use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.
the class ZMSImplTest method testGetAuditLogMsgBuilderTokenWithSig.
@Test
public void testGetAuditLogMsgBuilderTokenWithSig() {
Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
String userId = "user1";
String signature = "ABRACADABRA";
String unsignedCreds = "v=U1;d=user;n=user1";
Principal principal = SimplePrincipal.create("user", userId, unsignedCreds + ";s=" + signature, 0, principalAuthority);
// set unsigned creds
((SimplePrincipal) principal).setUnsignedCreds(unsignedCreds);
ResourceContext ctx = createResourceContext(principal);
AuditLogMsgBuilder msgBldr = ZMSUtils.getAuditLogMsgBuilder(ctx, auditLogger, "mydomain", auditRef, "myapi", "PUT");
assertNotNull(msgBldr);
String who = msgBldr.who();
assertNotNull(who);
assertTrue(who.contains(userId));
assertTrue(!who.contains(signature), "Should not contain the signature: " + who);
}
use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.
the class ZMSImplTest method zmsInit.
private ZMSImpl zmsInit() {
// we want to make sure we start we clean dir structure
FileConnection.deleteDirectory(new File(ZMS_DATA_STORE_PATH));
Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
String unsignedCreds = "v=U1;d=user;n=user1";
rsrcPrince = SimplePrincipal.create("user", "user1", unsignedCreds + ";s=signature", 0, principalAuthority);
((SimplePrincipal) rsrcPrince).setUnsignedCreds(unsignedCreds);
Mockito.when(mockDomRestRsrcCtx.request()).thenReturn(mockServletRequest);
Mockito.when(mockDomRestRsrcCtx.principal()).thenReturn(rsrcPrince);
Mockito.when(mockDomRsrcCtx.context()).thenReturn(mockDomRestRsrcCtx);
Mockito.when(mockDomRsrcCtx.request()).thenReturn(mockServletRequest);
Mockito.when(mockDomRsrcCtx.principal()).thenReturn(rsrcPrince);
String pubKeyName = System.getProperty(ZMS_PROP_PUBLIC_KEY);
File pubKeyFile = new File(pubKeyName);
pubKey = Crypto.encodedFile(pubKeyFile);
String privKeyName = System.getProperty(FilePrivateKeyStore.ATHENZ_PROP_PRIVATE_KEY);
File privKeyFile = new File(privKeyName);
privKey = Crypto.encodedFile(privKeyFile);
adminUser = System.getProperty(ZMSConsts.ZMS_PROP_DOMAIN_ADMIN);
System.setProperty(ZMSConsts.ZMS_PROP_FILE_STORE_PATH, "/tmp/zms_core_unit_tests/");
System.clearProperty(ZMSConsts.ZMS_PROP_JDBC_RW_STORE);
System.clearProperty(ZMSConsts.ZMS_PROP_JDBC_RO_STORE);
ZMSImpl zmsObj = new ZMSImpl();
zmsObj.serverPublicKeyMap.put("1", pubKeyK1);
zmsObj.serverPublicKeyMap.put("2", pubKeyK2);
ZMSImpl.serverHostName = "localhost";
return zmsObj;
}
use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.
the class ZMSImplTest method testUserHomeDomainResource.
@Test
public void testUserHomeDomainResource() {
ZMSImpl zmsImpl = zmsInit();
PrincipalAuthority principalAuthority = new com.yahoo.athenz.auth.impl.PrincipalAuthority();
PrincipalAuthority testPrincipalAuthority = new com.yahoo.athenz.zms.TestUserPrincipalAuthority();
// no changes expected
zmsImpl.userDomain = "user";
zmsImpl.userDomainPrefix = "user.";
zmsImpl.homeDomain = "user";
zmsImpl.homeDomainPrefix = "user.";
zmsImpl.userAuthority = principalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "user.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "user.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
// no changes expected
zmsImpl.userDomain = "user";
zmsImpl.userDomainPrefix = "user.";
zmsImpl.homeDomain = "user";
zmsImpl.homeDomainPrefix = "user.";
zmsImpl.userAuthority = testPrincipalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "user.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "user.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
// only domain name is changed - no username changes since user/home are same
zmsImpl.userDomain = "testuser";
zmsImpl.userDomainPrefix = "testuser.";
zmsImpl.homeDomain = "testuser";
zmsImpl.homeDomainPrefix = "testuser.";
zmsImpl.userAuthority = principalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "testuser.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
// only domain name is changed - no username changes since user/home are same
zmsImpl.userDomain = "testuser";
zmsImpl.userDomainPrefix = "testuser.";
zmsImpl.homeDomain = "testuser";
zmsImpl.homeDomainPrefix = "testuser.";
zmsImpl.userAuthority = testPrincipalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "testuser.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
// domain and username are changed since user/home namespaces are different
// username impl in authority is default so we'll end up with same username
zmsImpl.userDomain = "user";
zmsImpl.userDomainPrefix = "user.";
zmsImpl.homeDomain = "home";
zmsImpl.homeDomainPrefix = "home.";
zmsImpl.userAuthority = principalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "home.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "home.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
// domain and username are changed since user/home namespaces are different
// username impl in authority will replace .'s with -'s
zmsImpl.userDomain = "user";
zmsImpl.userDomainPrefix = "user.";
zmsImpl.homeDomain = "home";
zmsImpl.homeDomainPrefix = "home.";
zmsImpl.userAuthority = testPrincipalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "home.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "home.john-smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
// domain and username are changed since user/home namespaces are different
// username impl in authority is default so we'll end up with same username
zmsImpl.userDomain = "testuser";
zmsImpl.userDomainPrefix = "testuser.";
zmsImpl.homeDomain = "home";
zmsImpl.homeDomainPrefix = "home.";
zmsImpl.userAuthority = principalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "home.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "home.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
// domain and username are changed since user/home namespaces are different
// username impl in authority will replace .'s with -'s
zmsImpl.userDomain = "testuser";
zmsImpl.userDomainPrefix = "testuser.";
zmsImpl.homeDomain = "home";
zmsImpl.homeDomainPrefix = "home.";
zmsImpl.userAuthority = testPrincipalAuthority;
assertEquals(zmsImpl.userHomeDomainResource("user.hga:domain"), "home.hga:domain");
assertEquals(zmsImpl.userHomeDomainResource("user.john.smith:domain"), "home.john-smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("testuser.john.smith:domain"), "testuser.john.smith:domain");
assertEquals(zmsImpl.userHomeDomainResource("product.john.smith:domain"), "product.john.smith:domain");
}
use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.
the class ZMSImplTest method testPutTenantResourceGroupRolesNull.
@Test
public void testPutTenantResourceGroupRolesNull() {
Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
Principal principal1 = principalAuthority.authenticate("v=U1;d=user;n=user1;s=signature", "10.11.12.13", "GET", null);
ResourceContext rsrcCtx1 = createResourceContext(principal1);
TenantResourceGroupRoles tenantResource = new TenantResourceGroupRoles();
try {
zms.putTenantResourceGroupRoles(rsrcCtx1, null, null, null, null, null, tenantResource);
} catch (Exception ex) {
assertTrue(true);
}
}
use of com.yahoo.athenz.auth.impl.PrincipalAuthority in project athenz by yahoo.
the class ZMSImplTest method testIsValidUserTokenRequestNotuserAuthority.
@Test
public void testIsValidUserTokenRequestNotuserAuthority() {
Authority principalAuthority = new com.yahoo.athenz.common.server.debug.DebugPrincipalAuthority();
Principal principal = SimplePrincipal.create("user", "user1", "v=U1;d=user;n=user1;s=signature", 0, principalAuthority);
assertFalse(zms.isValidUserTokenRequest(principal, "user1"));
}
Aggregations