Examples with PrincipalAuthority com.yahoo.athenz.auth.impl.PrincipalAuthority used on opensource projects

Search in sources :

Example 16 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class PrincipalAuthorityTest method testGetPublicKeyUserToken.

@Test
public void testGetPublicKeyUserToken() {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = Mockito.mock(KeyStore.class);
    serviceAuthority.setKeyStore(keyStore);
    Mockito.when(keyStore.getPublicKey("sys.auth", "zms", "v1")).thenReturn("zms-key");
    Mockito.when(keyStore.getPublicKey("sys.auth", "zts", "v1")).thenReturn("zts-key");
    Mockito.when(keyStore.getPublicKey("athenz", "svc", "v1")).thenReturn("athenz-key");
    String key = serviceAuthority.getPublicKey("athenz", "svc", null, "v1", true);
    assertEquals(key, "zms-key");
}
Also used : KeyStore(com.yahoo.athenz.auth.KeyStore) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 17 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class PrincipalAuthorityTest method testAuthenticateIlligal.

@Test
public void testAuthenticateIlligal() throws IOException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    Principal principal = serviceAuthority.authenticate("aaaa", null, "GET", null);
    assertNull(principal);
}
Also used : PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 18 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class PrincipalAuthorityTest method testPrincipalAuthorityAuthenticateIlligal.

@Test
public void testPrincipalAuthorityAuthenticateIlligal() throws IOException, CryptoException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = Mockito.mock(KeyStore.class);
    serviceAuthority.setKeyStore(keyStore);
    String t = "v=S1;d=domain;n=hoge;bs=aaaa;s=signatur";
    Principal check = serviceAuthority.authenticate(t, "10", "10", null);
    assertNull(check);
}
Also used : KeyStore(com.yahoo.athenz.auth.KeyStore) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 19 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class PrincipalAuthorityTest method testValidateAuthorizedIlligalForAuthorizedService.

@Test
public void testValidateAuthorizedIlligalForAuthorizedService() throws IOException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = Mockito.mock(KeyStore.class);
    serviceAuthority.setKeyStore(keyStore);
    Mockito.when(keyStore.getPublicKey("sports", "fantasy", "1")).thenReturn(null);
    long issueTime = System.currentTimeMillis() / 1000;
    // Create and sign token
    List<String> authorizedServices = new ArrayList<>();
    authorizedServices.add("sports.fantasy");
    PrincipalToken userTokenToSign = new PrincipalToken.Builder(usrVersion, usrDomain, usrName).salt(salt).issueTime(issueTime).expirationWindow(expirationTime).authorizedServices(authorizedServices).build();
    userTokenToSign.sign(servicePrivateKeyStringK0);
    // now let's sign the token for an authorized service
    userTokenToSign.signForAuthorizedService("sports.fantasy", "1", servicePrivateKeyStringK1);
    // Create a token for validation using the signed data
    StringBuilder errMsg = new StringBuilder();
    assertNull(serviceAuthority.validateAuthorizeService(userTokenToSign, errMsg));
}
Also used : ArrayList(java.util.ArrayList) PrincipalToken(com.yahoo.athenz.auth.token.PrincipalToken) KeyStore(com.yahoo.athenz.auth.KeyStore) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 20 with PrincipalAuthority

use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.

the class PrincipalAuthorityTest method testPrincipalAuthority_TamperedToken.

@Test
public void testPrincipalAuthority_TamperedToken() throws IOException, CryptoException {
    PrincipalAuthority serviceAuthority = new PrincipalAuthority();
    KeyStore keyStore = new KeyStoreMock();
    serviceAuthority.setKeyStore(keyStore);
    // Create and sign token
    PrincipalToken serviceToken = new PrincipalToken.Builder(svcVersion, svcDomain, svcName).host(host).salt(salt).expirationWindow(expirationTime).build();
    serviceToken.sign(servicePrivateKeyStringK0);
    String tokenToTamper = serviceToken.getSignedToken();
    StringBuilder errMsg = new StringBuilder();
    Principal principal = serviceAuthority.authenticate(tamperWithServiceToken(tokenToTamper), null, "GET", errMsg);
    // Service Authority should return null when authenticate() fails
    assertNull(principal);
    assertTrue(!errMsg.toString().isEmpty());
    assertTrue(errMsg.toString().contains("authenticate"));
    principal = serviceAuthority.authenticate(tamperWithServiceToken(tokenToTamper), null, "GET", null);
    assertNull(principal);
}
Also used : PrincipalToken(com.yahoo.athenz.auth.token.PrincipalToken) KeyStore(com.yahoo.athenz.auth.KeyStore) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Aggregations

PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)101 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)74 Test (org.testng.annotations.Test)62 Principal (com.yahoo.athenz.auth.Principal)44 Authority (com.yahoo.athenz.auth.Authority)40 BeforeTest (org.testng.annotations.BeforeTest)26 KeyStore (com.yahoo.athenz.auth.KeyStore)16 SignedDomain (com.yahoo.athenz.zms.SignedDomain)16 IOException (java.io.IOException)16 WebApplicationException (javax.ws.rs.WebApplicationException)16 PrincipalToken (com.yahoo.athenz.auth.token.PrincipalToken)13 Path (java.nio.file.Path)13 ArrayList (java.util.ArrayList)12 ChangeLogStore (com.yahoo.athenz.zts.store.ChangeLogStore)11 DataStore (com.yahoo.athenz.zts.store.DataStore)11 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)11 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)11 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 UnsupportedEncodingException (java.io.UnsupportedEncodingException)9 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial