Example 1 with ZMSClient
use of com.yahoo.athenz.zms.ZMSClient in project athenz by yahoo.
the class ZMSFileChangeLogStoreTest method getSignedDomainListOneBadDomain.
@Test
public void getSignedDomainListOneBadDomain() {
ZMSFileChangeLogStore fstore = new ZMSFileChangeLogStore(FSTORE_PATH, null, null);
ZMSClient zmsClient = Mockito.mock(ZMSClient.class);
DomainData domData1 = new DomainData().setName("athenz");
SignedDomain domain1 = new SignedDomain().setDomain(domData1);
DomainData domData2 = new DomainData().setName("sports");
SignedDomain domain2 = new SignedDomain().setDomain(domData2);
List<SignedDomain> domains = new ArrayList<>();
domains.add(domain1);
domains.add(domain2);
SignedDomains domainList = new SignedDomains().setDomains(domains);
List<SignedDomain> mockDomains = new ArrayList<>();
mockDomains.add(domain1);
SignedDomains mockDomainList = new SignedDomains().setDomains(mockDomains);
Mockito.when(zmsClient.getSignedDomains("athenz", null, null, null)).thenReturn(mockDomainList);
Mockito.when(zmsClient.getSignedDomains("sports", null, null, null)).thenReturn(null);
List<SignedDomain> returnList = fstore.getSignedDomainList(zmsClient, domainList);
assertEquals(returnList.size(), 1);
assertEquals(returnList.get(0).getDomain().getName(), "athenz");
}
Also used :
ZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)
DomainData(com.yahoo.athenz.zms.DomainData)
SignedDomain(com.yahoo.athenz.zms.SignedDomain)
ArrayList(java.util.ArrayList)
SignedDomains(com.yahoo.athenz.zms.SignedDomains)
ZMSClient(com.yahoo.athenz.zms.ZMSClient)
Test(org.testng.annotations.Test)
Example 2 with ZMSClient
use of com.yahoo.athenz.zms.ZMSClient in project athenz by yahoo.
the class ZMSFileChangeLogStore method getUpdatedSignedDomains.
@Override
public SignedDomains getUpdatedSignedDomains(StringBuilder lastModTimeBuffer) {
try (ZMSClient zmsClient = getZMSClient()) {
// request all the changes from ZMS. In this call we're asking for
// meta data only so we'll only get the list of domains
Map<String, List<String>> responseHeaders = new HashMap<String, List<String>>();
SignedDomains domainList = zmsClient.getSignedDomains(null, VALUE_TRUE, lastModTime, responseHeaders);
// retrieve the tag value for the request
String newLastModTime = retrieveTagHeader(responseHeaders);
if (newLastModTime == null) {
return null;
}
// set the last modification time to be returned to the caller
lastModTimeBuffer.setLength(0);
lastModTimeBuffer.append(newLastModTime);
if (domainList == null || domainList.getDomains() == null) {
return null;
}
if (LOGGER.isInfoEnabled()) {
LOGGER.info("getUpdatedSignedDomains: {} updated domains", domainList.getDomains().size());
}
List<SignedDomain> domains = getSignedDomainList(zmsClient, domainList);
return new SignedDomains().setDomains(domains);
} catch (ZMSClientException ex) {
LOGGER.error("Error when refreshing data from ZMS: {}", ex.getMessage());
return null;
}
}
Also used :
HashMap(java.util.HashMap)
SignedDomain(com.yahoo.athenz.zms.SignedDomain)
ArrayList(java.util.ArrayList)
List(java.util.List)
SignedDomains(com.yahoo.athenz.zms.SignedDomains)
ZMSClient(com.yahoo.athenz.zms.ZMSClient)
ZMSClientException(com.yahoo.athenz.zms.ZMSClientException)
Example 3 with ZMSClient
use of com.yahoo.athenz.zms.ZMSClient in project athenz by yahoo.
the class ZMSTLSClient method main.
public static void main(String[] args) {
// parse our command line to retrieve required input
CommandLine cmd = parseCommandLine(args);
final String resource = cmd.getOptionValue("resource").toLowerCase();
final String action = cmd.getOptionValue("action").toLowerCase();
final String principal = cmd.getOptionValue("principal").toLowerCase();
final String zmsUrl = cmd.getOptionValue("zmsurl");
final String keyPath = cmd.getOptionValue("key");
final String certPath = cmd.getOptionValue("cert");
final String trustStorePath = cmd.getOptionValue("trustStorePath");
final String trustStorePassword = cmd.getOptionValue("trustStorePassword");
try {
KeyRefresher keyRefresher = Utils.generateKeyRefresher(trustStorePath, trustStorePassword, certPath, keyPath);
SSLContext sslContext = Utils.buildSSLContext(keyRefresher.getKeyManagerProxy(), keyRefresher.getTrustManagerProxy());
try (ZMSClient zmsClient = new ZMSClient(zmsUrl, sslContext)) {
try {
Access access = zmsClient.getAccess(action, resource, null, principal);
System.out.println("Access: " + access.getGranted());
} catch (ZMSClientException ex) {
System.out.println("Unable to carry out access check: " + ex.getMessage());
System.exit(2);
}
}
} catch (Exception ex) {
System.out.println("Exception: " + ex.getMessage());
ex.printStackTrace();
System.exit(1);
}
}
Also used :
CommandLine(org.apache.commons.cli.CommandLine)
Access(com.yahoo.athenz.zms.Access)
SSLContext(javax.net.ssl.SSLContext)
ZMSClient(com.yahoo.athenz.zms.ZMSClient)
KeyRefresher(com.oath.auth.KeyRefresher)
ZMSClientException(com.yahoo.athenz.zms.ZMSClientException)
ParseException(org.apache.commons.cli.ParseException)
ZMSClientException(com.yahoo.athenz.zms.ZMSClientException)
Example 4 with ZMSClient
use of com.yahoo.athenz.zms.ZMSClient in project athenz by yahoo.
the class ZMSFileChangeLogStore method getZMSClient.
ZMSClient getZMSClient() {
PrincipalToken token = new PrincipalToken.Builder("S1", ZTSConsts.ATHENZ_SYS_DOMAIN, ZTSConsts.ZTS_SERVICE).expirationWindow(24 * 60 * 60L).keyId(privateKeyId).build();
token.sign(privateKey);
Principal principal = SimplePrincipal.create(ZTSConsts.ATHENZ_SYS_DOMAIN, ZTSConsts.ZTS_SERVICE, token.getSignedToken(), authority);
ZMSClient zmsClient = new ZMSClient(zmsUrl);
zmsClient.addCredentials(principal);
return zmsClient;
}
Also used :
PrincipalToken(com.yahoo.athenz.auth.token.PrincipalToken)
ZMSClient(com.yahoo.athenz.zms.ZMSClient)
SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal)
Principal(com.yahoo.athenz.auth.Principal)
Example 5 with ZMSClient
use of com.yahoo.athenz.zms.ZMSClient in project athenz by yahoo.
the class ZMSFileChangeLogStoreTest method getSignedDomainList.
@Test
public void getSignedDomainList() {
ZMSFileChangeLogStore fstore = new ZMSFileChangeLogStore(FSTORE_PATH, null, null);
ZMSClient zmsClient = Mockito.mock(ZMSClient.class);
List<SignedDomain> domains = new ArrayList<>();
DomainData domData = new DomainData().setName("athenz");
SignedDomain domain = new SignedDomain().setDomain(domData);
domains.add(domain);
SignedDomains domainList = new SignedDomains().setDomains(domains);
Mockito.when(zmsClient.getSignedDomains("athenz", null, null, null)).thenReturn(domainList);
List<SignedDomain> returnList = fstore.getSignedDomainList(zmsClient, domainList);
assertEquals(returnList.size(), 1);
assertEquals(returnList.get(0).getDomain().getName(), "athenz");
}
Also used :
ZMSFileChangeLogStore(com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)
SignedDomain(com.yahoo.athenz.zms.SignedDomain)
ArrayList(java.util.ArrayList)
DomainData(com.yahoo.athenz.zms.DomainData)
SignedDomains(com.yahoo.athenz.zms.SignedDomains)
ZMSClient(com.yahoo.athenz.zms.ZMSClient)
Test(org.testng.annotations.Test)
Aggregations
ZMSClient (com.yahoo.athenz.zms.ZMSClient)6
SignedDomain (com.yahoo.athenz.zms.SignedDomain)3
SignedDomains (com.yahoo.athenz.zms.SignedDomains)3
ArrayList (java.util.ArrayList)3
Principal (com.yahoo.athenz.auth.Principal)2
SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)2
PrincipalToken (com.yahoo.athenz.auth.token.PrincipalToken)2
DomainData (com.yahoo.athenz.zms.DomainData)2
ZMSClientException (com.yahoo.athenz.zms.ZMSClientException)2
ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)2
Test (org.testng.annotations.Test)2
KeyRefresher (com.oath.auth.KeyRefresher)1
Access (com.yahoo.athenz.zms.Access)1
AthenzConfig (com.yahoo.vespa.hosted.controller.athenz.config.AthenzConfig)1
HashMap (java.util.HashMap)1
List (java.util.List)1
SSLContext (javax.net.ssl.SSLContext)1
CommandLine (org.apache.commons.cli.CommandLine)1
ParseException (org.apache.commons.cli.ParseException)1
