From 663b3dbd690ee9485fb9137cbd92df03f3ee947e Mon Sep 17 00:00:00 2001
From: Alan Braz <alanbraz@br.ibm.com>
Date: Wed, 25 Mar 2020 17:58:57 -0300
Subject: [PATCH] add test creds
---
.../org/opengroup/osdu/util/ElasticUtils.java | 64 ++++++++++---
testing/indexer-test-ibm/pom.xml | 38 +++++---
.../opengroup/osdu/util/IdentityUtilIBM.java | 7 --
.../org/opengroup/osdu/util/JwtTokenUtil.java | 90 -------------------
4 files changed, 80 insertions(+), 119 deletions(-)
delete mode 100644 testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java
diff --git a/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java b/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
index 824656903..401ce191b 100644
--- a/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
+++ b/testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/ElasticUtils.java
@@ -1,9 +1,22 @@
package org.opengroup.osdu.util;
-import com.google.gson.Gson;
-import lombok.extern.java.Log;
+import java.io.IOException;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
import org.apache.http.Header;
import org.apache.http.HttpHost;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
import org.apache.http.message.BasicHeader;
import org.elasticsearch.ElasticsearchException;
import org.elasticsearch.ElasticsearchStatusException;
@@ -21,7 +34,11 @@ import org.elasticsearch.action.index.IndexRequest;
import org.elasticsearch.action.search.SearchRequest;
import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.action.support.master.AcknowledgedResponse;
-import org.elasticsearch.client.*;
+import org.elasticsearch.client.RequestOptions;
+import org.elasticsearch.client.RestClient;
+import org.elasticsearch.client.RestClientBuilder;
+import org.elasticsearch.client.RestClientBuilder.HttpClientConfigCallback;
+import org.elasticsearch.client.RestHighLevelClient;
import org.elasticsearch.cluster.metadata.MappingMetaData;
import org.elasticsearch.common.collect.ImmutableOpenMap;
import org.elasticsearch.common.settings.Settings;
@@ -31,12 +48,9 @@ import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.rest.RestStatus;
import org.elasticsearch.search.builder.SearchSourceBuilder;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Base64;
-import java.util.List;
-import java.util.Map;
-import java.util.logging.Level;
+import com.google.gson.Gson;
+
+import lombok.extern.java.Log;
/**
@@ -277,8 +291,36 @@ public class ElasticUtils {
new BasicHeader("xpack.security.transport.ssl.enabled", Boolean.toString(true)),
new BasicHeader("Authorization", String.format("Basic %s", Base64.getEncoder().encodeToString(rawString.getBytes()))),
};
-
- builder.setDefaultHeaders(defaultHeaders);
+
+
+ SSLContext sslContext = SSLContext.getInstance("SSL");
+ // set up a TrustManager that trusts everything
+ sslContext.init(null, new TrustManager[] { new X509TrustManager() {
+ public X509Certificate[] getAcceptedIssuers() {
+ System.out.println("getAcceptedIssuers =============");
+ return null;
+ }
+ public void checkClientTrusted(X509Certificate[] certs,
+ String authType) {
+ System.out.println("checkClientTrusted =============");
+ }
+ public void checkServerTrusted(X509Certificate[] certs,
+ String authType) {
+ System.out.println("checkServerTrusted =============");
+ }
+ } }, new SecureRandom());
+
+ builder.setHttpClientConfigCallback(new HttpClientConfigCallback() {
+ @Override
+ public HttpAsyncClientBuilder customizeHttpClient(
+ HttpAsyncClientBuilder httpClientBuilder) {
+ return httpClientBuilder
+ .setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
+ .setSSLContext(sslContext);
+ }
+ })
+ .setDefaultHeaders(defaultHeaders);
+ // TODO builder.setDefaultHeaders(defaultHeaders);
restHighLevelClient = new RestHighLevelClient(builder);
} catch (Exception e) {
diff --git a/testing/indexer-test-ibm/pom.xml b/testing/indexer-test-ibm/pom.xml
index 9fd8afd87..a7bf98e2d 100644
--- a/testing/indexer-test-ibm/pom.xml
+++ b/testing/indexer-test-ibm/pom.xml
@@ -166,21 +166,37 @@
<configuration>
<trimStackTrace>false</trimStackTrace>
<systemPropertyVariables>
- <PROJECT_ID>1</PROJECT_ID>
- <DOMAIN>ibm.com</DOMAIN>
- <DEPLOY_ENV>empty</DEPLOY_ENV>
- <STORAGE_URL>https://os-storage-ibm-osdu-r2.osduadev-a1c3eaf78a86806e299f5f3f207556f0-0000.us-south.containers.appdomain.cloud/api/storage/v2/</STORAGE_URL>
- <LEGAL_URL>https://os-legal-ibm-osdu-r2.osduadev-a1c3eaf78a86806e299f5f3f207556f0-0000.us-south.containers.appdomain.cloud/api/legal/v1/</LEGAL_URL>
- <ENTITLEMENT_URL>https://entitlements-osdu-r2.osduadev-a1c3eaf78a86806e299f5f3f207556f0-0000.us-south.containers.appdomain.cloud/api/entitlements/v1/</ENTITLEMENT_URL>
- <TENANT_NAME>opendes</TENANT_NAME>
- <PUBSUB_TOKEN>token_not_implemented</PUBSUB_TOKEN>
+
<KEYCLOAK_URL>keycloak-osdu-r2.osduadev-a1c3eaf78a86806e299f5f3f207556f0-0000.us-south.containers.appdomain.cloud</KEYCLOAK_URL>
<KEYCLOAK_REALM>OSDU</KEYCLOAK_REALM>
<KEYCLOAK_CLIENT_ID>osdu-login</KEYCLOAK_CLIENT_ID>
<AUTH_USER_ACCESS>osdu-user</AUTH_USER_ACCESS>
- <AUTH_USER_ACCESS_PASSWORD>CHANGE_ME</AUTH_USER_ACCESS_PASSWORD>
- <AUTH_USER_NO_ACCESS>osdu-no-roles</AUTH_USER_NO_ACCESS>
- <AUTH_USER_NO_ACCESS_PASSWORD>CHANGE_ME</AUTH_USER_NO_ACCESS_PASSWORD>
+ <AUTH_USER_ACCESS_PASSWORD>password1</AUTH_USER_ACCESS_PASSWORD>
+
+ <OTHER_RELEVANT_DATA_COUNTRIES>US</OTHER_RELEVANT_DATA_COUNTRIES>
+ <LEGAL_TAG>opendes-public-usa-dataset</LEGAL_TAG>
+ <INTEGRATION_TEST_AUDIENCE>dontknowifneeded</INTEGRATION_TEST_AUDIENCE>
+ <SEARCH_INTEGRATION_TESTER>dontknowifneeded</SEARCH_INTEGRATION_TESTER>
+ <DEFAULT_DATA_PARTITION_ID_TENANT1>opendes</DEFAULT_DATA_PARTITION_ID_TENANT1>
+ <DEFAULT_DATA_PARTITION_ID_TENANT2>tenant2</DEFAULT_DATA_PARTITION_ID_TENANT2>
+ <!-- has to be the same ElasticSearch used by storage -->
+ <!-- <ELASTIC_HOST>85e9c617-e295-460e-a2ff-048b18a76b22.blijs0dd0dcr4f55oehg.databases.appdomain.cloud</ELASTIC_HOST>
+ <ELASTIC_USER_NAME>ibm_cloud_a3207231_f8ea_4ca5_9e7e_b63badc2e544</ELASTIC_USER_NAME>
+ <ELASTIC_PASSWORD>61e86fddfd5b9385510e961bec444d95799258d41b635422e59b073610d7f62d</ELASTIC_PASSWORD>
+ <ELASTIC_PORT>30842</ELASTIC_PORT> -->
+ <ELASTIC_HOST>elasticsearch-instance-osdu-es.osduadev-a1c3eaf78a86806e299f5f3f207556f0-0000.us-south.containers.appdomain.cloud</ELASTIC_HOST>
+ <ELASTIC_USER_NAME>elastic-internal</ELASTIC_USER_NAME>
+ <ELASTIC_PASSWORD>mp7m94xrgz4t7rz758p4k79m</ELASTIC_PASSWORD>
+ <ELASTIC_PORT>443</ELASTIC_PORT>
+
+ <INDEXER_HOST></INDEXER_HOST>
+ <!-- <SEARCH_HOST>https://os-search-ibm-osdu-r2.osduadev-a1c3eaf78a86806e299f5f3f207556f0-0000.us-south.containers.appdomain.cloud/api/search/v2/</SEARCH_HOST>
+ <STORAGE_HOST>https://os-storage-ibm-osdu-r2.osduadev-a1c3eaf78a86806e299f5f3f207556f0-0000.us-south.containers.appdomain.cloud/api/storage/v2/</STORAGE_HOST> -->
+ <SEARCH_HOST>http://localhost:8085/api/search/v2/</SEARCH_HOST>
+ <STORAGE_HOST>http://localhost:8082/api/storage/v2/</STORAGE_HOST>
+
+ <ENTITLEMENTS_DOMAIN>ibm.com</ENTITLEMENTS_DOMAIN>
+
</systemPropertyVariables>
</configuration>
</plugin>
diff --git a/testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/IdentityUtilIBM.java b/testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/IdentityUtilIBM.java
index 683f71934..37b909cfd 100644
--- a/testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/IdentityUtilIBM.java
+++ b/testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/IdentityUtilIBM.java
@@ -15,11 +15,4 @@ public class IdentityUtilIBM {
}
}
- /*
- * public static String getTokenForUserWithNoAccess(){ try { String user =
- * System.getProperty("AUTH_USER_NO_ACCESS"); String pass =
- * System.getProperty("AUTH_USER_NO_ACCESS_PASSWORD"); return
- * KeyCloakProvider.getToken(user, pass); } catch (IOException e) {
- * e.printStackTrace(); return null; } }
- */
}
diff --git a/testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java b/testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java
deleted file mode 100644
index 0c526006c..000000000
--- a/testing/indexer-test-ibm/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * package org.opengroup.osdu.util;
- *
- * import com.google.api.client.googleapis.auth.oauth2.GoogleCredential; import
- * com.google.api.client.json.JsonFactory; import
- * com.google.api.client.json.jackson2.JacksonFactory; import
- * com.google.api.client.json.webtoken.JsonWebSignature; import
- * com.google.api.client.json.webtoken.JsonWebToken; import
- * com.google.api.client.util.Clock; import com.google.common.base.Strings;
- * import com.google.gson.Gson; import lombok.Data; import
- * org.apache.commons.io.Charsets; import org.apache.commons.io.IOUtils; import
- * org.apache.http.HttpResponse; import org.apache.http.NameValuePair; import
- * org.apache.http.client.entity.UrlEncodedFormEntity; import
- * org.apache.http.client.methods.HttpPost; import
- * org.apache.http.impl.client.CloseableHttpClient; import
- * org.apache.http.impl.client.HttpClientBuilder; import
- * org.apache.http.message.BasicNameValuePair;
- *
- * import java.io.ByteArrayInputStream; import java.io.IOException; import
- * java.io.InputStream; import java.security.GeneralSecurityException; import
- * java.util.ArrayList; import java.util.Base64; import java.util.List;
- *
- * class JwtTokenUtil {
- *
- * private static String accessToken;
- *
- * static String getAccessToken() throws IOException {
- *
- * if (Strings.isNullOrEmpty(accessToken)) { accessToken =
- * getServiceAccountAccessToken(getJwtForIntegrationTesterAccount()); } return
- * accessToken; }
- *
- * private static String getServiceAccountAccessToken(String key) throws
- * IOException {
- *
- * try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
- *
- * List<NameValuePair> parameters = new ArrayList<>(); parameters.add(new
- * BasicNameValuePair("grant_type",
- * "urn:ietf:params:oauth:grant-type:jwt-bearer")); parameters.add(new
- * BasicNameValuePair("assertion", key));
- *
- * HttpPost postRequest = new
- * HttpPost("https://www.googleapis.com/oauth2/v4/token");
- * postRequest.addHeader("Content-Type", "application/x-www-form-urlencoded");
- * postRequest.setEntity(new UrlEncodedFormEntity(parameters));
- *
- * HttpResponse response = httpClient.execute(postRequest); String
- * responseContent = IOUtils.toString(response.getEntity().getContent(),
- * Charsets.toCharset("UTF-8"));
- *
- * JwtTokenUtil.ResponseToken responseToken = new
- * Gson().fromJson(responseContent, JwtTokenUtil.ResponseToken.class);
- *
- * return responseToken.getId_token(); } }
- *
- * private static String getJwtForIntegrationTesterAccount() throws IOException
- * { String serviceAccountFile = Config.getKeyValue(); return
- * getJwt(serviceAccountFile); }
- *
- * private static String getJwt(String serviceAccountFile) throws IOException {
- *
- * String targetAudience = Config.getTargetAudience(); long currentTime =
- * Clock.SYSTEM.currentTimeMillis();
- *
- * InputStream stream = new
- * ByteArrayInputStream(Base64.getDecoder().decode(serviceAccountFile));
- * GoogleCredential credential = GoogleCredential.fromStream(stream);
- *
- * JsonWebSignature.Header header = new JsonWebSignature.Header();
- * header.setAlgorithm("RS256"); header.setType("JWT");
- * header.setKeyId(credential.getServiceAccountPrivateKeyId());
- *
- * JsonWebSignature.Payload payload = new JsonWebToken.Payload();
- * payload.setIssuedAtTimeSeconds(currentTime / 1000);
- * payload.setExpirationTimeSeconds(currentTime / 1000 + 3600);
- * payload.setAudience("https://www.googleapis.com/oauth2/v4/token");
- * payload.setIssuer(credential.getServiceAccountId());
- * payload.set("target_audience", targetAudience);
- *
- * JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); String
- * signedJwt = null; try { signedJwt =
- * JsonWebSignature.signUsingRsaSha256(credential.getServiceAccountPrivateKey(),
- * jsonFactory, header, payload); } catch (GeneralSecurityException e) {
- * e.printStackTrace(); }
- *
- * return signedJwt; }
- *
- * @Data class ResponseToken { public String id_token; } }
- */
\ No newline at end of file
--
GitLab