Example 91 with Principal
use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.
the class RoleAuthorityTest method testRoleAuthorityMismatchIPNonWrite.
@Test
public void testRoleAuthorityMismatchIPNonWrite() throws IOException, CryptoException {
RoleAuthority rollAuthority = new RoleAuthority();
KeyStore keyStore = new KeyStoreMock();
rollAuthority.setKeyStore(keyStore);
// Add some roles
List<String> roles = new ArrayList<String>();
roles.add("storage.tenant.weather.updater");
// Create and sign token with keyVersion = 0
RoleToken roleToken = new RoleToken.Builder(rolVersion, svcDomain, roles).salt(salt).ip("127.0.0.1").expirationWindow(expirationTime).principal("" + userDomain + ".joe").keyId(testKeyVersionK0).build();
roleToken.sign(ztsPrivateKeyStringK0);
// mismatch IP but should be OK since it's not write operation
StringBuilder errMsg = new StringBuilder();
Principal principal = rollAuthority.authenticate(roleToken.getSignedToken(), "127.0.0.2", "GET", errMsg);
assertNotNull(principal);
}
Also used :
RoleAuthority(com.yahoo.athenz.auth.impl.RoleAuthority)
ArrayList(java.util.ArrayList)
KeyStore(com.yahoo.athenz.auth.KeyStore)
Principal(com.yahoo.athenz.auth.Principal)
RoleToken(com.yahoo.athenz.auth.token.RoleToken)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
Example 92 with Principal
use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.
the class SimplePrincipalTest method testSimplePrincipalToStringZToken.
@Test
public void testSimplePrincipalToStringZToken() {
List<String> roles = new ArrayList<String>();
roles.add("updater");
UserAuthority userAuthority = new UserAuthority();
userAuthority.initialize();
Principal p = SimplePrincipal.create("user", fakeCreds, roles, userAuthority);
assertEquals(p.toString(), "ZToken_user~updater");
}
Also used :
ArrayList(java.util.ArrayList)
UserAuthority(com.yahoo.athenz.auth.impl.UserAuthority)
Principal(com.yahoo.athenz.auth.Principal)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Test(org.testng.annotations.Test)
Example 93 with Principal
use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.
the class SimplePrincipalTest method testSimplePrincipalNullDomainAuthorityDomainNotNull.
@Test
public void testSimplePrincipalNullDomainAuthorityDomainNotNull() {
Principal p = SimplePrincipal.create("user", "jdoe", fakeCreds, 0, null);
assertNotNull(p);
}
Also used :
Principal(com.yahoo.athenz.auth.Principal)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Test(org.testng.annotations.Test)
Example 94 with Principal
use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.
the class SimplePrincipalTest method testFullName.
@Test
public void testFullName() {
Principal p = SimplePrincipal.create("user", "jdoe", fakeCreds, null);
assertEquals(p.getFullName(), "user.jdoe");
assertEquals(p.getFullName(), "user.jdoe");
assertNotNull(SimplePrincipal.create(null, "jdoe", fakeCreds));
assertNotNull(SimplePrincipal.create("user", null, fakeCreds));
List<String> roles = new ArrayList<String>();
roles.add("role1");
p = SimplePrincipal.create("user", fakeCreds, roles, null);
assertEquals(p.getFullName(), "user");
p = SimplePrincipal.create("appid", fakeCreds, (Authority) null);
assertEquals(p.getFullName(), "appid");
Authority authority = null;
assertNull(SimplePrincipal.create(null, null, authority));
}
Also used :
UserAuthority(com.yahoo.athenz.auth.impl.UserAuthority)
Authority(com.yahoo.athenz.auth.Authority)
ArrayList(java.util.ArrayList)
Principal(com.yahoo.athenz.auth.Principal)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Test(org.testng.annotations.Test)
Example 95 with Principal
use of com.yahoo.athenz.auth.Principal in project athenz by yahoo.
the class SimplePrincipalTest method testSimplePrincipalExtraFields.
@Test
public void testSimplePrincipalExtraFields() {
UserAuthority userAuthority = new UserAuthority();
userAuthority.initialize();
Principal p = SimplePrincipal.create("user", "jdoe", fakeCreds, 101, userAuthority);
((SimplePrincipal) p).setOriginalRequestor("athenz.ci");
((SimplePrincipal) p).setKeyService("zts");
((SimplePrincipal) p).setKeyId("v1");
X509Certificate cert = Mockito.mock(X509Certificate.class);
((SimplePrincipal) p).setX509Certificate(cert);
assertEquals(p.toString(), "user.jdoe");
assertEquals(p.getOriginalRequestor(), "athenz.ci");
assertEquals(p.getKeyService(), "zts");
assertEquals(p.getKeyId(), "v1");
assertEquals(p.getX509Certificate(), cert);
}
Also used :
UserAuthority(com.yahoo.athenz.auth.impl.UserAuthority)
Principal(com.yahoo.athenz.auth.Principal)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
X509Certificate(java.security.cert.X509Certificate)
Test(org.testng.annotations.Test)
Aggregations
Principal (com.yahoo.athenz.auth.Principal)259
SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)219
Test (org.testng.annotations.Test)168
Authority (com.yahoo.athenz.auth.Authority)66
PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)52
ArrayList (java.util.ArrayList)35
SignedDomain (com.yahoo.athenz.zms.SignedDomain)33
BeforeTest (org.testng.annotations.BeforeTest)17
AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)14
SimpleServiceIdentityProvider (com.yahoo.athenz.auth.impl.SimpleServiceIdentityProvider)13
PrincipalToken (com.yahoo.athenz.auth.token.PrincipalToken)13
AuditLogMsgBuilder (com.yahoo.athenz.common.server.log.AuditLogMsgBuilder)13
IOException (java.io.IOException)13
HttpServletRequest (javax.servlet.http.HttpServletRequest)12
KeyStore (com.yahoo.athenz.auth.KeyStore)11
UnsupportedEncodingException (java.io.UnsupportedEncodingException)10
WebApplicationException (javax.ws.rs.WebApplicationException)10
X509Certificate (java.security.cert.X509Certificate)9
ServiceIdentityProvider (com.yahoo.athenz.auth.ServiceIdentityProvider)8
CertificateAuthority (com.yahoo.athenz.auth.impl.CertificateAuthority)8
