Example 31 with SSHCertRecord
use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.
the class InstanceCertManagerTest method testValidPrincipalsNoCnames.
@Test
public void testValidPrincipalsNoCnames() throws IOException {
Path path = Paths.get("src/test/resources/sshhost_nocnames.csr");
String sshCsr = new String(Files.readAllBytes(path));
SSHCertRecord sshCertRecord = new SSHCertRecord();
sshCertRecord.setService("athenz.examples.httpd");
// setup the hostname resolver for our request
String hostname = "host1.athenz.cloud";
HostnameResolver hostnameResolver = Mockito.mock(HostnameResolver.class);
when(hostnameResolver.isValidHostname(hostname)).thenReturn(true);
InstanceCertManager instanceManager = new InstanceCertManager(null, null, hostnameResolver, true, null);
ObjectMapper objectMapper = new ObjectMapper();
boolean result = instanceManager.validPrincipals("host1.athenz.cloud", sshCertRecord, objectMapper.readValue(sshCsr, SshHostCsr.class));
assertTrue(result);
instanceManager.shutdown();
}
Also used :
Path(java.nio.file.Path)
HostnameResolver(com.yahoo.athenz.common.server.dns.HostnameResolver)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord)
Test(org.testng.annotations.Test)
Example 32 with SSHCertRecord
use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.
the class InstanceCertManagerTest method testInsertSSHCertRecord.
@Test
public void testInsertSSHCertRecord() {
InstanceCertManager instance = new InstanceCertManager(null, null, null, true, null);
instance.setSSHSigner(null);
SSHRecordStore certStore = Mockito.mock(SSHRecordStore.class);
SSHRecordStoreConnection certConnection = Mockito.mock(SSHRecordStoreConnection.class);
when(certStore.getConnection()).thenReturn(certConnection);
when(certConnection.insertSSHCertRecord(ArgumentMatchers.isA(SSHCertRecord.class))).thenReturn(true);
instance.setSSHStore(certStore);
SSHCertRecord sshCertRecord = new SSHCertRecord();
assertTrue(instance.updateSSHCertRecord(sshCertRecord, false));
instance.shutdown();
}
Also used :
SSHRecordStoreConnection(com.yahoo.athenz.common.server.ssh.SSHRecordStoreConnection)
SSHRecordStore(com.yahoo.athenz.common.server.ssh.SSHRecordStore)
SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord)
Test(org.testng.annotations.Test)
Example 33 with SSHCertRecord
use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.
the class InstanceCertManagerTest method testGenerateSshIdentityNullCertError.
@Test
public void testGenerateSshIdentityNullCertError() {
String sshCsr = "{\"csr\":\"csr\",\"certtype\":\"host\"}";
SSHSigner sshSigner = Mockito.mock(com.yahoo.athenz.common.server.ssh.SSHSigner.class);
SSHCertRequest sshRequest = new SSHCertRequest();
sshRequest.setCsr(sshCsr);
when(sshSigner.generateCertificate(null, sshRequest, null, "host")).thenReturn(null);
when(sshSigner.getSignerCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn("ssh-host");
when(sshSigner.getSignerCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn("ssh-user");
InstanceCertManager instanceManager = new InstanceCertManager(null, null, null, true, null);
instanceManager.setSSHSigner(sshSigner);
InstanceIdentity identity = new InstanceIdentity().setName("athenz.service");
boolean result = instanceManager.generateSSHIdentity(null, identity, null, sshCsr, null, new SSHCertRecord(), "host");
assertFalse(result);
instanceManager.shutdown();
}
Also used :
SSHSigner(com.yahoo.athenz.common.server.ssh.SSHSigner)
SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord)
Test(org.testng.annotations.Test)
Example 34 with SSHCertRecord
use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.
the class InstanceCertManagerTest method testValidPrincipalsSSHRequest.
@Test
public void testValidPrincipalsSSHRequest() {
final String hostname = "host1.athenz.cloud";
HostnameResolver hostnameResolver = Mockito.mock(HostnameResolver.class);
when(hostnameResolver.isValidHostname(hostname)).thenReturn(true);
InstanceCertManager instanceManager = new InstanceCertManager(null, null, hostnameResolver, true, null);
SSHCertRecord sshCertRecord = new SSHCertRecord();
sshCertRecord.setService("athenz.examples.httpd");
SSHCertRequest sshCertRequest = new SSHCertRequest();
sshCertRequest.setCertRequestData(new SSHCertRequestData().setPrincipals(Collections.singletonList("host1.athenz.cloud")));
sshCertRequest.setCertRequestMeta(new SSHCertRequestMeta());
assertTrue(instanceManager.validPrincipals(hostname, sshCertRecord, sshCertRequest));
instanceManager.shutdown();
}
Also used :
HostnameResolver(com.yahoo.athenz.common.server.dns.HostnameResolver)
SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord)
Test(org.testng.annotations.Test)
Example 35 with SSHCertRecord
use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.
the class InstanceCertManagerTest method testValidPrincipalsNoXPrincipals.
@Test
public void testValidPrincipalsNoXPrincipals() throws IOException {
InstanceCertManager instanceManager = new InstanceCertManager(null, null, null, true, null);
SSHCertRecord sshCertRecord = new SSHCertRecord();
sshCertRecord.setService("athenz.examples.httpd");
String sshCsr = "{\"pubkey\":\"key\",\"certtype\":\"host\"}";
ObjectMapper objectMapper = new ObjectMapper();
boolean result = instanceManager.validPrincipals("host1.athenz.cloud", sshCertRecord, objectMapper.readValue(sshCsr, SshHostCsr.class));
assertTrue(result);
result = instanceManager.validPrincipals("host1.athenz.cloud", sshCertRecord, objectMapper.readValue("{}", SshHostCsr.class));
assertTrue(result);
instanceManager.shutdown();
}
Also used :
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord)
Test(org.testng.annotations.Test)
Aggregations
SSHCertRecord (com.yahoo.athenz.common.server.ssh.SSHCertRecord)57
Test (org.testng.annotations.Test)51
SSHSigner (com.yahoo.athenz.common.server.ssh.SSHSigner)14
HostnameResolver (com.yahoo.athenz.common.server.dns.HostnameResolver)12
Path (java.nio.file.Path)5
File (java.io.File)4
AmazonDynamoDBException (com.amazonaws.services.dynamodbv2.model.AmazonDynamoDBException)3
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3
SSHRecordStore (com.yahoo.athenz.common.server.ssh.SSHRecordStore)3
SSHRecordStoreConnection (com.yahoo.athenz.common.server.ssh.SSHRecordStoreConnection)3
IOException (java.io.IOException)3
UpdateItemSpec (com.amazonaws.services.dynamodbv2.document.spec.UpdateItemSpec)2
Principal (com.yahoo.athenz.auth.Principal)2
PrincipalToken (com.yahoo.athenz.auth.token.PrincipalToken)2
CryptoException (com.yahoo.athenz.auth.util.CryptoException)2
Priority (com.yahoo.athenz.common.server.cert.Priority)2
StatusCheckException (com.yahoo.athenz.common.server.status.StatusCheckException)2
InstanceConfirmation (com.yahoo.athenz.instance.provider.InstanceConfirmation)2
InstanceProvider (com.yahoo.athenz.instance.provider.InstanceProvider)2
ResourceException (com.yahoo.athenz.zts.ResourceException)2
