use of com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore in project athenz by yahoo.
the class ZTSImplTest method testGetRoleTokenAddrLoopbackXFFMultipleValues.
@Test
public void testGetRoleTokenAddrLoopbackXFFMultipleValues() {
HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
Mockito.when(servletRequest.getRemoteAddr()).thenReturn("127.0.0.1");
Mockito.when(servletRequest.getHeader("X-Forwarded-For")).thenReturn("10.10.10.11, 10.11.11.11, 10.12.12.12");
Mockito.when(servletRequest.isSecure()).thenReturn(true);
ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
DataStore store = new DataStore(structStore, null, ztsMetric);
ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
ZTSImpl.serverHostName = "localhost";
SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
store.processSignedDomain(signedDomain, false);
Principal principal = SimplePrincipal.create("user_domain", "user", "v=U1;d=user_domain;n=user;s=signature", 0, null);
ResourceContext context = createResourceContext(principal, servletRequest);
RoleToken roleToken = ztsImpl.getRoleToken(context, "coretech", null, 600, 1200, null);
com.yahoo.athenz.auth.token.RoleToken token = new com.yahoo.athenz.auth.token.RoleToken(roleToken.getToken());
assertNotNull(token);
}
use of com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore in project athenz by yahoo.
the class ZTSImplTest method testSignJWSPolicyDataECKey.
@Test
public void testSignJWSPolicyDataECKey() {
System.setProperty(FilePrivateKeyStore.ATHENZ_PROP_PRIVATE_EC_KEY, "src/test/resources/unit_test_zts_private_ec.pem");
System.clearProperty(FilePrivateKeyStore.ATHENZ_PROP_PRIVATE_KEY);
ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
DataStore store = new DataStore(structStore, null, ztsMetric);
ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
ZTSImpl.serverHostName = "localhost";
SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
store.processSignedDomain(signedDomain, false);
Principal principal = SimplePrincipal.create("user_domain", "user", "v=U1;d=user_domain;n=user;s=signature", 0, null);
ResourceContext context = createResourceContext(principal);
SignedPolicyRequest signedPolicyRequest = new SignedPolicyRequest();
signedPolicyRequest.setPolicyVersions(Collections.emptyMap());
signedPolicyRequest.setSignatureP1363Format(true);
Response response = ztsImpl.postSignedPolicyRequest(context, "coretech", signedPolicyRequest, null);
assertEquals(response.getStatus(), 200);
JWSPolicyData jwsPolicyData = (JWSPolicyData) response.getEntity();
// using standard DER format signature we're going to get failure
Function<String, PublicKey> keyGetter = s -> Crypto.extractPublicKey(ztsImpl.privateKey.getKey());
assertFalse(Crypto.validateJWSDocument(jwsPolicyData.getProtectedHeader(), jwsPolicyData.getPayload(), jwsPolicyData.getSignature(), keyGetter));
// now we need to convert to DER format
final String derSignature = ZTSTestUtils.getDERSignature(jwsPolicyData.getProtectedHeader(), jwsPolicyData.getSignature());
assertTrue(Crypto.validateJWSDocument(jwsPolicyData.getProtectedHeader(), jwsPolicyData.getPayload(), derSignature, keyGetter));
// now we're going to request the jws policy data with DER signature
signedPolicyRequest.setSignatureP1363Format(false);
response = ztsImpl.postSignedPolicyRequest(context, "coretech", signedPolicyRequest, null);
assertEquals(response.getStatus(), 200);
jwsPolicyData = (JWSPolicyData) response.getEntity();
// we should be able to validate without any conversion
assertTrue(Crypto.validateJWSDocument(jwsPolicyData.getProtectedHeader(), jwsPolicyData.getPayload(), jwsPolicyData.getSignature(), keyGetter));
// set back our private key setting
System.setProperty(FilePrivateKeyStore.ATHENZ_PROP_PRIVATE_KEY, "src/test/resources/unit_test_zts_private.pem");
System.clearProperty(FilePrivateKeyStore.ATHENZ_PROP_PRIVATE_EC_KEY);
}
use of com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore in project athenz by yahoo.
the class ZTSImplTest method testGetStatusWithStatusChecker.
@Test
public void testGetStatusWithStatusChecker() {
ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
DataStore store = new DataStore(structStore, null, ztsMetric);
Principal principal = SimplePrincipal.create("user_domain", "user1", "v=U1;d=user_domain;n=user;s=signature", 0, null);
ResourceContext context = createResourceContext(principal);
// if the MockStatusCheckerNoException is set
// the MockStatusCheckerNoException determines the server is healthy
System.setProperty(ZTSConsts.ZTS_PROP_STATUS_CHECKER_FACTORY_CLASS, MockStatusCheckerNoException.class.getName());
ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
ztsImpl.statusPort = 0;
Status status = ztsImpl.getStatus(context);
assertEquals(ResourceException.OK, status.getCode());
// if the MockStatusCheckerThrowException is set
// the MockStatusCheckerThrowException determines that there is a problem with the server
System.setProperty(ZTSConsts.ZTS_PROP_STATUS_CHECKER_FACTORY_CLASS, MockStatusCheckerThrowException.NoArguments.class.getName());
ztsImpl = new ZTSImpl(mockCloudStore, store);
ztsImpl.statusPort = 0;
try {
ztsImpl.getStatus(context);
fail();
} catch (ResourceException ex) {
int code = com.yahoo.athenz.common.server.rest.ResourceException.INTERNAL_SERVER_ERROR;
String msg = com.yahoo.athenz.common.server.rest.ResourceException.symbolForCode(com.yahoo.athenz.zms.ResourceException.INTERNAL_SERVER_ERROR);
assertEquals(new ResourceError().code(code).message(msg).toString(), ex.getData().toString());
}
System.setProperty(ZTSConsts.ZTS_PROP_STATUS_CHECKER_FACTORY_CLASS, MockStatusCheckerThrowException.NotFound.class.getName());
ztsImpl = new ZTSImpl(mockCloudStore, store);
ztsImpl.statusPort = 0;
try {
ztsImpl.getStatus(context);
fail();
} catch (ResourceException ex) {
int code = com.yahoo.athenz.common.server.rest.ResourceException.NOT_FOUND;
String msg = com.yahoo.athenz.common.server.rest.ResourceException.symbolForCode(com.yahoo.athenz.zms.ResourceException.NOT_FOUND);
assertEquals(new ResourceError().code(code).message(msg).toString(), ex.getData().toString());
}
System.setProperty(ZTSConsts.ZTS_PROP_STATUS_CHECKER_FACTORY_CLASS, MockStatusCheckerThrowException.InternalServerErrorWithMessage.class.getName());
ztsImpl = new ZTSImpl(mockCloudStore, store);
ztsImpl.statusPort = 0;
try {
ztsImpl.getStatus(context);
fail();
} catch (ResourceException ex) {
int code = com.yahoo.athenz.common.server.rest.ResourceException.INTERNAL_SERVER_ERROR;
String msg = "error message";
assertEquals(new ResourceError().code(code).message(msg).toString(), ex.getData().toString());
}
System.setProperty(ZTSConsts.ZTS_PROP_STATUS_CHECKER_FACTORY_CLASS, MockStatusCheckerThrowException.CauseRuntimeException.class.getName());
ztsImpl = new ZTSImpl(mockCloudStore, store);
ztsImpl.statusPort = 0;
try {
ztsImpl.getStatus(context);
fail();
} catch (ResourceException ex) {
int code = com.yahoo.athenz.common.server.rest.ResourceException.INTERNAL_SERVER_ERROR;
String msg = "runtime exception";
assertEquals(new ResourceError().code(code).message(msg).toString(), ex.getData().toString());
}
System.clearProperty(ZTSConsts.ZTS_PROP_STATUS_CHECKER_FACTORY_CLASS);
}
use of com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore in project athenz by yahoo.
the class ZTSImplTest method testLoadMockAuthority.
@Test
public void testLoadMockAuthority() {
ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
DataStore store = new DataStore(structStore, null, ztsMetric);
ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
System.setProperty(ZTSConsts.ZTS_PROP_AUTHORITY_CLASSES, "com.yahoo.athenz.zts.MockAuthority");
System.setProperty(ZTSConsts.ZTS_PROP_USER_AUTHORITY_CLASS, "com.yahoo.athenz.zts.MockAuthority");
ztsImpl.loadAuthorities();
ztsImpl.setAuthorityKeyStore();
assertNotNull(ztsImpl.userAuthority);
assertEquals(ztsImpl.userAuthority, ztsImpl.authorities.getAuthorities().get(0));
System.clearProperty(ZTSConsts.ZTS_PROP_AUTHORITY_CLASSES);
System.clearProperty(ZTSConsts.ZTS_PROP_USER_AUTHORITY_CLASS);
}
use of com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore in project athenz by yahoo.
the class ZTSImplTest method testGetSignedDomainPolicyDataNoChanges.
@Test
public void testGetSignedDomainPolicyDataNoChanges() {
ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
DataStore store = new DataStore(structStore, null, ztsMetric);
ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
ZTSImpl.serverHostName = "localhost";
SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
store.processSignedDomain(signedDomain, false);
Principal principal = SimplePrincipal.create("user_domain", "user", "v=U1;d=user_domain;n=user;s=signature", 0, null);
ResourceContext context = createResourceContext(principal);
Timestamp modified = signedDomain.getDomain().getModified();
EntityTag eTag = new EntityTag(modified.toString());
Response response = ztsImpl.getDomainSignedPolicyData(context, "coretech", eTag.toString());
assertEquals(response.getStatus(), ResourceException.NOT_MODIFIED);
}
Aggregations