Search in sources :

Example 86 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class HttpTest method testAuthenticateCertificateFailure.

@Test
public void testAuthenticateCertificateFailure() {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    Authority authority = Mockito.mock(Authority.class);
    Mockito.when(authority.getCredSource()).thenReturn(CredSource.CERTIFICATE);
    authorities.add(authority);
    try {
        Http.authenticate(httpServletRequest, authorities);
    } catch (ResourceException expected) {
        assertEquals(expected.getCode(), 401);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 87 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class HttpTest method testAuthenticateHeaderNull.

@Test
public void testAuthenticateHeaderNull() {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    Authority authority = Mockito.mock(Authority.class);
    Mockito.when(authority.getCredSource()).thenReturn(CredSource.HEADER);
    Mockito.when(authority.getHeader()).thenReturn(null);
    // we should not get npe - instead standard 401
    try {
        Http.authenticate(httpServletRequest, authorities);
    } catch (ResourceException expected) {
        assertEquals(expected.getCode(), 401);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 88 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class HttpTest method testAuthenticateCertificate.

@Test
public void testAuthenticateCertificate() {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    Authority authority = Mockito.mock(Authority.class);
    Mockito.when(authority.getCredSource()).thenReturn(CredSource.CERTIFICATE);
    X509Certificate[] certs = new X509Certificate[1];
    certs[0] = Mockito.mock(X509Certificate.class);
    Mockito.when(httpServletRequest.getAttribute(Http.JAVAX_CERT_ATTR)).thenReturn(certs);
    Principal principal = Mockito.mock(Principal.class);
    Mockito.when(authority.authenticate(ArgumentMatchers.any(X509Certificate[].class), ArgumentMatchers.any())).thenReturn(principal);
    authorities.add(authority);
    assertNotNull(Http.authenticate(httpServletRequest, authorities));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) X509Certificate(java.security.cert.X509Certificate) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 89 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class DebugPrincipalAuthorityTest method testPrincipalAuthority.

@Test
public void testPrincipalAuthority() {
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    assertNotNull(principalAuthority);
    principalAuthority.initialize();
    ((DebugPrincipalAuthority) principalAuthority).setKeyStore(null);
    assertNull(principalAuthority.getDomain());
    assertEquals(principalAuthority.getHeader(), "Athenz-Principal-Auth");
    // invalid authenticate values
    assertNull(principalAuthority.authenticate(null, "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("abc", "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("v=S1;d=coretech;s=signature", "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("v=S1;n=storage;s=signature", "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("v==S1;n=storage;s=signature", "10.11.12.13", "GET", null));
    // valid values
    String token = "v=S1;d=coretech;n=storage;s=signature";
    Principal p = principalAuthority.authenticate(token, "10.11.12.13", "GET", null);
    assertNotNull(p);
    assertEquals(p.getDomain(), "coretech");
    assertEquals(p.getName(), "storage");
    assertEquals(p.getCredentials(), token);
    assertNull(p.getRoles());
}
Also used : DebugPrincipalAuthority(com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority) Authority(com.yahoo.athenz.auth.Authority) DebugPrincipalAuthority(com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 90 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class DebugUserAuthorityTest method testUserAuthority.

@Test
public void testUserAuthority() {
    Authority userAuthority = new com.yahoo.athenz.common.server.debug.DebugUserAuthority();
    assertNotNull(userAuthority);
    userAuthority.initialize();
    assertEquals(userAuthority.getDomain(), "user");
    assertEquals(userAuthority.getHeader(), "Authorization");
    assertFalse(userAuthority.allowAuthorization());
    // invalid authenticate values
    StringBuilder errMsg = new StringBuilder();
    assertNull(userAuthority.authenticate("Test Creds", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("Basic !@#$#!@$#", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("BasicdGVzdHVzZXI6dGVzdHB3ZA==", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("BasicdGVzdHVzZXI6dGVzdHB3ZA==", "10.11.12.13", "GET", errMsg));
    // valid values
    String token = "Basic dGVzdHVzZXI6dGVzdHB3ZA==";
    Principal p = userAuthority.authenticate(token, "10.11.12.13", "GET", null);
    assertNotNull(p);
    assertEquals(p.getDomain(), "user");
    assertEquals(p.getName(), "testuser");
}
Also used : Authority(com.yahoo.athenz.auth.Authority) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Aggregations

Authority (com.yahoo.athenz.auth.Authority)193 Principal (com.yahoo.athenz.auth.Principal)124 Test (org.testng.annotations.Test)72 PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)32 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)30 HttpServletRequest (javax.servlet.http.HttpServletRequest)24 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)21 HttpServletResponse (javax.servlet.http.HttpServletResponse)20 ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)19 Authorizer (com.yahoo.athenz.auth.Authorizer)15 AuthorityList (com.yahoo.athenz.common.server.rest.Http.AuthorityList)13 ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)11 ServerPrivateKey (com.yahoo.athenz.auth.ServerPrivateKey)9 Timestamp (com.yahoo.rdl.Timestamp)9 Metric (com.yahoo.athenz.common.metrics.Metric)8 IOException (java.io.IOException)8 Response (javax.ws.rs.core.Response)6 Struct (com.yahoo.rdl.Struct)5 UnsupportedEncodingException (java.io.UnsupportedEncodingException)5 WebApplicationException (javax.ws.rs.WebApplicationException)5