本文整理汇总了Java中com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider类的典型用法代码示例。如果您正苦于以下问题:Java SimpleServiceIdentityProvider类的具体用法?Java SimpleServiceIdentityProvider怎么用?Java SimpleServiceIdentityProvider使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SimpleServiceIdentityProvider类属于com.yahoo.athenz.auth.impl包,在下文中一共展示了SimpleServiceIdentityProvider类的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: updateCertificate
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
public X509Certificate updateCertificate(PrivateKey privateKey, TemporalAmount expiryTime) {
SimpleServiceIdentityProvider identityProvider = new SimpleServiceIdentityProvider(
authority, zoneConfig.domain(), zoneConfig.serviceName(),
privateKey, Integer.toString(zoneConfig.secretVersion()), TimeUnit.MINUTES.toSeconds(10));
ZTSClient ztsClient = new ZTSClient(
config.ztsUrl(), zoneConfig.domain(), zoneConfig.serviceName(), identityProvider);
InstanceRefreshRequest req =
ZTSClient.generateInstanceRefreshRequest(
zoneConfig.domain(), zoneConfig.serviceName(), privateKey,
config.certDnsSuffix(), (int)expiryTime.get(ChronoUnit.SECONDS));
String pemEncoded = ztsClient.postInstanceRefreshRequest(zoneConfig.domain(), zoneConfig.serviceName(), req)
.getCertificate();
return Crypto.loadX509Certificate(pemEncoded);
}
示例2: createServicePrincipal
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
private Principal createServicePrincipal() {
AthenzConfig.Service service = config.service();
// TODO bjorncs: Cache principal token
SimpleServiceIdentityProvider identityProvider =
new SimpleServiceIdentityProvider(
athenzPrincipalAuthority,
config.domain(),
service.name(),
getServicePrivateKey(),
service.publicKeyId(),
Duration.ofMinutes(service.credentialsExpiryMinutes()).getSeconds());
return identityProvider.getIdentity(config.domain(), service.name());
}
示例3: create
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Override
public ZTSClient create() throws IOException {
ZTSMock zts = new ZTSMock();
zts.setPublicKeyId(keyId);
ServiceIdentityProvider siaProvider = Mockito.mock(SimpleServiceIdentityProvider.class);
ZTSClient client = new ZTSClient("http://localhost:10080", "domain", "service", siaProvider);
client.setZTSRDLGeneratedClient(zts);
return client;
}
示例4: testSimpleIdentityDefaultV0
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Test
public void testSimpleIdentityDefaultV0() {
SimpleServiceIdentityProvider provider = new SimpleServiceIdentityProvider("coretech",
"athenz", Crypto.loadPrivateKey(k0File), "0");
Principal user = provider.getIdentity("coretech", "athenz");
assertNotNull(user);
assertTrue(user.getIssueTime() != 0);
String token = user.getCredentials();
PrincipalToken prToken = new PrincipalToken(token);
assertTrue(prToken.validate(servicePublicKeyStringK0, 0, false));
assertEquals(prToken.getKeyId(), "0");
}
示例5: testSimpleIdentityDefaultV1
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Test
public void testSimpleIdentityDefaultV1() {
PrivateKey key = Crypto.loadPrivateKey(servicePrivateKeyStringK1);
SimpleServiceIdentityProvider provider = new SimpleServiceIdentityProvider("coretech",
"athenz", key, "1");
Principal user = provider.getIdentity("coretech", "athenz");
assertNotNull(user);
assertTrue(user.getIssueTime() != 0);
String token = user.getCredentials();
PrincipalToken prToken = new PrincipalToken(token);
assertTrue(prToken.validate(servicePublicKeyStringK1, 0, false));
assertEquals(prToken.getKeyId(), "1");
}
示例6: testSimpleIdentityPrivateKeyDomainMismatch
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Test
public void testSimpleIdentityPrivateKeyDomainMismatch() {
PrivateKey key = Crypto.loadPrivateKey(servicePrivateKeyStringK1);
SimpleServiceIdentityProvider provider = new SimpleServiceIdentityProvider("coretech",
"athenz", key, "1");
Principal user = provider.getIdentity("coretech2", "athenz");
assertNull(user);
user = provider.getIdentity("coretech", "athenz2");
assertNull(user);
}
示例7: testGetHost
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Test
public void testGetHost() {
PrivateKey key = Crypto.loadPrivateKey(servicePrivateKeyStringK1);
SimpleServiceIdentityProvider provider = new SimpleServiceIdentityProvider("coretech",
"athenz", key, "1");
String name = provider.getHost();
assertNotNull(name);
}
示例8: testConstructorWithAuthority
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Test
public void testConstructorWithAuthority() {
PrivateKey key = Crypto.loadPrivateKey(servicePrivateKeyStringK1);
Authority authority = new PrincipalAuthority();
SimpleServiceIdentityProvider provider = new SimpleServiceIdentityProvider(authority,
"coretech", "athenz", key, "1", 3600);
assertEquals(provider.getAuthority(), authority);
SimpleServiceIdentityProvider provider2 = new SimpleServiceIdentityProvider("coretech",
"athenz", key, "1", 3600);
assertNotEquals(provider2.getAuthority(), authority);
provider2.setAuthority(authority);
assertEquals(provider2.getAuthority(), authority);
}
示例9: testGetServicePrincipal
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Test
public void testGetServicePrincipal() {
PrivateKey privateKey = Crypto.loadPrivateKey(Crypto.ybase64DecodeString(privKey));
SimpleServiceIdentityProvider provider = new SimpleServiceIdentityProvider("coretech",
"storage", privateKey, "0");
Principal testPrincipal = provider.getIdentity("coretech", "storage");
assertNotNull(testPrincipal);
ResourceContext rsrcCtxTest = createResourceContext(testPrincipal);
ServicePrincipal principal = zms.getServicePrincipal(rsrcCtxTest);
assertNotNull(principal);
assertTrue(principal.getService().equals("storage"));
assertTrue(principal.getDomain().equals("coretech"));
}
示例10: main
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
public static void main(String[] args) throws MalformedURLException, IOException {
// parse our command line to retrieve required input
CommandLine cmd = parseCommandLine(args);
String domainName = cmd.getOptionValue("domain");
String serviceName = cmd.getOptionValue("service");
String privateKeyPath = cmd.getOptionValue("pkey");
String keyId = cmd.getOptionValue("keyid");
String url = cmd.getOptionValue("url");
String ztsUrl = cmd.getOptionValue("ztsurl");
String providerDomain = cmd.getOptionValue("provider-domain");
String providerRole = cmd.getOptionValue("provider-role");
// we need to generate our principal credentials (ntoken). In
// addition to the domain and service names, we need the
// the service's private key and the key identifier - the
// service with the corresponding public key must already be
// registered in ZMS
PrivateKey privateKey = Crypto.loadPrivateKey(new File(privateKeyPath));
ServiceIdentityProvider identityProvider = new SimpleServiceIdentityProvider(domainName,
serviceName, privateKey, keyId);
// now we need to retrieve a role token (ztoken) for accessing
// the provider Athenz enabled service
RoleToken roleToken = null;
try (ZTSClient ztsClient = new ZTSClient(ztsUrl, domainName, serviceName,
identityProvider)) {
roleToken = ztsClient.getRoleToken(providerDomain, providerRole);
}
if (roleToken == null) {
System.out.println("Unable to retrieve role token for: " + providerRole
+ " in domain: " + providerDomain);
System.exit(1);
}
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
// set our Athenz credentials. The ZTSClient provides the header
// name that we must use for authorization token while the role
// token itself provides the token string (ztoken).
System.out.println("Using RoleToken: " + roleToken.getToken());
con.setRequestProperty(ZTSClient.getHeader(), roleToken.getToken());
// now process our request
int responseCode = con.getResponseCode();
switch (responseCode) {
case HttpURLConnection.HTTP_FORBIDDEN:
System.out.println("Request was forbidden - not authorized: " + con.getResponseMessage());
break;
case HttpURLConnection.HTTP_OK:
System.out.println("Successful response: ");
try (BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()))) {
String inputLine;
while ((inputLine = in.readLine()) != null) {
System.out.println(inputLine);
}
}
break;
default:
System.out.println("Request failed - response status code: " + responseCode);
}
}
示例11: main
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
public static void main(String[] args) throws MalformedURLException, IOException {
// parse our command line to retrieve required input
CommandLine cmd = parseCommandLine(args);
String domainName = cmd.getOptionValue("domain");
String serviceName = cmd.getOptionValue("service");
String privateKeyPath = cmd.getOptionValue("pkey");
String keyId = cmd.getOptionValue("keyid");
String url = cmd.getOptionValue("url");
// we need to generate our principal credentials (ntoken). In
// addition to the domain and service names, we need the
// the service's private key and the key identifier - the
// service with the corresponding public key must already be
// registered in ZMS
PrivateKey privateKey = Crypto.loadPrivateKey(new File(privateKeyPath));
ServiceIdentityProvider identityProvider = new SimpleServiceIdentityProvider(domainName,
serviceName, privateKey, keyId);
Principal principal = identityProvider.getIdentity(domainName, serviceName);
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
// set our Athenz credentials. The authority in the principal provides
// the header name that we must use for credentials while the principal
// itself provides the credentials (ntoken).
con.setRequestProperty(principal.getAuthority().getHeader(),
principal.getCredentials());
// now process our request
int responseCode = con.getResponseCode();
switch (responseCode) {
case HttpURLConnection.HTTP_FORBIDDEN:
System.out.println("Request was forbidden - not authorized: " + con.getResponseMessage());
break;
case HttpURLConnection.HTTP_OK:
System.out.println("Successful response: ");
try (BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()))) {
String inputLine;
while ((inputLine = in.readLine()) != null) {
System.out.println(inputLine);
}
}
break;
default:
System.out.println("Request failed - response status code: " + responseCode);
}
}
示例12: setup
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@BeforeMethod
public void setup() {
System.setProperty(ZTSClient.ZTS_CLIENT_PROP_ATHENZ_CONF, "src/test/resources/athenz.conf");
siaMockProvider = Mockito.mock(SimpleServiceIdentityProvider.class);
}
示例13: testGetRoleTokenWithSiaProvider
import com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider; //导入依赖的package包/类
@Test
public void testGetRoleTokenWithSiaProvider() {
Principal principal = SimplePrincipal.create("user_domain", "user",
"auth_creds", PRINCIPAL_AUTHORITY);
ZTSClientMock ztsClientMock = new ZTSClientMock();
ztsClientMock.setRoleName("role1");
ZTSClient client = new ZTSClient("http://localhost:4080", principal);
client.setZTSRDLGeneratedClient(ztsClientMock);
RoleToken roleToken = client.getRoleToken("coretech");
assertNotNull(roleToken);
com.yahoo.athenz.auth.token.RoleToken token = new com.yahoo.athenz.auth.token.RoleToken(roleToken.getToken());
assertEquals(token.getDomain(), "coretech");
assertEquals(1, token.getRoles().size());
assertTrue(token.getRoles().contains("role1"));
// now we're going to get a token again and this time we should get back
// from our cache thus the same exact one but we're going to use
// the sia provider instead of principal given
SimpleServiceIdentityProvider siaProvider = Mockito.mock(SimpleServiceIdentityProvider.class);
Mockito.when(siaProvider.getIdentity("user_domain", "user")).thenReturn(principal);
ZTSClient client2 = new ZTSClient("http://localhost:4080", "user_domain", "user", siaProvider);
client2.setZTSRDLGeneratedClient(ztsClientMock);
RoleToken roleToken2 = client2.getRoleToken("coretech");
assertTrue(roleToken2.getToken().equals(roleToken.getToken()));
// now we're going to use the full API to request the token with ignoring from the cache
// and we should get back a new token
roleToken2 = client2.getRoleToken("coretech", null, null, null, true, null);
assertFalse(roleToken2.getToken().equals(roleToken.getToken()));
// close our clients
client.close();
client2.close();
}