public async Task ACL_CreateDestroy() { Skip.If(string.IsNullOrEmpty(ConsulRoot)); var client = new ConsulClient((c) => { c.Token = ConsulRoot; }); var aclEntry = new ACLEntry() { Name = "API Test", Type = ACLType.Client, Rules = "key \"\" { policy = \"deny\" }" }; var res = await client.ACL.Create(aclEntry); var id = res.Response; Assert.NotEqual(TimeSpan.Zero, res.RequestTime); Assert.False(string.IsNullOrEmpty(res.Response)); var aclEntry2 = await client.ACL.Info(id); Assert.NotNull(aclEntry2.Response); Assert.Equal(aclEntry2.Response.Name, aclEntry.Name); Assert.Equal(aclEntry2.Response.Type, aclEntry.Type); Assert.Equal(aclEntry2.Response.Rules, aclEntry.Rules); Assert.True((await client.ACL.Destroy(id)).Response); }
public void ACL_CreateDestroy() { if (string.IsNullOrEmpty(ConsulRoot)) { Assert.Inconclusive(); } var client = new Client(new ConsulClientConfiguration() { Token = ConsulRoot }); var aclEntry = new ACLEntry() { Name = "API Test", Type = ACLType.Client, Rules = "key \"\" { policy = \"deny\" }" }; var res = client.ACL.Create(aclEntry); var id = res.Response; Assert.AreNotEqual(0, res.RequestTime.TotalMilliseconds); Assert.IsFalse(string.IsNullOrEmpty(res.Response)); var aclEntry2 = client.ACL.Info(id); Assert.IsNotNull(aclEntry2.Response); Assert.AreEqual(aclEntry2.Response.Name, aclEntry.Name); Assert.AreEqual(aclEntry2.Response.Type, aclEntry.Type); Assert.AreEqual(aclEntry2.Response.Rules, aclEntry.Rules); Assert.IsTrue(client.ACL.Destroy(id).Response); }
public void ACL_CreateDestroy() { if (string.IsNullOrEmpty(ConsulRoot)) { Assert.Inconclusive(); } var client = new Client(new ConsulClientConfiguration() {Token = ConsulRoot}); var aclEntry = new ACLEntry() { Name = "API Test", Type = ACLType.Client, Rules = "key \"\" { policy = \"deny\" }" }; var res = client.ACL.Create(aclEntry); var id = res.Response; Assert.AreNotEqual(0, res.RequestTime.TotalMilliseconds); Assert.IsFalse(string.IsNullOrEmpty(res.Response)); var aclEntry2 = client.ACL.Info(id); Assert.IsNotNull(aclEntry2.Response); Assert.AreEqual(aclEntry2.Response.Name, aclEntry.Name); Assert.AreEqual(aclEntry2.Response.Type, aclEntry.Type); Assert.AreEqual(aclEntry2.Response.Rules, aclEntry.Rules); Assert.IsTrue(client.ACL.Destroy(id).Response); }
public async Task ACL_CreateDestroy() { Skip.If(string.IsNullOrEmpty(ConsulRoot)); var client = new ConsulClient(new ConsulClientConfiguration() { Token = ConsulRoot }); var aclEntry = new ACLEntry() { Name = "API Test", Type = ACLType.Client, Rules = "key \"\" { policy = \"deny\" }" }; var res = await client.ACL.Create(aclEntry); var id = res.Response; Assert.NotEqual(0, res.RequestTime.TotalMilliseconds); Assert.False(string.IsNullOrEmpty(res.Response)); var aclEntry2 = await client.ACL.Info(id); Assert.NotNull(aclEntry2.Response); Assert.Equal(aclEntry2.Response.Name, aclEntry.Name); Assert.Equal(aclEntry2.Response.Type, aclEntry.Type); Assert.Equal(aclEntry2.Response.Rules, aclEntry.Rules); Assert.True((await client.ACL.Destroy(id)).Response); }
public async Task ACL_CreateDestroyLegacyToken() { Skip.If(string.IsNullOrEmpty(TestHelper.MasterToken)); #pragma warning disable CS0618 // Type or member is obsolete var aclEntry = new ACLEntry { Name = "API Test", Type = ACLType.Client, Rules = "key \"\" { policy = \"deny\" }" }; var res = await _client.ACL.Create(aclEntry); var id = res.Response; Assert.NotEqual(TimeSpan.Zero, res.RequestTime); Assert.False(string.IsNullOrEmpty(res.Response)); var aclEntry2 = await _client.ACL.Info(id); Assert.NotNull(aclEntry2.Response); Assert.Equal(aclEntry2.Response.Name, aclEntry.Name); Assert.Equal(aclEntry2.Response.Type, aclEntry.Type); Assert.Equal(aclEntry2.Response.Rules, aclEntry.Rules); var destroyResponse = await _client.ACL.Destroy(id); Assert.True(destroyResponse.Response); #pragma warning restore CS0618 // Type or member is obsolete }
public bool UpdateReaderKey(Principal caller, FQStreamID stream, ACLEntry entry) { if (logger != null) { logger.Log("UpdateReaderKey request from caller " + caller.ToString() + " for stream " + stream.ToString() + " and principal " + entry.readerName.ToString() + " key version " + entry.keyVersion); } // Authentication is not required for unlisted streams /* * RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); * string callerpubkey = GetPubKey(caller); * if (callerpubkey == null) * return false; * RSA.FromXmlString(callerpubkey); * * Byte[] data = { }; * data = data.Concat(this.GetBytes(caller.HomeId)).ToArray(); * data = data.Concat(this.GetBytes(caller.AppId)).ToArray(); * data = data.Concat(this.GetBytes(stream.HomeId)).ToArray(); * data = data.Concat(this.GetBytes(stream.AppId)).ToArray(); * data = data.Concat(this.GetBytes(stream.StreamId)).ToArray(); * data = data.Concat(this.GetBytes(entry.readerName.HomeId)).ToArray(); * data = data.Concat(this.GetBytes(entry.readerName.AppId)).ToArray(); * data = data.Concat(entry.encKey).ToArray(); * data = data.Concat(entry.IV).ToArray(); * data = data.Concat(this.GetBytes("" + entry.keyVersion)).ToArray(); * * if (RSA.VerifyData(data, new SHA256CryptoServiceProvider(), caller.Auth) == false) * { * if (logger != null) logger.Log("Verification of request failed"); * return false; * } * // */ if (caller.HomeId == stream.HomeId && caller.AppId == stream.AppId) { if (!mdtable.ContainsKey(stream.ToString())) { mdtable[stream.ToString()] = new StreamInfo(stream); } mdtable[stream.ToString()].UpdateReader(entry); return(true); } else { return(false); } }
public async Task ACL_CreateCloneUpdateDestroyLegacyToken() { Skip.If(string.IsNullOrEmpty(TestHelper.MasterToken)); await SkipIfAclNotSupportedAsync(); #pragma warning disable CS0618 // Type or member is obsolete var newAclEntry = new ACLEntry { Name = "API Test", Type = ACLType.Client, Rules = "key \"\" { policy = \"deny\" }" }; var res = await _client.ACL.Create(newAclEntry); var newAclId = res.Response; Assert.NotEqual(TimeSpan.Zero, res.RequestTime); Assert.False(string.IsNullOrEmpty(res.Response)); var cloneRequest = await _client.ACL.Clone(newAclId); var aclID = cloneRequest.Response; var aclEntry = await _client.ACL.Info(aclID); aclEntry.Response.Rules = "key \"\" { policy = \"deny\" }"; await _client.ACL.Update(aclEntry.Response); var aclEntry2 = await _client.ACL.Info(aclID); Assert.Equal("key \"\" { policy = \"deny\" }", aclEntry2.Response.Rules); var id = cloneRequest.Response; Assert.NotEqual(TimeSpan.Zero, cloneRequest.RequestTime); Assert.False(string.IsNullOrEmpty(aclID)); var destroyNewAclEntry = await _client.ACL.Destroy(newAclId); Assert.True(destroyNewAclEntry.Response); var destroyClonedAclEntry = await _client.ACL.Destroy(id); Assert.True(destroyClonedAclEntry.Response); #pragma warning restore CS0618 // Type or member is obsolete }
public async Task ACL_CreateTranslateLegacyTokenRuleDestroy() { Skip.If(string.IsNullOrEmpty(TestHelper.MasterToken)); await SkipIfAclNotSupportedAsync(); var uniqueTokenName = "API Test " + DateTime.Now.ToLongTimeString(); #pragma warning disable CS0618 // Type or member is obsolete var aclEntry = new ACLEntry { Name = uniqueTokenName, Type = ACLType.Client, Rules = "agent \"\" { policy = \"read\" }" }; var newRule = "agent_prefix \"\" {\n policy = \"read\"\n}"; var newLegacyToken = await _client.ACL.Create(aclEntry); Assert.NotNull(newLegacyToken.Response); var tokens = await _client.Token.List(); var theLegacyToken = tokens.Response.SingleOrDefault(token => token.Description == aclEntry.Name); Assert.NotNull(theLegacyToken); if (string.IsNullOrEmpty(theLegacyToken.AccessorID)) { await Task.Delay(5000); tokens = await _client.Token.List(); theLegacyToken = tokens.Response.SingleOrDefault(token => token.Description == aclEntry.Name); } var translatedRule = await _client.ACL.TranslateLegacyTokenRules(theLegacyToken.AccessorID); Assert.NotNull(translatedRule.Response); Assert.Equal(newRule, translatedRule.Response); var destroyResponse = await _client.ACL.Destroy(newLegacyToken.Response); Assert.True(destroyResponse.Response); #pragma warning restore CS0618 // Type or member is obsolete }
public csACL(string[] args) { parseArgs(args); Console.WriteLine("Admin: Grant ACLs sample."); Console.WriteLine("Using server: " + serverUrl); Console.WriteLine("Using queue: " + queueName); Console.WriteLine("Using topic: " + topicName); try { // Create the admin connection to the TIBCO EMS server Admin admin = new Admin(serverUrl, username, password); // Create the TopicInfo and QueueInfo TopicInfo topic = new TopicInfo(topicName); QueueInfo queue = new QueueInfo(queueName); // Create the topic. If it exists, get its TopicInfo from the server. try { topic = admin.CreateTopic(topic); Console.WriteLine("Created Topic: " + topic); } catch (AdminNameExistsException) { Console.WriteLine("Topic already exists: " + topic); topic = admin.GetTopic(topicName); } // Create the queue. If it exists, get its QueueInfo from the server. try { queue = admin.CreateQueue(queue); Console.WriteLine("Created Queue: " + queue); } catch (AdminNameExistsException) { Console.WriteLine("Queue already exists: " + queue); queue = admin.GetQueue(queueName); } // Get the users "mair" and "ahren". If they don't exist, create them. UserInfo u1 = admin.GetUser("mair"); UserInfo u2 = admin.GetUser("ahren"); if (u1 == null) { u1 = new UserInfo("mair", null); u1 = admin.CreateUser(u1); Console.WriteLine("Created User: "******"ahren", null); u2 = admin.CreateUser(u2); Console.WriteLine("Created User: "******"mair" acls[0] = new ACLEntry(topic, u1, p1); acls[1] = new ACLEntry(queue, u1, p1); // Create ACLEntries for "ahren" acls[2] = new ACLEntry(topic, u2, p2); acls[3] = new ACLEntry(queue, u2, p2); // Grant the ACLs admin.Grant(acls); // Get all of the ACLs from the server acls = admin.ACLEntries; if (acls != null) { Console.WriteLine("ACLs defined in the server:"); for (int i = 0; i < acls.Length; i++) { Console.WriteLine(" " + acls[i]); } } else { Console.WriteLine("No ACLs defined in the server."); } } catch (AdminException e) { Console.Error.WriteLine("Exception in csACL: " + e.Message); Console.Error.WriteLine(e.StackTrace); Environment.Exit(-1); } }
public bool UpdateReaderKey(Principal caller, FQStreamID stream, ACLEntry entry) { logger.Log("UpdateReaderKey request from caller " + caller.ToString() + " for stream " + stream.ToString() + " and principal " + entry.readerName.ToString() + " key version " + entry.keyVersion); // TODO(trinabh): Authenticate caller RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); string callerpubkey = GetPubKey(caller); if (callerpubkey == null) return false; RSA.FromXmlString(callerpubkey); Byte[] data = { }; data = data.Concat(this.GetBytes(caller.HomeId)).ToArray(); data = data.Concat(this.GetBytes(caller.AppId)).ToArray(); data = data.Concat(this.GetBytes(stream.HomeId)).ToArray(); data = data.Concat(this.GetBytes(stream.AppId)).ToArray(); data = data.Concat(this.GetBytes(stream.StreamId)).ToArray(); data = data.Concat(this.GetBytes(entry.readerName.HomeId)).ToArray(); data = data.Concat(this.GetBytes(entry.readerName.AppId)).ToArray(); data = data.Concat(entry.encKey).ToArray(); data = data.Concat(entry.IV).ToArray(); data = data.Concat(this.GetBytes("" + entry.keyVersion)).ToArray(); if (RSA.VerifyData(data, new SHA256CryptoServiceProvider(), caller.Auth) == false) { logger.Log("Verification of request failed"); return false; } // if (caller.HomeId == stream.HomeId && caller.AppId == stream.AppId) { if (!mdtable.ContainsKey(stream.ToString())) mdtable[stream.ToString()] = new StreamInfo(stream); mdtable[stream.ToString()].UpdateReader(entry); return true; } else { return false; } }