Examples with KeyStore com.yahoo.athenz.auth.KeyStore used on opensource projects

Search in sources :

Example 6 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class RoleAuthorityTest method testRoleAuthority_TamperedToken.

@Test
public void testRoleAuthority_TamperedToken() throws IOException, CryptoException {
    RoleAuthority rollAuthority = new RoleAuthority();
    KeyStore keyStore = new KeyStoreMock();
    rollAuthority.setKeyStore(keyStore);
    // Add some roles
    List<String> roles = new ArrayList<String>();
    roles.add("storage.tenant.weather.updater");
    roles.add("fantasy.tenant.sports.admin");
    roles.add("fantasy.tenant.sports.reader");
    roles.add("fantasy.tenant.sports.writer");
    roles.add("fantasy.tenant.sports.scanner");
    // Create and sign token
    RoleToken serviceToken = new RoleToken.Builder(rolVersion, svcDomain, roles).salt(salt).ip("127.0.0.1").expirationWindow(expirationTime).principal("coretech.storage").keyId(testKeyVersionK1).build();
    serviceToken.sign(ztsPrivateKeyStringK0);
    String tokenToTamper = serviceToken.getSignedToken();
    StringBuilder errMsg = new StringBuilder();
    Principal principal = rollAuthority.authenticate(tamperWithRoleToken(tokenToTamper), "127.0.0.1", "GET", errMsg);
    // Role Authority should return null when authenticate() fails
    assertNull(principal);
    assertTrue(!errMsg.toString().isEmpty());
    assertTrue(errMsg.toString().contains("authenticate"));
    principal = rollAuthority.authenticate(tamperWithRoleToken(tokenToTamper), "127.0.0.1", "GET", null);
    assertNull(principal);
}
Also used : RoleAuthority(com.yahoo.athenz.auth.impl.RoleAuthority) ArrayList(java.util.ArrayList) KeyStore(com.yahoo.athenz.auth.KeyStore) Principal(com.yahoo.athenz.auth.Principal) RoleToken(com.yahoo.athenz.auth.token.RoleToken) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 7 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class RoleAuthorityTest method testRoleAuthorityMismatchIPNonWrite.

@Test
public void testRoleAuthorityMismatchIPNonWrite() throws IOException, CryptoException {
    RoleAuthority rollAuthority = new RoleAuthority();
    KeyStore keyStore = new KeyStoreMock();
    rollAuthority.setKeyStore(keyStore);
    // Add some roles
    List<String> roles = new ArrayList<String>();
    roles.add("storage.tenant.weather.updater");
    // Create and sign token with keyVersion = 0
    RoleToken roleToken = new RoleToken.Builder(rolVersion, svcDomain, roles).salt(salt).ip("127.0.0.1").expirationWindow(expirationTime).principal("" + userDomain + ".joe").keyId(testKeyVersionK0).build();
    roleToken.sign(ztsPrivateKeyStringK0);
    // mismatch IP but should be OK since it's not write operation
    StringBuilder errMsg = new StringBuilder();
    Principal principal = rollAuthority.authenticate(roleToken.getSignedToken(), "127.0.0.2", "GET", errMsg);
    assertNotNull(principal);
}
Also used : RoleAuthority(com.yahoo.athenz.auth.impl.RoleAuthority) ArrayList(java.util.ArrayList) KeyStore(com.yahoo.athenz.auth.KeyStore) Principal(com.yahoo.athenz.auth.Principal) RoleToken(com.yahoo.athenz.auth.token.RoleToken) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 8 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testGetPublicKeyKeyServiceZms.

@Test
public void testGetPublicKeyKeyServiceZms() {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = Mockito.mock(KeyStore.class);
    serviceAuthority.setKeyStore(keyStore);
    Mockito.when(keyStore.getPublicKey("sys.auth", "zms", "v1")).thenReturn("zms-key");
    Mockito.when(keyStore.getPublicKey("athenz", "svc", "v1")).thenReturn("athenz-key");
    String key = serviceAuthority.getPublicKey("athenz", "svc", "zms", "v1", false);
    assertEquals(key, "zms-key");
}
Also used : KeyStore(com.yahoo.athenz.auth.KeyStore) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 9 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testValidateAuthorizedServiceSingle.

@Test
public void testValidateAuthorizedServiceSingle() throws IOException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = new KeyStoreMock();
    serviceAuthority.setKeyStore(keyStore);
    long issueTime = System.currentTimeMillis() / 1000;
    // Create and sign token
    List<String> authorizedServices = new ArrayList<>();
    authorizedServices.add("sports.fantasy");
    PrincipalToken userTokenToSign = new PrincipalToken.Builder(usrVersion, usrDomain, usrName).salt(salt).issueTime(issueTime).expirationWindow(expirationTime).authorizedServices(authorizedServices).build();
    userTokenToSign.sign(servicePrivateKeyStringK0);
    // now let's sign the token for an authorized service
    userTokenToSign.signForAuthorizedService("sports.fantasy", "1", servicePrivateKeyStringK1);
    // Create a token for validation using the signed data
    assertEquals(serviceAuthority.validateAuthorizeService(userTokenToSign, null), "sports.fantasy");
}
Also used : ArrayList(java.util.ArrayList) PrincipalToken(com.yahoo.athenz.auth.token.PrincipalToken) KeyStore(com.yahoo.athenz.auth.KeyStore) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 10 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testGetPublicKeyUserToken.

@Test
public void testGetPublicKeyUserToken() {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = Mockito.mock(KeyStore.class);
    serviceAuthority.setKeyStore(keyStore);
    Mockito.when(keyStore.getPublicKey("sys.auth", "zms", "v1")).thenReturn("zms-key");
    Mockito.when(keyStore.getPublicKey("sys.auth", "zts", "v1")).thenReturn("zts-key");
    Mockito.when(keyStore.getPublicKey("athenz", "svc", "v1")).thenReturn("athenz-key");
    String key = serviceAuthority.getPublicKey("athenz", "svc", null, "v1", true);
    assertEquals(key, "zms-key");
}
Also used : KeyStore(com.yahoo.athenz.auth.KeyStore) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Aggregations

KeyStore (com.yahoo.athenz.auth.KeyStore)23 BeforeTest (org.testng.annotations.BeforeTest)23 Test (org.testng.annotations.Test)23 PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)16 ArrayList (java.util.ArrayList)13 Principal (com.yahoo.athenz.auth.Principal)11 PrincipalToken (com.yahoo.athenz.auth.token.PrincipalToken)9 RoleAuthority (com.yahoo.athenz.auth.impl.RoleAuthority)7 RoleToken (com.yahoo.athenz.auth.token.RoleToken)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial