[GitHub] [lucene-solr] madrob commented on a change in pull request #2430: SOLR-15194: relax requirements and allow http urls.

Thu, 25 Feb 2021 12:54:58 -0800 


madrob commented on a change in pull request #2430:
URL: https://github.com/apache/lucene-solr/pull/2430#discussion_r583170235



##########
File path: solr/core/src/test/org/apache/solr/security/JWTIssuerConfigTest.java
##########
@@ -125,6 +128,31 @@ public void parseIssuerConfigExplicit() {
     assertEquals("https://host/jwk";, issuerConfig.getJwksUrls().get(0));
   }
 
+  @Test
+  public void jwksUrlwithHttpLogsaWarning() {
+    HashMap<String, Object> issuerConfigMap = new HashMap<>();
+    issuerConfigMap.put("name", "myName");
+    issuerConfigMap.put("iss", "myIss");
+    issuerConfigMap.put("jwksUrl", "http://host/jwk";);
+
+    JWTIssuerConfig issuerConfig = new JWTIssuerConfig(issuerConfigMap);
+
+    LogWatcherConfig watcherCfg = new LogWatcherConfig(true, null, "WARN", 
100);
+    @SuppressWarnings({"rawtypes"})
+    LogWatcher watcher = LogWatcher.newRegisteredLogWatcher(watcherCfg, null);
+    
+    assertEquals(1, issuerConfig.getHttpsJwks().size());
+    assertEquals("http://host/jwk";, 
issuerConfig.getHttpsJwks().get(0).getLocation());
+
+      
+    SolrDocumentList history = watcher.getHistory(-1, null);
+    
+    if (history.stream().filter(d -> 
"org.apache.solr.security.JWTIssuerConfig".equals(d.getFirstValue("logger"))).count()
 == 0) {

Review comment:
       `assertTrue(msg, history.stream().findFirst(d -> ...).isPresent())`

##########
File path: solr/core/src/test/org/apache/solr/security/JWTIssuerConfigTest.java
##########
@@ -144,13 +172,29 @@ public void wellKnownConfigFromString() throws 
IOException {
     assertEquals(Arrays.asList("code", "code id_token", "code token", "code 
id_token token", "token", "id_token", "id_token token"), 
config.getResponseTypesSupported());
   }
 
-  @Test(expected = SolrException.class)
-  public void wellKnownConfigNotHttps() {
-    
JWTIssuerConfig.WellKnownDiscoveryConfig.parse("http://127.0.0.1:45678/.well-known/config";);
+  @Test
+  public void wellKnownConfigWithHttpLogsAWarning() {
+    
+    LogWatcherConfig watcherCfg = new LogWatcherConfig(true, null, "WARN", 
100);
+    @SuppressWarnings({"rawtypes"})
+    LogWatcher watcher = LogWatcher.newRegisteredLogWatcher(watcherCfg, null);
+    
+    watcher.reset();
+    
+    // currently we throw an exception because we can't open a connection to 
this fake url and can't mock it.
+    expectThrows(SolrException.class, () -> 
JWTIssuerConfig.WellKnownDiscoveryConfig.parse("http://127.0.0.1:45678/.well-known/config";));

Review comment:
       Store the exception returned and assert something about it, there are 
lots of different solr exceptions that can get thrown. Is this the same test as 
`wellKnownConfigNotReachable`?




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org

Reply via email to