Examples with AuthnCreateParam com.emc.storageos.model.auth.AuthnCreateParam used on opensource projects

Example 6 with AuthnCreateParam

use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.

the class ApiTestAuthnProviders method testAuthnProviderCreateWithoutLDAPGroupProperties.

@Test
public void testAuthnProviderCreateWithoutLDAPGroupProperties() {
    final String testName = "testAuthnProviderCreateWithoutLDAPGroupProperties - ";
    AuthnCreateParam createParam = getDefaultAuthnCreateParam(testName + "GroupAttribute (\"\")");
    // Set the groupAttribute to "", so that the create request will fail, as
    // GroupAttribute is an mandatory parameter in the API.
    createParam.setGroupAttribute("");
    ClientResponse clientCreateResp = rSys.path(getTestApi()).post(ClientResponse.class, createParam);
    // Since the createParam contains invalid groupAttribute,
    // the post request should fail with the below errors.
    String partialExpectedErrorMsg = "Required parameter group_attribute was missing or empty";
    validateAuthProviderBadRequest(HttpStatus.SC_BAD_REQUEST, partialExpectedErrorMsg, clientCreateResp);
    // Set the groupAttribute to null (to validate if there is no null pointer exception),
    // so that the create request will fail, as groupAttribute is an mandatory parameter in the API.
    createParam.setGroupAttribute(null);
    createParam.setDescription(testName + "GroupAttribute (null)");
    clientCreateResp = rSys.path(getTestApi()).post(ClientResponse.class, createParam);
    // Since the createParam contains invalid groupAttribute,
    // the post request should fail with the below errors.
    partialExpectedErrorMsg = AUTHN_PROVIDER_ADD_UPDATE_PARTIAL_ERROR + "modified because of the following error: Could not find group attribute";
    validateAuthProviderBadRequest(HttpStatus.SC_BAD_REQUEST, partialExpectedErrorMsg, clientCreateResp);
    // Set the groupAttribute to "some" (invalid group attribute. The imported ldap schema does not have an attribute called some),
    // so that the create request will fail, as groupAttribute is an mandatory parameter in the API.
    createParam.setGroupAttribute("some");
    createParam.setDescription(testName + "GroupAttribute (some)");
    clientCreateResp = rSys.path(getTestApi()).post(ClientResponse.class, createParam);
    // Since the createParam contains invalid groupAttribute,
    // the post request should fail with the below errors.
    partialExpectedErrorMsg = AUTHN_PROVIDER_ADD_UPDATE_PARTIAL_ERROR + "modified because of the following error: Could not find group attribute";
    validateAuthProviderBadRequest(HttpStatus.SC_BAD_REQUEST, partialExpectedErrorMsg, clientCreateResp);
    // Remove the LDAP Group search properties (Group ObjectClasses and MemberAttributes).
    createParam.setGroupObjectClasses(new HashSet<String>());
    createParam.setGroupMemberAttributes(new HashSet<String>());
    // Set the groupAttribute to valid groupAttribute to the post to be success.
    createParam.setGroupAttribute(getDefaultGroupAttribute());
    createParam.setDescription(testName + TRACE_SUCCESSFUL);
    AuthnProviderRestRep createResp = rSys.path(getTestApi()).post(AuthnProviderRestRep.class, createParam);
    validateAuthProviderCreateSuccess(createParam, createResp);
}

Example 7 with AuthnCreateParam

use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.

the class ApiTestAuthnProviders method testAuthnProviderEditDuplicateLDAPGroupProperties.

@Test
public void testAuthnProviderEditDuplicateLDAPGroupProperties() {
    final String testName = "testAuthnProviderEditDuplicateLDAPGroupProperties - ";
    AuthnCreateParam createParam = getDefaultAuthnCreateParam(testName + TRACE_AUTHN_PROVIDER_SUCCESSFUL);
    // Add the same group objectClasses and memberAttributes to the createParam as duplicates.
    createParam.getGroupObjectClasses().addAll(getDefaultGroupObjectClasses());
    createParam.getGroupMemberAttributes().addAll(getDefaultGroupMemberAttributes());
    AuthnProviderRestRep createResp = rSys.path(getTestApi()).post(AuthnProviderRestRep.class, createParam);
    validateAuthProviderCreateSuccess(createParam, createResp);
    // Now edit the created authn provider.
    final String editAPI = getTestEditApi(createResp.getId());
    AuthnUpdateParam editParam = getAuthnUpdateParamFromAuthnProviderRestResp(createResp);
    // Add the same group objectClasses and memberAttributes to the editParam as duplicates.
    editParam.getGroupObjectClassChanges().getAdd().addAll(getDefaultGroupObjectClasses());
    editParam.getGroupObjectClassChanges().getAdd().addAll(getDefaultGroupObjectClasses());
    editParam.setDescription(testName + "Edit with Duplicate ldap group properties");
    // Now, Send the put request to edit the auth provider with duplicate ldap group properties.
    // The request should be be successful and ldap group properties should not have any duplicates.
    AuthnProviderRestRep editResp = rSys.path(editAPI).put(AuthnProviderRestRep.class, editParam);
    validateAuthProviderEditSuccess(editParam, editResp);
    // Validate the counts separately to make sure that the counts are removed.
    final int expected = 4;
    Assert.assertEquals(expected, createResp.getGroupObjectClasses().size());
    Assert.assertEquals(expected, createResp.getGroupMemberAttributes().size());
}

Example 8 with AuthnCreateParam

use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.

the class ApiTestBase method updateADConfig.

protected void updateADConfig() {
    if (rSys == null) {
        // Tests depending on what Junit feels like doing that day
        try {
            rSys = createHttpsClient(SYSADMIN, SYSADMIN_PASS_WORD, baseUrls);
            rSys.path("/tenant").get(String.class);
        } catch (Exception e) {
            Assert.fail();
        }
    }
    AuthnCreateParam param = new AuthnCreateParam();
    param.setLabel("ad apitest config good");
    param.setDescription("ad configuration created by ApiTest.java");
    param.setDisable(false);
    // Put spaces in the doman to verify it does not cause a problem
    param.getDomains().add(" SANITY.LOCAL ");
    param.setGroupAttribute("CN");
    param.getGroupWhitelistValues().add("*Admins*");
    param.getGroupWhitelistValues().add("*Test*");
    param.getGroupWhitelistValues().add("*Users*");
    param.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
    param.setManagerPassword("P@ssw0rd");
    param.setSearchBase("DC=sanity,DC=local");
    param.setSearchFilter("userPrincipalName=%u");
    param.getServerUrls().add("ldap://" + AD_SERVER1_IP);
    param.setMode("ad");
    param.setSearchScope("SUBTREE");
    try {
        AuthnProviderRestRep authnResp = rSys.path("/vdc/admin/authnproviders").post(AuthnProviderRestRep.class, param);
        Assert.assertNotNull(authnResp);
        _goodADConfig = authnResp.getId();
    } catch (UniformInterfaceException e) {
        if (e.getResponse().getStatus() != 400) {
            Assert.fail();
        }
    } catch (Exception e) {
        Assert.fail();
    }
}

Example 9 with AuthnCreateParam

use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.

the class ApiTest method authnProviderAddDomainTest.

// quick test to see if the added domain of AP server is converted to all lowercase
public void authnProviderAddDomainTest() throws Exception {
    AuthnCreateParam param = new AuthnCreateParam();
    param.setLabel("domain test AP server");
    param.setDescription("AP server configuration created by ApiTest.java");
    param.setDisable(false);
    param.getDomains().add("asd.locl");
    param.setManagerDn("CN=Manager,DC=root,DC=com");
    param.setManagerPassword("secret");
    param.setSearchBase("OU=People,DC=root,DC=com");
    param.setSearchFilter("mail=%u");
    param.setServerUrls(new HashSet<String>());
    param.getServerUrls().add("ldaps:\\" + LDAP_SERVER1_IP);
    param.setMode("ldap");
    AuthnProviderRestRep resp = rSys.path("/vdc/admin/authnproviders").post(AuthnProviderRestRep.class, param);
    Assert.assertNotNull(resp);
    // update the AP server by adding a domain name with mixed case
    AuthnUpdateParam updateParam = new AuthnUpdateParam();
    Set<String> toAddSet = new HashSet<String>();
    toAddSet.add("sAnItY2.local");
    updateParam.getDomainChanges().setAdd(toAddSet);
    ClientResponse response = rSys.path("/vdc/admin/authnproviders/" + resp.getId()).put(ClientResponse.class, updateParam);
    Assert.assertEquals(200, response.getStatus());
    // verify the added domain name is converted to lower case
    response = rSys.path("/vdc/admin/authnproviders/" + resp.getId()).get(ClientResponse.class);
    AuthnProviderRestRep responseRestRep = response.getEntity(AuthnProviderRestRep.class);
    Assert.assertFalse(responseRestRep.getDomains().contains("sAnItY2.local"));
    Assert.assertTrue(responseRestRep.getDomains().contains("sanity2.local"));
    // use the added domain to create a subtenant, verify it's successful
    TenantCreateParam tenantParam = new TenantCreateParam();
    tenantParam.setLabel("sub2");
    tenantParam.setDescription("My sub tenant 2");
    UserMappingParam tenantMapping1 = new UserMappingParam();
    tenantMapping1.setDomain("sAnItY2.local");
    UserMappingAttributeParam attriParam = new UserMappingAttributeParam("department", Collections.singletonList("ASD"));
    tenantMapping1.getAttributes().add(attriParam);
    tenantParam.getUserMappings().add(tenantMapping1);
    response = rSys.path("/tenants/" + rootTenantId + "/subtenants").post(ClientResponse.class, tenantParam);
    Assert.assertEquals(200, response.getStatus());
}

Example 10 with AuthnCreateParam

use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.

the class ApiTest method authProvidersConnectivityTests.

private void authProvidersConnectivityTests() {
    // Test that a config invalid server url results in 400
    AuthnCreateParam param = new AuthnCreateParam();
    param.setLabel("ad apitest config bad url");
    param.setDescription("ad apitest config bad url");
    param.setDisable(false);
    param.getDomains().add("domain1.com");
    param.setGroupAttribute("CN");
    param.setGroupWhitelistValues(new HashSet<String>());
    param.getGroupWhitelistValues().add("*Admins*");
    param.getGroupWhitelistValues().add("*Test*");
    param.getGroupWhitelistValues().add("*Users*");
    param.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
    param.setManagerPassword(AD_PASS_WORD);
    param.setSearchBase("CN=Users,DC=sanity,DC=local");
    param.setSearchFilter("userPrincipalName=%u");
    param.setServerUrls(new HashSet<String>());
    param.getServerUrls().add("ldap://" + EnvConfig.get("sanity", "ad.bogus.ip"));
    param.setMode("ad");
    ClientResponse resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, param);
    Assert.assertEquals(400, resp.getStatus());
    // Test that a config invalid manager DN results in 400
    param.setManagerDn("xxxxxministrator,CN=Users,DC=sanity,DC=local");
    param.setServerUrls(new HashSet<String>());
    param.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
    resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, param);
    Assert.assertEquals(400, resp.getStatus());
    // Test that a config invalid manager password results in 400
    param.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
    param.setManagerPassword("bad");
    resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, param);
    Assert.assertEquals(400, resp.getStatus());
    // test that the same invalid config as above succeeds if disable is set to true
    // (validation skipped)
    param.setDisable(true);
    AuthnProviderRestRep authnResp = rSys.path("/vdc/admin/authnproviders").post(AuthnProviderRestRep.class, param);
    Assert.assertNotNull(authnResp);
    // test that trying to enable that bad disabled config fails with 400
    AuthnUpdateParam updateParam = new AuthnUpdateParam();
    updateParam.setDisable(false);
    resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", authnResp.getId().toString())).put(ClientResponse.class, updateParam);
    Assert.assertEquals(400, resp.getStatus());
    // fix what was wrong (password), and disable = false from above, validation should rerun and be ok
    updateParam.setManagerPassword(AD_PASS_WORD);
    resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", authnResp.getId().toString())).put(ClientResponse.class, updateParam);
    Assert.assertEquals(200, resp.getStatus());
    // test basic ldap mode connectivity
    AuthnCreateParam ldapParam = new AuthnCreateParam();
    ldapParam.setLabel("ldap connectivity test");
    ldapParam.setDescription("ldap connectivity test");
    ldapParam.setDisable(false);
    ldapParam.getDomains().add("domain22.com");
    ldapParam.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
    ldapParam.setManagerPassword(AD_PASS_WORD);
    ldapParam.setSearchBase("CN=Users,DC=sanity,DC=local");
    ldapParam.setSearchFilter("userPrincipalName=%u");
    ldapParam.setServerUrls(new HashSet<String>());
    ldapParam.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
    ldapParam.setGroupAttribute("CN");
    ldapParam.setMode("ldap");
    AuthnProviderRestRep goodAuthnResp = rSys.path("/vdc/admin/authnproviders").post(AuthnProviderRestRep.class, ldapParam);
    Assert.assertNotNull(goodAuthnResp);
    // test that modifying the good config by adding one bad url still works. The good url that
    // is left in the set makes the url set valid.
    AuthnUpdateParam updateParamBadUrl = new AuthnUpdateParam();
    updateParamBadUrl.getServerUrlChanges().setAdd(new HashSet<String>());
    updateParamBadUrl.getServerUrlChanges().getAdd().add("ldap://garbage");
    resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", goodAuthnResp.getId().toString())).put(ClientResponse.class, updateParamBadUrl);
    Assert.assertEquals(200, resp.getStatus());
    // update the good config above with a bad search base which won't be found. Should fail.
    AuthnUpdateParam updateParamBadSearchBase = new AuthnUpdateParam();
    updateParamBadSearchBase.setSearchBase("CN=garbage");
    resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", goodAuthnResp.getId().toString())).put(ClientResponse.class, updateParamBadSearchBase);
    Assert.assertEquals(400, resp.getStatus());
}