Examples with AuthorityList com.yahoo.athenz.common.server.rest.Http.AuthorityList used on opensource projects

Search in sources :

Example 11 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testRsrcCtxWrapperSimpleAssertionMtlsRestricted.

@Test
public void testRsrcCtxWrapperSimpleAssertionMtlsRestricted() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Metric metricMock = Mockito.mock(Metric.class);
    Object timerMetricMock = Mockito.mock(Object.class);
    Principal prin = Mockito.mock(Principal.class);
    Mockito.when(prin.getMtlsRestricted()).thenReturn(true);
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())).thenReturn(prin);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock, metricMock, timerMetricMock, "apiName");
    assertNotNull(wrapper.context());
    // default principal should be null
    assertNull(wrapper.principal());
    assertEquals(wrapper.request(), reqMock);
    assertEquals(wrapper.response(), resMock);
    assertEquals(wrapper.getApiName(), "apiname");
    assertEquals(wrapper.getHttpMethod(), "POST");
    try {
        wrapper.authenticate();
        fail();
    } catch (ResourceException ex) {
        assertEquals(ex.getMessage(), "ResourceException (401): {code: 401, message: \"certificate is mTLS restricted\"}");
        assertEquals(ex.getCode(), 401);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) Metric(com.yahoo.athenz.common.metrics.Metric) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 12 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testAuthenticateException.

@Test
public void testAuthenticateException() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Metric metricMock = Mockito.mock(Metric.class);
    Object timerMetricMock = Mockito.mock(Object.class);
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())).thenThrow(new com.yahoo.athenz.common.server.rest.ResourceException(403));
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock, metricMock, timerMetricMock, "apiName");
    try {
        wrapper.authenticate();
    } catch (ResourceException ex) {
        assertEquals(403, ex.getCode());
    }
}
Also used : Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) HttpServletRequest(javax.servlet.http.HttpServletRequest) Authorizer(com.yahoo.athenz.auth.Authorizer) Metric(com.yahoo.athenz.common.metrics.Metric) Test(org.testng.annotations.Test)

Example 13 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testLogPrincipalRoleName.

@Test
public void testLogPrincipalRoleName() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Metric metricMock = Mockito.mock(Metric.class);
    Object timerMetricMock = Mockito.mock(Object.class);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("hockey", "kings", "v=S1,d=hockey;n=kings;s=sig", 0, new PrincipalAuthority());
    principal.setRolePrincipalName("athenz.role");
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())).thenReturn(principal);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock, metricMock, timerMetricMock, "apiName");
    wrapper.authenticate();
    assertEquals("athenz.role", wrapper.logPrincipal());
    assertEquals("hockey", wrapper.getPrincipalDomain());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) Metric(com.yahoo.athenz.common.metrics.Metric) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 14 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method TestAuthorizeInvalid.

@Test(expectedExceptions = { ResourceException.class })
public void TestAuthorizeInvalid() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    // force true access right
    Mockito.when(authorizerMock.access(Mockito.<String>any(), Mockito.<String>any(), Mockito.any(), Mockito.any())).thenReturn(true);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock);
    // when not set authority
    wrapper.authorize("add-domain", "test", "test");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) Test(org.testng.annotations.Test)

Example 15 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testLogPrincipalNull.

@Test
public void testLogPrincipalNull() {
    HttpServletRequest servletRequest = new MockHttpServletRequest();
    HttpServletResponse servletResponse = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Object timerMetric = new Object();
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(servletRequest, servletResponse, authListMock, false, authorizerMock, timerMetric, "apiName", false);
    wrapper.logPrincipal();
    assertNull(servletRequest.getAttribute("com.yahoo.athenz.auth.principal"));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) Test(org.testng.annotations.Test)

Aggregations

AuthorityList (com.yahoo.athenz.common.server.rest.Http.AuthorityList)26 Authorizer (com.yahoo.athenz.auth.Authorizer)24 HttpServletRequest (javax.servlet.http.HttpServletRequest)24 HttpServletResponse (javax.servlet.http.HttpServletResponse)24 Test (org.testng.annotations.Test)24 Authority (com.yahoo.athenz.auth.Authority)13 PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)12 Metric (com.yahoo.athenz.common.metrics.Metric)11 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)9 Principal (com.yahoo.athenz.auth.Principal)8 DomainChangeMessage (com.yahoo.athenz.common.messaging.DomainChangeMessage)3 CertificateAuthority (com.yahoo.athenz.auth.impl.CertificateAuthority)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial