Examples with Authority com.yahoo.athenz.auth.Authority used on opensource projects

Example 1 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSClientTest method createPrincipal.

private Principal createPrincipal(String userName) {
    Authority authority = new com.yahoo.athenz.auth.impl.PrincipalAuthority();
    Principal p = SimplePrincipal.create("user", userName, "v=U1;d=user;n=" + userName + ";s=signature", 0, authority);
    return p;
}

Example 2 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImpl method getAuthority.

Authority getAuthority(String className) {
    LOG.debug("Loading authority {}...", className);
    Authority authority = null;
    try {
        authority = (Authority) Class.forName(className).newInstance();
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        LOG.error("Invalid Authority class: " + className + " error: " + e.getMessage());
        return null;
    }
    return authority;
}

Example 3 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImpl method isValidUserTokenRequest.

boolean isValidUserTokenRequest(Principal principal, String userName) {
    if (principal == null) {
        return false;
    }
    Authority authority = principal.getAuthority();
    if (authority == null) {
        return false;
    }
    if (authority.allowAuthorization()) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("User Token request - Authority cannot request user tokens");
        }
        return false;
    }
    String authDomain = authority.getDomain();
    if (authDomain == null || !authDomain.equalsIgnoreCase(userDomain)) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("User Token request - not authenticated by User Authority");
        }
        return false;
    }
    if (userName.equalsIgnoreCase(USER_TOKEN_DEFAULT_NAME)) {
        return true;
    }
    if (!userName.equalsIgnoreCase(principal.getName())) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("User Token request - mismatch between request user name and userid");
        }
        return false;
    }
    return true;
}

Example 4 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ProviderMockClientTest method testPutTenantResourceGroup.

@Test
public void testPutTenantResourceGroup() {
    String systemAdminUser = "user.user_admin";
    Authority authority = new com.yahoo.athenz.auth.impl.PrincipalAuthority();
    Principal p = SimplePrincipal.create("user", systemAdminUser, "v=U1;d=user;n=" + systemAdminUser + ";s=signature", 0, authority);
    ProviderMockClient provider = new ProviderMockClient("localhost:3306/athenz", p);
    TenantResourceGroup tenant = new TenantResourceGroup();
    tenant.setName("name");
    assertNull(provider.putTenantResourceGroup("providerService1", "tenantDom1", "zms", "zms", tenant));
}

Example 5 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZTSImplTest method testCheckKerberosAuthorityAuthorization.

@Test
public void testCheckKerberosAuthorityAuthorization() {
    Authority authority = new com.yahoo.athenz.auth.impl.KerberosAuthority();
    Principal principal = SimplePrincipal.create("krb", "user1", "v=U1;d=krb;n=user1;s=signature", 0, authority);
    assertTrue(authorizer.authorityAuthorizationAllowed(principal));
}