Example 31 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testInvalidAccessResource.
@Test
public void testInvalidAccessResource() {
String action = "ACCESS";
String angResource = "angler:tables.blahblah";
StringBuilder roleName = new StringBuilder();
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerPachinko, angResource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.DENY_NO_MATCH);
Assert.assertEquals(roleName.toString(), "");
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Example 32 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testPublicReadAllowed.
@Test
public void testPublicReadAllowed() {
String action = "read";
String angResource = "angler:stuff";
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerPublic.getSignedToken(), angResource, action);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Example 33 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testMultipleTokens.
@Test
public void testMultipleTokens() {
String action = "REad";
StringBuilder roleName = new StringBuilder();
String resource = "sports.NFL_DB";
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0SportsAdmin, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
Assert.assertEquals(roleName.toString(), "admin");
// multi tokens test
List<String> tokenList = new ArrayList<>();
tokenList.add(rToken0SportsAdmin.getSignedToken());
tokenList.add(rToken0CoreTechPublic.getSignedToken());
roleName = new StringBuilder();
status = AuthZpeClient.allowAccess(tokenList, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
Assert.assertEquals(roleName.toString(), "admin");
// multi tokens test with duplicate tokens
tokenList = new ArrayList<>();
tokenList.add(rToken0SportsAdmin.getSignedToken());
tokenList.add(rToken0SportsAdmin.getSignedToken());
roleName = new StringBuilder();
status = AuthZpeClient.allowAccess(tokenList, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
Assert.assertEquals(roleName.toString(), "admin");
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Example 34 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testMultipleTokenListEmpty.
@Test
public void testMultipleTokenListEmpty() {
String action = "REad";
String resource = "sports.NFL_DB";
StringBuilder roleName = new StringBuilder();
// multi token list - empty
List<String> tokenList = new ArrayList<>();
AccessCheckStatus status = AuthZpeClient.allowAccess(tokenList, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.DENY_NO_MATCH);
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Example 35 with AccessCheckStatus
use of com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus in project athenz by yahoo.
the class TestAuthZpe method testAllowAccessMatchRegexAllowed.
@Test
public void testAllowAccessMatchRegexAllowed() {
String action = "regex";
String resource = "angler:nhllosangeleskings";
StringBuilder roleName = new StringBuilder();
AccessCheckStatus status = AuthZpeClient.allowAccess(rToken0AnglerRegex, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
Assert.assertEquals(roleName.toString(), "matchregex");
// multi tokens test
List<String> tokenList = new ArrayList<>();
tokenList.add(rToken0AnglerExpirePublic.getSignedToken());
tokenList.add(rToken0AnglerRegex.getSignedToken());
tokenList.add(rToken0AnglerPublic.getSignedToken());
tokenList.add(rToken0CoreTechPublic.getSignedToken());
roleName = new StringBuilder();
status = AuthZpeClient.allowAccess(tokenList, resource, action, roleName);
Assert.assertEquals(status, AccessCheckStatus.ALLOW);
Assert.assertEquals(roleName.toString(), "matchregex");
}
Also used :
AccessCheckStatus(com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)
Test(org.testng.annotations.Test)
Aggregations
AccessCheckStatus (com.yahoo.athenz.zpe.AuthZpeClient.AccessCheckStatus)56
Test (org.testng.annotations.Test)55
RoleToken (com.yahoo.athenz.auth.token.RoleToken)11
X509Certificate (java.security.cert.X509Certificate)5
Path (java.nio.file.Path)4
IOException (java.io.IOException)3
AccessToken (com.yahoo.athenz.auth.token.AccessToken)1
PrintWriter (java.io.PrintWriter)1
ArrayList (java.util.ArrayList)1
X500Principal (javax.security.auth.x500.X500Principal)1
