From eec55e273e997e0f3a821b21ec21e6b292fc4e20 Mon Sep 17 00:00:00 2001 From: Peter-Josef Meisch Date: Sat, 13 Jul 2019 10:33:23 +0200 Subject: [PATCH] DATAES-607 - Client-security-configuration. Original PR: #293 --- .../client/ClientConfiguration.java | 10 +++++ .../client/ClientConfigurationBuilder.java | 23 ++++++++++ .../client/ClientConfigurationUnitTests.java | 44 +++++++++++++++++++ .../elasticsearch/utils/IndexInitializer.java | 14 +++++- 4 files changed, 90 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/springframework/data/elasticsearch/client/ClientConfiguration.java b/src/main/java/org/springframework/data/elasticsearch/client/ClientConfiguration.java index 84c65b244..c1321fcf4 100644 --- a/src/main/java/org/springframework/data/elasticsearch/client/ClientConfiguration.java +++ b/src/main/java/org/springframework/data/elasticsearch/client/ClientConfiguration.java @@ -29,6 +29,7 @@ import org.springframework.http.HttpHeaders; * Configuration interface exposing common client configuration properties for Elasticsearch clients. * * @author Mark Paluch + * @author Peter-Josef Meisch * @since 3.2 */ public interface ClientConfiguration { @@ -257,6 +258,15 @@ public interface ClientConfiguration { */ TerminalClientConfigurationBuilder withSocketTimeout(Duration timeout); + /** + * Configure the username and password to be sent as a Basic Authentication header + * + * @param username the username. Must not be {@literal null}. + * @param password the password. Must not be {@literal null}. + * @return the {@link TerminalClientConfigurationBuilder} + */ + TerminalClientConfigurationBuilder withBasicAuth(String username, String password); + /** * Build the {@link ClientConfiguration} object. * diff --git a/src/main/java/org/springframework/data/elasticsearch/client/ClientConfigurationBuilder.java b/src/main/java/org/springframework/data/elasticsearch/client/ClientConfigurationBuilder.java index 4d362e1d1..83215cf29 100644 --- a/src/main/java/org/springframework/data/elasticsearch/client/ClientConfigurationBuilder.java +++ b/src/main/java/org/springframework/data/elasticsearch/client/ClientConfigurationBuilder.java @@ -36,6 +36,7 @@ import org.springframework.util.Assert; * * @author Christoph Strobl * @author Mark Paluch + * @author Peter-Josef Meisch * @since 3.2 */ class ClientConfigurationBuilder @@ -47,6 +48,8 @@ class ClientConfigurationBuilder private @Nullable SSLContext sslContext; private Duration connectTimeout = Duration.ofSeconds(10); private Duration soTimeout = Duration.ofSeconds(5); + private String username; + private String password; /* * (non-Javadoc) @@ -139,12 +142,31 @@ class ClientConfigurationBuilder return this; } + @Override + public TerminalClientConfigurationBuilder withBasicAuth(String username, String password) { + + Assert.notNull(username, "username must not be null"); + Assert.notNull(password, "password must not be null"); + + this.username = username; + this.password = password; + + return this; + } + /* * (non-Javadoc) * @see org.springframework.data.elasticsearch.client.ClientConfiguration.ClientConfigurationBuilderWithOptionalDefaultHeaders#build() */ @Override public ClientConfiguration build() { + + if (username != null && password != null) { + if (HttpHeaders.EMPTY.equals(headers)) { + headers = new HttpHeaders(); + } + headers.setBasicAuth(username, password); + } return new DefaultClientConfiguration(this.hosts, this.headers, this.useSsl, this.sslContext, this.soTimeout, this.connectTimeout); } @@ -152,4 +174,5 @@ class ClientConfigurationBuilder private static InetSocketAddress parse(String hostAndPort) { return InetSocketAddressParser.parse(hostAndPort, ElasticsearchHost.DEFAULT_PORT); } + } diff --git a/src/test/java/org/springframework/data/elasticsearch/client/ClientConfigurationUnitTests.java b/src/test/java/org/springframework/data/elasticsearch/client/ClientConfigurationUnitTests.java index 73d7d672d..f4fa66328 100644 --- a/src/test/java/org/springframework/data/elasticsearch/client/ClientConfigurationUnitTests.java +++ b/src/test/java/org/springframework/data/elasticsearch/client/ClientConfigurationUnitTests.java @@ -30,9 +30,12 @@ import org.springframework.http.HttpHeaders; * Unit tests for {@link ClientConfiguration}. * * @author Mark Paluch + * @author Peter-Josef Meisch */ public class ClientConfigurationUnitTests { + private static final String AUTHORIZATION_HEADER = "Authorization"; + @Test // DATAES-488 public void shouldCreateSimpleConfiguration() { @@ -78,4 +81,45 @@ public class ClientConfigurationUnitTests { assertThat(clientConfiguration.getConnectTimeout()).isEqualTo(Duration.ofSeconds(10)); assertThat(clientConfiguration.getSocketTimeout()).isEqualTo(Duration.ofSeconds(5)); } + + @Test // DATAES-607 + public void shouldAddBasicAuthenticationHeaderWhenNoHeadersAreSet() { + + final String username = "secretUser"; + final String password = "secretPassword"; + + ClientConfiguration clientConfiguration = ClientConfiguration.builder() // + .connectedTo("foo", "bar") // + .withBasicAuth(username, password) // + .build(); + + assertThat(clientConfiguration.getDefaultHeaders().get(AUTHORIZATION_HEADER)) + .containsOnly(buildBasicAuth(username, password)); + } + + @Test // DATAES-607 + public void shouldAddBasicAuthenticationHeaderAndKeepHeaders() { + + final String username = "secretUser"; + final String password = "secretPassword"; + + HttpHeaders defaultHeaders = new HttpHeaders(); + defaultHeaders.set("foo", "bar"); + + ClientConfiguration clientConfiguration = ClientConfiguration.builder() // + .connectedTo("foo", "bar") // + .withBasicAuth(username, password) // + .withDefaultHeaders(defaultHeaders).build(); + final HttpHeaders httpHeaders = clientConfiguration.getDefaultHeaders(); + + assertThat(httpHeaders.get(AUTHORIZATION_HEADER)).containsOnly(buildBasicAuth(username, password)); + assertThat(httpHeaders.get("foo")).containsOnly("bar"); + } + + private String buildBasicAuth(String username, String password) { + + HttpHeaders headers = new HttpHeaders(); + headers.setBasicAuth(username, password); + return headers.get(AUTHORIZATION_HEADER).get(0); + } } diff --git a/src/test/java/org/springframework/data/elasticsearch/utils/IndexInitializer.java b/src/test/java/org/springframework/data/elasticsearch/utils/IndexInitializer.java index d45036d17..6924f092c 100644 --- a/src/test/java/org/springframework/data/elasticsearch/utils/IndexInitializer.java +++ b/src/test/java/org/springframework/data/elasticsearch/utils/IndexInitializer.java @@ -1,5 +1,17 @@ /* - * (c) Copyright 2019 codecentric AG + * Copyright 2019 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package org.springframework.data.elasticsearch.utils;