Examples with PrincipalAuthority com.yahoo.athenz.auth.impl.PrincipalAuthority used on opensource projects

Search in sources :

Example 46 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testPostInstanceRefreshRequestUserAuthority.

@Test
public void testPostInstanceRefreshRequestUserAuthority() throws IOException {
    Path path = Paths.get("src/test/resources/valid.csr");
    String certCsr = new String(Files.readAllBytes(path));
    InstanceRefreshRequest req = new InstanceRefreshRequest().setCsr(certCsr);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("user", "joe", "v=U1,d=user;n=joe;s=sig", 0, new PrincipalAuthority());
    ResourceContext context = createResourceContext(principal);
    try {
        zts.postInstanceRefreshRequest(context, "user", "joe", req);
        fail();
    } catch (ResourceException ex) {
        assertEquals(ex.getCode(), 400);
        assertTrue(ex.getMessage().contains("TLS Certificates require ServiceTokens"), ex.getMessage());
    }
}
Also used : Path(java.nio.file.Path) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 47 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testGetTenantDomainsSingleDomain.

@Test
public void testGetTenantDomainsSingleDomain() {
    SignedDomain signedDomain = createSignedDomain("athenz.product", "weather.frontpage", "storage", true);
    store.processDomain(signedDomain, false);
    signedDomain = createTenantSignedDomain("weather.frontpage", "athenz.product", "storage");
    store.processDomain(signedDomain, false);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("hockey", "kings", "v=S1,d=hockey;n=kings;s=sig", 0, new PrincipalAuthority());
    ResourceContext context = createResourceContext(principal);
    TenantDomains tenantDomains = zts.getTenantDomains(context, "athenz.product", "user_domain.user100", null, null);
    assertNotNull(tenantDomains);
    assertEquals(tenantDomains.getTenantDomainNames().size(), 1);
    assertEquals(tenantDomains.getTenantDomainNames().get(0), "weather.frontpage");
}
Also used : SignedDomain(com.yahoo.athenz.zms.SignedDomain) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 48 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testGetTenantDomainsMultipleDomains.

@Test
public void testGetTenantDomainsMultipleDomains() {
    SignedDomain signedDomain = createMultipleSignedDomains("athenz.multiple", "hockey.kings", "hockey.stars", "storage", true);
    store.processDomain(signedDomain, false);
    signedDomain = createTenantSignedDomain("hockey.kings", "athenz.multiple", "storage");
    store.processDomain(signedDomain, false);
    signedDomain = createTenantSignedDomain("hockey.stars", "athenz.multiple", "storage");
    store.processDomain(signedDomain, false);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("hockey", "kings", "v=S1,d=hockey;n=kings;s=sig", 0, new PrincipalAuthority());
    ResourceContext context = createResourceContext(principal);
    TenantDomains tenantDomains = zts.getTenantDomains(context, "athenz.multiple", "user_domain.user100", null, null);
    assertNotNull(tenantDomains);
    assertEquals(tenantDomains.getTenantDomainNames().size(), 2);
    assertTrue(tenantDomains.getTenantDomainNames().contains("hockey.kings"));
    assertTrue(tenantDomains.getTenantDomainNames().contains("hockey.stars"));
}
Also used : SignedDomain(com.yahoo.athenz.zms.SignedDomain) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 49 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testPostInstanceRefreshRequestByUserPrincipalMismatch.

@Test
public void testPostInstanceRefreshRequestByUserPrincipalMismatch() throws IOException {
    ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
    DataStore store = new DataStore(structStore, null);
    ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
    Path path = Paths.get("src/test/resources/valid_provider_refresh.csr");
    String certCsr = new String(Files.readAllBytes(path));
    InstanceRefreshRequest req = new InstanceRefreshRequest().setCsr(certCsr).setKeyId("v0");
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("user", "doe", "v=U1,d=user;n=doe;s=sig", 0, new PrincipalAuthority());
    principal.setKeyId("0");
    String publicKeyName = "athenz.syncer_v0";
    final String ztsPublicKey = "-----BEGIN PUBLIC KEY-----\n" + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMp9ZHVDK2s/FyinpKpD7lSsU+d6TSRE\n" + "NVo6sdLrEpOaCJETsh+0Qc0knhALxBD1+B9gS5F2rAFgtug0R6savvMCAwEAAQ==\n" + "-----END PUBLIC KEY-----";
    ztsImpl.dataStore.getPublicKeyCache().put(publicKeyName, ztsPublicKey);
    ZTSAuthorizer authorizer = Mockito.mock(ZTSAuthorizer.class);
    Mockito.when(authorizer.access("update", "athenz:service", principal, null)).thenReturn(false);
    ztsImpl.authorizer = authorizer;
    HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
    Mockito.when(servletRequest.isSecure()).thenReturn(true);
    ResourceContext context = createResourceContext(principal, servletRequest);
    try {
        ztsImpl.postInstanceRefreshRequest(context, "athenz", "syncer", req);
        fail();
    } catch (Exception ex) {
        assertTrue(ex.getMessage().contains("Principal mismatch"));
    }
}
Also used : Path(java.nio.file.Path) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) WebApplicationException(javax.ws.rs.WebApplicationException) IOException(java.io.IOException) HttpServletRequest(javax.servlet.http.HttpServletRequest) ChangeLogStore(com.yahoo.athenz.zts.store.ChangeLogStore) MockZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore) ZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore) MockZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore) ZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore) DataStore(com.yahoo.athenz.zts.store.DataStore) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Test(org.testng.annotations.Test)

Example 50 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class ZTSImplTest method testGetTenantDomainsSingleDomainWithUserDomain.

@Test
public void testGetTenantDomainsSingleDomainWithUserDomain() {
    SignedDomain signedDomain = createSignedDomain("athenz.product", "weather.frontpage", "storage", true);
    store.processDomain(signedDomain, false);
    signedDomain = createTenantSignedDomain("weather.frontpage", "athenz.product", "storage");
    store.processDomain(signedDomain, false);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("hockey", "kings", "v=S1,d=hockey;n=kings;s=sig", 0, new PrincipalAuthority());
    ResourceContext context = createResourceContext(principal);
    TenantDomains tenantDomains = zts.getTenantDomains(context, "athenz.product", "user_domain.user100", null, null);
    assertNotNull(tenantDomains);
    assertEquals(tenantDomains.getTenantDomainNames().size(), 1);
    assertEquals(tenantDomains.getTenantDomainNames().get(0), "weather.frontpage");
}
Also used : SignedDomain(com.yahoo.athenz.zms.SignedDomain) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Aggregations

PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)101 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)74 Test (org.testng.annotations.Test)62 Principal (com.yahoo.athenz.auth.Principal)44 Authority (com.yahoo.athenz.auth.Authority)40 BeforeTest (org.testng.annotations.BeforeTest)26 KeyStore (com.yahoo.athenz.auth.KeyStore)16 SignedDomain (com.yahoo.athenz.zms.SignedDomain)16 IOException (java.io.IOException)16 WebApplicationException (javax.ws.rs.WebApplicationException)16 PrincipalToken (com.yahoo.athenz.auth.token.PrincipalToken)13 Path (java.nio.file.Path)13 ArrayList (java.util.ArrayList)12 ChangeLogStore (com.yahoo.athenz.zts.store.ChangeLogStore)11 DataStore (com.yahoo.athenz.zts.store.DataStore)11 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)11 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)11 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 UnsupportedEncodingException (java.io.UnsupportedEncodingException)9 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial