Examples with PrincipalAuthority com.yahoo.athenz.auth.impl.PrincipalAuthority used on opensource projects

Example 1 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testGetServiceIdentityListInvalidDomain.

@Test
public void testGetServiceIdentityListInvalidDomain() {
    SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
    store.processDomain(signedDomain, false);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("hockey", "kings", "v=S1,d=hockey;n=kings;s=sig", 0, new PrincipalAuthority());
    ResourceContext context = createResourceContext(principal);
    try {
        @SuppressWarnings("unused") com.yahoo.athenz.zts.ServiceIdentityList svcList = zts.getServiceIdentityList(context, "testDomain2");
        fail();
    } catch (ResourceException ex) {
        assertTrue(true);
    }
}

Example 2 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testPostInstanceRefreshRequestByUserInvalidCsr.

@Test
public void testPostInstanceRefreshRequestByUserInvalidCsr() throws IOException {
    ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
    DataStore store = new DataStore(structStore, null);
    ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
    String publicKeyName = "athenz.syncer_v0";
    final String ztsPublicKey = "-----BEGIN PUBLIC KEY-----\n" + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMp9ZHVDK2s/FyinpKpD7lSsU+d6TSRE\n" + "NVo6sdLrEpOaCJETsh+0Qc0knhALxBD1+B9gS5F2rAFgtug0R6savvMCAwEAAQ==\n" + "-----END PUBLIC KEY-----";
    ztsImpl.dataStore.getPublicKeyCache().put(publicKeyName, ztsPublicKey);
    InstanceRefreshRequest req = new InstanceRefreshRequest().setCsr("csr").setKeyId("v0");
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("user", "doe", "v=U1,d=user;n=doe;s=sig", 0, new PrincipalAuthority());
    principal.setKeyId("1");
    ZTSAuthorizer authorizer = Mockito.mock(ZTSAuthorizer.class);
    Mockito.when(authorizer.access("update", "athenz:service", principal, null)).thenReturn(true);
    ztsImpl.authorizer = authorizer;
    HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
    Mockito.when(servletRequest.isSecure()).thenReturn(true);
    ResourceContext context = createResourceContext(principal, servletRequest);
    try {
        ztsImpl.postInstanceRefreshRequest(context, "athenz", "syncer", req);
        fail();
    } catch (Exception ex) {
        assertTrue(ex.getMessage().contains("Unable to parse PKCS10 certificate request"), ex.getMessage());
    }
}

Example 3 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testPostInstanceRefreshInformationNullCSRs.

@Test
public void testPostInstanceRefreshInformationNullCSRs() throws IOException {
    ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
    DataStore store = new DataStore(structStore, null);
    ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
    InstanceRefreshInformation info = new InstanceRefreshInformation().setCsr(null).setSsh("");
    PrincipalAuthority authority = new PrincipalAuthority();
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("athenz", "production", "v=S1;d=athenzn=production;s=signature", 0, authority);
    ResourceContext context = createResourceContext(principal);
    try {
        ztsImpl.postInstanceRefreshInformation(context, "athenz.provider", "athenz", "production", "1001", info);
        fail();
    } catch (ResourceException ex) {
        assertTrue(ex.getMessage().contains("no csr provided"));
    }
}

Example 4 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testPostInstanceRefreshInformationNoCertAuthority.

@Test
public void testPostInstanceRefreshInformationNoCertAuthority() throws IOException {
    ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
    DataStore store = new DataStore(structStore, null);
    ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
    Path path = Paths.get("src/test/resources/athenz.instanceid.csr");
    String certCsr = new String(Files.readAllBytes(path));
    InstanceRefreshInformation info = new InstanceRefreshInformation().setCsr(certCsr);
    PrincipalAuthority authority = new PrincipalAuthority();
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("athenz", "production", "v=S1;d=athenzn=production;s=signature", 0, authority);
    ResourceContext context = createResourceContext(principal);
    try {
        ztsImpl.postInstanceRefreshInformation(context, "athenz.provider", "athenz", "production", "1001", info);
        fail();
    } catch (ResourceException ex) {
        assertEquals(ex.getCode(), 400);
        assertTrue(ex.getMessage().contains("Unsupported authority for TLS Certs"));
    }
}

Example 5 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testGetHostServicesInvalidHost.

@Test
public void testGetHostServicesInvalidHost() {
    SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
    store.processDomain(signedDomain, false);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("hockey", "kings", "v=S1,d=hockey;n=kings;s=sig", 0, new PrincipalAuthority());
    ResourceContext context = createResourceContext(principal);
    HostServices hosts = zts.getHostServices(context, "unknownHost");
    assertNull(hosts.getNames());
}