public virtual void TestExtractTokenFail() { HttpURLConnection conn = Org.Mockito.Mockito.Mock <HttpURLConnection>(); Org.Mockito.Mockito.When(conn.GetResponseCode()).ThenReturn(HttpURLConnection.HttpUnauthorized ); string tokenStr = "foo"; IDictionary <string, IList <string> > headers = new Dictionary <string, IList <string> >(); IList <string> cookies = new AList <string>(); cookies.AddItem(AuthenticatedURL.AuthCookie + "=" + tokenStr); headers["Set-Cookie"] = cookies; Org.Mockito.Mockito.When(conn.GetHeaderFields()).ThenReturn(headers); AuthenticatedURL.Token token = new AuthenticatedURL.Token(); token.Set("bar"); try { AuthenticatedURL.ExtractToken(conn, token); NUnit.Framework.Assert.Fail(); } catch (AuthenticationException) { // Expected NUnit.Framework.Assert.IsFalse(token.IsSet()); } catch (Exception) { NUnit.Framework.Assert.Fail(); } }
public virtual void TestToken() { AuthenticatedURL.Token token = new AuthenticatedURL.Token(); NUnit.Framework.Assert.IsFalse(token.IsSet()); token = new AuthenticatedURL.Token("foo"); Assert.True(token.IsSet()); Assert.Equal("foo", token.ToString()); }
/* * Check if the passed token is of type "kerberos" or "kerberos-dt" */ /// <exception cref="Org.Apache.Hadoop.Security.Authentication.Client.AuthenticationException /// "/> private bool IsTokenKerberos(AuthenticatedURL.Token token) { if (token.IsSet()) { AuthToken aToken = AuthToken.Parse(token.ToString()); if (aToken.GetType().Equals("kerberos") || aToken.GetType().Equals("kerberos-dt")) { return(true); } } return(false); }
/// <exception cref="System.Exception"/> protected internal virtual void _testAuthentication(Authenticator authenticator, bool doPost) { Start(); try { Uri url = new Uri(GetBaseURL()); AuthenticatedURL.Token token = new AuthenticatedURL.Token(); NUnit.Framework.Assert.IsFalse(token.IsSet()); AuthenticatorTestCase.TestConnectionConfigurator connConf = new AuthenticatorTestCase.TestConnectionConfigurator (); AuthenticatedURL aUrl = new AuthenticatedURL(authenticator, connConf); HttpURLConnection conn = aUrl.OpenConnection(url, token); Assert.True(connConf.invoked); string tokenStr = token.ToString(); if (doPost) { conn.SetRequestMethod("POST"); conn.SetDoOutput(true); } conn.Connect(); if (doPost) { TextWriter writer = new OutputStreamWriter(conn.GetOutputStream()); writer.Write(Post); writer.Close(); } Assert.Equal(HttpURLConnection.HttpOk, conn.GetResponseCode()); if (doPost) { BufferedReader reader = new BufferedReader(new InputStreamReader(conn.GetInputStream ())); string echo = reader.ReadLine(); Assert.Equal(Post, echo); NUnit.Framework.Assert.IsNull(reader.ReadLine()); } aUrl = new AuthenticatedURL(); conn = aUrl.OpenConnection(url, token); conn.Connect(); Assert.Equal(HttpURLConnection.HttpOk, conn.GetResponseCode()); Assert.Equal(tokenStr, token.ToString()); } finally { Stop(); } }
/// <summary>Performs SPNEGO authentication against the specified URL.</summary> /// <remarks> /// Performs SPNEGO authentication against the specified URL. /// <p> /// If a token is given it does a NOP and returns the given token. /// <p> /// If no token is given, it will perform the SPNEGO authentication sequence using an /// HTTP <code>OPTIONS</code> request. /// </remarks> /// <param name="url">the URl to authenticate against.</param> /// <param name="token">the authentication token being used for the user.</param> /// <exception cref="System.IO.IOException">if an IO error occurred.</exception> /// <exception cref="AuthenticationException">if an authentication error occurred.</exception> /// <exception cref="Org.Apache.Hadoop.Security.Authentication.Client.AuthenticationException /// "/> public virtual void Authenticate(Uri url, AuthenticatedURL.Token token) { if (!token.IsSet()) { this.url = url; base64 = new Base64(0); conn = (HttpURLConnection)url.OpenConnection(); if (connConfigurator != null) { conn = connConfigurator.Configure(conn); } conn.SetRequestMethod(AuthHttpMethod); conn.Connect(); bool needFallback = false; if (conn.GetResponseCode() == HttpURLConnection.HttpOk) { Log.Debug("JDK performed authentication on our behalf."); // If the JDK already did the SPNEGO back-and-forth for // us, just pull out the token. AuthenticatedURL.ExtractToken(conn, token); if (IsTokenKerberos(token)) { return; } needFallback = true; } if (!needFallback && IsNegotiate()) { Log.Debug("Performing our own SPNEGO sequence."); DoSpnegoSequence(token); } else { Log.Debug("Using fallback authenticator sequence."); Authenticator auth = GetFallBackAuthenticator(); // Make sure that the fall back authenticator have the same // ConnectionConfigurator, since the method might be overridden. // Otherwise the fall back authenticator might not have the information // to make the connection (e.g., SSL certificates) auth.SetConnectionConfigurator(connConfigurator); auth.Authenticate(url, token); } } }