use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.
the class ZTSUtilsTest method testGenerateIdentityFailure.
@Test
public void testGenerateIdentityFailure() throws IOException {
CertSigner certSigner = Mockito.mock(CertSigner.class);
Mockito.when(certSigner.generateX509Certificate(Mockito.<String>any(), Mockito.<String>any(), Mockito.anyInt())).thenReturn(null);
Path path = Paths.get("src/test/resources/valid.csr");
String csr = new String(Files.readAllBytes(path));
Identity identity = ZTSUtils.generateIdentity(certSigner, csr, "unknown.syncer", null, 0);
assertNull(identity);
}
use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.
the class HttpCertSignerTest method testHttpCertSignerFactory.
@Test
public void testHttpCertSignerFactory() {
HttpCertSignerFactory certFactory = new HttpCertSignerFactory();
assertNotNull(certFactory);
CertSigner certSigner = certFactory.create();
assertNotNull(certSigner);
certSigner.close();
}
use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.
the class InstanceCertManagerTest method testGetSshCertificateSigner.
@Test
public void testGetSshCertificateSigner() {
CertSigner certSigner = Mockito.mock(com.yahoo.athenz.common.server.cert.CertSigner.class);
Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn("ssh-host");
Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn("ssh-user");
InstanceCertManager instanceManager = new InstanceCertManager(null, certSigner);
assertEquals(instanceManager.getSshCertificateSigner("host"), "ssh-host");
assertEquals(instanceManager.getSshCertificateSigner("user"), "ssh-user");
// second time we should not fetch from certsigner and use fetched copies
Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn(null);
Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn(null);
assertEquals(instanceManager.getSshCertificateSigner("host"), "ssh-host");
assertEquals(instanceManager.getSshCertificateSigner("user"), "ssh-user");
}
use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.
the class InstanceCertManagerTest method testGenerateSshIdentityEmptyCertError.
@Test
public void testGenerateSshIdentityEmptyCertError() {
String sshCsr = "{\"csr\":\"csr\",\"certtype\":\"host\"}";
CertSigner certSigner = Mockito.mock(com.yahoo.athenz.common.server.cert.CertSigner.class);
Mockito.when(certSigner.generateSSHCertificate(sshCsr)).thenReturn("");
Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn("ssh-host");
Mockito.when(certSigner.getSSHCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn("ssh-user");
InstanceCertManager instanceManager = new InstanceCertManager(null, certSigner);
InstanceIdentity identity = new InstanceIdentity().setName("athenz.service");
boolean result = instanceManager.generateSshIdentity(identity, sshCsr, "host");
assertFalse(result);
}
use of com.yahoo.athenz.common.server.cert.CertSigner in project athenz by yahoo.
the class ZTSImplTest method testGetRoleTokenCert.
@Test
public void testGetRoleTokenCert() throws Exception {
// this csr is for sports:role.readers role
RoleCertificateRequest req = new RoleCertificateRequest().setCsr(ROLE_CERT_CORETECH_REQUEST).setExpiryTime(Long.valueOf(3600));
SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
store.processDomain(signedDomain, false);
File caCert = new File("src/test/resources/valid_cn_x509.cert");
X509Certificate caCertificate = Crypto.loadX509Certificate(caCert);
File caKey = new File("src/test/resources/private_encrypted.key");
PrivateKey caPrivateKey = Crypto.loadPrivateKey(caKey, "athenz");
CertSigner certSigner = new SelfCertSigner(caPrivateKey, caCertificate);
CloudStore cloudStore = new MockCloudStore(certSigner);
store.setCloudStore(cloudStore);
zts.cloudStore = cloudStore;
Principal principal = SimplePrincipal.create("user_domain", "user1", "v=U1;d=user_domain;n=user;s=signature", 0, null);
ResourceContext context = createResourceContext(principal);
RoleToken roleToken = zts.postRoleCertificateRequest(context, "coretech", "readers", req);
assertNotNull(roleToken);
assertEquals(roleToken.getExpiryTime(), TimeUnit.SECONDS.convert(30, TimeUnit.DAYS));
}
Aggregations