Skip to content

Commit

Permalink
webserver-signatures modifications
Browse files Browse the repository at this point in the history 
Signed-off-by: Maxim Nesen <[email protected]>
  • Loading branch information
@senivam
senivam committed Dec 21, 2023
1 parent 098fbe7 commit d2e20fb
Show file tree
Hide file tree
Showing 8 changed files with 34 additions and 32 deletions.
6 changes: 3 additions & 3 deletions examples/security/webserver-signatures/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ java -jar target/helidon-examples-security-webserver-signatures.jar

Try the endpoints:
```bash
curl -u "jack:password" http://localhost:8080/service1
curl -u "jill:password" http://localhost:8080/service1-rsa
curl -v -u "john:password" http://localhost:8080/service1
curl -u "jack:changeit" http://localhost:8080/service1
curl -u "jill:changeit" http://localhost:8080/service1-rsa
curl -v -u "john:changeit" http://localhost:8080/service1
```
23 changes: 12 additions & 11 deletions ...es/src/main/java/io/helidon/security/examples/signatures/SignatureExampleBuilderMain.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,9 @@ public class SignatureExampleBuilderMain {
private static WebServer service2Server;

static {
addUser("jack", "password", List.of("user", "admin"));
addUser("jill", "password", List.of("user"));
addUser("john", "password", List.of());
addUser("jack", "changeit", List.of("user", "admin"));
addUser("jill", "changeit", List.of("user"));
addUser("john", "changeit", List.of());
}

private SignatureExampleBuilderMain() {
Expand Down Expand Up @@ -110,9 +110,9 @@ public static void main(String[] args) {
System.out.println("Signature example: from builder");
System.out.println();
System.out.println("Users:");
System.out.println("jack/password in roles: user, admin");
System.out.println("jill/password in roles: user");
System.out.println("john/password in no roles");
System.out.println("jack/changeit in roles: user, admin");
System.out.println("jill/changeit in roles: user");
System.out.println("john/changeit in no roles");
System.out.println();
System.out.println("***********************");
System.out.println("** Endpoints: **");
Expand Down Expand Up @@ -172,14 +172,14 @@ private static Security security2() {
.addProvider(HttpSignProvider.builder()
.addInbound(InboundClientDefinition.builder("service1-hmac")
.principalName("Service1 - HMAC signature")
.hmacSecret("somePasswordForHmacShouldBeEncrypted")
.hmacSecret("changeit")
.build())
.addInbound(InboundClientDefinition.builder("service1-rsa")
.principalName("Service1 - RSA signature")
.publicKeyConfig(KeyConfig.keystoreBuilder()
.keystore(Resource.create(Paths.get(
"src/main/resources/keystore.p12")))
.keystorePassphrase("password".toCharArray())
.keystorePassphrase("changeit".toCharArray())
.certAlias("service_cert")
.build())
.build())
Expand Down Expand Up @@ -217,8 +217,9 @@ private static OutboundTarget rsaTarget() {
.privateKeyConfig(KeyConfig.keystoreBuilder()
.keystore(Resource.create(Paths.get(
"src/main/resources/keystore.p12")))
.keystorePassphrase("password".toCharArray())
.keyAlias("myPrivateKey")
.keystorePassphrase("changeit".toCharArray())
.keyAlias("myprivatekey")
.keyPassphrase("password")
.build())
.build())
.build();
Expand All @@ -231,7 +232,7 @@ private static OutboundTarget hmacTarget() {
.customObject(
OutboundTargetDefinition.class,
OutboundTargetDefinition.builder("service1-hmac")
.hmacSecret("somePasswordForHmacShouldBeEncrypted")
.hmacSecret("changeit")
.build())
.build();
}
Expand Down
6 changes: 3 additions & 3 deletions ...res/src/main/java/io/helidon/security/examples/signatures/SignatureExampleConfigMain.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,9 @@ public static void main(String[] args) {
System.out.println("Signature example: from configuration");
System.out.println();
System.out.println("Users:");
System.out.println("jack/password in roles: user, admin");
System.out.println("jill/password in roles: user");
System.out.println("john/password in no roles");
System.out.println("jack/changeit in roles: user, admin");
System.out.println("jill/changeit in roles: user");
System.out.println("john/changeit in no roles");
System.out.println();
System.out.println("***********************");
System.out.println("** Endpoints: **");
Expand Down
Binary file modified examples/security/webserver-signatures/src/main/resources/keystore.p12
View file
Binary file not shown.
15 changes: 8 additions & 7 deletions examples/security/webserver-signatures/src/main/resources/service1.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,14 +33,14 @@ security:
realm: "helidon"
users:
- login: "jack"
password: "${CLEAR=password}"
password: "${CLEAR=changeit}"
roles: ["user", "admin"]
- login: "jill"
# master password is "jungle", password is "password"
password: "${CLEAR=password}"
# master password is "jungle", password is "changeit"
password: "${CLEAR=changeit}"
roles: ["user"]
- login: "john"
password: "${CLEAR=password}"
password: "${CLEAR=changeit}"
roles: []
outbound:
- name: "propagate-all"
Expand All @@ -52,7 +52,7 @@ security:
paths: ["/service2"]
signature:
key-id: "service1-hmac"
hmac.secret: "${CLEAR=somePasswordForHmacShouldBeEncrypted}"
hmac.secret: "${CLEAR=changeit}"
- name: "service2-rsa"
hosts: ["localhost"]
paths: ["/service2-rsa.*"]
Expand All @@ -67,9 +67,10 @@ security:
# defaults to jdk default
type: "PKCS12"
# password of the keystore
passphrase: "password"
passphrase: "changeit"
# alias of the key to sign request
key.alias: "myPrivateKey"
key.alias: "myprivatekey"
key.passphrase: "password"
web-server:
# Configuration of integration with web server
defaults:
Expand Down
10 changes: 5 additions & 5 deletions examples/security/webserver-signatures/src/main/resources/service2.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ security:
keys:
- key-id: "service1-hmac"
principal-name: "Service1 - HMAC signature"
hmac.secret: "${CLEAR=somePasswordForHmacShouldBeEncrypted}"
hmac.secret: "${CLEAR=changeit}"
- key-id: "service1-rsa"
principal-name: "Service1 - RSA signature"
public-key:
Expand All @@ -48,21 +48,21 @@ security:
# defaults to jdk default
# keystore-type: "PKCS12"
# password of the keystore
passphrase: "password"
passphrase: "changeit"
# alias of the certificate to get public key from
cert.alias: "service_cert"
# Security provider - basic authentication (supports roles)
- http-basic-auth:
realm: "helidon"
users:
- login: "jack"
password: "${CLEAR=password}"
password: "${CLEAR=changeit}"
roles: [ "user", "admin" ]
- login: "jill"
password: "${CLEAR=password}"
password: "${CLEAR=changeit}"
roles: [ "user" ]
- login: "john"
password: "${CLEAR=password}"
password: "${CLEAR=changeit}"
roles: []
web-server:
# Configuration of integration with web server
Expand Down
4 changes: 2 additions & 2 deletions ...ignatures/src/test/java/io/helidon/security/examples/signatures/SignatureExampleTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ static void stopServer(WebServer server) throws InterruptedException {
public void testService1Hmac() {
testProtected("http://localhost:" + getService1Port() + "/service1",
"jack",
"password",
"changeit",
Set.of("user", "admin"),
Set.of(),
"Service1 - HMAC signature");
Expand All @@ -84,7 +84,7 @@ public void testService1Hmac() {
public void testService1Rsa() {
testProtected("http://localhost:" + getService1Port() + "/service1-rsa",
"jack",
"password",
"changeit",
Set.of("user", "admin"),
Set.of(),
"Service1 - RSA signature");
Expand Down
2 changes: 1 addition & 1 deletion examples/webserver/mutual-tls/automatic-store-generator.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ while [ "$1" != "" ]; do
-s | --single ) shift
SINGLE=$1
;;
-h | --help ) echo "Some cool help"
-h | --help ) echo "Run the script by: ' ./automatic-store-generator.sh --name Helidon --type P12 --single true'"
exit
;;
* ) echo "ERROR: Invalid parameter" $1
Expand Down

0 comments on commit d2e20fb

Please sign in to comment.