Examples with Authority com.yahoo.athenz.auth.Authority used on opensource projects

Example 61 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testPutTenancyResourceGroupNull.

@Test
public void testPutTenancyResourceGroupNull() {
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    Principal principal1 = principalAuthority.authenticate("v=U1;d=user;n=user1;s=signature", "10.11.12.13", "GET", null);
    ResourceContext rsrcCtx1 = createResourceContext(principal1);
    TenancyResourceGroup tenantResource = new TenancyResourceGroup();
    try {
        zms.putTenancyResourceGroup(rsrcCtx1, null, null, null, null, tenantResource);
    } catch (Exception ex) {
        assertTrue(true);
    }
}

Example 62 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testCheckKerberosAuthorityAuthorization.

@Test
public void testCheckKerberosAuthorityAuthorization() {
    Authority authority = new com.yahoo.athenz.auth.impl.KerberosAuthority();
    Principal principal = SimplePrincipal.create("krb", "user1", "v=U1;d=user;n=user1;s=signature", 0, authority);
    assertTrue(zms.authorityAuthorizationAllowed(principal));
}

Example 63 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testGetUserTokenDefaultSelfName.

@Test
public void testGetUserTokenDefaultSelfName() {
    // Use real Principal Authority to verify signatures
    PrincipalAuthority principalAuthority = new com.yahoo.athenz.auth.impl.PrincipalAuthority();
    principalAuthority.setKeyStore(zms);
    Authority userAuthority = new com.yahoo.athenz.common.server.debug.DebugUserAuthority();
    String userId = "user10";
    Principal principal = SimplePrincipal.create("user", userId, userId + ":password", 0, userAuthority);
    ((SimplePrincipal) principal).setUnsignedCreds(userId);
    ResourceContext rsrcCtx1 = createResourceContext(principal);
    zms.privateKeyId = "0";
    zms.privateKey = Crypto.loadPrivateKey(Crypto.ybase64DecodeString(privKey));
    UserToken token = zms.getUserToken(rsrcCtx1, "_self_", null, false);
    assertNotNull(token);
    assertTrue(token.getToken().startsWith("v=U1;d=user;n=" + userId + ";"));
    assertTrue(token.getToken().contains(";h=localhost"));
    assertTrue(token.getToken().contains(";i=10.11.12.13"));
    assertTrue(token.getToken().contains(";k=0"));
    // Verify signature
    Principal principalToVerify = principalAuthority.authenticate(token.getToken(), "10.11.12.13", "GET", null);
    assertNotNull(principalToVerify);
}

Example 64 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testPutPolicyChanges.

@Test
public void testPutPolicyChanges() {
    String domain = "PutPolicyChanges";
    String policyName = "Jobs";
    TopLevelDomain dom1 = createTopLevelDomainObject(domain, "Test Domain1", "testOrg", adminUser);
    zms.postTopLevelDomain(mockDomRsrcCtx, auditRef, dom1);
    Policy policy1 = createPolicyObject(domain, policyName);
    List<Assertion> origAsserts = policy1.getAssertions();
    String userId = "hank";
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    String unsignedCreds = "v=U1;d=user;n=" + userId;
    Principal principal = SimplePrincipal.create("user", userId, unsignedCreds + ";s=signature", 0, principalAuthority);
    ((SimplePrincipal) principal).setUnsignedCreds(unsignedCreds);
    ResourceContext rsrcCtx1 = createResourceContext(principal);
    zms.putPolicy(rsrcCtx1, domain, policyName, auditRef, policy1);
    Policy policyRes1A = zms.getPolicy(mockDomRsrcCtx, domain, policyName);
    List<Assertion> resAsserts = policyRes1A.getAssertions();
    // check assertions are the same - should only be 1
    assertEquals(origAsserts.size(), resAsserts.size());
    // now replace the old assertion with a new ones
    // 
    Assertion assertionA = new Assertion();
    assertionA.setResource(domain + ":books");
    assertionA.setAction("READ");
    assertionA.setRole(domain + ":role.librarian");
    assertionA.setEffect(AssertionEffect.ALLOW);
    Assertion assertionB = new Assertion();
    assertionB.setResource(domain + ":jupiter");
    assertionB.setAction("TRAVEL");
    assertionB.setRole(domain + ":role.astronaut");
    assertionB.setEffect(AssertionEffect.ALLOW);
    List<Assertion> newAssertions = new ArrayList<Assertion>();
    newAssertions.add(assertionA);
    newAssertions.add(assertionB);
    policyRes1A.setAssertions(newAssertions);
    zms.putPolicy(mockDomRsrcCtx, domain, policyName, auditRef, policyRes1A);
    Policy policyRes1B = zms.getPolicy(mockDomRsrcCtx, domain, policyName);
    List<Assertion> resAssertsB = policyRes1B.getAssertions();
    // check assertions are the same - should be 2
    assertEquals(newAssertions.size(), resAssertsB.size());
    zms.deleteTopLevelDomain(mockDomRsrcCtx, domain, auditRef);
}

Example 65 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class ZMSImplTest method testDeleteTenancyResourceGroupNull.

@Test
public void testDeleteTenancyResourceGroupNull() {
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    Principal principal1 = principalAuthority.authenticate("v=U1;d=user;n=user1;s=signature", "10.11.12.13", "GET", null);
    ResourceContext rsrcCtx1 = createResourceContext(principal1);
    try {
        zms.deleteTenancyResourceGroup(rsrcCtx1, null, null, null, null);
    } catch (Exception ex) {
        assertTrue(true);
    }
}