Examples with Authorizer com.yahoo.athenz.auth.Authorizer used on opensource projects

Search in sources :

Example 1 with Authorizer

use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.

the class ResourceContextTest method testResourceContext.

@Test
public void testResourceContext() {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse httpServletResponse = Mockito.mock(HttpServletResponse.class);
    Authorizer authorizer = Mockito.mock(Authorizer.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    ResourceContext context = new ResourceContext(httpServletRequest, httpServletResponse, authorities, authorizer);
    assertEquals(context.request(), httpServletRequest);
    assertEquals(context.response(), httpServletResponse);
    assertNull(context.principal());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) Test(org.testng.annotations.Test)

Example 2 with Authorizer

use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.

the class HttpTest method testAuthorizedUserUserInvalidCredentials.

@Test
public void testAuthorizedUserUserInvalidCredentials() throws Exception {
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    Authorizer authorizer = Mockito.mock(Authorizer.class);
    Http.AuthorityList authorities = new Http.AuthorityList();
    try {
        Http.authorizedUser(httpServletRequest, authorities, authorizer, "action", null, null);
    } catch (ResourceException expected) {
        assertEquals(expected.getCode(), 401);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authorizer(com.yahoo.athenz.auth.Authorizer) Test(org.testng.annotations.Test)

Example 3 with Authorizer

use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.

the class HttpTest method testAuthorizedForbidden.

@Test
public void testAuthorizedForbidden() throws Exception {
    Authorizer authorizer = Mockito.mock(Authorizer.class);
    Principal principal = Mockito.mock(Principal.class);
    try {
        Http.authorize(authorizer, principal, "action", "resource", null);
    } catch (ResourceException expected) {
        assertEquals(expected.getCode(), 403);
    }
}
Also used : Authorizer(com.yahoo.athenz.auth.Authorizer) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 4 with Authorizer

use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.

the class RsrcCtxWrapperTest method TestAuthorize.

@Test
public void TestAuthorize() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Principal prin = Mockito.mock(Principal.class);
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.<String>any(), Mockito.<String>any(), Mockito.<String>any(), Mockito.any())).thenReturn(prin);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    // force true access right
    Mockito.when(authorizerMock.access(Mockito.<String>any(), Mockito.<String>any(), Mockito.any(), Mockito.any())).thenReturn(true);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock);
    wrapper.authorize("add-domain", "test", "test");
    // after authorize success, principal should be set
    assertEquals(wrapper.principal(), prin);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 5 with Authorizer

use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.

the class RsrcCtxWrapperTest method TestRsrcCtxWrapperSimpleAssertion.

@Test
public void TestRsrcCtxWrapperSimpleAssertion() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Principal prin = Mockito.mock(Principal.class);
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.<String>any(), Mockito.<String>any(), Mockito.<String>any(), Mockito.any())).thenReturn(prin);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock);
    assertNotNull(wrapper.context());
    // default principal should be null
    assertEquals(wrapper.principal(), null);
    assertEquals(wrapper.request(), reqMock);
    assertEquals(wrapper.response(), resMock);
    wrapper.authenticate();
    // after authenticate, principal should be set
    assertEquals(wrapper.principal(), prin);
    // invalid kerberos request
    try {
        wrapper.authenticateKerberos();
        fail();
    } catch (ResourceException ex) {
        assertNotNull(ex);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Aggregations

Authorizer (com.yahoo.athenz.auth.Authorizer)11 Test (org.testng.annotations.Test)11 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 Principal (com.yahoo.athenz.auth.Principal)6 HttpServletResponse (javax.servlet.http.HttpServletResponse)6 AuthorityList (com.yahoo.athenz.common.server.rest.Http.AuthorityList)3 Authority (com.yahoo.athenz.auth.Authority)2 Path (java.nio.file.Path)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial