Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-22 06:38:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Enable header-based auth for WebSocket connections

Browse Source
This commit is contained in:
Sergey Skrobotov
2023-09-25 11:28:23 -07:00
parent a263611746
commit d0fdae3df7
8 changed files with 147 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
service/src/test/java/org/whispersystems/textsecuregcm/auth/grpc/BasicCredentialAuthenticationInterceptorTest.java
View File

@@ -13,7 +13,6 @@ import static org.mockito.ArgumentMatchers.anyBoolean;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import io.dropwizard.auth.basic.BasicCredentials;
import io.grpc.CallCredentials;
import io.grpc.ManagedChannel;
import io.grpc.Metadata;
@@ -30,7 +29,6 @@ import java.util.stream.Stream;
import org.apache.commons.lang3.RandomStringUtils;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
@@ -41,6 +39,7 @@ import org.whispersystems.textsecuregcm.auth.BaseAccountAuthenticator;
import org.whispersystems.textsecuregcm.grpc.EchoServiceImpl;
import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.storage.Device;
import org.whispersystems.textsecuregcm.util.HeaderUtils;
import org.whispersystems.textsecuregcm.util.Pair;
class BasicCredentialAuthenticationInterceptorTest {
@@ -122,8 +121,10 @@ class BasicCredentialAuthenticationInterceptorTest {
malformedCredentialHeaders.put(BasicCredentialAuthenticationInterceptor.BASIC_CREDENTIALS, "Incorrect");
final Metadata structurallyValidCredentialHeaders = new Metadata();
structurallyValidCredentialHeaders.put(BasicCredentialAuthenticationInterceptor.BASIC_CREDENTIALS,
UUID.randomUUID() + ":" + RandomStringUtils.randomAlphanumeric(16));
structurallyValidCredentialHeaders.put(
BasicCredentialAuthenticationInterceptor.BASIC_CREDENTIALS,
HeaderUtils.basicAuthHeader(UUID.randomUUID().toString(), RandomStringUtils.randomAlphanumeric(16))
);
return Stream.of(
Arguments.of(new Metadata(), true, false),
@@ -132,22 +133,4 @@ class BasicCredentialAuthenticationInterceptorTest {
Arguments.of(structurallyValidCredentialHeaders, true, true)
);
}
@Test
void extractBasicCredentials() {
final String username = UUID.randomUUID().toString();
final String password = RandomStringUtils.random(16);
final BasicCredentials basicCredentials =
BasicCredentialAuthenticationInterceptor.extractBasicCredentials(username + ":" + password);
assertEquals(username, basicCredentials.getUsername());
assertEquals(password, basicCredentials.getPassword());
}
@Test
void extractBasicCredentialsIllegalArgument() {
assertThrows(IllegalArgumentException.class,
() -> BasicCredentialAuthenticationInterceptor.extractBasicCredentials("This does not include a password"));
}
}