diff options
author | bjormel <bjormel@yahooinc.com> | 2023-10-01 12:23:12 +0000 |
---|---|---|
committer | bjormel <bjormel@yahooinc.com> | 2023-10-01 12:23:12 +0000 |
commit | e9058b555d4dfea2f6c872d9a677e8678b569569 (patch) | |
tree | fa1b67c6e39712c1e0d9f308b0dd55573b43f913 /jdisc-security-filters/src | |
parent | 0ad931fa86658904fe9212b014d810236b0e00e4 (diff) | |
parent | 16030193ec04ee41e98779a3d7ee6a6c1d0d0d6f (diff) |
Merge branch 'master' into bjormel/aws-main-controller
Diffstat (limited to 'jdisc-security-filters/src')
2 files changed, 111 insertions, 0 deletions
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudTokenDataPlaneHandler.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudTokenDataPlaneHandler.java new file mode 100644 index 00000000000..09cf2abdbd3 --- /dev/null +++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cloud/CloudTokenDataPlaneHandler.java @@ -0,0 +1,55 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.jdisc.http.filter.security.cloud; + +import com.yahoo.component.annotation.Inject; +import com.yahoo.container.jdisc.HttpRequest; +import com.yahoo.container.jdisc.HttpResponse; +import com.yahoo.container.jdisc.ThreadedHttpRequestHandler; +import com.yahoo.jdisc.http.filter.security.cloud.config.CloudTokenDataPlaneFilterConfig; +import com.yahoo.jdisc.http.filter.security.cloud.config.CloudTokenDataPlaneFilterConfig.Clients.Tokens; +import com.yahoo.restapi.SlimeJsonResponse; +import com.yahoo.slime.Cursor; + +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.TreeMap; +import java.util.TreeSet; +import java.util.concurrent.Executor; + +import static java.util.stream.Collectors.flatMapping; +import static java.util.stream.Collectors.groupingBy; +import static java.util.stream.Collectors.toCollection; +import static java.util.stream.Collectors.toList; +import static java.util.stream.Collectors.toMap; + +/** + * @author jonmv + */ +public class CloudTokenDataPlaneHandler extends ThreadedHttpRequestHandler { + + private final Map<String, Set<String>> tokens; + + @Inject + public CloudTokenDataPlaneHandler(CloudTokenDataPlaneFilterConfig config, Executor executor) { + super(executor); + tokens = new TreeMap<>(config.clients().stream() + .flatMap(client -> client.tokens().stream()) + .collect(groupingBy(Tokens::id, + flatMapping(token -> token.fingerprints().stream(), + toCollection(TreeSet::new))))); + } + + @Override + public HttpResponse handle(HttpRequest request) { + return new SlimeJsonResponse() {{ + Cursor tokensArray = slime.setObject().setArray("tokens"); + tokens.forEach((id, fingerprints) -> { + Cursor tokenObject = tokensArray.addObject(); + tokenObject.setString("id", id); + fingerprints.forEach(tokenObject.setArray("fingerprints")::addString); + }); + }}; + } + +} diff --git a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/cloud/CloudTokenDataPlaneHandlerTest.java b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/cloud/CloudTokenDataPlaneHandlerTest.java new file mode 100644 index 00000000000..c066dae6dca --- /dev/null +++ b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/cloud/CloudTokenDataPlaneHandlerTest.java @@ -0,0 +1,56 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.jdisc.http.filter.security.cloud; + +import com.yahoo.container.jdisc.HttpResponse; +import com.yahoo.jdisc.http.filter.security.cloud.config.CloudTokenDataPlaneFilterConfig.Builder; +import com.yahoo.jdisc.http.filter.security.cloud.config.CloudTokenDataPlaneFilterConfig.Clients; +import com.yahoo.jdisc.http.filter.security.cloud.config.CloudTokenDataPlaneFilterConfig.Clients.Tokens; +import org.junit.jupiter.api.Test; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.List; + +import static com.yahoo.container.jdisc.HttpRequest.createTestRequest; +import static com.yahoo.jdisc.http.HttpRequest.Method.GET; +import static java.nio.charset.StandardCharsets.UTF_8; +import static org.junit.jupiter.api.Assertions.assertEquals; + +/** + * @author jonmv + */ +public class CloudTokenDataPlaneHandlerTest { + + @Test + void testFingerprints() throws IOException { + CloudTokenDataPlaneHandler handler = new CloudTokenDataPlaneHandler( + new Builder().tokenContext("context") + .clients(new Clients.Builder().id("client1") + .permissions("read") + .tokens(new Tokens.Builder().id("id1") + .fingerprints(List.of("pinky", "ring", "middle", "index", "thumb")) + .checkAccessHashes(List.of("a", "b", "c", "d", "e")) + .expirations(List.of("<none>", "<none>", "<none>", "<none>", "<none>"))) + .tokens(new Tokens.Builder().id("id2") + .fingerprints("toasty") + .checkAccessHashes("hash") + .expirations("<none>"))) + .clients(new Clients.Builder().id("client2") + .permissions("write") + .tokens(new Tokens.Builder().id("id2") + .fingerprints("toasty") + .checkAccessHashes("hash") + .expirations("<none>"))) + .build(), + Runnable::run + ); + + HttpResponse response = handler.handle(createTestRequest("", GET)); + assertEquals(200, + response.getStatus()); + assertEquals(""" + {"tokens":[{"id":"id1","fingerprints":["index","middle","pinky","ring","thumb"]},{"id":"id2","fingerprints":["toasty"]}]}""", + new ByteArrayOutputStream() {{ response.render(this); }}.toString(UTF_8)); + } + +} |