/**
   * Verify that a remote answering with '403 Forbidden' will not be auto-blocked with and without a
   * local artifact cached.
   */
  @Test
  public void testNoAutoblockOn403() throws Exception {
    stopProxy();

    server = Server.withPort(proxyPort).start();

    server.serve("/").withBehaviours(content("ok"));
    server.serve("/remote/release-proxy-repo-1/nexus4593/*").withBehaviours(get(getTestFile("/")));

    downloadArtifact(GavUtil.newGav("nexus4593", "artifact", "1.0.0"), "target");

    assertThat(ProxyMode.valueOf(getStatus().getProxyMode()), is(ProxyMode.ALLOW));

    server.serve("/*").withBehaviours(error(403));

    // download will not fail because we have a local copy cached, but the remote will be hit b/c
    // maxAge is set to 0
    downloadArtifact(GavUtil.newGav("nexus4593", "artifact", "1.0.0"), "target");

    assertThat(ProxyMode.valueOf(getStatus().getProxyMode()), is(ProxyMode.ALLOW));

    try {
      downloadArtifact(GavUtil.newGav("g", "a", "403"), "target");
      assertThat("should fail b/c of 403", false);
    } catch (IOException e) {
      // expected, remote will answer with 403
    }

    assertThat(ProxyMode.valueOf(getStatus().getProxyMode()), is(ProxyMode.ALLOW));
  }
Ejemplo n.º 2
0
 public WLUpdatePropagationTest() throws Exception {
   // fluke server to not have proxy autoblock, as remote connection refused IS a valid reason to
   // auto block
   this.server =
       Server.withPort(0)
           .serve("/")
           .withBehaviours(Behaviours.error(404, "don't bother yourself"));
   server.start();
   this.remoteServerPort = server.getPort();
 }
Ejemplo n.º 3
0
 public RoutingAndProxyModeTest() throws Exception {
   // one server serving up stuff for both proxies, it does have prefix file published but nothing
   // else
   // this only serves the purpose to not have repo autoblock
   this.server =
       Server.withPort(0)
           .serve("/")
           .withBehaviours(Behaviours.error(404, "don't bother yourself"))
           .serve("/.meta/prefixes.txt")
           .withBehaviours(Behaviours.content(prefixFile()));
   server.start();
 }
 @Test(expected = InvalidInputException.class)
 public void discoverBigPrefixFile() throws Exception {
   server.stop();
   server =
       Server.withPort(remoteServerPort)
           .serve("/.meta/prefixes.txt")
           .withBehaviours(new GenerateRandomBehaviour(150 * 1024))
           .start();
   try {
     final RemoteStrategy subject = lookup(RemoteStrategy.class, RemotePrefixFileStrategy.ID);
     final StrategyResult result =
         subject.discover(
             getRepositoryRegistry()
                 .getRepositoryWithFacet(PROXY_REPO_ID, MavenProxyRepository.class));
   } finally {
     server.stop();
   }
 }
 @Test(expected = InvalidInputException.class)
 public void discoverLongLinesPrefixFile() throws Exception {
   server.stop();
   server =
       Server.withPort(remoteServerPort)
           .serve("/.meta/prefixes.txt")
           .withBehaviours(Behaviours.content(prefixFile1(Strings.repeat("/12345677890", 25))))
           .start();
   try {
     final RemoteStrategy subject = lookup(RemoteStrategy.class, RemotePrefixFileStrategy.ID);
     final StrategyResult result =
         subject.discover(
             getRepositoryRegistry()
                 .getRepositoryWithFacet(PROXY_REPO_ID, MavenProxyRepository.class));
   } finally {
     server.stop();
   }
 }
 @Test(expected = InvalidInputException.class)
 public void discoverNonAsciiButHungarianPrefixFile() throws Exception {
   server.stop();
   server =
       Server.withPort(remoteServerPort)
           .serve("/.meta/prefixes.txt")
           .withBehaviours(Behaviours.content(prefixFile1("/tamás/cservenák", "/kom/szonatájp")))
           .start();
   try {
     final RemoteStrategy subject = lookup(RemoteStrategy.class, RemotePrefixFileStrategy.ID);
     final StrategyResult result =
         subject.discover(
             getRepositoryRegistry()
                 .getRepositoryWithFacet(PROXY_REPO_ID, MavenProxyRepository.class));
   } finally {
     server.stop();
   }
 }
 @Before
 public void replaceServers() throws Exception {
   final int proxyPort = proxyServer.getPort();
   proxyServer.stop();
   proxyServer = null;
   server =
       Server.withPort(proxyPort)
           .serve("/")
           .withBehaviours(Behaviours.pause(Time.days(1)))
           .start();
 }
Ejemplo n.º 8
0
  @Test
  public void smoke() throws Exception {
    final WLManager wm = lookup(WLManager.class);

    // deploy to hosted something
    {
      final MavenRepository mavenRepository =
          getRepositoryRegistry().getRepositoryWithFacet(HOSTED_REPO_ID, MavenRepository.class);
      mavenRepository.storeItemWithChecksums(
          new ResourceStoreRequest("/com/sonatype/test/1.0/test-1.0.txt"),
          new ByteArrayInputStream("Some fluke content".getBytes()),
          null);
    }

    {
      try {
        server.start();
        final PrefixSource hostedEntrySource =
            wm.getPrefixSourceFor(
                getRepositoryRegistry()
                    .getRepositoryWithFacet(HOSTED_REPO_ID, MavenRepository.class));
        final PrefixSource proxyEntrySource =
            wm.getPrefixSourceFor(
                getRepositoryRegistry()
                    .getRepositoryWithFacet(PROXY_REPO_ID, MavenRepository.class));
        final PrefixSource groupEntrySource =
            wm.getPrefixSourceFor(
                getRepositoryRegistry()
                    .getRepositoryWithFacet(GROUP_REPO_ID, MavenRepository.class));

        assertThat("Hosted should have ES", hostedEntrySource.exists());
        assertThat(
            "Proxy should not have ES", !proxyEntrySource.exists()); // as we serve 404s for prefix
        // file
        assertThat(
            "Group cannot have ES", !groupEntrySource.exists()); // as proxy member does not have WL
      } finally {
        server.stop();
      }
    }

    {
      server.stop();
      server =
          Server.withPort(remoteServerPort)
              .serve("/.meta/prefixes.txt")
              .withBehaviours(Behaviours.content(prefixFile1(true)));
      try {
        server.start();
        final MavenProxyRepository mavenProxyRepository =
            getRepositoryRegistry()
                .getRepositoryWithFacet(PROXY_REPO_ID, MavenProxyRepository.class);
        wm.updateWhitelist(mavenProxyRepository);
        waitForWLBackgroundUpdates();

        final PrefixSource hostedEntrySource =
            wm.getPrefixSourceFor(
                getRepositoryRegistry()
                    .getRepositoryWithFacet(HOSTED_REPO_ID, MavenRepository.class));
        final PrefixSource proxyEntrySource =
            wm.getPrefixSourceFor(
                getRepositoryRegistry()
                    .getRepositoryWithFacet(PROXY_REPO_ID, MavenRepository.class));
        final PrefixSource groupEntrySource =
            wm.getPrefixSourceFor(
                getRepositoryRegistry()
                    .getRepositoryWithFacet(GROUP_REPO_ID, MavenRepository.class));

        assertThat("Hosted should have ES", hostedEntrySource.exists());
        assertThat("Proxy should have ES", proxyEntrySource.exists()); // as we did serve file ok
        assertThat(
            "Group should have ES", groupEntrySource.exists()); // as all member should have it

        // GROUP wl must have 4 entries: 1 from hosted (/com/sonatype) + 3 from proxied prefix file
        final List<String> groupEntries = groupEntrySource.readEntries();
        assertThat(groupEntries.size(), equalTo(4));
        assertThat(groupEntries, hasItem("/com/sonatype"));
        assertThat(groupEntries, hasItem("/org/sonatype"));
        assertThat(groupEntries, hasItem("/org/apache/maven"));
        assertThat(groupEntries, hasItem("/eu/flatwhite"));
      } finally {
        server.stop();
      }
    }
  }
 @AfterMethod
 public void stopServer() throws Exception {
   if (server != null) {
     server.stop();
   }
 }
  private void startErrorServer(final int code) throws Exception {
    stopServer();
    proxyServer.stop();

    server = Server.withPort(proxyPort).serve("/*").withBehaviours(error(code)).start();
  }
Ejemplo n.º 11
0
  /**
   * A proxy "transitions" from having prefixes file to not having prefixes file (and not being
   * scraped either). The test does two passes of requests. In first pass (with WL), the proxy will
   * forward only whitelisted requests to it's remote target. Then repository transitions into a
   * state of not having WL (like remote prefix file removed and will not be scraped as test Jetty
   * does not have index file), with nuked proxy caches same set of requests is repeated. This time,
   * it is validated that all requests are forwared to remote target (pre-WL behaviour of Nexus).
   * Simply put, proxy repository falls back to pre-WL (pre-2.4) behavior.
   *
   * @throws Exception
   */
  @Test
  public void proxyWithAndWithoutWL() throws Exception {
    // where to put downloaded things
    final File remoteRepoRoot = testData().resolveFile("remote-repo");
    final File downloadsDir = testIndex().getDirectory("downloads");

    // bring up remote server using Jetty
    final PathRecorder recorder = new PathRecorder();
    final PrefixesFile prefixesFile = new PrefixesFile();
    // now set the prefixes file that contains /org/someorg prefix only, and repeat
    prefixesFile.setContent(
        Files.toString(testData().resolveFile("someorg-prefixes.txt"), Charset.forName("UTF-8")));
    final Server server =
        Server.withPort(0)
            .serve("/*")
            .withBehaviours(recorder, prefixesFile, Behaviours.get(remoteRepoRoot))
            .start();
    // create the proxy
    final MavenProxyRepository proxyRepository =
        repositories()
            .create(MavenProxyRepository.class, repositoryIdForTest("someorgProxy1"))
            .asProxyOf(server.getUrl().toExternalForm())
            .doNotDownloadRemoteIndexes()
            .save();
    whitelistTest().waitForAllWhitelistUpdateJobToStop();
    // waitForWLPublishingOutcomes( proxyRepository.id() );
    client().getSubsystem(Scheduler.class).waitForAllTasksToStop();

    try {
      // clear recorder
      recorder.clear();
      // repeat the test with slightly different expectations
      {
        // check that newly added proxy is publishing whitelist
        assertThat(
            whitelist().getWhitelistStatus(proxyRepository.id()).getPublishedStatus(),
            equalTo(Outcome.SUCCEEDED));

        // nuke the repo cache
        nukeProxyCaches(proxyRepository.id());
        // and because we have WL, we cant fetch whatever we want (com and org)
        // only WL-enlisted of these will go remotely
        fetchAndAssert(downloadsDir, proxyRepository.id(), COM_SOMEORG_ARTIFACT_10_POM, false);
        fetchAndAssert(downloadsDir, proxyRepository.id(), COM_SOMEORG_ARTIFACT_10_JAR, false);
        fetchAndAssert(downloadsDir, proxyRepository.id(), ORG_SOMEORG_ARTIFACT_10_POM, true);
        fetchAndAssert(downloadsDir, proxyRepository.id(), ORG_SOMEORG_ARTIFACT_10_JAR, true);
        fetchAndAssert(downloadsDir, proxyRepository.id(), FLUKE_ARTIFACT_POM, false);
        fetchAndAssert(downloadsDir, proxyRepository.id(), FLUKE_ARTIFACT_JAR, false);

        // GET /org/someorg/artifact/1.0/artifact-1.0.jar.sha1,
        // GET /org/someorg/artifact/1.0/artifact-1.0.jar,
        // GET /org/someorg/artifact/1.0/artifact-1.0.pom.sha1,
        // GET /org/someorg/artifact/1.0/artifact-1.0.pom,
        final List<String> requests = recorder.getPathsForVerb("GET");
        assertThat(requests.size(), is(4));
        assertThat(
            requests,
            containsInAnyOrder(
                ORG_SOMEORG_ARTIFACT_10_POM,
                ORG_SOMEORG_ARTIFACT_10_POM + ".sha1",
                ORG_SOMEORG_ARTIFACT_10_JAR,
                ORG_SOMEORG_ARTIFACT_10_JAR + ".sha1"));
      }

      // now loose the prefixes file
      prefixesFile.setContent(null);

      // update the WL of proxy repo to have new prefixes file picked up
      whitelist().updateWhitelist(proxyRepository.id());

      // wait for update to finish since it's async op, client above returned immediately
      // but update happens in a separate thread. Still this should be quick operation as prefix
      // file is used
      Status proxyStatus = whitelist().getWhitelistStatus(proxyRepository.id());
      // sit and wait for remote discovery (or the timeout Junit @Rule will kill us)
      while (proxyStatus.getPublishedStatus() != Outcome.FAILED) {
        Thread.sleep(10000);
        proxyStatus = whitelist().getWhitelistStatus(proxyRepository.id());
      }

      // clear recorder
      recorder.clear();
      // remote repo lives without prefix file
      {
        // check that newly added proxy is not publishing whitelist
        assertThat(
            whitelist().getWhitelistStatus(proxyRepository.id()).getPublishedStatus(),
            equalTo(Outcome.FAILED));

        // nuke the repo cache
        nukeProxyCaches(proxyRepository.id());
        // and because no WL, we can fetch whatever we want (com and org)
        // all these will go remotely
        fetchAndAssert(downloadsDir, proxyRepository.id(), COM_SOMEORG_ARTIFACT_10_POM, true);
        fetchAndAssert(downloadsDir, proxyRepository.id(), COM_SOMEORG_ARTIFACT_10_JAR, true);
        fetchAndAssert(downloadsDir, proxyRepository.id(), ORG_SOMEORG_ARTIFACT_10_POM, true);
        fetchAndAssert(downloadsDir, proxyRepository.id(), ORG_SOMEORG_ARTIFACT_10_JAR, true);
        fetchAndAssert(downloadsDir, proxyRepository.id(), FLUKE_ARTIFACT_POM, false);
        fetchAndAssert(downloadsDir, proxyRepository.id(), FLUKE_ARTIFACT_JAR, false);

        // note: sha1 is asked for existing files only
        // GET /hu/fluke/artifact/1.0/artifact-1.0.jar,
        // GET /hu/fluke/artifact/1.0/artifact-1.0.pom,
        // GET /org/someorg/artifact/1.0/artifact-1.0.jar.sha1,
        // GET /org/someorg/artifact/1.0/artifact-1.0.jar,
        // GET /org/someorg/artifact/1.0/artifact-1.0.pom.sha1,
        // GET /org/someorg/artifact/1.0/artifact-1.0.pom,
        // GET /com/someorg/artifact/1.0/artifact-1.0.jar.sha1,
        // GET /com/someorg/artifact/1.0/artifact-1.0.jar,
        // GET /com/someorg/artifact/1.0/artifact-1.0.pom.sha1,
        // GET /com/someorg/artifact/1.0/artifact-1.0.pom,
        final List<String> requests = recorder.getPathsForVerb("GET");
        assertThat(requests.size(), is(10));
        assertThat(
            requests,
            containsInAnyOrder(
                COM_SOMEORG_ARTIFACT_10_POM,
                COM_SOMEORG_ARTIFACT_10_POM + ".sha1",
                COM_SOMEORG_ARTIFACT_10_JAR,
                COM_SOMEORG_ARTIFACT_10_JAR + ".sha1",
                ORG_SOMEORG_ARTIFACT_10_POM,
                ORG_SOMEORG_ARTIFACT_10_POM + ".sha1",
                ORG_SOMEORG_ARTIFACT_10_JAR,
                ORG_SOMEORG_ARTIFACT_10_JAR + ".sha1",
                FLUKE_ARTIFACT_POM,
                FLUKE_ARTIFACT_JAR));
      }
    } finally {
      server.stop();
    }
  }
 @Override
 public void setUp() throws Exception {
   this.server =
       Server.withPort(remoteServerPort).serve("/").withBehaviours(Behaviours.error(404)).start();
   super.setUp();
 }