public async Task ACL_CreateDestroy()
{
Skip.If(string.IsNullOrEmpty(ConsulRoot));
var client = new ConsulClient((c) => { c.Token = ConsulRoot; });
var aclEntry = new ACLEntry()
{
Name = "API Test",
Type = ACLType.Client,
Rules = "key \"\" { policy = \"deny\" }"
};
var res = await client.ACL.Create(aclEntry);
var id = res.Response;
Assert.NotEqual(TimeSpan.Zero, res.RequestTime);
Assert.False(string.IsNullOrEmpty(res.Response));
var aclEntry2 = await client.ACL.Info(id);
Assert.NotNull(aclEntry2.Response);
Assert.Equal(aclEntry2.Response.Name, aclEntry.Name);
Assert.Equal(aclEntry2.Response.Type, aclEntry.Type);
Assert.Equal(aclEntry2.Response.Rules, aclEntry.Rules);
Assert.True((await client.ACL.Destroy(id)).Response);
}
public void ACL_CreateDestroy()
{
if (string.IsNullOrEmpty(ConsulRoot))
{
Assert.Inconclusive();
}
var client = new Client(new ConsulClientConfiguration()
{
Token = ConsulRoot
});
var aclEntry = new ACLEntry()
{
Name = "API Test",
Type = ACLType.Client,
Rules = "key \"\" { policy = \"deny\" }"
};
var res = client.ACL.Create(aclEntry);
var id = res.Response;
Assert.AreNotEqual(0, res.RequestTime.TotalMilliseconds);
Assert.IsFalse(string.IsNullOrEmpty(res.Response));
var aclEntry2 = client.ACL.Info(id);
Assert.IsNotNull(aclEntry2.Response);
Assert.AreEqual(aclEntry2.Response.Name, aclEntry.Name);
Assert.AreEqual(aclEntry2.Response.Type, aclEntry.Type);
Assert.AreEqual(aclEntry2.Response.Rules, aclEntry.Rules);
Assert.IsTrue(client.ACL.Destroy(id).Response);
}
public void ACL_CreateDestroy()
{
if (string.IsNullOrEmpty(ConsulRoot))
{
Assert.Inconclusive();
}
var client = new Client(new ConsulClientConfiguration() {Token = ConsulRoot});
var aclEntry = new ACLEntry()
{
Name = "API Test",
Type = ACLType.Client,
Rules = "key \"\" { policy = \"deny\" }"
};
var res = client.ACL.Create(aclEntry);
var id = res.Response;
Assert.AreNotEqual(0, res.RequestTime.TotalMilliseconds);
Assert.IsFalse(string.IsNullOrEmpty(res.Response));
var aclEntry2 = client.ACL.Info(id);
Assert.IsNotNull(aclEntry2.Response);
Assert.AreEqual(aclEntry2.Response.Name, aclEntry.Name);
Assert.AreEqual(aclEntry2.Response.Type, aclEntry.Type);
Assert.AreEqual(aclEntry2.Response.Rules, aclEntry.Rules);
Assert.IsTrue(client.ACL.Destroy(id).Response);
}
public async Task ACL_CreateDestroy()
{
Skip.If(string.IsNullOrEmpty(ConsulRoot));
var client = new ConsulClient(new ConsulClientConfiguration() { Token = ConsulRoot });
var aclEntry = new ACLEntry()
{
Name = "API Test",
Type = ACLType.Client,
Rules = "key \"\" { policy = \"deny\" }"
};
var res = await client.ACL.Create(aclEntry);
var id = res.Response;
Assert.NotEqual(0, res.RequestTime.TotalMilliseconds);
Assert.False(string.IsNullOrEmpty(res.Response));
var aclEntry2 = await client.ACL.Info(id);
Assert.NotNull(aclEntry2.Response);
Assert.Equal(aclEntry2.Response.Name, aclEntry.Name);
Assert.Equal(aclEntry2.Response.Type, aclEntry.Type);
Assert.Equal(aclEntry2.Response.Rules, aclEntry.Rules);
Assert.True((await client.ACL.Destroy(id)).Response);
}
public async Task ACL_CreateDestroyLegacyToken()
{
Skip.If(string.IsNullOrEmpty(TestHelper.MasterToken));
#pragma warning disable CS0618 // Type or member is obsolete
var aclEntry = new ACLEntry
{
Name = "API Test",
Type = ACLType.Client,
Rules = "key \"\" { policy = \"deny\" }"
};
var res = await _client.ACL.Create(aclEntry);
var id = res.Response;
Assert.NotEqual(TimeSpan.Zero, res.RequestTime);
Assert.False(string.IsNullOrEmpty(res.Response));
var aclEntry2 = await _client.ACL.Info(id);
Assert.NotNull(aclEntry2.Response);
Assert.Equal(aclEntry2.Response.Name, aclEntry.Name);
Assert.Equal(aclEntry2.Response.Type, aclEntry.Type);
Assert.Equal(aclEntry2.Response.Rules, aclEntry.Rules);
var destroyResponse = await _client.ACL.Destroy(id);
Assert.True(destroyResponse.Response);
#pragma warning restore CS0618 // Type or member is obsolete
}
public bool UpdateReaderKey(Principal caller, FQStreamID stream, ACLEntry entry)
{
if (logger != null)
{
logger.Log("UpdateReaderKey request from caller " + caller.ToString() + " for stream "
+ stream.ToString() + " and principal " + entry.readerName.ToString()
+ " key version " + entry.keyVersion);
}
// Authentication is not required for unlisted streams
/*
* RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
* string callerpubkey = GetPubKey(caller);
* if (callerpubkey == null)
* return false;
* RSA.FromXmlString(callerpubkey);
*
* Byte[] data = { };
* data = data.Concat(this.GetBytes(caller.HomeId)).ToArray();
* data = data.Concat(this.GetBytes(caller.AppId)).ToArray();
* data = data.Concat(this.GetBytes(stream.HomeId)).ToArray();
* data = data.Concat(this.GetBytes(stream.AppId)).ToArray();
* data = data.Concat(this.GetBytes(stream.StreamId)).ToArray();
* data = data.Concat(this.GetBytes(entry.readerName.HomeId)).ToArray();
* data = data.Concat(this.GetBytes(entry.readerName.AppId)).ToArray();
* data = data.Concat(entry.encKey).ToArray();
* data = data.Concat(entry.IV).ToArray();
* data = data.Concat(this.GetBytes("" + entry.keyVersion)).ToArray();
*
* if (RSA.VerifyData(data, new SHA256CryptoServiceProvider(), caller.Auth) == false)
* {
* if (logger != null) logger.Log("Verification of request failed");
* return false;
* }
* //
*/
if (caller.HomeId == stream.HomeId && caller.AppId == stream.AppId)
{
if (!mdtable.ContainsKey(stream.ToString()))
{
mdtable[stream.ToString()] = new StreamInfo(stream);
}
mdtable[stream.ToString()].UpdateReader(entry);
return(true);
}
else
{
return(false);
}
}
public async Task ACL_CreateCloneUpdateDestroyLegacyToken()
{
Skip.If(string.IsNullOrEmpty(TestHelper.MasterToken));
await SkipIfAclNotSupportedAsync();
#pragma warning disable CS0618 // Type or member is obsolete
var newAclEntry = new ACLEntry
{
Name = "API Test",
Type = ACLType.Client,
Rules = "key \"\" { policy = \"deny\" }"
};
var res = await _client.ACL.Create(newAclEntry);
var newAclId = res.Response;
Assert.NotEqual(TimeSpan.Zero, res.RequestTime);
Assert.False(string.IsNullOrEmpty(res.Response));
var cloneRequest = await _client.ACL.Clone(newAclId);
var aclID = cloneRequest.Response;
var aclEntry = await _client.ACL.Info(aclID);
aclEntry.Response.Rules = "key \"\" { policy = \"deny\" }";
await _client.ACL.Update(aclEntry.Response);
var aclEntry2 = await _client.ACL.Info(aclID);
Assert.Equal("key \"\" { policy = \"deny\" }", aclEntry2.Response.Rules);
var id = cloneRequest.Response;
Assert.NotEqual(TimeSpan.Zero, cloneRequest.RequestTime);
Assert.False(string.IsNullOrEmpty(aclID));
var destroyNewAclEntry = await _client.ACL.Destroy(newAclId);
Assert.True(destroyNewAclEntry.Response);
var destroyClonedAclEntry = await _client.ACL.Destroy(id);
Assert.True(destroyClonedAclEntry.Response);
#pragma warning restore CS0618 // Type or member is obsolete
}
public async Task ACL_CreateTranslateLegacyTokenRuleDestroy()
{
Skip.If(string.IsNullOrEmpty(TestHelper.MasterToken));
await SkipIfAclNotSupportedAsync();
var uniqueTokenName = "API Test " + DateTime.Now.ToLongTimeString();
#pragma warning disable CS0618 // Type or member is obsolete
var aclEntry = new ACLEntry
{
Name = uniqueTokenName,
Type = ACLType.Client,
Rules = "agent \"\" { policy = \"read\" }"
};
var newRule = "agent_prefix \"\" {\n policy = \"read\"\n}";
var newLegacyToken = await _client.ACL.Create(aclEntry);
Assert.NotNull(newLegacyToken.Response);
var tokens = await _client.Token.List();
var theLegacyToken = tokens.Response.SingleOrDefault(token => token.Description == aclEntry.Name);
Assert.NotNull(theLegacyToken);
if (string.IsNullOrEmpty(theLegacyToken.AccessorID))
{
await Task.Delay(5000);
tokens = await _client.Token.List();
theLegacyToken = tokens.Response.SingleOrDefault(token => token.Description == aclEntry.Name);
}
var translatedRule = await _client.ACL.TranslateLegacyTokenRules(theLegacyToken.AccessorID);
Assert.NotNull(translatedRule.Response);
Assert.Equal(newRule, translatedRule.Response);
var destroyResponse = await _client.ACL.Destroy(newLegacyToken.Response);
Assert.True(destroyResponse.Response);
#pragma warning restore CS0618 // Type or member is obsolete
}
public csACL(string[] args)
{
parseArgs(args);
Console.WriteLine("Admin: Grant ACLs sample.");
Console.WriteLine("Using server: " + serverUrl);
Console.WriteLine("Using queue: " + queueName);
Console.WriteLine("Using topic: " + topicName);
try
{
// Create the admin connection to the TIBCO EMS server
Admin admin = new Admin(serverUrl, username, password);
// Create the TopicInfo and QueueInfo
TopicInfo topic = new TopicInfo(topicName);
QueueInfo queue = new QueueInfo(queueName);
// Create the topic. If it exists, get its TopicInfo from the server.
try
{
topic = admin.CreateTopic(topic);
Console.WriteLine("Created Topic: " + topic);
}
catch (AdminNameExistsException)
{
Console.WriteLine("Topic already exists: " + topic);
topic = admin.GetTopic(topicName);
}
// Create the queue. If it exists, get its QueueInfo from the server.
try
{
queue = admin.CreateQueue(queue);
Console.WriteLine("Created Queue: " + queue);
}
catch (AdminNameExistsException)
{
Console.WriteLine("Queue already exists: " + queue);
queue = admin.GetQueue(queueName);
}
// Get the users "mair" and "ahren". If they don't exist, create them.
UserInfo u1 = admin.GetUser("mair");
UserInfo u2 = admin.GetUser("ahren");
if (u1 == null)
{
u1 = new UserInfo("mair", null);
u1 = admin.CreateUser(u1);
Console.WriteLine("Created User: "******"ahren", null);
u2 = admin.CreateUser(u2);
Console.WriteLine("Created User: "******"mair"
acls[0] = new ACLEntry(topic, u1, p1);
acls[1] = new ACLEntry(queue, u1, p1);
// Create ACLEntries for "ahren"
acls[2] = new ACLEntry(topic, u2, p2);
acls[3] = new ACLEntry(queue, u2, p2);
// Grant the ACLs
admin.Grant(acls);
// Get all of the ACLs from the server
acls = admin.ACLEntries;
if (acls != null)
{
Console.WriteLine("ACLs defined in the server:");
for (int i = 0; i < acls.Length; i++)
{
Console.WriteLine(" " + acls[i]);
}
}
else
{
Console.WriteLine("No ACLs defined in the server.");
}
}
catch (AdminException e)
{
Console.Error.WriteLine("Exception in csACL: " + e.Message);
Console.Error.WriteLine(e.StackTrace);
Environment.Exit(-1);
}
}
public bool UpdateReaderKey(Principal caller, FQStreamID stream, ACLEntry entry)
{
logger.Log("UpdateReaderKey request from caller " + caller.ToString() + " for stream "
+ stream.ToString() + " and principal " + entry.readerName.ToString()
+ " key version " + entry.keyVersion);
// TODO(trinabh): Authenticate caller
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
string callerpubkey = GetPubKey(caller);
if (callerpubkey == null)
return false;
RSA.FromXmlString(callerpubkey);
Byte[] data = { };
data = data.Concat(this.GetBytes(caller.HomeId)).ToArray();
data = data.Concat(this.GetBytes(caller.AppId)).ToArray();
data = data.Concat(this.GetBytes(stream.HomeId)).ToArray();
data = data.Concat(this.GetBytes(stream.AppId)).ToArray();
data = data.Concat(this.GetBytes(stream.StreamId)).ToArray();
data = data.Concat(this.GetBytes(entry.readerName.HomeId)).ToArray();
data = data.Concat(this.GetBytes(entry.readerName.AppId)).ToArray();
data = data.Concat(entry.encKey).ToArray();
data = data.Concat(entry.IV).ToArray();
data = data.Concat(this.GetBytes("" + entry.keyVersion)).ToArray();
if (RSA.VerifyData(data, new SHA256CryptoServiceProvider(), caller.Auth) == false)
{
logger.Log("Verification of request failed");
return false;
}
//
if (caller.HomeId == stream.HomeId && caller.AppId == stream.AppId)
{
if (!mdtable.ContainsKey(stream.ToString()))
mdtable[stream.ToString()] = new StreamInfo(stream);
mdtable[stream.ToString()].UpdateReader(entry);
return true;
}
else
{
return false;
}
}
