Examples with Authority com.yahoo.athenz.auth.Authority used on opensource projects

Example 36 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class HttpTest method testAuthenticateCertificateFailure.

@Test
public void testAuthenticateCertificateFailure() {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    Authority authority = Mockito.mock(Authority.class);
    Mockito.when(authority.getCredSource()).thenReturn(CredSource.CERTIFICATE);
    authorities.add(authority);
    try {
        Http.authenticate(httpServletRequest, authorities);
    } catch (ResourceException expected) {
        assertEquals(expected.getCode(), 401);
    }
}

Example 37 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class HttpTest method testAuthenticateHeaderNull.

@Test
public void testAuthenticateHeaderNull() {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    Authority authority = Mockito.mock(Authority.class);
    Mockito.when(authority.getCredSource()).thenReturn(CredSource.HEADER);
    Mockito.when(authority.getHeader()).thenReturn(null);
    // we should not get npe - instead standard 401
    try {
        Http.authenticate(httpServletRequest, authorities);
    } catch (ResourceException expected) {
        assertEquals(expected.getCode(), 401);
    }
}

Example 38 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class HttpTest method testAuthenticateCertificate.

@Test
public void testAuthenticateCertificate() {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    Authority authority = Mockito.mock(Authority.class);
    Mockito.when(authority.getCredSource()).thenReturn(CredSource.CERTIFICATE);
    X509Certificate[] certs = new X509Certificate[1];
    certs[0] = Mockito.mock(X509Certificate.class);
    Mockito.when(httpServletRequest.getAttribute(Http.JAVAX_CERT_ATTR)).thenReturn(certs);
    Principal principal = Mockito.mock(Principal.class);
    Mockito.when(authority.authenticate(ArgumentMatchers.any(X509Certificate[].class), ArgumentMatchers.any())).thenReturn(principal);
    authorities.add(authority);
    assertNotNull(Http.authenticate(httpServletRequest, authorities));
}

Example 39 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class DebugPrincipalAuthorityTest method testPrincipalAuthority.

@Test
public void testPrincipalAuthority() {
    Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
    assertNotNull(principalAuthority);
    principalAuthority.initialize();
    ((DebugPrincipalAuthority) principalAuthority).setKeyStore(null);
    assertNull(principalAuthority.getDomain());
    assertEquals(principalAuthority.getHeader(), "Athenz-Principal-Auth");
    // invalid authenticate values
    assertNull(principalAuthority.authenticate(null, "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("abc", "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("v=S1;d=coretech;s=signature", "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("v=S1;n=storage;s=signature", "10.11.12.13", "GET", null));
    assertNull(principalAuthority.authenticate("v==S1;n=storage;s=signature", "10.11.12.13", "GET", null));
    // valid values
    String token = "v=S1;d=coretech;n=storage;s=signature";
    Principal p = principalAuthority.authenticate(token, "10.11.12.13", "GET", null);
    assertNotNull(p);
    assertEquals(p.getDomain(), "coretech");
    assertEquals(p.getName(), "storage");
    assertEquals(p.getCredentials(), token);
    assertNull(p.getRoles());
}

Example 40 with Authority

use of com.yahoo.athenz.auth.Authority in project athenz by yahoo.

the class DebugUserAuthorityTest method testUserAuthority.

@Test
public void testUserAuthority() {
    Authority userAuthority = new com.yahoo.athenz.common.server.debug.DebugUserAuthority();
    assertNotNull(userAuthority);
    userAuthority.initialize();
    assertEquals(userAuthority.getDomain(), "user");
    assertEquals(userAuthority.getHeader(), "Authorization");
    assertFalse(userAuthority.allowAuthorization());
    // invalid authenticate values
    StringBuilder errMsg = new StringBuilder();
    assertNull(userAuthority.authenticate("Test Creds", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("Basic !@#$#!@$#", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("BasicdGVzdHVzZXI6dGVzdHB3ZA==", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("BasicdGVzdHVzZXI6dGVzdHB3ZA==", "10.11.12.13", "GET", errMsg));
    // valid values
    String token = "Basic dGVzdHVzZXI6dGVzdHB3ZA==";
    Principal p = userAuthority.authenticate(token, "10.11.12.13", "GET", null);
    assertNotNull(p);
    assertEquals(p.getDomain(), "user");
    assertEquals(p.getName(), "testuser");
}