Examples with KeyStore com.yahoo.athenz.auth.KeyStore used on opensource projects

Example 26 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testPrincipalTokenValidateForAuthorizedService.

// @Test
public void testPrincipalTokenValidateForAuthorizedService() throws IOException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = new KeyStoreMock();
    serviceAuthority.setKeyStore(keyStore);
    long issueTime = System.currentTimeMillis() / 1000;
    // Create and sign token
    List<String> authorizedServices = new ArrayList<>();
    authorizedServices.add("test.fantasy");
    PrincipalToken userTokenToSign = new PrincipalToken.Builder(usrVersion, usrDomain, usrName).salt(salt).issueTime(issueTime).expirationWindow(expirationTime).authorizedServices(authorizedServices).build();
    userTokenToSign.sign(servicePrivateKeyStringK0);
    // now let's sign the token for an authorized service
    userTokenToSign.signForAuthorizedService("test.fantasy", "1", servicePrivateKeyStringK1);
    // Create a token for validation using the signed data
    serviceAuthority.validateAuthorizeService(userTokenToSign, null);
}

Example 27 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testPrincipalAuthorityWithNullAuthorizedService.

@Test
public void testPrincipalAuthorityWithNullAuthorizedService() throws IOException {
    PrincipalAuthority authority = new PrincipalAuthority();
    PrincipalAuthority serviceAuthority = Mockito.spy(authority);
    KeyStore keyStore = new KeyStoreMock();
    serviceAuthority.setKeyStore(keyStore);
    // Create and sign token with key version 0
    List<String> authorizedServices = new ArrayList<>();
    authorizedServices.add("sports.fantasy");
    authorizedServices.add("sports.hockey");
    long issueTime = System.currentTimeMillis() / 1000;
    PrincipalToken userTokenToSign = new PrincipalToken.Builder(usrVersion, usrDomain, usrName).salt(salt).ip("127.0.0.2").issueTime(issueTime).expirationWindow(expirationTime).authorizedServices(authorizedServices).build();
    userTokenToSign.sign(servicePrivateKeyStringK0);
    // now let's sign the token for an authorized service
    userTokenToSign.signForAuthorizedService("sports.fantasy", "1", servicePrivateKeyStringK1);
    // we're going to pass a different IP so we get the authorized service checks
    doReturn(null).when(serviceAuthority).validateAuthorizeService(any(), any());
    StringBuilder errMsg = new StringBuilder();
    Principal principal = serviceAuthority.authenticate(userTokenToSign.getSignedToken(), "127.0.0.3", "POST", errMsg);
    assertNull(principal);
}

Example 28 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testValidateAuthorizedServiceMultiple.

@Test
public void testValidateAuthorizedServiceMultiple() throws IOException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = new KeyStoreMock();
    serviceAuthority.setKeyStore(keyStore);
    long issueTime = System.currentTimeMillis() / 1000;
    // Create and sign token
    List<String> authorizedServices = new ArrayList<>();
    authorizedServices.add("sports.fantasy");
    authorizedServices.add("sports.hockey");
    PrincipalToken userTokenToSign = new PrincipalToken.Builder(usrVersion, usrDomain, usrName).salt(salt).issueTime(issueTime).expirationWindow(expirationTime).authorizedServices(authorizedServices).build();
    userTokenToSign.sign(servicePrivateKeyStringK0);
    // now let's sign the token for an authorized service
    userTokenToSign.signForAuthorizedService("sports.fantasy", "1", servicePrivateKeyStringK1);
    // Create a token for validation using the signed data
    StringBuilder errMsg = new StringBuilder();
    assertEquals(serviceAuthority.validateAuthorizeService(userTokenToSign, errMsg), "sports.fantasy");
}

Example 29 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testValidateAuthorizedServiceNoServices.

@Test
public void testValidateAuthorizedServiceNoServices() throws IOException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = new KeyStoreMock();
    serviceAuthority.setKeyStore(keyStore);
    long issueTime = System.currentTimeMillis() / 1000;
    // Create and sign token
    PrincipalToken userTokenToSign = new PrincipalToken.Builder(usrVersion, usrDomain, usrName).salt(salt).issueTime(issueTime).expirationWindow(expirationTime).build();
    userTokenToSign.sign(servicePrivateKeyStringK0);
    // Create a token for validation using the signed data
    StringBuilder errMsg = new StringBuilder();
    assertNull(serviceAuthority.validateAuthorizeService(userTokenToSign, errMsg));
}

Example 30 with KeyStore

use of com.yahoo.athenz.auth.KeyStore in project athenz by yahoo.

the class PrincipalAuthorityTest method testGetPublicKeyDefault.

@Test
public void testGetPublicKeyDefault() {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = Mockito.mock(KeyStore.class);
    serviceAuthority.setKeyStore(keyStore);
    Mockito.when(keyStore.getPublicKey("sys.auth", "zms", "v1")).thenReturn("zms-key");
    Mockito.when(keyStore.getPublicKey("sys.auth", "zts", "v1")).thenReturn("zts-key");
    Mockito.when(keyStore.getPublicKey("cd.step", "sd10000", "v1")).thenReturn("cd-key");
    Mockito.when(keyStore.getPublicKey("athenz", "svc", "v1")).thenReturn("athenz-key");
    String key = serviceAuthority.getPublicKey("athenz", "svc", null, "v1", false);
    assertEquals(key, "athenz-key");
}