From 8763802f9601307caabd0859d7a334c9fd9057a6 Mon Sep 17 00:00:00 2001 From: yrizhkov Date: Sun, 26 Jul 2020 10:33:58 +0300 Subject: [PATCH 1/6] simplify if else statement --- .../java/com/aerospike/restclient/ASTestUtils.java | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/src/test/java/com/aerospike/restclient/ASTestUtils.java b/src/test/java/com/aerospike/restclient/ASTestUtils.java index 808e91e..fc641d0 100644 --- a/src/test/java/com/aerospike/restclient/ASTestUtils.java +++ b/src/test/java/com/aerospike/restclient/ASTestUtils.java @@ -592,13 +592,9 @@ public static boolean compareRCOperations(RestClientOperation expected, RestClie } if (expectedOpVals != null) { - if (!compareMapStringObj(expectedOpVals, otherOpVals)) { - return false; - } - } else if (otherOpVals != null) { - return false; + return compareMapStringObj(expectedOpVals, otherOpVals); } - return true; + return otherOpVals == null; } -} \ No newline at end of file +} From 2bb11bbe6878d514c9fedde4a9357cfee33a4c43 Mon Sep 17 00:00:00 2001 From: yrizhkov Date: Sun, 26 Jul 2020 10:39:30 +0300 Subject: [PATCH 2/6] add security enabled condition to the InvalidUserAuthentication test --- .../restclient/AuthenticationTest.java | 2 + .../aerospike/restclient/ClusterUtils.java | 48 +++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 src/test/java/com/aerospike/restclient/ClusterUtils.java diff --git a/src/test/java/com/aerospike/restclient/AuthenticationTest.java b/src/test/java/com/aerospike/restclient/AuthenticationTest.java index 8565ab1..be7f5fc 100644 --- a/src/test/java/com/aerospike/restclient/AuthenticationTest.java +++ b/src/test/java/com/aerospike/restclient/AuthenticationTest.java @@ -91,6 +91,8 @@ public void testValidUserAuthentication() throws Exception { @Test public void testInvalidUserAuthentication() throws Exception { + if (!ClusterUtils.isSecurityEnabled(client)) return; + mockMVC.perform(get(testEndpoint) .header("Authorization", invalidAuthHeader)) .andExpect(status().isInternalServerError()); diff --git a/src/test/java/com/aerospike/restclient/ClusterUtils.java b/src/test/java/com/aerospike/restclient/ClusterUtils.java new file mode 100644 index 0000000..03c2012 --- /dev/null +++ b/src/test/java/com/aerospike/restclient/ClusterUtils.java @@ -0,0 +1,48 @@ +/* + * Copyright 2020 Aerospike, Inc. + * + * Portions may be licensed to Aerospike, Inc. under one or more contributor + * license agreements WHICH ARE COMPATIBLE WITH THE APACHE LICENSE, VERSION 2.0. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ +package com.aerospike.restclient; + +import com.aerospike.client.AerospikeClient; +import com.aerospike.client.AerospikeException; +import com.aerospike.client.Info; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public final class ClusterUtils { + + private static final Logger logger = LoggerFactory.getLogger(ClusterUtils.class); + + private ClusterUtils() { + } + + public static boolean isEnterpriseEdition(AerospikeClient client) { + String infoEdition = Info.request(null, client.getCluster().getRandomNode(), "edition"); + return infoEdition.contains("Enterprise"); + } + + public static boolean isSecurityEnabled(AerospikeClient client) { + if (isEnterpriseEdition(client)) { + try { + client.queryRoles(null); + return true; + } catch (AerospikeException e) { + logger.info("Aerospike Server Enterprise Edition security disabled"); + } + } + return false; + } +} From 523896325c85bf771b10bd04beddc9c987ea8d1e Mon Sep 17 00:00:00 2001 From: yrizhkov Date: Sun, 26 Jul 2020 12:00:06 +0300 Subject: [PATCH 3/6] upgrade Spring Boot to 2.3.1 --- build.gradle | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 16c48fb..9cf823d 100644 --- a/build.gradle +++ b/build.gradle @@ -1,6 +1,6 @@ buildscript { ext { - springBootVersion = '2.2.6.RELEASE' + springBootVersion = '2.3.1.RELEASE' springfoxVersion = '2.9.2' httpclientVersion = '4.5.12' aerospikeClientVersion = findProperty('aerospikeClientVersion') ?:'4.4.15' @@ -60,6 +60,7 @@ dependencies { compile("io.springfox:springfox-swagger2:${springfoxVersion}") compile("io.springfox:springfox-swagger-ui:${springfoxVersion}") compile("javax.inject:javax.inject:1") + implementation 'org.springframework.boot:spring-boot-starter-validation' implementation "org.apache.httpcomponents:httpclient:${httpclientVersion}" testCompile('org.springframework.boot:spring-boot-starter-test') } From 86119e5fb7f9e26680cdc4c346ec4f5fa34ef078 Mon Sep 17 00:00:00 2001 From: yrizhkov Date: Sun, 26 Jul 2020 18:59:57 +0300 Subject: [PATCH 4/6] improve documentation --- README.md | 2 ++ docs/installation-and-config.md | 16 ++++++++++------ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index dda96c5..2766108 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,8 @@ See [Installation and Configuration](./docs/installation-and-config.md) for inst Use [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) to enable multi-user tenancy in the Aerospike REST client. Please note that only Aerospike Enterprise Edition supports the [security features](https://aerospike.com/docs/guide/security/index.html). +For example, having the default `admin:admin` credentials, send the `Authorization: Basic YWRtaW46YWRtaW4=` header with the request to make an authenticated query. + ## Data Formats and API ### Formats diff --git a/docs/installation-and-config.md b/docs/installation-and-config.md index d44687d..983a5df 100644 --- a/docs/installation-and-config.md +++ b/docs/installation-and-config.md @@ -19,14 +19,14 @@ ./gradlew bootRun ``` -### Run from Jar file +### Run using a Jar file ``` java -jar build/libs/aerospike-client-rest-.jar ``` The fully executable jar contains an extra script at the front of the file, which allows you to just symlink your Spring Boot jar to init.d or use a systemd script. More information at the following links: -* [Installation as an init.d service](https://docs.spring.io/spring-boot/docs/2.2.6.RELEASE/reference/htmlsingle/#deployment-service) -* [Installation as a systemd service](https://docs.spring.io/spring-boot/docs/2.2.6.RELEASE/reference/htmlsingle/#deployment-systemd-service) +* [Installation as an init.d service](https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#deployment-service) +* [Installation as a systemd service](https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#deployment-systemd-service) ### Run using Docker * Build the docker image @@ -58,6 +58,7 @@ test out various commands in your browser. The Swagger specification, in `JSON` format, can be found at . ## Configuration +Read more about Spring Boot [Externalized Configuration](https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-external-config). * `server.port` Change the port the REST Client is listening on (default: 8080) * `aerospike.restclient.hostname` The IP address or Hostname of a seed node in the cluster (default: `localhost`) @@ -88,13 +89,16 @@ The REST Client also allows authentication to an Aerospike Enterprise edition se * `aerospike.restclient.clientpolicy.user` This is the name of a user registered with the Aerospike database. This variable is only needed when the Aerospike cluster is running with security enabled. * `aerospike.restclient.clientpolicy.password` This is the password for the previously specified user. This variable is only needed when the Aerospike cluster is running with security enabled. -Multi-user authentication configuration variables: +To utilize the multi-tenancy capability within the REST Client, send Aerospike login credentials using the [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication). +Set custom multi-user authentication configuration variables if needed: * `aerospike.restclient.requireAuthentication` Set this boolean flag to true to require the Basic Authentication on each request. -* `aerospike.restclient.pool.size` Represents the max size of the clients LRU cache (default value: 16) +* `aerospike.restclient.pool.size` Represents the max size of the authenticated clients LRU cache (default value: 16). +Please note that an oversized client cache will consume a lot of resources and affect the performance. ### TLS Configuration -Beginning with version `1.1.0` the Aerospike REST Client supports TLS communication between the client and the Aerospike Server. (This feature requires an Enterprise Edition Aerospike Server). If utilizing TLS, the `aerospike.restclient.hostlist` variable should be set to include appropriate TLS Names for each of the Aerospike Nodes. For example: `localhost:cluster-tls-name:4333` The following environment variables allow configuration of this connection: +Beginning with version `1.1.0` the Aerospike REST Client supports TLS communication between the client and the Aerospike Server. (This feature requires an Enterprise Edition Aerospike Server). +If utilizing TLS, the `aerospike.restclient.hostlist` variable should be set to include appropriate TLS Names for each of the Aerospike Nodes. For example: `localhost:cluster-tls-name:4333` The following environment variables allow configuration of this connection: * `aerospike.restclient.ssl.enabled` boolean, set to `true` to enable a TLS connection with the Aerospike Server. If no other SSL environment variables are provided, the REST client will attempt to establish a secure connection utilizing the default Java SSL trust and keystore settings. Default: `false` * `aerospike.restclient.ssl.keystorepath` The path to a Java KeyStore to be used to interact with the Aerospike Server. If omitted the default Java KeyStore location and password will be used. From 2518629d8fa272fb266c98627643735e1b2e2e50 Mon Sep 17 00:00:00 2001 From: yrizhkov Date: Mon, 27 Jul 2020 10:27:16 +0300 Subject: [PATCH 5/6] update swagger.json info version --- demos/sample-rest-stockapp/swagger/swagger.json | 2 +- docs/swagger.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/demos/sample-rest-stockapp/swagger/swagger.json b/demos/sample-rest-stockapp/swagger/swagger.json index 106bc5e..2be74b0 100644 --- a/demos/sample-rest-stockapp/swagger/swagger.json +++ b/demos/sample-rest-stockapp/swagger/swagger.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "description": "REST Interface for Aerospike Database.", - "version": "1.5.0", + "version": "1.6.1", "title": "Aerospike REST Client", "contact": { "name": "Aerospike, Inc.", diff --git a/docs/swagger.json b/docs/swagger.json index 2e4e4be..31e87c0 100644 --- a/docs/swagger.json +++ b/docs/swagger.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "description": "REST Interface for Aerospike Database.", - "version": "1.5.0", + "version": "1.6.1", "title": "Aerospike REST Client", "contact": { "name": "Aerospike, Inc.", From 0fd2486b34493fe11ab385fc9113ba68a9a48b53 Mon Sep 17 00:00:00 2001 From: yrizhkov Date: Mon, 27 Jul 2020 10:28:09 +0300 Subject: [PATCH 6/6] v1.6.1 --- gradle.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle.properties b/gradle.properties index b8dcb71..318479d 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,2 +1,2 @@ -appVersion=1.6.0 +appVersion=1.6.1 jarBaseName=as-rest-client