diff --git a/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/ConnectedRESTQA.java b/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/ConnectedRESTQA.java index 85a171511..f410d4e8d 100644 --- a/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/ConnectedRESTQA.java +++ b/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/ConnectedRESTQA.java @@ -50,7 +50,7 @@ public abstract class ConnectedRESTQA { protected static Properties testProperties = null; - protected static String securityContextType; + protected static String authType; protected static String restServerName = null; private static String restSslServerName = null; private static String ssl_enabled = null; @@ -2101,7 +2101,7 @@ private static void overrideTestPropertiesWithSystemProperties(Properties testPr testProperties.setProperty("httpPort", "8020"); testProperties.setProperty("marklogic.client.port", "8020"); testProperties.setProperty("marklogic.client.basePath", "testFunctional"); - testProperties.setProperty("marklogic.client.securityContextType", "basic"); + testProperties.setProperty("marklogic.client.authType", "basic"); } } @@ -2119,7 +2119,7 @@ public static void loadGradleProperties() { overrideTestPropertiesWithSystemProperties(properties); - securityContextType = properties.getProperty("marklogic.client.securityContextType"); + authType = properties.getProperty("marklogic.client.authType"); restServerName = properties.getProperty("mlAppServerName"); restSslServerName = properties.getProperty("mlAppServerSSLName"); @@ -2151,9 +2151,9 @@ public static void loadGradleProperties() { testProperties = properties; System.out.println("For 'slow' tests, will connect to: " + host_name + ":" + http_port + "; basePath: " + basePath + - "; auth: " + securityContextType); + "; auth: " + authType); System.out.println("For 'fast' tests, will connect to: " + host_name + ":" + fast_http_port + "; basePath: " + basePath + - "; auth: " + securityContextType); + "; auth: " + authType); } public static boolean isLBHost() { @@ -2598,7 +2598,7 @@ public static void associateRESTServerWithModuleDB(String restServerName, String } public static DatabaseClientFactory.SecurityContext newSecurityContext(String username, String password) { - if ("basic".equalsIgnoreCase(securityContextType)) { + if ("basic".equalsIgnoreCase(authType)) { return new DatabaseClientFactory.BasicAuthContext(username, password); } return new DatabaseClientFactory.DigestAuthContext(username, password); diff --git a/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/TestDatabaseClientConnection.java b/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/TestDatabaseClientConnection.java index 84ef5333c..07df0590f 100644 --- a/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/TestDatabaseClientConnection.java +++ b/marklogic-client-api-functionaltests/src/test/java/com/marklogic/client/functionaltest/TestDatabaseClientConnection.java @@ -32,7 +32,6 @@ import com.marklogic.client.query.*; import org.custommonkey.xmlunit.exceptions.XpathException; import org.junit.jupiter.api.AfterAll; -import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; import org.w3c.dom.Document; @@ -1019,7 +1018,7 @@ public static void tearDown() throws Exception { System.out.println("In tear down"); if (!IsSecurityEnabled()) { - setAuthenticationAndDefaultUser(restServerName, securityContextType, "nobody"); + setAuthenticationAndDefaultUser(restServerName, authType, "nobody"); } // Associate the Server with Documents. Due to test orders being // undeterministic not sure which DB will be associated. diff --git a/marklogic-client-api-functionaltests/src/test/resources/test.properties b/marklogic-client-api-functionaltests/src/test/resources/test.properties index e4422e9ad..29d3a7c76 100644 --- a/marklogic-client-api-functionaltests/src/test/resources/test.properties +++ b/marklogic-client-api-functionaltests/src/test/resources/test.properties @@ -1,7 +1,7 @@ # Standard properties for constructing a DatabaseClient marklogic.client.host=localhost marklogic.client.port=8014 -marklogic.client.securityContextType=digest +marklogic.client.authType=digest marklogic.client.username=opticUser marklogic.client.password=0pt1c marklogic.client.basePath= diff --git a/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientBuilder.java b/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientBuilder.java index 38ed6e8ee..e66c8c0d1 100644 --- a/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientBuilder.java +++ b/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientBuilder.java @@ -38,12 +38,12 @@ public class DatabaseClientBuilder { public final static String PREFIX = "marklogic.client."; - public final static String SECURITY_CONTEXT_TYPE_BASIC = "basic"; - public final static String SECURITY_CONTEXT_TYPE_DIGEST = "digest"; - public final static String SECURITY_CONTEXT_TYPE_MARKLOGIC_CLOUD = "cloud"; - public final static String SECURITY_CONTEXT_TYPE_KERBEROS = "kerberos"; - public final static String SECURITY_CONTEXT_TYPE_CERTIFICATE = "certificate"; - public final static String SECURITY_CONTEXT_TYPE_SAML = "saml"; + public final static String AUTH_TYPE_BASIC = "basic"; + public final static String AUTH_TYPE_DIGEST = "digest"; + public final static String AUTH_TYPE_MARKLOGIC_CLOUD = "cloud"; + public final static String AUTH_TYPE_KERBEROS = "kerberos"; + public final static String AUTH_TYPE_CERTIFICATE = "certificate"; + public final static String AUTH_TYPE_SAML = "saml"; private final Map props; @@ -124,42 +124,42 @@ public DatabaseClientBuilder withSecurityContext(DatabaseClientFactory.SecurityC * @param type must be one of "basic", "digest", "cloud", "kerberos", "certificate", or "saml" * @return */ - public DatabaseClientBuilder withSecurityContextType(String type) { - props.put(PREFIX + "securityContextType", type); + public DatabaseClientBuilder withAuthType(String type) { + props.put(PREFIX + "authType", type); return this; } public DatabaseClientBuilder withBasicAuth(String username, String password) { - return withSecurityContextType(SECURITY_CONTEXT_TYPE_BASIC) + return withAuthType(AUTH_TYPE_BASIC) .withUsername(username) .withPassword(password); } public DatabaseClientBuilder withDigestAuth(String username, String password) { - return withSecurityContextType(SECURITY_CONTEXT_TYPE_DIGEST) + return withAuthType(AUTH_TYPE_DIGEST) .withUsername(username) .withPassword(password); } public DatabaseClientBuilder withMarkLogicCloudAuth(String apiKey, String basePath) { - return withSecurityContextType(SECURITY_CONTEXT_TYPE_MARKLOGIC_CLOUD) + return withAuthType(AUTH_TYPE_MARKLOGIC_CLOUD) .withCloudApiKey(apiKey) .withBasePath(basePath); } public DatabaseClientBuilder withKerberosAuth(String principal) { - return withSecurityContextType(SECURITY_CONTEXT_TYPE_KERBEROS) + return withAuthType(AUTH_TYPE_KERBEROS) .withKerberosPrincipal(principal); } public DatabaseClientBuilder withCertificateAuth(String file, String password) { - return withSecurityContextType(SECURITY_CONTEXT_TYPE_CERTIFICATE) + return withAuthType(AUTH_TYPE_CERTIFICATE) .withCertificateFile(file) .withCertificatePassword(password); } public DatabaseClientBuilder withSAMLAuth(String token) { - return withSecurityContextType(SECURITY_CONTEXT_TYPE_SAML) + return withAuthType(AUTH_TYPE_SAML) .withSAMLToken(token); } diff --git a/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientFactory.java b/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientFactory.java index c5163f9b8..67abc5695 100644 --- a/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientFactory.java +++ b/marklogic-client-api/src/main/java/com/marklogic/client/DatabaseClientFactory.java @@ -452,14 +452,14 @@ public SecurityContext withSSLContext(SSLContext context, X509TrustManager trust public static class MarkLogicCloudAuthContext extends AuthContext { private String tokenEndpoint; private String grantType; - private String key; + private String apiKey; - public MarkLogicCloudAuthContext(String key) { - this(key, "/token", "apikey"); + public MarkLogicCloudAuthContext(String apiKey) { + this(apiKey, "/token", "apikey"); } - public MarkLogicCloudAuthContext(String key, String tokenEndpoint, String grantType) { - this.key = key; + public MarkLogicCloudAuthContext(String apiKey, String tokenEndpoint, String grantType) { + this.apiKey = apiKey; this.tokenEndpoint = tokenEndpoint; this.grantType = grantType; } @@ -472,8 +472,8 @@ public String getGrantType() { return grantType; } - public String getKey() { - return key; + public String getApiKey() { + return apiKey; } @Override @@ -1230,16 +1230,18 @@ public String getCertificatePassword() { *
  • marklogic.client.database = must be a String
    • *
  • marklogic.client.connectionType = must be a String or instance of {@code ConnectionType}
    • *
  • marklogic.client.securityContext = an instance of {@code SecurityContext}; if set, then all other - * properties pertaining to the construction of a {@code SecurityContext} will be ignored, including the - * properties pertaing to SSL
    • - *
  • marklogic.client.securityContextType = required if marklogic.client.securityContext is not set; - * must be a String and one of "basic", "digest", "cloud", "kerberos", "certificate", or "saml"
    • + * authentication properties pertaining to the construction of a {@code SecurityContext} will be ignored, + * including the properties pertaining to SSL; this is effectively an escape hatch for providing a + * {@code SecurityContext} in case an appropriate one cannot be created via the other supported properties + *
  • marklogic.client.authType = determines the type of authentication to use; required if + * marklogic.client.securityContext is not set; must be a String and one of "basic", "digest", "cloud", + * "kerberos", "certificate", or "saml"
    • *
  • marklogic.client.username = must be a String; required for basic and digest authentication
    • *
  • marklogic.client.password = must be a String; required for basic and digest authentication
    • - *
  • marklogic.client.cloud.apiKey = must be a String; required for cloud authentication
    • - *
  • marklogic.client.kerberos.principal = must be a String
    • *
  • marklogic.client.certificate.file = must be a String; required for certificate authentication
    • *
  • marklogic.client.certificate.password = must be a String; required for certificate authentication
    • + *
  • marklogic.client.cloud.apiKey = must be a String; required for cloud authentication
    • + *
  • marklogic.client.kerberos.principal = must be a String; required for Kerberos authentication
    • *
  • marklogic.client.saml.token = must be a String; required for SAML authentication
    • *
  • marklogic.client.sslContext = must be an instance of {@code javax.net.ssl.SSLContext}
    • *
  • marklogic.client.sslProtocol = must be a String; if "default', then uses the JVM default SSL diff --git a/marklogic-client-api/src/main/java/com/marklogic/client/impl/DatabaseClientPropertySource.java b/marklogic-client-api/src/main/java/com/marklogic/client/impl/DatabaseClientPropertySource.java index bea899723..bd854989d 100644 --- a/marklogic-client-api/src/main/java/com/marklogic/client/impl/DatabaseClientPropertySource.java +++ b/marklogic-client-api/src/main/java/com/marklogic/client/impl/DatabaseClientPropertySource.java @@ -136,14 +136,14 @@ private DatabaseClientFactory.SecurityContext newSecurityContext() { throw new IllegalArgumentException("Security context must be of type " + DatabaseClientFactory.SecurityContext.class.getName()); } - Object typeValue = propertySource.apply(PREFIX + "securityContextType"); + Object typeValue = propertySource.apply(PREFIX + "authType"); if (typeValue == null || !(typeValue instanceof String)) { - throw new IllegalArgumentException("Security context should be set, or security context type must be of type String"); + throw new IllegalArgumentException("Security context should be set, or auth type must be of type String"); } - final String securityContextType = (String)typeValue; - final SSLInputs sslInputs = buildSSLInputs(securityContextType); + final String authType = (String)typeValue; + final SSLInputs sslInputs = buildSSLInputs(authType); - DatabaseClientFactory.SecurityContext securityContext = newSecurityContext(securityContextType, sslInputs); + DatabaseClientFactory.SecurityContext securityContext = newSecurityContext(authType, sslInputs); X509TrustManager trustManager = determineTrustManager(sslInputs); SSLContext sslContext = sslInputs.getSslContext() != null ? @@ -160,20 +160,20 @@ private DatabaseClientFactory.SecurityContext newSecurityContext() { private DatabaseClientFactory.SecurityContext newSecurityContext(String type, SSLInputs sslInputs) { switch (type.toLowerCase()) { - case DatabaseClientBuilder.SECURITY_CONTEXT_TYPE_BASIC: + case DatabaseClientBuilder.AUTH_TYPE_BASIC: return newBasicAuthContext(); - case DatabaseClientBuilder.SECURITY_CONTEXT_TYPE_DIGEST: + case DatabaseClientBuilder.AUTH_TYPE_DIGEST: return newDigestAuthContext(); - case DatabaseClientBuilder.SECURITY_CONTEXT_TYPE_MARKLOGIC_CLOUD: + case DatabaseClientBuilder.AUTH_TYPE_MARKLOGIC_CLOUD: return newCloudAuthContext(); - case DatabaseClientBuilder.SECURITY_CONTEXT_TYPE_KERBEROS: + case DatabaseClientBuilder.AUTH_TYPE_KERBEROS: return newKerberosAuthContext(); - case DatabaseClientBuilder.SECURITY_CONTEXT_TYPE_CERTIFICATE: + case DatabaseClientBuilder.AUTH_TYPE_CERTIFICATE: return newCertificateAuthContext(sslInputs); - case DatabaseClientBuilder.SECURITY_CONTEXT_TYPE_SAML: + case DatabaseClientBuilder.AUTH_TYPE_SAML: return newSAMLAuthContext(); default: - throw new IllegalArgumentException("Unrecognized security context type: " + type); + throw new IllegalArgumentException("Unrecognized auth type: " + type); } } @@ -302,11 +302,11 @@ private DatabaseClientFactory.SSLHostnameVerifier determineHostnameVerifier() { * Uses the given propertySource to construct the inputs pertaining to constructing an SSLContext and an * X509TrustManager. * - * @param securityContextType used for applying "default" as the SSL protocol for MarkLogic cloud authentication in + * @param authType used for applying "default" as the SSL protocol for MarkLogic cloud authentication in * case the user does not define their own SSLContext or SSL protocol * @return */ - private SSLInputs buildSSLInputs(String securityContextType) { + private SSLInputs buildSSLInputs(String authType) { SSLContext sslContext = null; Object val = propertySource.apply(PREFIX + "sslContext"); if (val != null) { @@ -320,7 +320,7 @@ private SSLInputs buildSSLInputs(String securityContextType) { String sslProtocol = getNullableStringValue("sslProtocol"); if (sslContext == null && (sslProtocol == null || sslProtocol.trim().length() == 0) && - DatabaseClientBuilder.SECURITY_CONTEXT_TYPE_MARKLOGIC_CLOUD.equalsIgnoreCase(securityContextType)) { + DatabaseClientBuilder.AUTH_TYPE_MARKLOGIC_CLOUD.equalsIgnoreCase(authType)) { sslProtocol = "default"; } diff --git a/marklogic-client-api/src/main/java/com/marklogic/client/impl/okhttp/MarkLogicCloudAuthenticationConfigurer.java b/marklogic-client-api/src/main/java/com/marklogic/client/impl/okhttp/MarkLogicCloudAuthenticationConfigurer.java index d2c0e9dc8..5a996f9ff 100644 --- a/marklogic-client-api/src/main/java/com/marklogic/client/impl/okhttp/MarkLogicCloudAuthenticationConfigurer.java +++ b/marklogic-client-api/src/main/java/com/marklogic/client/impl/okhttp/MarkLogicCloudAuthenticationConfigurer.java @@ -36,7 +36,7 @@ public MarkLogicCloudAuthenticationConfigurer(String host) { @Override public void configureAuthentication(OkHttpClient.Builder clientBuilder, MarkLogicCloudAuthContext securityContext) { - final String apiKey = securityContext.getKey(); + final String apiKey = securityContext.getApiKey(); if (apiKey == null || apiKey.trim().length() < 1) { throw new IllegalArgumentException("No API key provided"); } @@ -97,7 +97,7 @@ protected HttpUrl buildTokenUrl(MarkLogicCloudAuthContext securityContext) { protected FormBody newFormBody(MarkLogicCloudAuthContext securityContext) { return new FormBody.Builder() .add("grant_type", securityContext.getGrantType()) - .add("key", securityContext.getKey()).build(); + .add("key", securityContext.getApiKey()).build(); } private String getAccessTokenFromResponse(Response response) { diff --git a/marklogic-client-api/src/test/java/com/marklogic/client/impl/DatabaseClientPropertySourceTest.java b/marklogic-client-api/src/test/java/com/marklogic/client/impl/DatabaseClientPropertySourceTest.java index c1a686ea3..58bd68ec9 100644 --- a/marklogic-client-api/src/test/java/com/marklogic/client/impl/DatabaseClientPropertySourceTest.java +++ b/marklogic-client-api/src/test/java/com/marklogic/client/impl/DatabaseClientPropertySourceTest.java @@ -27,7 +27,7 @@ public class DatabaseClientPropertySourceTest { @BeforeEach void beforeEach() { props = new HashMap() {{ - put(PREFIX + "securityContextType", "digest"); + put(PREFIX + "authType", "digest"); put(PREFIX + "username", "someuser"); put(PREFIX + "password", "someword"); }}; @@ -74,7 +74,7 @@ void stringPort() { @Test void cloudAuthWithNoSslInputs() { - props.put(PREFIX + "securityContextType", "cloud"); + props.put(PREFIX + "authType", "cloud"); props.put(PREFIX + "cloud.apiKey", "abc123"); props.put(PREFIX + "basePath", "/my/path"); @@ -84,7 +84,7 @@ void cloudAuthWithNoSslInputs() { assertTrue(bean.getSecurityContext() instanceof DatabaseClientFactory.MarkLogicCloudAuthContext); DatabaseClientFactory.MarkLogicCloudAuthContext context = (DatabaseClientFactory.MarkLogicCloudAuthContext) bean.getSecurityContext(); - assertEquals("abc123", context.getKey()); + assertEquals("abc123", context.getApiKey()); assertNotNull(context.getSSLContext(), "If cloud is chosen with no SSL protocol or context, the default JVM " + "SSLContext should be used"); diff --git a/marklogic-client-api/src/test/java/com/marklogic/client/test/Common.java b/marklogic-client-api/src/test/java/com/marklogic/client/test/Common.java index ca5848a57..565fa0612 100644 --- a/marklogic-client-api/src/test/java/com/marklogic/client/test/Common.java +++ b/marklogic-client-api/src/test/java/com/marklogic/client/test/Common.java @@ -51,7 +51,7 @@ public class Common { final public static boolean USE_REVERSE_PROXY_SERVER = Boolean.parseBoolean(System.getProperty("TEST_USE_REVERSE_PROXY_SERVER", "false")); final public static int PORT = USE_REVERSE_PROXY_SERVER ? 8020 : Integer.parseInt(System.getProperty("TEST_PORT", "8012")); - final public static String SECURITY_CONTEXT_TYPE = USE_REVERSE_PROXY_SERVER ? "basic" : System.getProperty("TEST_SECURITY_CONTEXT_TYPE", "digest"); + final public static String AUTH_TYPE = USE_REVERSE_PROXY_SERVER ? "basic" : System.getProperty("TEST_AUTH_TYPE", "digest"); final public static String BASE_PATH = USE_REVERSE_PROXY_SERVER ? "test/marklogic/unit" : System.getProperty("TEST_BASE_PATH", null); final public static boolean WITH_WAIT = Boolean.parseBoolean(System.getProperty("TEST_WAIT", "false")); final public static int PROPERTY_WAIT = Integer.parseInt(System.getProperty("TEST_PROPERTY_WAIT", WITH_WAIT ? "8200" : "0")); @@ -114,7 +114,7 @@ public static DatabaseClient newClient() { } public static DatabaseClientFactory.SecurityContext newSecurityContext(String username, String password) { - if ("basic".equalsIgnoreCase(SECURITY_CONTEXT_TYPE)) { + if ("basic".equalsIgnoreCase(AUTH_TYPE)) { return new DatabaseClientFactory.BasicAuthContext(username, password); } return new DatabaseClientFactory.DigestAuthContext(username, password); @@ -127,7 +127,7 @@ public static DatabaseClientBuilder newClientBuilder() { .withBasePath(BASE_PATH) .withUsername(USER) .withPassword(PASS) // Most of the test users all have the same password, so we can use a default one here - .withSecurityContextType(SECURITY_CONTEXT_TYPE) + .withAuthType(AUTH_TYPE) .withConnectionType(CONNECTION_TYPE); } diff --git a/marklogic-client-api/src/test/java/com/marklogic/client/test/DatabaseClientBuilderTest.java b/marklogic-client-api/src/test/java/com/marklogic/client/test/DatabaseClientBuilderTest.java index 0966c706f..c0c55aae8 100644 --- a/marklogic-client-api/src/test/java/com/marklogic/client/test/DatabaseClientBuilderTest.java +++ b/marklogic-client-api/src/test/java/com/marklogic/client/test/DatabaseClientBuilderTest.java @@ -62,17 +62,17 @@ void noSecurityContextOrType() { .withHost("some-host") .withPort(10) .buildBean()); - assertEquals("Security context should be set, or security context type must be of type String", ex.getMessage()); + assertEquals("Security context should be set, or auth type must be of type String", ex.getMessage()); } @Test - void invalidSecurityContextType() { + void invalidAuthType() { IllegalArgumentException ex = assertThrows(IllegalArgumentException.class, () -> new DatabaseClientBuilder() .withHost("another-host") .withPort(200) - .withSecurityContextType("invalid-type") + .withAuthType("invalid-type") .buildBean()); - assertEquals("Unrecognized security context type: invalid-type", ex.getMessage()); + assertEquals("Unrecognized auth type: invalid-type", ex.getMessage()); } @Test @@ -105,7 +105,7 @@ void cloudWithBasePath() { DatabaseClientFactory.MarkLogicCloudAuthContext context = (DatabaseClientFactory.MarkLogicCloudAuthContext) bean.getSecurityContext(); - assertEquals("my-key", context.getKey()); + assertEquals("my-key", context.getApiKey()); assertEquals("/my/path", bean.getBasePath()); assertNotNull(context.getSSLContext(), "If no sslProtocol or sslContext is set, the JVM's default SSL " + @@ -121,7 +121,7 @@ void cloudWithBasePath() { @Test void cloudNoApiKey() { IllegalArgumentException ex = assertThrows(IllegalArgumentException.class, () -> Common.newClientBuilder() - .withSecurityContextType("cloud") + .withAuthType("cloud") .withBasePath("/my/path") .build()); assertEquals("cloud.apiKey must be of type String", ex.getMessage());