Examples with AccessCheckStatus com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus used on opensource projects

Search in sources :

Example 1 with AccessCheckStatus

use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.

the class TestAuthZpe method testAllowAccessMatchRegexInvalidRange2.

@Test
public void testAllowAccessMatchRegexInvalidRange2() {
    String action = "full_regex";
    String resource = "angler:coreb";
    StringBuilder roleName = new StringBuilder();
    AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerRegex, resource, action, roleName);
    Assert.assertEquals(status, AccessCheckStatus.DENY_NO_MATCH);
}
Also used : AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus) Test(org.testng.annotations.Test)

Example 2 with AccessCheckStatus

use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.

the class TestAuthZpe method testPublicReadDomainNotFound.

@Test
public void testPublicReadDomainNotFound() {
    String action = "read";
    String angResource = "CoreTech:stuff";
    AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0CoreTechPublic.getSignedToken(), angResource, action);
    Assert.assertEquals(status, AccessCheckStatus.DENY_DOMAIN_NOT_FOUND);
    // multi tokens test
    List<String> tokenList = new ArrayList<>();
    tokenList.add(rToken0AnglerPublic.getSignedToken());
    tokenList.add(rToken0CoreTechPublic.getSignedToken());
    StringBuilder roleName = new StringBuilder();
    status = AuthZpeClient.allowAccess(tokenList, angResource, action, roleName);
    Assert.assertEquals(status, AccessCheckStatus.DENY_DOMAIN_NOT_FOUND);
    Assert.assertEquals(roleName.toString(), "");
}
Also used : AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus) Test(org.testng.annotations.Test)

Example 3 with AccessCheckStatus

use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.

the class TestAuthZpe method testAllowAccessMatchRegexInvalidOr1.

@Test
public void testAllowAccessMatchRegexInvalidOr1() {
    String action = "full_regex";
    String resource = "angler:coretech";
    StringBuilder roleName = new StringBuilder();
    AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerRegex, resource, action, roleName);
    Assert.assertEquals(status, AccessCheckStatus.DENY_NO_MATCH);
}
Also used : AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus) Test(org.testng.annotations.Test)

Example 4 with AccessCheckStatus

use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.

the class TestAuthZpe method testAllowAccessMatchRegexInvalidOr2.

@Test
public void testAllowAccessMatchRegexInvalidOr2() {
    String action = "full_regex";
    String resource = "angler:corecommit";
    StringBuilder roleName = new StringBuilder();
    AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerRegex, resource, action, roleName);
    Assert.assertEquals(status, AccessCheckStatus.DENY_NO_MATCH);
}
Also used : AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus) Test(org.testng.annotations.Test)

Example 5 with AccessCheckStatus

use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.

the class TestAuthZpe method testPublicReadExpiredRoleToken.

@Test
public void testPublicReadExpiredRoleToken() {
    String action = "read";
    String angResource = "angler:stuff";
    try {
        Thread.sleep(3000);
    } catch (Exception ignored) {
    }
    // the roletoken validate return false regardless if the token is
    // invalid due to expiry or invalid signature. So we'll only
    // the expired roletoken if we add it to the cache and then
    // try to use it again, but the cache clear test case sets
    // the timeout to 1secs so as soon as it's added, within a
    // second it's removed, so we can't wait until it's expired to
    // test again. so for know we'll just get invalid token
    AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerExpirePublic.getSignedToken(), angResource, action);
    Assert.assertEquals(status, AccessCheckStatus.DENY_ROLETOKEN_EXPIRED);
    // multi tokens test
    List<String> tokenList = new ArrayList<>();
    tokenList.add(rToken0AnglerPublic.getSignedToken());
    // add the expired one in
    tokenList.add(rToken0AnglerExpirePublic.getSignedToken());
    StringBuilder roleName = new StringBuilder();
    status = AuthZpeClient.allowAccess(tokenList, angResource, action, roleName);
    Assert.assertEquals(status, AccessCheckStatus.ALLOW);
    Assert.assertEquals(roleName.toString(), "public");
}
Also used : AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus) IOException(java.io.IOException) Test(org.testng.annotations.Test)

Aggregations

AccessCheckStatus (com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)56 Test (org.testng.annotations.Test)55 RoleToken (com.yahoo.athenz.auth.token.RoleToken)11 X509Certificate (java.security.cert.X509Certificate)5 Path (java.nio.file.Path)4 IOException (java.io.IOException)3 AccessToken (com.yahoo.athenz.auth.token.AccessToken)1 PrintWriter (java.io.PrintWriter)1 ArrayList (java.util.ArrayList)1 X500Principal (javax.security.auth.x500.X500Principal)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial