diff --git a/src/main/java/io/lettuce/authx/TokenBasedRedisCredentialsProvider.java b/src/main/java/io/lettuce/authx/TokenBasedRedisCredentialsProvider.java index ec8a36372..ca86891c1 100644 --- a/src/main/java/io/lettuce/authx/TokenBasedRedisCredentialsProvider.java +++ b/src/main/java/io/lettuce/authx/TokenBasedRedisCredentialsProvider.java @@ -36,7 +36,7 @@ private void initializeTokenManager() { @Override public void onTokenRenewed(Token token) { try { - String username = token.tryGet("oid"); + String username = token.getUser(); char[] pass = token.getValue().toCharArray(); RedisCredentials credentials = RedisCredentials.just(username, pass); credentialsSink.tryEmitNext(credentials); diff --git a/src/test/java/io/lettuce/authx/TokenBasedRedisCredentialsProviderTest.java b/src/test/java/io/lettuce/authx/TokenBasedRedisCredentialsProviderTest.java index 2d43bb9b1..d6ff84648 100644 --- a/src/test/java/io/lettuce/authx/TokenBasedRedisCredentialsProviderTest.java +++ b/src/test/java/io/lettuce/authx/TokenBasedRedisCredentialsProviderTest.java @@ -138,9 +138,8 @@ public void shouldHandleTokenRequestErrorGracefully() { } private SimpleToken testToken(String username, String value) { - return new SimpleToken(value, System.currentTimeMillis() + 5000, // expires in 5 seconds - System.currentTimeMillis(), Collections.singletonMap("oid", username)); - + return new SimpleToken(username, value, System.currentTimeMillis() + 5000, // expires in 5 seconds + System.currentTimeMillis(), Collections.emptyMap()); } } diff --git a/src/test/java/io/lettuce/core/AuthenticationIntegrationTests.java b/src/test/java/io/lettuce/core/AuthenticationIntegrationTests.java index e54d935d0..618bb1a14 100644 --- a/src/test/java/io/lettuce/core/AuthenticationIntegrationTests.java +++ b/src/test/java/io/lettuce/core/AuthenticationIntegrationTests.java @@ -184,8 +184,8 @@ private boolean isAuthCommandWithCredentials(RedisCommand command, Stri } private SimpleToken testToken(String username, char[] password) { - return new SimpleToken(String.valueOf(password), Instant.now().plusMillis(500).toEpochMilli(), - Instant.now().toEpochMilli(), Collections.singletonMap("oid", username)); + return new SimpleToken(username, String.valueOf(password), Instant.now().plusMillis(500).toEpochMilli(), + Instant.now().toEpochMilli(), Collections.emptyMap()); } } diff --git a/src/test/java/io/lettuce/examples/TokenBasedAuthExample.java b/src/test/java/io/lettuce/examples/TokenBasedAuthExample.java index 26b60caa8..ef1b51419 100644 --- a/src/test/java/io/lettuce/examples/TokenBasedAuthExample.java +++ b/src/test/java/io/lettuce/examples/TokenBasedAuthExample.java @@ -35,101 +35,104 @@ public static void main(String[] args) throws Exception { String User2_clientId = System.getenv("USER2_CLIENT_ID"); String User2_secret = System.getenv("USER2_SECRET"); - // User 1 - // from redis-authx-entraind - IdentityProviderConfig config1; - try (EntraIDTokenAuthConfigBuilder builder = EntraIDTokenAuthConfigBuilder.builder()) { - config1 = builder.authority(authority).clientId(User1_clientId).secret(User1_secret).scopes(scopes) - .tokenRequestExecTimeoutInMs(10000).build().getIdentityProviderConfig(); - } - - // from redis-authx-core - TokenAuthConfig tokenAuthConfigUser1 = TokenAuthConfig.builder().tokenRequestExecTimeoutInMs(10000) - .expirationRefreshRatio(0.1f).identityProviderConfig(config1).build(); - // Create credentials provider user1 - TokenBasedRedisCredentialsProvider credentialsUser1 = new TokenBasedRedisCredentialsProvider(tokenAuthConfigUser1); - - // User2 - // from redis-authx-entraind - IdentityProviderConfig config2 = EntraIDTokenAuthConfigBuilder.builder().authority(authority).clientId(User2_clientId) - .secret(User2_secret).scopes(scopes).tokenRequestExecTimeoutInMs(10000).build().getIdentityProviderConfig(); - // from redis-authx-core - TokenAuthConfig tokenAuthConfigUser2 = TokenAuthConfig.builder().tokenRequestExecTimeoutInMs(10000) - .expirationRefreshRatio(0.1f).identityProviderConfig(config2).build(); - // Create credentials provider user2 - // TODO: lettuce-autx-tba ( TokenBasedRedisCredentialsProvider & Example there) - TokenBasedRedisCredentialsProvider credentialsUser2 = new TokenBasedRedisCredentialsProvider(tokenAuthConfigUser2); - - // lettuce-core - RedisURI redisURI1 = RedisURI.create(REDIS_URI); - redisURI1.setCredentialsProvider(credentialsUser1); - - RedisURI redisURI2 = RedisURI.create(REDIS_URI); - redisURI2.setCredentialsProvider(credentialsUser2); - - // Create RedisClient - ClientOptions clientOptions = ClientOptions.builder() - .socketOptions(SocketOptions.builder().connectTimeout(Duration.ofSeconds(5)).build()) - .disconnectedBehavior(ClientOptions.DisconnectedBehavior.REJECT_COMMANDS) - .timeoutOptions(TimeoutOptions.enabled(Duration.ofSeconds(1))) - .reauthenticateBehavior(ClientOptions.ReauthenticateBehavior.ON_NEW_CREDENTIALS).build(); - try { - - // RedisClient using user1 credentials by default - RedisClient redisClient = RedisClient.create(redisURI1); - redisClient.setOptions(clientOptions); - - // create connection using default URI (authorised as user1) - try (StatefulRedisConnection user1 = redisClient.connect(StringCodec.UTF8)) { - - user1.reactive().aclWhoami().doOnNext(System.out::println).block(); - } - - // another connection using different authorizations (user2 credentials provider) - try (StatefulRedisConnection user2 = redisClient.connect(StringCodec.UTF8, redisURI2);) { - user2.reactive().aclWhoami().doOnNext(System.out::println).block(); + // User 1 + // from redis-authx-entraind + IdentityProviderConfig config1; + try (EntraIDTokenAuthConfigBuilder builder = EntraIDTokenAuthConfigBuilder.builder()) { + config1 = builder.authority(authority).clientId(User1_clientId).secret(User1_secret).scopes(scopes) + .tokenRequestExecTimeoutInMs(10000).build().getIdentityProviderConfig(); } - // Shutdown Redis client and close connections - redisClient.shutdown(); - - ClusterClientOptions clusterClientOptions = ClusterClientOptions.builder() + // from redis-authx-core + TokenAuthConfig tokenAuthConfigUser1 = TokenAuthConfig.builder().tokenRequestExecTimeoutInMs(10000) + .expirationRefreshRatio(0.1f).identityProviderConfig(config1).build(); + // Create credentials provider user1 + TokenBasedRedisCredentialsProvider credentialsUser1 = new TokenBasedRedisCredentialsProvider(tokenAuthConfigUser1); + + // User2 + // from redis-authx-entraind + IdentityProviderConfig config2 = EntraIDTokenAuthConfigBuilder.builder().authority(authority).clientId(User2_clientId) + .secret(User2_secret).scopes(scopes).tokenRequestExecTimeoutInMs(10000).build().getIdentityProviderConfig(); + // from redis-authx-core + TokenAuthConfig tokenAuthConfigUser2 = TokenAuthConfig.builder().tokenRequestExecTimeoutInMs(10000) + .expirationRefreshRatio(0.1f).identityProviderConfig(config2).build(); + // Create credentials provider user2 + // TODO: lettuce-autx-tba ( TokenBasedRedisCredentialsProvider & Example there) + TokenBasedRedisCredentialsProvider credentialsUser2 = new TokenBasedRedisCredentialsProvider(tokenAuthConfigUser2); + + // lettuce-core + RedisURI redisURI1 = RedisURI.create(REDIS_URI); + redisURI1.setCredentialsProvider(credentialsUser1); + + RedisURI redisURI2 = RedisURI.create(REDIS_URI); + redisURI2.setCredentialsProvider(credentialsUser2); + + // Create RedisClient + ClientOptions clientOptions = ClientOptions.builder() .socketOptions(SocketOptions.builder().connectTimeout(Duration.ofSeconds(5)).build()) .disconnectedBehavior(ClientOptions.DisconnectedBehavior.REJECT_COMMANDS) .timeoutOptions(TimeoutOptions.enabled(Duration.ofSeconds(1))) .reauthenticateBehavior(ClientOptions.ReauthenticateBehavior.ON_NEW_CREDENTIALS).build(); + try { - // RedisClient using user1 credentials by default - RedisClusterClient redisClusterClient = RedisClusterClient.create(redisURI1); - redisClusterClient.setOptions(clusterClientOptions); + // RedisClient using user1 credentials by default + RedisClient redisClient = RedisClient.create(redisURI1); + redisClient.setOptions(clientOptions); - // create connection using default URI (authorised as user1) - try (StatefulRedisClusterConnection clusterConnection = redisClusterClient.connect(StringCodec.UTF8)) { + // create connection using default URI (authorised as user1) + try (StatefulRedisConnection user1 = redisClient.connect(StringCodec.UTF8)) { - String info = clusterConnection.sync().clusterInfo(); - System.out.println("Cluster Info :" + info); + user1.reactive().aclWhoami().doOnNext(System.out::println).block(); + } - String nodes = clusterConnection.sync().clusterNodes(); - System.out.println("Cluster Nodes :" + nodes); + // another connection using different authorizations (user2 credentials provider) + try (StatefulRedisConnection user2 = redisClient.connect(StringCodec.UTF8, redisURI2);) { + user2.reactive().aclWhoami().doOnNext(System.out::println).block(); + } - clusterConnection.sync().set("cluster-key", "cluster-value"); - System.out.println("set " + clusterConnection.sync().get("cluster-key")); + // Shutdown Redis client and close connections + redisClient.shutdown(); - RedisAdvancedClusterCommands sync = clusterConnection.sync(); - NodeSelection upstream = sync.upstream(); + ClusterClientOptions clusterClientOptions = ClusterClientOptions.builder() + .socketOptions(SocketOptions.builder().connectTimeout(Duration.ofSeconds(5)).build()) + .disconnectedBehavior(ClientOptions.DisconnectedBehavior.REJECT_COMMANDS) + .timeoutOptions(TimeoutOptions.enabled(Duration.ofSeconds(1))) + .reauthenticateBehavior(ClientOptions.ReauthenticateBehavior.ON_NEW_CREDENTIALS).build(); - upstream.commands().clientId().forEach((v) -> { System.out.println("Client Id : " + v);}); + // RedisClient using user1 credentials by default + RedisClusterClient redisClusterClient = RedisClusterClient.create(redisURI1); + redisClusterClient.setOptions(clusterClientOptions); - System.out.println(" whoami :" + clusterConnection.getConnection(clusterConnection.getPartitions().getPartition(0).getNodeId()).sync() - .aclWhoami()); - } - // Shutdown Redis client and close connections - redisClusterClient.shutdown(); - } finally { - credentialsUser1.shutdown(); - credentialsUser2.shutdown(); + // create connection using default URI (authorised as user1) + try (StatefulRedisClusterConnection clusterConnection = redisClusterClient + .connect(StringCodec.UTF8)) { - } + String info = clusterConnection.sync().clusterInfo(); + System.out.println("Cluster Info :" + info); + + String nodes = clusterConnection.sync().clusterNodes(); + System.out.println("Cluster Nodes :" + nodes); + + clusterConnection.sync().set("cluster-key", "cluster-value"); + System.out.println("set " + clusterConnection.sync().get("cluster-key")); + + RedisAdvancedClusterCommands sync = clusterConnection.sync(); + NodeSelection upstream = sync.upstream(); + + upstream.commands().clientId().forEach((v) -> { + System.out.println("Client Id : " + v); + }); + + System.out.println(" whoami :" + clusterConnection + .getConnection(clusterConnection.getPartitions().getPartition(0).getNodeId()).sync().aclWhoami()); + } + // Shutdown Redis client and close connections + redisClusterClient.shutdown(); + } finally { + credentialsUser1.shutdown(); + credentialsUser2.shutdown(); + + } }