Examples with AuthorityList com.yahoo.athenz.common.server.rest.Http.AuthorityList used on opensource projects

Search in sources :

Example 16 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testDomainChangeMessageDisabled.

@Test
public void testDomainChangeMessageDisabled() {
    HttpServletRequest servletRequest = new MockHttpServletRequest();
    HttpServletResponse servletResponse = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Object timerMetric = new Object();
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(servletRequest, servletResponse, authListMock, false, authorizerMock, timerMetric, "apiName", false);
    assertNull(wrapper.getDomainChangeMessages());
    // add domain msg
    wrapper.addDomainChangeMessage(new DomainChangeMessage().setDomainName("domain1Name").setObjectName("domain1Name1").setObjectType(DOMAIN));
    // add role msg for the same domain
    wrapper.addDomainChangeMessage(new DomainChangeMessage().setDomainName("domain1Name").setObjectName("domain1role").setObjectType(ROLE));
    assertNull(wrapper.getDomainChangeMessages());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) DomainChangeMessage(com.yahoo.athenz.common.messaging.DomainChangeMessage) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) Test(org.testng.annotations.Test)

Example 17 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testLogPrincipal.

@Test
public void testLogPrincipal() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("hockey", "kings", "v=S1,d=hockey;n=kings;s=sig", 0, new PrincipalAuthority());
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())).thenReturn(principal);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    Object timerMetric = new Object();
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock, timerMetric, "apiName", false);
    wrapper.authenticate();
    wrapper.logPrincipal();
    Mockito.verify(reqMock, times(1)).setAttribute("com.yahoo.athenz.auth.principal", "hockey.kings");
    Mockito.verify(reqMock, times(1)).setAttribute("com.yahoo.athenz.auth.authority_id", "Auth-NTOKEN");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 18 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testAuthorizeInvalid.

@Test(expectedExceptions = { ResourceException.class })
public void testAuthorizeInvalid() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    // force true access right
    Mockito.when(authorizerMock.access(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())).thenReturn(true);
    Object timerMetric = new Object();
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock, timerMetric, "apiName", false);
    // when not set authority
    wrapper.authorize("add-domain", "test", "test");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) Test(org.testng.annotations.Test)

Example 19 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testLogAuthorityId.

@Test
public void testLogAuthorityId() {
    HttpServletRequest servletRequest = new MockHttpServletRequest();
    HttpServletResponse servletResponse = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Object timerMetric = new Object();
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(servletRequest, servletResponse, authListMock, false, authorizerMock, timerMetric, "apiName", false);
    wrapper.logAuthorityId(null);
    assertNull(servletRequest.getAttribute("com.yahoo.athenz.auth.authority_id"));
    wrapper.logAuthorityId(new PrincipalAuthority());
    assertEquals(servletRequest.getAttribute("com.yahoo.athenz.auth.authority_id"), "Auth-NTOKEN");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Test(org.testng.annotations.Test)

Example 20 with AuthorityList

use of com.yahoo.athenz.common.server.rest.Http.AuthorityList in project athenz by yahoo.

the class RsrcCtxWrapperTest method testAuthorize.

@Test
public void testAuthorize() {
    HttpServletRequest reqMock = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse resMock = Mockito.mock(HttpServletResponse.class);
    AuthorityList authListMock = new AuthorityList();
    Authorizer authorizerMock = Mockito.mock(Authorizer.class);
    Authority authMock = Mockito.mock(Authority.class);
    Metric metricMock = Mockito.mock(Metric.class);
    Object timerMetricMock = Mockito.mock(Object.class);
    Principal prin = Mockito.mock(Principal.class);
    Mockito.when(authMock.getHeader()).thenReturn("testheader");
    Mockito.when(reqMock.getHeader("testheader")).thenReturn("testcred");
    Mockito.when(authMock.getCredSource()).thenReturn(com.yahoo.athenz.auth.Authority.CredSource.HEADER);
    Mockito.when(authMock.authenticate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())).thenReturn(prin);
    Mockito.when(reqMock.getRemoteAddr()).thenReturn("1.1.1.1");
    Mockito.when(reqMock.getMethod()).thenReturn("POST");
    authListMock.add(authMock);
    // force true access right
    Mockito.when(authorizerMock.access(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())).thenReturn(true);
    RsrcCtxWrapper wrapper = new RsrcCtxWrapper(reqMock, resMock, authListMock, false, authorizerMock, metricMock, timerMetricMock, "apiName");
    wrapper.authorize("add-domain", "test", "test");
    // after authorize success, principal should be set
    assertEquals(wrapper.principal(), prin);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Authority(com.yahoo.athenz.auth.Authority) PrincipalAuthority(com.yahoo.athenz.auth.impl.PrincipalAuthority) Authorizer(com.yahoo.athenz.auth.Authorizer) HttpServletResponse(javax.servlet.http.HttpServletResponse) Metric(com.yahoo.athenz.common.metrics.Metric) AuthorityList(com.yahoo.athenz.common.server.rest.Http.AuthorityList) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Aggregations

AuthorityList (com.yahoo.athenz.common.server.rest.Http.AuthorityList)26 Authorizer (com.yahoo.athenz.auth.Authorizer)24 HttpServletRequest (javax.servlet.http.HttpServletRequest)24 HttpServletResponse (javax.servlet.http.HttpServletResponse)24 Test (org.testng.annotations.Test)24 Authority (com.yahoo.athenz.auth.Authority)13 PrincipalAuthority (com.yahoo.athenz.auth.impl.PrincipalAuthority)12 Metric (com.yahoo.athenz.common.metrics.Metric)11 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)9 Principal (com.yahoo.athenz.auth.Principal)8 DomainChangeMessage (com.yahoo.athenz.common.messaging.DomainChangeMessage)3 CertificateAuthority (com.yahoo.athenz.auth.impl.CertificateAuthority)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial