr.GuestCredentials;
-import org.apache.jackrabbit.oak.security.authentication.ldap.LdapProviderTest;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import org.apache.sling.testing.mock.osgi.junit.OsgiContext;
@@ -29,6 +28,7 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
public class LdapIdentityProviderOsgiTest {
@@ -63,7 +63,7 @@ public class LdapIdentityProviderOsgiTes
}
@Test
- public void testGetIdentityForeingRef() throws Exception {
+ public void testGetIdentityForeignRef() throws Exception {
ExternalIdentityRef ref = new ExternalIdentityRef("id", "anotherName");
assertNull(provider.getIdentity(ref));
}
@@ -71,13 +71,13 @@ public class LdapIdentityProviderOsgiTes
@Test
public void testGetDeclaredGroupRefsForeignRef() throws Exception {
ExternalIdentityRef ref = new ExternalIdentityRef("id", "anotherName");
- assertTrue(provider.getDeclaredGroupRefs(ref,
LdapProviderTest.TEST_USER1_DN).isEmpty());
+ assertTrue(provider.getDeclaredGroupRefs(ref,
AbstractLdapIdentityProviderTest.TEST_USER1_DN).isEmpty());
}
@Test
public void testGetDeclaredMemberRefsForeignRef() throws Exception {
ExternalIdentityRef ref = new ExternalIdentityRef("id", "anotherName");
- assertTrue(provider.getDeclaredMemberRefs(ref,
LdapProviderTest.TEST_GROUP1_DN).isEmpty());
+ assertTrue(provider.getDeclaredMemberRefs(ref,
AbstractLdapIdentityProviderTest.TEST_GROUP1_DN).isEmpty());
}
@Test(expected = ExternalIdentityException.class)
@@ -99,4 +99,14 @@ public class LdapIdentityProviderOsgiTes
public void testListUsersMissingConnections() throws Exception {
provider.listUsers().hasNext();
}
+
+ @Test
+ public void testDuplicateInit() {
+ try {
+ context.registerInjectActivateService(provider);
+ fail();
+ } catch (Exception e) {
+ assertTrue(e.getCause() instanceof IllegalStateException);
+ }
+ }
}
\ No newline at end of file
Added:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityTest.java?rev=1883834&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityTest.java
(added)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityTest.java
Thu Nov 26 10:01:18 2020
@@ -0,0 +1,82 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.authentication.ldap.impl;
+
+import com.google.common.collect.ImmutableMap;
+import org.apache.directory.api.ldap.model.entry.Entry;
+import org.apache.directory.api.ldap.model.name.Dn;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Test;
+import org.mockito.invocation.InvocationOnMock;
+
+import java.util.Collection;
+import java.util.Map;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.withSettings;
+
+public class LdapIdentityTest {
+
+ final LdapIdentityProvider idp = mock(LdapIdentityProvider.class);
+ final String id = "id";
+ final ExternalIdentityRef ref = new ExternalIdentityRef(id,
"providerName");
+ final String path = "intermediate/path";
+ final Entry entry = mock(Entry.class);
+
+ final LdapIdentity identity = mockIdentity(idp, ref, id, path, entry);
+
+ LdapIdentity mockIdentity(@NotNull LdapIdentityProvider idp, @NotNull
ExternalIdentityRef ref, @NotNull String id, @NotNull String path, @NotNull
Entry entry) {
+ return mock(LdapIdentity.class, withSettings().useConstructor(idp,
ref, id, path, entry).defaultAnswer(InvocationOnMock::callRealMethod));
+ }
+
+ @Test
+ public void testGetProperties() {
+ assertNotNull(identity.getProperties());
+ assertTrue(identity.getProperties().isEmpty());
+ }
+
+ @Test
+ public void testGetDeclaredGroups() throws Exception {
+ Dn dn = when(mock(Dn.class).getName()).thenReturn("dn").getMock();
+ when(entry.getDn()).thenReturn(dn);
+
+ Map<String, ExternalIdentityRef> groupRefs = ImmutableMap.of("gr",
mock(ExternalIdentityRef.class));
+ when(idp.getDeclaredGroupRefs(ref, "dn")).thenReturn(groupRefs);
+
+ Collection<ExternalIdentityRef> expected = groupRefs.values();
+ assertEquals(expected, identity.getDeclaredGroups());
+ // result must be cached.... second invokation doesn't reach idp
+ assertEquals(expected, identity.getDeclaredGroups());
+
+ verify(idp).getDeclaredGroupRefs(ref, "dn");
+ }
+
+ @Test
+ public void testToString() {
+ String s = identity.toString();
+ assertNotNull(s);
+ assertEquals(s, mock(LdapIdentity.class,
withSettings().useConstructor(null, ref, id, null,
null).defaultAnswer(InvocationOnMock::callRealMethod)).toString());
+ assertNotEquals(s, mock(LdapIdentity.class,
withSettings().useConstructor(idp, ref, "otherId", path,
entry).defaultAnswer(InvocationOnMock::callRealMethod)).toString());
+ }
+}
\ No newline at end of file
Propchange:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfigTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfigTest.java?rev=1883834&r1=1883833&r2=1883834&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfigTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfigTest.java
Thu Nov 26 10:01:18 2020
@@ -22,8 +22,15 @@ import org.junit.Test;
import java.util.HashMap;
import java.util.Map;
+import static
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig.PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME;
+import static
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig.PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS;
+import static
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig.PARAM_SEARCH_TIMEOUT_DEFAULT;
+import static
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig.PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME;
+import static
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig.PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
public class LdapProviderConfigTest {
@@ -47,9 +54,6 @@ public class LdapProviderConfigTest {
@Test
public void testOfAllConfigurationParameters() {
-
- Map<String, Object> params = new HashMap<>();
-
String testName = "testname";
String testLdapHost = "testhost.org";
int testLdapPort = LdapProviderConfig.PARAM_LDAP_PORT_DEFAULT + 1;
@@ -64,34 +68,7 @@ public class LdapProviderConfigTest {
String[] testCustomAttributes = new String[] {"a","b","c"};
String testGroupMemberAttribute = "testMemberAttr";
- boolean testAdminPoolLookupOnValidate =
!LdapProviderConfig.PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE_DEFAULT;
- int testAdminPoolMaxActive =
LdapProviderConfig.PARAM_ADMIN_POOL_MAX_ACTIVE_DEFAULT + 1;
- String testAdminPoolMinEvictableIdleTime = "2d 2h 2m 2s 2ms";
- long testAdminPoolMinEvictableIdleTimeMs = 2 * (1 + 1000 * (1 + 60 *
(1 + 60 * (1 + 24))));
- String testAdminPoolTimeBetweenEvictionRuns = "3d 3h 3m 3s 3ms";
- long testAdminPoolTimeBetweenEvictionRunsMs = 3 * (1 + 1000 * (1 + 60
* (1 + 60 * (1 + 24))));
- int testAdminPoolNumTestsPerEvictionRun =
LdapProviderConfig.PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT + 1;
-
- boolean testUserPoolLookupOnValidate =
!LdapProviderConfig.PARAM_USER_POOL_LOOKUP_ON_VALIDATE_DEFAULT;
- int testUserPoolMaxActive =
LdapProviderConfig.PARAM_USER_POOL_MAX_ACTIVE_DEFAULT + 2;
- String testUserPoolMinEvictableIdleTime = "4d 4h 4m 4s 4ms";
- long testUserPoolMinEvictableIdleTimeMs = 4 * (1 + 1000 * (1 + 60 * (1
+ 60 * (1 + 24))));
- String testUserPoolTimeBetweenEvictionRuns = "5d 5h 5m 5s 5ms";
- long testUserPoolTimeBetweenEvictionRunsMs = 5 * (1 + 1000 * (1 + 60 *
(1 + 60 * (1 + 24))));
- int testUserPoolNumTestsPerEvictionRun =
LdapProviderConfig.PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT + 2;
-
- String testUserBaseDn = "ou=people,dc=org";
- String[] testUserObjectClass = new String[] {"inetOrgPerson"};
- String testUserIdAttribute = "foo";
- String testUserExtraFilter = "(cn=*)";
- boolean testUserMakeDnPath =
!LdapProviderConfig.PARAM_USER_MAKE_DN_PATH_DEFAULT;
-
- String testGroupBaseDn = "ou=groups,dc=org";
- String[] testGroupObjectClass = new String[] {"posixGroup"};
- String testGroupNameAttribute = "bar";
- String testGroupExtraFilter = "(ou=*)";
- boolean testGroupMakeDnPath =
!LdapProviderConfig.PARAM_GROUP_MAKE_DN_PATH_DEFAULT;
-
+ Map<String, Object> params = new HashMap<>();
params.put(LdapProviderConfig.PARAM_NAME, testName);
params.put(LdapProviderConfig.PARAM_LDAP_HOST, testLdapHost);
params.put(LdapProviderConfig.PARAM_LDAP_PORT, testLdapPort);
@@ -105,30 +82,6 @@ public class LdapProviderConfigTest {
params.put(LdapProviderConfig.PARAM_CUSTOM_ATTRIBUTES,
testCustomAttributes);
params.put(LdapProviderConfig.PARAM_GROUP_MEMBER_ATTRIBUTE,
testGroupMemberAttribute);
- params.put(LdapProviderConfig.PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE,
testAdminPoolLookupOnValidate);
- params.put(LdapProviderConfig.PARAM_ADMIN_POOL_MAX_ACTIVE,
testAdminPoolMaxActive);
-
params.put(LdapProviderConfig.PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME,
testAdminPoolMinEvictableIdleTime);
-
params.put(LdapProviderConfig.PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS,
testAdminPoolTimeBetweenEvictionRuns);
-
params.put(LdapProviderConfig.PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN,
testAdminPoolNumTestsPerEvictionRun);
-
- params.put(LdapProviderConfig.PARAM_USER_POOL_LOOKUP_ON_VALIDATE,
testUserPoolLookupOnValidate);
- params.put(LdapProviderConfig.PARAM_USER_POOL_MAX_ACTIVE,
testUserPoolMaxActive);
- params.put(LdapProviderConfig.PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME,
testUserPoolMinEvictableIdleTime);
-
params.put(LdapProviderConfig.PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS,
testUserPoolTimeBetweenEvictionRuns);
-
params.put(LdapProviderConfig.PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN,
testUserPoolNumTestsPerEvictionRun);
-
- params.put(LdapProviderConfig.PARAM_USER_BASE_DN, testUserBaseDn);
- params.put(LdapProviderConfig.PARAM_USER_OBJECTCLASS,
testUserObjectClass);
- params.put(LdapProviderConfig.PARAM_USER_ID_ATTRIBUTE,
testUserIdAttribute);
- params.put(LdapProviderConfig.PARAM_USER_EXTRA_FILTER,
testUserExtraFilter);
- params.put(LdapProviderConfig.PARAM_USER_MAKE_DN_PATH,
testUserMakeDnPath);
-
- params.put(LdapProviderConfig.PARAM_GROUP_BASE_DN, testGroupBaseDn);
- params.put(LdapProviderConfig.PARAM_GROUP_OBJECTCLASS,
testGroupObjectClass);
- params.put(LdapProviderConfig.PARAM_GROUP_NAME_ATTRIBUTE,
testGroupNameAttribute);
- params.put(LdapProviderConfig.PARAM_GROUP_EXTRA_FILTER,
testGroupExtraFilter);
- params.put(LdapProviderConfig.PARAM_GROUP_MAKE_DN_PATH,
testGroupMakeDnPath);
-
LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(params));
assertEquals(testName, config.getName());
assertEquals(testLdapHost, config.getHostname());
@@ -142,28 +95,122 @@ public class LdapProviderConfigTest {
assertEquals(testUseUidForExtId, config.getUseUidForExtId());
assertArrayEquals(testCustomAttributes, config.getCustomAttributes());
assertEquals(testGroupMemberAttribute,
config.getGroupMemberAttribute());
+ }
+ @Test
+ public void testAdminPoolConfig() {
+ boolean testAdminPoolLookupOnValidate =
!LdapProviderConfig.PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE_DEFAULT;
+ int testAdminPoolMaxActive =
LdapProviderConfig.PARAM_ADMIN_POOL_MAX_ACTIVE_DEFAULT + 1;
+ String testAdminPoolMinEvictableIdleTime = "2d 2h 2m 2s 2ms";
+ long testAdminPoolMinEvictableIdleTimeMs = 2 * (1 + 1000 * (1 + 60 *
(1 + 60 * (1 + 24))));
+ String testAdminPoolTimeBetweenEvictionRuns = "3d 3h 3m 3s 3ms";
+ long testAdminPoolTimeBetweenEvictionRunsMs = 3 * (1 + 1000 * (1 + 60
* (1 + 60 * (1 + 24))));
+ int testAdminPoolNumTestsPerEvictionRun =
LdapProviderConfig.PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT + 1;
+
+ Map<String, Object> params = new HashMap<>();
+ params.put(LdapProviderConfig.PARAM_ADMIN_POOL_LOOKUP_ON_VALIDATE,
testAdminPoolLookupOnValidate);
+ params.put(LdapProviderConfig.PARAM_ADMIN_POOL_MAX_ACTIVE,
testAdminPoolMaxActive);
+ params.put(PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME,
testAdminPoolMinEvictableIdleTime);
+ params.put(PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS,
testAdminPoolTimeBetweenEvictionRuns);
+
params.put(LdapProviderConfig.PARAM_ADMIN_POOL_NUM_TESTS_PER_EVICTION_RUN,
testAdminPoolNumTestsPerEvictionRun);
+
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(params));
LdapProviderConfig.PoolConfig adminPoolConfig =
config.getAdminPoolConfig();
assertEquals(testAdminPoolLookupOnValidate,
adminPoolConfig.lookupOnValidate());
assertEquals(testAdminPoolMaxActive, adminPoolConfig.getMaxActive());
assertEquals(testAdminPoolMinEvictableIdleTimeMs,
adminPoolConfig.getMinEvictableIdleTimeMillis());
assertEquals(testAdminPoolTimeBetweenEvictionRunsMs,
adminPoolConfig.getTimeBetweenEvictionRunsMillis());
assertEquals(testAdminPoolNumTestsPerEvictionRun,
adminPoolConfig.getNumTestsPerEvictionRun());
+ }
+
+ @Test
+ public void testInvalidAdminPoolTime() {
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(
+ PARAM_ADMIN_POOL_MIN_EVICTABLE_IDLE_TIME, "invalid",
+ PARAM_ADMIN_POOL_TIME_BETWEEN_EVICTION_RUNS, "invalid"));
+
+ LdapProviderConfig.PoolConfig adminPoolConfig =
config.getAdminPoolConfig();
+ assertEquals(0, adminPoolConfig.getMinEvictableIdleTimeMillis());
+ assertEquals(0, adminPoolConfig.getTimeBetweenEvictionRunsMillis());
+ }
+
+ @Test
+ public void testUserPoolConfig() {
+ boolean testUserPoolLookupOnValidate =
!LdapProviderConfig.PARAM_USER_POOL_LOOKUP_ON_VALIDATE_DEFAULT;
+ int testUserPoolMaxActive =
LdapProviderConfig.PARAM_USER_POOL_MAX_ACTIVE_DEFAULT + 2;
+ String testUserPoolMinEvictableIdleTime = "4d 4h 4m 4s 4ms";
+ long testUserPoolMinEvictableIdleTimeMs = 4 * (1 + 1000 * (1 + 60 * (1
+ 60 * (1 + 24))));
+ String testUserPoolTimeBetweenEvictionRuns = "5d 5h 5m 5s 5ms";
+ long testUserPoolTimeBetweenEvictionRunsMs = 5 * (1 + 1000 * (1 + 60 *
(1 + 60 * (1 + 24))));
+ int testUserPoolNumTestsPerEvictionRun =
LdapProviderConfig.PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN_DEFAULT + 2;
+
+ Map<String, Object> params = new HashMap<>();
+ params.put(LdapProviderConfig.PARAM_USER_POOL_LOOKUP_ON_VALIDATE,
testUserPoolLookupOnValidate);
+ params.put(LdapProviderConfig.PARAM_USER_POOL_MAX_ACTIVE,
testUserPoolMaxActive);
+ params.put(LdapProviderConfig.PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME,
testUserPoolMinEvictableIdleTime);
+
params.put(LdapProviderConfig.PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS,
testUserPoolTimeBetweenEvictionRuns);
+
params.put(LdapProviderConfig.PARAM_USER_POOL_NUM_TESTS_PER_EVICTION_RUN,
testUserPoolNumTestsPerEvictionRun);
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(params));
LdapProviderConfig.PoolConfig userPoolConfig =
config.getUserPoolConfig();
assertEquals(testUserPoolLookupOnValidate,
userPoolConfig.lookupOnValidate());
assertEquals(testUserPoolMaxActive, userPoolConfig.getMaxActive());
assertEquals(testUserPoolMinEvictableIdleTimeMs,
userPoolConfig.getMinEvictableIdleTimeMillis());
assertEquals(testUserPoolTimeBetweenEvictionRunsMs,
userPoolConfig.getTimeBetweenEvictionRunsMillis());
assertEquals(testUserPoolNumTestsPerEvictionRun,
userPoolConfig.getNumTestsPerEvictionRun());
+ }
+
+ @Test
+ public void testInvalidUserPoolTime() {
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(
+ PARAM_USER_POOL_MIN_EVICTABLE_IDLE_TIME, "invalid",
+ PARAM_USER_POOL_TIME_BETWEEN_EVICTION_RUNS, "invalid"));
+ LdapProviderConfig.PoolConfig userPoolConfig =
config.getUserPoolConfig();
+ assertEquals(0, userPoolConfig.getMinEvictableIdleTimeMillis());
+ assertEquals(0, userPoolConfig.getTimeBetweenEvictionRunsMillis());
+ }
+
+ @Test
+ public void testUserConfig() {
+ String testUserBaseDn = "ou=people,dc=org";
+ String[] testUserObjectClass = new String[] {"inetOrgPerson"};
+ String testUserIdAttribute = "foo";
+ String testUserExtraFilter = "(cn=*)";
+ boolean testUserMakeDnPath =
!LdapProviderConfig.PARAM_USER_MAKE_DN_PATH_DEFAULT;
+
+ Map<String, Object> params = new HashMap<>();
+ params.put(LdapProviderConfig.PARAM_USER_BASE_DN, testUserBaseDn);
+ params.put(LdapProviderConfig.PARAM_USER_OBJECTCLASS,
testUserObjectClass);
+ params.put(LdapProviderConfig.PARAM_USER_ID_ATTRIBUTE,
testUserIdAttribute);
+ params.put(LdapProviderConfig.PARAM_USER_EXTRA_FILTER,
testUserExtraFilter);
+ params.put(LdapProviderConfig.PARAM_USER_MAKE_DN_PATH,
testUserMakeDnPath);
+
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(params));
LdapProviderConfig.Identity userConfig = config.getUserConfig();
assertEquals(testUserBaseDn, userConfig.getBaseDN());
assertArrayEquals(testUserObjectClass, userConfig.getObjectClasses());
assertEquals(testUserIdAttribute, userConfig.getIdAttribute());
assertEquals(testUserExtraFilter, userConfig.getExtraFilter());
assertEquals(testUserMakeDnPath, userConfig.makeDnPath());
+ }
+
+ @Test
+ public void testGroupConfig() {
+ String testGroupBaseDn = "ou=groups,dc=org";
+ String[] testGroupObjectClass = new String[] {"posixGroup"};
+ String testGroupNameAttribute = "bar";
+ String testGroupExtraFilter = "(ou=*)";
+ boolean testGroupMakeDnPath =
!LdapProviderConfig.PARAM_GROUP_MAKE_DN_PATH_DEFAULT;
+
+ Map<String, Object> params = new HashMap<>();
+ params.put(LdapProviderConfig.PARAM_GROUP_BASE_DN, testGroupBaseDn);
+ params.put(LdapProviderConfig.PARAM_GROUP_OBJECTCLASS,
testGroupObjectClass);
+ params.put(LdapProviderConfig.PARAM_GROUP_NAME_ATTRIBUTE,
testGroupNameAttribute);
+ params.put(LdapProviderConfig.PARAM_GROUP_EXTRA_FILTER,
testGroupExtraFilter);
+ params.put(LdapProviderConfig.PARAM_GROUP_MAKE_DN_PATH,
testGroupMakeDnPath);
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(params));
LdapProviderConfig.Identity groupConfig = config.getGroupConfig();
assertEquals(testGroupBaseDn, groupConfig.getBaseDN());
assertArrayEquals(testGroupObjectClass,
groupConfig.getObjectClasses());
@@ -173,19 +220,36 @@ public class LdapProviderConfigTest {
}
@Test
+ public void testIdentityGetSearchFilter() {
+ String extrafilter = "(ou=*)";
+ LdapProviderConfig.Identity identity =
LdapProviderConfig.of(ConfigurationParameters.EMPTY).getUserConfig();
+ identity.setExtraFilter(extrafilter);
+ assertTrue(identity.getSearchFilter("id").contains(extrafilter));
+
+ identity.setExtraFilter("");
+ assertFalse(identity.getSearchFilter("id").contains(extrafilter));
+
+ identity.setExtraFilter(null);
+ assertFalse(identity.getSearchFilter("id").contains(extrafilter));
+ }
+
+ @Test
public void testGetMemberOfSearchFilter() {
- Map<String, Object> params = new HashMap<>();
- LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(params));
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.EMPTY);
assertEquals("(&(" +
LdapProviderConfig.PARAM_GROUP_MEMBER_ATTRIBUTE_DEFAULT +
"=cn=bar)(objectclass=" + LdapProviderConfig.PARAM_GROUP_OBJECTCLASS_DEFAULT[0]
+ "))",
config.getMemberOfSearchFilter("cn=bar"));
+
+ Map<String, Object> params = new HashMap<>();
params.put(LdapProviderConfig.PARAM_GROUP_MEMBER_ATTRIBUTE, "foo");
config = LdapProviderConfig.of(ConfigurationParameters.of(params));
assertEquals("(&(foo=cn=bar)(objectclass=" +
LdapProviderConfig.PARAM_GROUP_OBJECTCLASS_DEFAULT[0] + "))",
config.getMemberOfSearchFilter("cn=bar"));
+
params.put(LdapProviderConfig.PARAM_GROUP_OBJECTCLASS, new String[]
{"posixGroup"});
config = LdapProviderConfig.of(ConfigurationParameters.of(params));
assertEquals("(&(foo=cn=bar)(objectclass=posixGroup))",
config.getMemberOfSearchFilter("cn=bar"));
+
params.put(LdapProviderConfig.PARAM_GROUP_OBJECTCLASS, new String[]
{"posixGroup", "groupOfUniqueNames"});
config = LdapProviderConfig.of(ConfigurationParameters.of(params));
assertEquals("(&(foo=cn=bar)(objectclass=posixGroup)(objectclass=groupOfUniqueNames))",
@@ -193,6 +257,20 @@ public class LdapProviderConfigTest {
}
@Test
+ public void testGetMemberOfSearchFilterWithExtrafilter() {
+ String extrafilter = "(ou=*)";
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.EMPTY);
+ config.getGroupConfig().setExtraFilter(extrafilter);
+ assertTrue(config.getMemberOfSearchFilter("dn").contains(extrafilter));
+
+ config.getGroupConfig().setExtraFilter("");
+
assertFalse(config.getMemberOfSearchFilter("dn").contains(extrafilter));
+
+ config.getGroupConfig().setExtraFilter(null);
+
assertFalse(config.getMemberOfSearchFilter("dn").contains(extrafilter));
+ }
+
+ @Test
public void testEncodeFilterValueNormal() {
//test a value that doesn't need escaping (see RFC4515 chapter 3)
StringBuilder builder = new StringBuilder();
@@ -222,4 +300,18 @@ public class LdapProviderConfigTest {
String encodedValue = "\\00\\2A\\28\\29\\5C";
assertEquals(encodedValue,
LdapProviderConfig.encodeFilterValue(value));
}
+
+ @Test
+ public void testMixedEncodeFilterValueEscaped() {
+ //test the encoding of character that need escaping (see RFC4515
chapter 3)
+ String value = "\u0000*()\\abc";
+ String encodedValue = "\\00\\2A\\28\\29\\5Cabc";
+ assertEquals(encodedValue,
LdapProviderConfig.encodeFilterValue(value));
+ }
+
+ @Test
+ public void testInvalidSearchTimeout() {
+ LdapProviderConfig config =
LdapProviderConfig.of(ConfigurationParameters.of(LdapProviderConfig.PARAM_SEARCH_TIMEOUT,
"invalid"));
+
assertEquals(ConfigurationParameters.Milliseconds.of(PARAM_SEARCH_TIMEOUT_DEFAULT).value,
config.getSearchTimeout());
+ }
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactoryTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactoryTest.java?rev=1883834&r1=1883833&r2=1883834&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactoryTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/PoolableUnboundConnectionFactoryTest.java
Thu Nov 26 10:01:18 2020
@@ -16,18 +16,39 @@
*/
package org.apache.jackrabbit.oak.security.authentication.ldap.impl;
+import org.apache.commons.pool2.impl.DefaultPooledObject;
+import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapConnectionValidator;
+import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.ldap.client.api.LookupLdapConnectionValidator;
+import
org.apache.jackrabbit.oak.security.authentication.ldap.LdapServerClassLoader;
+import org.jetbrains.annotations.NotNull;
+import org.junit.BeforeClass;
import org.junit.Test;
-import org.mockito.Mockito;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.verifyNoInteractions;
+import static org.mockito.Mockito.when;
public class PoolableUnboundConnectionFactoryTest {
- PoolableUnboundConnectionFactory factory = new
PoolableUnboundConnectionFactory(new LdapConnectionConfig());
+ private static LdapServerClassLoader.Proxy PROXY;
+
+ private final LdapConnectionConfig config = spy(new
LdapConnectionConfig());
+ private final PoolableUnboundConnectionFactory factory = new
PoolableUnboundConnectionFactory(config);
+
+ @BeforeClass
+ public static void beforeClass() throws Exception {
+ LdapServerClassLoader serverClassLoader =
LdapServerClassLoader.createServerClassLoader();
+ PROXY = serverClassLoader.createAndSetupServer();
+ }
@Test
public void testGetValidator() {
@@ -37,9 +58,88 @@ public class PoolableUnboundConnectionFa
@Test
public void testSetValidator() {
- LdapConnectionValidator validator =
Mockito.mock(LdapConnectionValidator.class);
+ LdapConnectionValidator validator =
mock(LdapConnectionValidator.class);
factory.setValidator(validator);
assertEquals(validator, factory.getValidator());
}
+
+ @Test
+ public void testActivateObject() {
+ LdapConnection lc = mock(LdapConnection.class);
+ factory.activateObject(lc);
+
+ verifyNoInteractions(lc);
+ verifyNoInteractions(config);
+ }
+
+ @Test
+ public void testDestroyObject() throws Exception {
+ LdapConnection lc = mock(LdapConnection.class);
+ factory.destroyObject(lc);
+
+ verify(lc).close();
+ verifyNoInteractions(config);
+ }
+
+ @Test
+ public void testCreate() throws Exception {
+ when(config.getLdapHost()).thenReturn(PROXY.host);
+ when(config.getLdapPort()).thenReturn(PROXY.port);
+
+ when(config.isUseTls()).thenReturn(false);
+ assertConnection(factory.create(), false);
+ }
+
+ @Test
+ public void testCreateTlsGuardingConnection() throws Exception {
+ when(config.getLdapHost()).thenReturn(PROXY.host);
+ when(config.getLdapPort()).thenReturn(PROXY.port);
+
+ when(config.isUseTls()).thenReturn(true);
+ LdapConnection lc = factory.create();
+ assertConnection(lc, true);
+ }
+
+ private static void assertConnection(@NotNull LdapConnection lc, boolean
expectTlsGuardingConnection) {
+ assertTrue(lc instanceof LdapNetworkConnection);
+ assertEquals(expectTlsGuardingConnection,
lc.getClass().getSimpleName().equals("TlsGuardingConnection"));
+ }
+
+ @Test
+ public void testWrap() {
+ LdapConnection lc = mock(LdapConnection.class);
+ assertTrue(factory.wrap(lc) instanceof DefaultPooledObject);
+ verifyNoInteractions(lc);
+ }
+
+ @Test
+ public void testPassivateObject() {
+ LdapConnection lc = mock(LdapConnection.class);
+ factory.passivateObject(lc);
+ verifyNoInteractions(lc);
+ }
+
+ @Test
+ public void testValidateObjectMissingValidator() {
+ LdapConnection lc = mock(LdapConnection.class);
+
+ factory.setValidator(null);
+ assertTrue(factory.validateObject(lc));
+ verifyNoInteractions(lc);
+ }
+
+ @Test
+ public void testValidateObjectWithValidator() {
+ LdapConnection lc = mock(LdapConnection.class);
+
+ LdapConnectionValidator validator =
mock(LdapConnectionValidator.class);
+ factory.setValidator(validator);
+ assertFalse(factory.validateObject(lc));
+
+ when(validator.validate(lc)).thenReturn(true);
+ assertTrue(factory.validateObject(lc));
+
+ verify(validator, times(2)).validate(lc);
+ }
}
\ No newline at end of file
