Example 1 with DynamicConfigLong
use of com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong in project athenz by yahoo.
the class ZTSImplTest method testGetValidatedX509CertRecordForbidden.
@Test
public void testGetValidatedX509CertRecordForbidden() throws IOException {
ChangeLogStore structStore = new ZMSFileChangeLogStore("/tmp/zts_server_unit_tests/zts_root", privateKey, "0");
DataStore store = new DataStore(structStore, null, ztsMetric);
ZTSImpl ztsImpl = new ZTSImpl(mockCloudStore, store);
SignedDomain providerDomain = signedAuthorizedProviderDomain();
store.processSignedDomain(providerDomain, false);
SignedDomain tenantDomain = signedBootstrapTenantDomain("athenz.provider", "athenz", "production");
store.processSignedDomain(tenantDomain, false);
InstanceCertManager instanceCertManager = Mockito.mock(InstanceCertManager.class);
Mockito.when(instanceCertManager.getX509CertRecord("athenz.provider", "1001", "athenz.production")).thenReturn(null);
Mockito.when(instanceCertManager.insertX509CertRecord(Mockito.any())).thenReturn(false);
ztsImpl.instanceCertManager = instanceCertManager;
Path path = Paths.get("src/test/resources/athenz.instanceid.pem");
String pem = new String(Files.readAllBytes(path));
X509Certificate cert = Crypto.loadX509Certificate(pem);
CertificateAuthority certAuthority = new CertificateAuthority();
SimplePrincipal principal = (SimplePrincipal) SimplePrincipal.create("athenz", "production", "v=S1;d=athenz;n=production;s=signature", 0, certAuthority);
ResourceContext context = createResourceContext(principal);
ztsImpl.x509CertRefreshResetTime = new DynamicConfigLong(cert.getNotBefore().getTime() + 1);
try {
ztsImpl.getValidatedX509CertRecord(context, "athenz.provider", "1001", "athenz.production", cert, "caller", "athenz", "athenz", "localhost");
fail();
} catch (ResourceException ex) {
assertEquals(403, ex.getCode());
}
}
Also used :
Path(java.nio.file.Path)
InstanceCertManager(com.yahoo.athenz.zts.cert.InstanceCertManager)
DynamicConfigLong(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong)
X509Certificate(java.security.cert.X509Certificate)
ZMSFileChangeLogStore(com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore)
ChangeLogStore(com.yahoo.athenz.common.server.store.ChangeLogStore)
MockZMSFileChangeLogStore(com.yahoo.athenz.zts.store.MockZMSFileChangeLogStore)
ZMSFileChangeLogStore(com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore)
MockZMSFileChangeLogStore(com.yahoo.athenz.zts.store.MockZMSFileChangeLogStore)
DataStore(com.yahoo.athenz.zts.store.DataStore)
Test(org.testng.annotations.Test)
Example 2 with DynamicConfigLong
use of com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong in project athenz by yahoo.
the class ZTSImpl method loadConfigurationSettings.
void loadConfigurationSettings() {
// make sure all requests run in secure mode
secureRequestsOnly = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_SECURE_REQUESTS_ONLY, "true"));
// retrieve the regular and status ports
httpPort = ConfigProperties.getPortNumber(ZTSConsts.ZTS_PROP_HTTP_PORT, ZTSConsts.ZTS_HTTP_PORT_DEFAULT);
httpsPort = ConfigProperties.getPortNumber(ZTSConsts.ZTS_PROP_HTTPS_PORT, ZTSConsts.ZTS_HTTPS_PORT_DEFAULT);
statusPort = ConfigProperties.getPortNumber(ZTSConsts.ZTS_PROP_STATUS_PORT, 0);
successServerStatus = new Status().setCode(ResourceException.OK).setMessage("OK");
statusCertSigner = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_STATUS_CERT_SIGNER, "false"));
// check to see if we want to disable allowing clients to ask for role
// tokens without role name thus violating the least privilege principle
leastPrivilegePrincipal = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_LEAST_PRIVILEGE_PRINCIPLE, "false"));
// Default Role Token timeout is 2 hours. If the client asks for role tokens
// with a min expiry time of 1 hour, the setting of 2 hours allows the client
// to at least cache the tokens for 1 hour. We're going to set the ZTS client's
// min default value to 15 mins so that we can by default cache tokens for
// an hour and 45 minutes.
long timeout = TimeUnit.SECONDS.convert(2, TimeUnit.HOURS);
roleTokenDefaultTimeout = Integer.parseInt(System.getProperty(ZTSConsts.ZTS_PROP_ROLE_TOKEN_DEFAULT_TIMEOUT, Long.toString(timeout)));
// Max Timeout - 30 days
timeout = TimeUnit.SECONDS.convert(30, TimeUnit.DAYS);
roleTokenMaxTimeout = Integer.parseInt(System.getProperty(ZTSConsts.ZTS_PROP_ROLE_TOKEN_MAX_TIMEOUT, Long.toString(timeout)));
// default (1hr) and max (12hrs) id token timeouts
timeout = TimeUnit.SECONDS.convert(12, TimeUnit.HOURS);
idTokenMaxTimeout = Integer.parseInt(System.getProperty(ZTSConsts.ZTS_PROP_ID_TOKEN_MAX_TIMEOUT, Long.toString(timeout)));
timeout = TimeUnit.SECONDS.convert(1, TimeUnit.HOURS);
idTokenDefaultTimeout = Integer.parseInt(System.getProperty(ZTSConsts.ZTS_PROP_ID_TOKEN_DEFAULT_TIMEOUT, Long.toString(timeout)));
// signedPolicyTimeout is in milliseconds but the config setting should be in seconds
// to be consistent with other configuration properties
timeout = TimeUnit.SECONDS.convert(7, TimeUnit.DAYS);
signedPolicyTimeout = 1000 * Long.parseLong(System.getProperty(ZTSConsts.ZTS_PROP_SIGNED_POLICY_TIMEOUT, Long.toString(timeout)));
// default token timeout for issued tokens
timeout = TimeUnit.SECONDS.convert(1, TimeUnit.DAYS);
svcTokenTimeout = Integer.parseInt(System.getProperty(ZTSConsts.ZTS_PROP_INSTANCE_NTOKEN_TIMEOUT, Long.toString(timeout)));
// retrieve the list of our authorized proxy users
final String authorizedProxyUserList = System.getProperty(ZTSConsts.ZTS_PROP_AUTHORIZED_PROXY_USERS);
if (authorizedProxyUserList != null) {
authorizedProxyUsers = new HashSet<>(Arrays.asList(authorizedProxyUserList.split(",")));
}
userDomain = System.getProperty(PROP_USER_DOMAIN, ZTSConsts.ATHENZ_USER_DOMAIN);
userDomainPrefix = userDomain + ".";
userDomainAlias = System.getProperty(ZTSConsts.ZTS_PROP_USER_DOMAIN_ALIAS);
if (userDomainAlias != null) {
userDomainAliasPrefix = userDomainAlias + ".";
}
// get the list of uris that we want to allow an-authenticated access
final String uriList = System.getProperty(ZTSConsts.ZTS_PROP_NOAUTH_URI_LIST);
if (uriList != null) {
authFreeUriSet = new HashSet<>();
authFreeUriList = new ArrayList<>();
String[] list = uriList.split(",");
for (String uri : list) {
if (uri.indexOf('+') != -1) {
authFreeUriList.add(Pattern.compile(uri));
} else {
authFreeUriSet.add(uri);
}
}
}
// check to see if we need to include the complete role token flag
includeRoleCompleteFlag = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_ROLE_COMPLETE_FLAG, "true"));
// check if we need to run in maintenance read only mode
readOnlyMode = new DynamicConfigBoolean(CONFIG_MANAGER, ZTSConsts.ZTS_PROP_READ_ONLY_MODE, false);
// configure if we should verify the IP address that's included
// in the certificate request
verifyCertRequestIP = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_CERT_REQUEST_VERIFY_IP, "false"));
// configure if we should validate subject ou fields to match
// provider names
verifyCertSubjectOU = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_CERT_REQUEST_VERIFY_SUBJECT_OU, "false"));
// x509 certificate issue reset time if configured
x509CertRefreshResetTime = new DynamicConfigLong(CONFIG_MANAGER, ZTSConsts.ZTS_PROP_CERT_REFRESH_RESET_TIME, 0L);
// list of valid O and OU values for any certificate request
final String validCertSubjectOrgValueList = System.getProperty(ZTSConsts.ZTS_PROP_CERT_ALLOWED_O_VALUES);
if (validCertSubjectOrgValueList != null) {
validCertSubjectOrgValues = new HashSet<>(Arrays.asList(validCertSubjectOrgValueList.split("\\|")));
}
final String validCertSubjectOrgUnitValueList = System.getProperty(ZTSConsts.ZTS_PROP_CERT_ALLOWED_OU_VALUES);
if (validCertSubjectOrgUnitValueList != null) {
validCertSubjectOrgUnitValues = new HashSet<>(Arrays.asList(validCertSubjectOrgUnitValueList.split("\\|")));
}
// retrieve our oauth settings
ztsOAuthIssuer = System.getProperty(ZTSConsts.ZTS_PROP_OAUTH_ISSUER, serverHostName);
ztsOpenIDIssuer = System.getProperty(ZTSConsts.ZTS_PROP_OPENID_ISSUER, ztsOAuthIssuer);
// set up our health check file
final String healthCheckPath = System.getProperty(ZTSConsts.ZTS_PROP_HEALTH_CHECK_PATH);
if (!StringUtil.isEmpty(healthCheckPath)) {
healthCheckFile = new File(healthCheckPath);
}
// get server region
serverRegion = System.getProperty(ZTSConsts.ZTS_PROP_SERVER_REGION);
// list of domains to be skipped when validating services for instance
// register/refresh operations since the services in these domains are
// dynamic - e.g. screwdriver projects
final String skipDomains = System.getProperty(ZTSConsts.ZTS_PROP_VALIDATE_SERVICE_SKIP_DOMAINS, "");
validateServiceSkipDomains = new HashSet<>(Arrays.asList(skipDomains.split(",")));
validateInstanceServiceIdentity = new DynamicConfigBoolean(CONFIG_MANAGER, ZTSConsts.ZTS_PROP_VALIDATE_SERVICE_IDENTITY, true);
// configured max length for authz details claims
maxAuthzDetailsLength = Integer.parseInt(System.getProperty(ZTSConsts.ZTS_PROP_MAX_AUTHZ_DETAILS_LENGTH, "1024"));
// if workloads store should be populated based on IPs from CSR
enableWorkloadStore = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_WORKLOAD_ENABLE_STORE_FEATURE, "false"));
}
Also used :
DynamicConfigLong(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong)
ConfigProviderFile(com.yahoo.athenz.common.server.util.config.providers.ConfigProviderFile)
File(java.io.File)
DynamicConfigBoolean(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigBoolean)
Example 3 with DynamicConfigLong
use of com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong in project athenz by yahoo.
the class InstanceAWSECSProvider method initialize.
@Override
public void initialize(String provider, String providerEndpoint, SSLContext sslcontext, KeyStore keyStore) {
super.initialize(provider, providerEndpoint, sslcontext, keyStore);
// for ECS support, we're not going to enforce the
// boot time since we don't know when the container
// was started and temporary aws iam assume role
// validation is sufficient
bootTimeOffsetSeconds = new DynamicConfigLong(0L);
// our ECS provider must validate refresh requests
supportRefresh = true;
}
Also used :
DynamicConfigLong(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong)
Example 4 with DynamicConfigLong
use of com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong in project athenz by yahoo.
the class InstanceAWSProvider method initialize.
@Override
public void initialize(String provider, String providerEndpoint, SSLContext sslContext, KeyStore keyStore) {
String awsCertFileName = System.getProperty(AWS_PROP_PUBLIC_CERT, "");
if (!awsCertFileName.isEmpty()) {
File awsCertFile = new File(awsCertFileName);
X509Certificate awsCert = Crypto.loadX509Certificate(awsCertFile);
awsPublicKey = awsCert.getPublicKey();
}
if (awsPublicKey == null) {
LOGGER.error("AWS Public Key not specified - no instance requests will be authorized");
}
// how long the instance must be booted in the past before we
// stop validating the instance requests
long timeout = TimeUnit.SECONDS.convert(5, TimeUnit.MINUTES);
bootTimeOffsetSeconds = new DynamicConfigLong(CONFIG_MANAGER, AWS_PROP_BOOT_TIME_OFFSET, timeout);
// determine the dns suffix. if this is not specified we'll
// be rejecting all entries
dnsSuffixes = new HashSet<>();
final String dnsSuffix = System.getProperty(AWS_PROP_DNS_SUFFIX);
if (StringUtil.isEmpty(dnsSuffix)) {
LOGGER.error("AWS DNS Suffix not specified - no instance requests will be authorized");
} else {
dnsSuffixes.addAll(Arrays.asList(dnsSuffix.split(",")));
}
// default certificate expiry for requests without instance
// identity document
int certValidityDays = Integer.parseInt(System.getProperty(AWS_PROP_CERT_VALIDITY_STS_ONLY, "7"));
certValidityTime = TimeUnit.MINUTES.convert(certValidityDays, TimeUnit.DAYS);
// get the aws region
awsRegion = System.getProperty(AWS_PROP_REGION_NAME);
}
Also used :
DynamicConfigLong(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong)
File(java.io.File)
X509Certificate(java.security.cert.X509Certificate)
Example 5 with DynamicConfigLong
use of com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong in project athenz by yahoo.
the class DynamicConfigTest method testStatic.
@Test
public void testStatic() throws IOException {
File configFile = File.createTempFile("ConfigProviderFileTest.testStatic", ".conf");
writeFile(configFile, "" + "string-key-ok: string-value\n" + "\n" + "int-key-ok: 100\n" + "int-key-too-big: 10000000000\n" + "int-key-invalid-1: x100\n" + "int-key-invalid-2: 100x\n" + "\n" + "long-key-ok: 100\n" + "long-key-too-big: 100000000000000000000\n" + "long-key-invalid-1: x100\n" + "long-key-invalid-2: 100x\n" + "\n" + "float-key-ok-1: 100\n" + "float-key-ok-2: 12.34\n" + "float-key-invalid-1: x100\n" + "float-key-invalid-2: 100x\n" + "\n" + "double-key-ok-1: 100\n" + "double-key-ok-2: 12.34\n" + "double-key-invalid-1: x100\n" + "double-key-invalid-2: 100x\n" + "\n" + "boolean-key-true: true\n" + "boolean-key-yes: yes\n" + "boolean-key-on: on\n" + "boolean-key-false: false\n" + "boolean-key-no: no\n" + "boolean-key-off: off\n" + "boolean-key-invalid: hmm...\n" + "\n" + "duration-key-reload: 10\n" + "duration-key-short: 100\n" + "duration-key-long: 100000\n" + "duration-key-too-big: 100000000000000000000\n" + "duration-key-invalid-1: x100\n" + "duration-key-invalid-2: 100x\n" + "\n" + "csv-key-ok: aaa,111,1234567890123456789,12.34,bbb\n");
try (ConfigManager configManager = new ConfigManager("duration-key-reload", 10, TimeUnit.MILLISECONDS).addProvider(new ConfigProviderFile()).addConfigSource("prop-file://" + configFile)) {
DynamicConfigString dynamicConfigStringOk = new DynamicConfigString(configManager, "string-key-ok", "default-value");
DynamicConfigString dynamicConfigStringMissing = new DynamicConfigString(configManager, "string-key-missing", "default-value");
DynamicConfigString dynamicConfigStringFixed = new DynamicConfigString("default-value");
DynamicConfigInteger dynamicConfigIntegerOk = new DynamicConfigInteger(configManager, "int-key-ok", 123456, 10, 1000);
DynamicConfigInteger dynamicConfigIntegerOverflow = new DynamicConfigInteger(configManager, "int-key-ok", 123456, 0, 10);
DynamicConfigInteger dynamicConfigIntegerUnderflow = new DynamicConfigInteger(configManager, "int-key-ok", 123456, 1000, 10000);
DynamicConfigInteger dynamicConfigIntegerTooBig = new DynamicConfigInteger(configManager, "int-key-too-big", 123456);
DynamicConfigInteger dynamicConfigIntegerInvalid1 = new DynamicConfigInteger(configManager, "int-key-invalid-1", 123456);
DynamicConfigInteger dynamicConfigIntegerInvalid2 = new DynamicConfigInteger(configManager, "int-key-invalid-2", 123456);
DynamicConfigInteger dynamicConfigIntegerMissing = new DynamicConfigInteger(configManager, "int-key-missing", 123456);
DynamicConfigInteger dynamicConfigIntegerFixed = new DynamicConfigInteger(123456);
DynamicConfigLong dynamicConfigLongOk = new DynamicConfigLong(configManager, "long-key-ok", 123456L, 10L, 1000L);
DynamicConfigLong dynamicConfigLongOverflow = new DynamicConfigLong(configManager, "long-key-ok", 123456L, 0L, 10L);
DynamicConfigLong dynamicConfigLongUnderflow = new DynamicConfigLong(configManager, "long-key-ok", 123456L, 1000L, 10000L);
DynamicConfigLong dynamicConfigLongTooBig = new DynamicConfigLong(configManager, "long-key-too-big", 123456L);
DynamicConfigLong dynamicConfigLongInvalid1 = new DynamicConfigLong(configManager, "long-key-invalid-1", 123456L);
DynamicConfigLong dynamicConfigLongInvalid2 = new DynamicConfigLong(configManager, "long-key-invalid-2", 123456L);
DynamicConfigLong dynamicConfigLongMissing = new DynamicConfigLong(configManager, "long-key-missing", 123456L);
DynamicConfigLong dynamicConfigLongFixed = new DynamicConfigLong(123456L);
DynamicConfigFloat dynamicConfigFloatOk1 = new DynamicConfigFloat(configManager, "float-key-ok-1", 1.23F, 10F, 1000F);
DynamicConfigFloat dynamicConfigFloatOk2 = new DynamicConfigFloat(configManager, "float-key-ok-2", 1.23F);
DynamicConfigFloat dynamicConfigFloatOverflow = new DynamicConfigFloat(configManager, "float-key-ok-1", 1.23F, 0F, 10F);
DynamicConfigFloat dynamicConfigFloatUnderflow = new DynamicConfigFloat(configManager, "float-key-ok-1", 1.23F, 1000F, 10000F);
DynamicConfigFloat dynamicConfigFloatInvalid1 = new DynamicConfigFloat(configManager, "float-key-invalid-1", 1.23F);
DynamicConfigFloat dynamicConfigFloatInvalid2 = new DynamicConfigFloat(configManager, "float-key-invalid-2", 1.23F);
DynamicConfigFloat dynamicConfigFloatMissing = new DynamicConfigFloat(configManager, "float-key-missing", 1.23F);
DynamicConfigFloat dynamicConfigFloatFixed = new DynamicConfigFloat(1.23F);
DynamicConfigDouble dynamicConfigDoubleOk1 = new DynamicConfigDouble(configManager, "double-key-ok-1", 123.456, 10.0, 1000.0);
DynamicConfigDouble dynamicConfigDoubleOk2 = new DynamicConfigDouble(configManager, "double-key-ok-2", 123.456);
DynamicConfigDouble dynamicConfigDoubleOverflow = new DynamicConfigDouble(configManager, "double-key-ok-1", 123.456, 0.0, 10.0);
DynamicConfigDouble dynamicConfigDoubleUnderflow = new DynamicConfigDouble(configManager, "double-key-ok-1", 123.456, 1000.0, 10000.0);
DynamicConfigDouble dynamicConfigDoubleInvalid1 = new DynamicConfigDouble(configManager, "double-key-invalid-1", 123.456);
DynamicConfigDouble dynamicConfigDoubleInvalid2 = new DynamicConfigDouble(configManager, "double-key-invalid-2", 123.456);
DynamicConfigDouble dynamicConfigDoubleMissing = new DynamicConfigDouble(configManager, "double-key-missing", 123.456);
DynamicConfigDouble dynamicConfigDoubleFixed = new DynamicConfigDouble(123.456);
DynamicConfigBoolean dynamicConfigBooleanTrueTrue = new DynamicConfigBoolean(configManager, "boolean-key-true", true);
DynamicConfigBoolean dynamicConfigBooleanTrueYes = new DynamicConfigBoolean(configManager, "boolean-key-yes", true);
DynamicConfigBoolean dynamicConfigBooleanTrueOn = new DynamicConfigBoolean(configManager, "boolean-key-on", true);
DynamicConfigBoolean dynamicConfigBooleanTrueFalse = new DynamicConfigBoolean(configManager, "boolean-key-false", true);
DynamicConfigBoolean dynamicConfigBooleanTrueNo = new DynamicConfigBoolean(configManager, "boolean-key-no", true);
DynamicConfigBoolean dynamicConfigBooleanTrueOff = new DynamicConfigBoolean(configManager, "boolean-key-off", true);
DynamicConfigBoolean dynamicConfigBooleanTrueInvalid = new DynamicConfigBoolean(configManager, "boolean-key-invalid", true);
DynamicConfigBoolean dynamicConfigBooleanTrueMissing = new DynamicConfigBoolean(configManager, "boolean-key-missing", true);
DynamicConfigBoolean dynamicConfigBooleanTrueFixed = new DynamicConfigBoolean(true);
DynamicConfigBoolean dynamicConfigBooleanFalseTrue = new DynamicConfigBoolean(configManager, "boolean-key-true", false);
DynamicConfigBoolean dynamicConfigBooleanFalseYes = new DynamicConfigBoolean(configManager, "boolean-key-yes", false);
DynamicConfigBoolean dynamicConfigBooleanFalseOn = new DynamicConfigBoolean(configManager, "boolean-key-on", false);
DynamicConfigBoolean dynamicConfigBooleanFalseFalse = new DynamicConfigBoolean(configManager, "boolean-key-false", false);
DynamicConfigBoolean dynamicConfigBooleanFalseNo = new DynamicConfigBoolean(configManager, "boolean-key-no", false);
DynamicConfigBoolean dynamicConfigBooleanFalseOff = new DynamicConfigBoolean(configManager, "boolean-key-off", false);
DynamicConfigBoolean dynamicConfigBooleanFalseInvalid = new DynamicConfigBoolean(configManager, "boolean-key-invalid", false);
DynamicConfigBoolean dynamicConfigBooleanFalseMissing = new DynamicConfigBoolean(configManager, "boolean-key-missing", false);
DynamicConfigBoolean dynamicConfigBooleanFalseFixed = new DynamicConfigBoolean(false);
DynamicConfigDuration dynamicConfigDurationShort = new DynamicConfigDuration(configManager, "duration-key-short", 123456, TimeUnit.SECONDS);
DynamicConfigDuration dynamicConfigDurationLong = new DynamicConfigDuration(configManager, "duration-key-long", 123456, TimeUnit.SECONDS);
DynamicConfigDuration dynamicConfigDurationTooBig = new DynamicConfigDuration(configManager, "duration-key-too-big", 123456, TimeUnit.SECONDS);
DynamicConfigDuration dynamicConfigDurationInvalid1 = new DynamicConfigDuration(configManager, "duration-key-invalid-1", 123456, TimeUnit.SECONDS);
DynamicConfigDuration dynamicConfigDurationInvalid2 = new DynamicConfigDuration(configManager, "duration-key-invalid-2", 123456, TimeUnit.SECONDS);
DynamicConfigDuration dynamicConfigDurationMissing = new DynamicConfigDuration(configManager, "duration-key-missing", 123456, TimeUnit.SECONDS);
DynamicConfigDuration dynamicConfigDurationFixed = new DynamicConfigDuration(123456, TimeUnit.SECONDS);
DynamicConfigCsv dynamicConfigCsvOk = new DynamicConfigCsv(configManager, "csv-key-ok", "default-value-a,default-value-b");
DynamicConfigCsv dynamicConfigCsvMissing = new DynamicConfigCsv(configManager, "csv-key-missing", "default-value-a,default-value-b");
DynamicConfigCsv dynamicConfigCsvFixed = new DynamicConfigCsv("fixed-value-a,fixed-value-b");
assertEquals("string-value", dynamicConfigStringOk.toString());
assertEquals("string-value", dynamicConfigStringOk.get());
assertEquals("default-value", dynamicConfigStringMissing.get());
assertEquals("default-value", dynamicConfigStringFixed.get());
assertEquals("100", dynamicConfigIntegerOk.toString());
assertEquals(Integer.valueOf(100), dynamicConfigIntegerOk.get());
assertEquals(Integer.valueOf(123456), dynamicConfigIntegerOverflow.get());
assertEquals(Integer.valueOf(123456), dynamicConfigIntegerUnderflow.get());
assertEquals(Integer.valueOf(123456), dynamicConfigIntegerTooBig.get());
assertEquals(Integer.valueOf(123456), dynamicConfigIntegerInvalid1.get());
assertEquals(Integer.valueOf(123456), dynamicConfigIntegerInvalid2.get());
assertEquals(Integer.valueOf(123456), dynamicConfigIntegerMissing.get());
assertEquals(Integer.valueOf(123456), dynamicConfigIntegerFixed.get());
assertEquals("100", dynamicConfigLongOk.toString());
assertEquals(Long.valueOf(100L), dynamicConfigLongOk.get());
assertEquals(Long.valueOf(123456L), dynamicConfigLongOverflow.get());
assertEquals(Long.valueOf(123456L), dynamicConfigLongUnderflow.get());
assertEquals(Long.valueOf(123456L), dynamicConfigLongTooBig.get());
assertEquals(Long.valueOf(123456L), dynamicConfigLongInvalid1.get());
assertEquals(Long.valueOf(123456L), dynamicConfigLongInvalid2.get());
assertEquals(Long.valueOf(123456L), dynamicConfigLongMissing.get());
assertEquals(Long.valueOf(123456L), dynamicConfigLongFixed.get());
assertEquals("12.34", dynamicConfigFloatOk2.toString());
assertEquals(Float.valueOf(100F), dynamicConfigFloatOk1.get());
assertEquals(Float.valueOf(12.34F), dynamicConfigFloatOk2.get());
assertEquals(Float.valueOf(1.23F), dynamicConfigFloatOverflow.get());
assertEquals(Float.valueOf(1.23F), dynamicConfigFloatUnderflow.get());
assertEquals(Float.valueOf(1.23F), dynamicConfigFloatInvalid1.get());
assertEquals(Float.valueOf(1.23F), dynamicConfigFloatInvalid2.get());
assertEquals(Float.valueOf(1.23F), dynamicConfigFloatMissing.get());
assertEquals(Float.valueOf(1.23F), dynamicConfigFloatFixed.get());
assertEquals("12.34", dynamicConfigDoubleOk2.toString());
assertEquals(Double.valueOf(100.0), dynamicConfigDoubleOk1.get());
assertEquals(Double.valueOf(12.34), dynamicConfigDoubleOk2.get());
assertEquals(Double.valueOf(123.456), dynamicConfigDoubleOverflow.get());
assertEquals(Double.valueOf(123.456), dynamicConfigDoubleUnderflow.get());
assertEquals(Double.valueOf(123.456), dynamicConfigDoubleInvalid1.get());
assertEquals(Double.valueOf(123.456), dynamicConfigDoubleInvalid2.get());
assertEquals(Double.valueOf(123.456), dynamicConfigDoubleMissing.get());
assertEquals(Double.valueOf(123.456), dynamicConfigDoubleFixed.get());
assertEquals("true", dynamicConfigBooleanTrueTrue.toString());
assertEquals(Boolean.TRUE, dynamicConfigBooleanTrueTrue.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanTrueYes.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanTrueOn.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanTrueFalse.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanTrueNo.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanTrueOff.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanTrueInvalid.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanTrueMissing.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanTrueFixed.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanFalseTrue.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanFalseYes.get());
assertEquals(Boolean.TRUE, dynamicConfigBooleanFalseOn.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanFalseFalse.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanFalseNo.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanFalseOff.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanFalseInvalid.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanFalseMissing.get());
assertEquals(Boolean.FALSE, dynamicConfigBooleanFalseFixed.get());
assertEquals(100_000L, dynamicConfigDurationShort.getMilliseconds());
assertEquals(100000_000L, dynamicConfigDurationLong.getMilliseconds());
assertEquals(123456_000L, dynamicConfigDurationTooBig.getMilliseconds());
assertEquals(123456_000L, dynamicConfigDurationInvalid1.getMilliseconds());
assertEquals(123456_000L, dynamicConfigDurationInvalid2.getMilliseconds());
assertEquals(123456_000L, dynamicConfigDurationMissing.getMilliseconds());
assertEquals(123456_000L, dynamicConfigDurationFixed.getMilliseconds());
assertEquals("[\"aaa\",\"111\",\"1234567890123456789\",\"12.34\",\"bbb\"]", Utils.jsonSerializeForLog(dynamicConfigCsvOk.getStringsList()));
assertEquals("[111.0,1.23456789012345677E18,12.34]", Utils.jsonSerializeForLog(dynamicConfigCsvOk.getDoublesList()));
assertEquals("[111.0,1.23456794E18,12.34]", Utils.jsonSerializeForLog(dynamicConfigCsvOk.getFloatsList()));
assertEquals("[111,1234567890123456789]", Utils.jsonSerializeForLog(dynamicConfigCsvOk.getLongsList()));
assertEquals("[111]", Utils.jsonSerializeForLog(dynamicConfigCsvOk.getIntegersList()));
assertEquals("[\"default-value-a\",\"default-value-b\"]", Utils.jsonSerializeForLog(dynamicConfigCsvMissing.getStringsList()));
assertEquals("[\"fixed-value-a\",\"fixed-value-b\"]", Utils.jsonSerializeForLog(dynamicConfigCsvFixed.getStringsList()));
assertTrue(dynamicConfigCsvOk.hasItem("aaa"));
assertFalse(dynamicConfigCsvOk.hasItem("ccc"));
assertTrue(dynamicConfigCsvOk.hasItem(12.34));
assertFalse(dynamicConfigCsvOk.hasItem(23.45));
assertTrue(dynamicConfigCsvOk.hasItem(12.34f));
assertFalse(dynamicConfigCsvOk.hasItem(23.45f));
assertTrue(dynamicConfigCsvOk.hasItem(1234567890123456789L));
assertFalse(dynamicConfigCsvOk.hasItem(222L));
assertTrue(dynamicConfigCsvOk.hasItem(111));
assertFalse(dynamicConfigCsvOk.hasItem(222));
}
@SuppressWarnings("unused") boolean deleted = configFile.delete();
}
Also used :
DynamicConfigDuration(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigDuration)
ConfigProviderFile(com.yahoo.athenz.common.server.util.config.providers.ConfigProviderFile)
DynamicConfigLong(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong)
DynamicConfigString(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigString)
DynamicConfigDouble(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigDouble)
DynamicConfigBoolean(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigBoolean)
DynamicConfigFloat(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigFloat)
DynamicConfigCsv(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigCsv)
ConfigProviderFile(com.yahoo.athenz.common.server.util.config.providers.ConfigProviderFile)
File(java.io.File)
DynamicConfigInteger(com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigInteger)
Test(org.testng.annotations.Test)
Aggregations
DynamicConfigLong (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigLong)7
X509Certificate (java.security.cert.X509Certificate)4
Test (org.testng.annotations.Test)4
ChangeLogStore (com.yahoo.athenz.common.server.store.ChangeLogStore)3
ZMSFileChangeLogStore (com.yahoo.athenz.common.server.store.impl.ZMSFileChangeLogStore)3
InstanceCertManager (com.yahoo.athenz.zts.cert.InstanceCertManager)3
DataStore (com.yahoo.athenz.zts.store.DataStore)3
MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.MockZMSFileChangeLogStore)3
File (java.io.File)3
Path (java.nio.file.Path)3
X509CertRecord (com.yahoo.athenz.common.server.cert.X509CertRecord)2
DynamicConfigBoolean (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigBoolean)2
ConfigProviderFile (com.yahoo.athenz.common.server.util.config.providers.ConfigProviderFile)2
DynamicConfigCsv (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigCsv)1
DynamicConfigDouble (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigDouble)1
DynamicConfigDuration (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigDuration)1
DynamicConfigFloat (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigFloat)1
DynamicConfigInteger (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigInteger)1
DynamicConfigString (com.yahoo.athenz.common.server.util.config.dynamic.DynamicConfigString)1
InstanceConfirmation (com.yahoo.athenz.instance.provider.InstanceConfirmation)1
