use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.
the class X509CertRequestTest method testValidate.
@Test
public void testValidate() throws IOException {
Path path = Paths.get("src/test/resources/athenz.instanceid.csr");
String csr = new String(Files.readAllBytes(path));
X509CertRequest certReq = new X509CertRequest(csr);
assertNotNull(certReq);
Authorizer authorizer = Mockito.mock(Authorizer.class);
Principal provider = Mockito.mock(Principal.class);
Mockito.when(authorizer.access("launch", "sys.auth:dns.ostk.athenz.cloud", provider, (String) null)).thenReturn(true);
StringBuilder errorMsg = new StringBuilder(256);
assertTrue(certReq.validate(provider, "athenz", "production", "1001", authorizer, errorMsg));
assertTrue(certReq.validate(provider, "athenz", "production", "1001", null, errorMsg));
}
use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.
the class ResourceContextTest method testAuthorize.
@Test
public void testAuthorize() {
HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
HttpServletResponse httpServletResponse = Mockito.mock(HttpServletResponse.class);
Authorizer authorizer = Mockito.mock(Authorizer.class);
Http.AuthorityList authorities = new Http.AuthorityList();
ResourceContext context = new ResourceContext(httpServletRequest, httpServletResponse, authorities, authorizer);
try {
context.authorize("action", "resource", "domain");
} catch (ResourceException expected) {
assertEquals(expected.getCode(), 401);
}
}
use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.
the class ResourceContextTest method testAuthenticate.
@Test
public void testAuthenticate() {
HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
HttpServletResponse httpServletResponse = Mockito.mock(HttpServletResponse.class);
Authorizer authorizer = Mockito.mock(Authorizer.class);
Http.AuthorityList authorities = new Http.AuthorityList();
ResourceContext context = new ResourceContext(httpServletRequest, httpServletResponse, authorities, authorizer);
context.checked = true;
assertNull(context.authenticate());
}
use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.
the class RsrcCtxWrapperTest method TestAuthorizeInvalid.
@Test(expectedExceptions = { ResourceException.class })
public void TestAuthorizeInvalid() {
HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
AuthorityList authListMock = new AuthorityList();
Authorizer authorizerMock = Mockito.mock(Authorizer.class);
Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
Mockito.when(reqMock.getMethod()).thenReturn("POST");
// force true access right
Mockito.when(authorizerMock.access(Mockito.<String>any(), Mockito.<String>any(), Mockito.any(), Mockito.any())).thenReturn(true);
RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock);
// when not set authority
wrapper.authorize("add-domain", "test", "test");
}
use of com.yahoo.athenz.auth.Authorizer in project athenz by yahoo.
the class HttpTest method testAuthorizedBadRequest.
@Test
public void testAuthorizedBadRequest() throws Exception {
Authorizer authorizer = Mockito.mock(Authorizer.class);
Principal principal = Mockito.mock(Principal.class);
try {
Http.authorize(authorizer, principal, "action", null, null);
} catch (ResourceException expected) {
assertEquals(expected.getCode(), 400);
}
}
Aggregations