Examples with Principal com.yahoo.athenz.auth.Principal used on opensource projects

Example 71 with Principal

use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.

the class DebugUserAuthorityTest method testUserAuthority.

@Test
public void testUserAuthority() {
    Authority userAuthority = new com.yahoo.athenz.common.server.debug.DebugUserAuthority();
    assertNotNull(userAuthority);
    userAuthority.initialize();
    assertEquals(userAuthority.getDomain(), "user");
    assertEquals(userAuthority.getHeader(), "Authorization");
    assertFalse(userAuthority.allowAuthorization());
    // invalid authenticate values
    assertNull(userAuthority.authenticate("Test Creds", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("Basic !@#$#!@$#", "10.11.12.13", "GET", null));
    assertNull(userAuthority.authenticate("BasicdGVzdHVzZXI6dGVzdHB3ZA==", "10.11.12.13", "GET", null));
    // valid values
    String token = "Basic dGVzdHVzZXI6dGVzdHB3ZA==";
    Principal p = userAuthority.authenticate(token, "10.11.12.13", "GET", null);
    assertNotNull(p);
    assertEquals(p.getDomain(), "user");
    assertEquals(p.getName(), "testuser");
}

Example 72 with Principal

use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.

the class RsrcCtxWrapperTest method TestAuthorize.

@Test
public void TestAuthorize() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Principal prin = Mockito.mock(Principal.class);
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.<String>any(), Mockito.<String>any(), Mockito.<String>any(), Mockito.any())).thenReturn(prin);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    // force true access right
    Mockito.when(authorizerMock.access(Mockito.<String>any(), Mockito.<String>any(), Mockito.any(), Mockito.any())).thenReturn(true);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock);
    wrapper.authorize("add-domain", "test", "test");
    // after authorize success, principal should be set
    assertEquals(wrapper.principal(), prin);
}

Example 73 with Principal

use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.

the class RsrcCtxWrapperTest method TestRsrcCtxWrapperSimpleAssertion.

@Test
public void TestRsrcCtxWrapperSimpleAssertion() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Principal prin = Mockito.mock(Principal.class);
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.<String>any(), Mockito.<String>any(), Mockito.<String>any(), Mockito.any())).thenReturn(prin);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock);
    assertNotNull(wrapper.context());
    // default principal should be null
    assertEquals(wrapper.principal(), null);
    assertEquals(wrapper.request(), reqMock);
    assertEquals(wrapper.response(), resMock);
    wrapper.authenticate();
    // after authenticate, principal should be set
    assertEquals(wrapper.principal(), prin);
    // invalid kerberos request
    try {
        wrapper.authenticateKerberos();
        fail();
    } catch (ResourceException ex) {
        assertNotNull(ex);
    }
}

Example 74 with Principal

use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.

the class ZTSImplTest method testGetRoleTokenCertMismatchDomain.

@Test
public void testGetRoleTokenCertMismatchDomain() throws Exception {
    RoleCertificateRequest req = new RoleCertificateRequest().setCsr(ROLE_CERT_DB_REQUEST).setExpiryTime(Long.valueOf(3600));
    SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
    store.processDomain(signedDomain, false);
    Principal principal = SimplePrincipal.create("user_domain", "user1", "v=U1;d=user_domain;n=user;s=signature", 0, null);
    ResourceContext context = createResourceContext(principal);
    try {
        zts.postRoleCertificateRequest(context, "coretech", "readers", req);
        fail();
    } catch (ResourceException ex) {
        assertEquals(ex.getCode(), 400);
    }
}

Example 75 with Principal

use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.

the class ZTSImpl method logPrincipal.

void logPrincipal(ResourceContext ctx) {
    // we are going to log our principal and validate that it
    // contains expected data
    final Principal ctxPrincipal = ((RsrcCtxWrapper) ctx).principal();
    ((RsrcCtxWrapper) ctx).logPrincipal(ctxPrincipal);
    if (ctxPrincipal != null && ctxPrincipal.getFullName() != null) {
        validate(ctxPrincipal.getFullName(), TYPE_SERVICE_NAME, "logPrincipal");
    }
}