Skip to content

Commit

Permalink
Address code review comments, added more tests
Browse files Browse the repository at this point in the history
Signed-off-by: Andriy Redko <[email protected]>
  • Loading branch information
reta committed Mar 28, 2024
1 parent e450fc0 commit 65c6e3c
Showing 1 changed file with 76 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.function.Supplier;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
Expand All @@ -26,6 +27,7 @@
import org.opensearch.common.settings.ClusterSettings;
import org.opensearch.common.settings.Settings;
import org.opensearch.http.HttpServerTransport;
import org.opensearch.http.netty4.ssl.SecureNetty4HttpServerTransport;
import org.opensearch.plugins.SecureHttpTransportSettingsProvider;
import org.opensearch.plugins.SecureTransportSettingsProvider;
import org.opensearch.plugins.TransportExceptionHandler;
Expand All @@ -35,8 +37,12 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.telemetry.tracing.noop.NoopTracer;
import org.opensearch.transport.Transport;
import org.opensearch.transport.TransportAdapterProvider;

import io.netty.channel.ChannelInboundHandlerAdapter;

import static org.hamcrest.CoreMatchers.containsString;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.not;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.hamcrest.MatcherAssert.assertThat;
Expand Down Expand Up @@ -125,6 +131,10 @@ public void testRegisterSecureHttpTransport() throws IOException {
NoopTracer.INSTANCE
);
assertThat(transports, hasKey("org.opensearch.security.ssl.http.netty.SecuritySSLNettyHttpServerTransport"));
assertThat(
transports.get("org.opensearch.security.ssl.http.netty.SecuritySSLNettyHttpServerTransport").get(),
not(nullValue())
);
}
}

Expand All @@ -142,6 +152,7 @@ public void testRegisterSecureTransport() throws IOException {
NoopTracer.INSTANCE
);
assertThat(transports, hasKey("org.opensearch.security.ssl.http.netty.SecuritySSLNettyTransport"));
assertThat(transports.get("org.opensearch.security.ssl.http.netty.SecuritySSLNettyTransport").get(), not(nullValue()));
}
}

Expand Down Expand Up @@ -247,4 +258,69 @@ public void testRegisterSecureTransportWithDuplicateSettings() throws IOExceptio
}
}
}

@Test
public void testRegisterSecureHttpTransportWithRequestHeaderVerifier() throws IOException {
final AtomicBoolean created = new AtomicBoolean(false);

class LocalHeaderVerifier extends ChannelInboundHandlerAdapter {
public LocalHeaderVerifier() {
created.set(true);
}
}

final SecureHttpTransportSettingsProvider provider = new SecureHttpTransportSettingsProvider() {
@Override
public Collection<TransportAdapterProvider<HttpServerTransport>> getHttpTransportAdapterProviders(Settings settings) {
return List.of(new TransportAdapterProvider<HttpServerTransport>() {

@Override
public String name() {
return SecureNetty4HttpServerTransport.REQUEST_HEADER_VERIFIER;
}

@SuppressWarnings("unchecked")
@Override
public <C> Optional<C> create(Settings settings, HttpServerTransport transport, Class<C> adapterClass) {
return Optional.of((C) new LocalHeaderVerifier());
}

});
}

@Override
public Optional<TransportExceptionHandler> buildHttpServerExceptionHandler(Settings settings, HttpServerTransport transport) {
return Optional.empty();
}

@Override
public Optional<SSLEngine> buildSecureHttpServerEngine(Settings settings, HttpServerTransport transport) throws SSLException {
return Optional.empty();
}
};

try (OpenSearchSecuritySSLPlugin plugin = new OpenSearchSecuritySSLPlugin(settings, null, false)) {
final Map<String, Supplier<HttpServerTransport>> transports = plugin.getSecureHttpTransports(
settings,
MOCK_POOL,
null,
null,
null,
null,
null,
null,
clusterSettings,
provider,
NoopTracer.INSTANCE
);
assertThat(transports, hasKey("org.opensearch.security.ssl.http.netty.SecuritySSLNettyHttpServerTransport"));

assertThat(
transports.get("org.opensearch.security.ssl.http.netty.SecuritySSLNettyHttpServerTransport").get(),
not(nullValue())
);

assertThat(created.get(), is(true));
}
}
}

0 comments on commit 65c6e3c

Please sign in to comment.