use of com.yahoo.athenz.zts.store.CloudStore in project athenz by yahoo.
the class CloudStoreTest method testGetS3ClientAWSNotEnabled.
@Test
public void testGetS3ClientAWSNotEnabled() {
CloudStore store = new CloudStore(null);
store.credentials = null;
try {
store.getS3Client();
fail();
} catch (ResourceException ex) {
assertEquals(500, ex.getCode());
}
store.close();
}
use of com.yahoo.athenz.zts.store.CloudStore in project athenz by yahoo.
the class CloudStoreTest method testGetMetaDataEmptyResponse.
@Test
public void testGetMetaDataEmptyResponse() throws InterruptedException, ExecutionException, TimeoutException {
CloudStore store = new CloudStore(null);
HttpClient httpClient = Mockito.mock(HttpClient.class);
ContentResponse response = Mockito.mock(ContentResponse.class);
Mockito.when(response.getStatus()).thenReturn(200);
Mockito.when(response.getContentAsString()).thenReturn("");
store.setHttpClient(httpClient);
Mockito.when(httpClient.GET("http://169.254.169.254/latest/iam-info")).thenReturn(response);
assertNull(store.getMetaData("/iam-info"));
store.close();
}
use of com.yahoo.athenz.zts.store.CloudStore in project athenz by yahoo.
the class ZTSImplTest method testGetRoleTokenCert.
@Test
public void testGetRoleTokenCert() throws Exception {
// this csr is for sports:role.readers role
RoleCertificateRequest req = new RoleCertificateRequest().setCsr(ROLE_CERT_CORETECH_REQUEST).setExpiryTime(Long.valueOf(3600));
SignedDomain signedDomain = createSignedDomain("coretech", "weather", "storage", true);
store.processDomain(signedDomain, false);
File caCert = new File("src/test/resources/valid_cn_x509.cert");
X509Certificate caCertificate = Crypto.loadX509Certificate(caCert);
File caKey = new File("src/test/resources/private_encrypted.key");
PrivateKey caPrivateKey = Crypto.loadPrivateKey(caKey, "athenz");
CertSigner certSigner = new SelfCertSigner(caPrivateKey, caCertificate);
CloudStore cloudStore = new MockCloudStore(certSigner);
store.setCloudStore(cloudStore);
zts.cloudStore = cloudStore;
Principal principal = SimplePrincipal.create("user_domain", "user1", "v=U1;d=user_domain;n=user;s=signature", 0, null);
ResourceContext context = createResourceContext(principal);
RoleToken roleToken = zts.postRoleCertificateRequest(context, "coretech", "readers", req);
assertNotNull(roleToken);
assertEquals(roleToken.getExpiryTime(), TimeUnit.SECONDS.convert(30, TimeUnit.DAYS));
}
use of com.yahoo.athenz.zts.store.CloudStore in project athenz by yahoo.
the class CloudStoreTest method testLoadBootMetaData.
@Test
public void testLoadBootMetaData() throws InterruptedException, ExecutionException, TimeoutException {
CloudStore store = new CloudStore(null);
HttpClient httpClient = Mockito.mock(HttpClient.class);
ContentResponse responseDoc = Mockito.mock(ContentResponse.class);
Mockito.when(responseDoc.getStatus()).thenReturn(200);
Mockito.when(responseDoc.getContentAsString()).thenReturn(AWS_INSTANCE_DOCUMENT);
ContentResponse responseSig = Mockito.mock(ContentResponse.class);
Mockito.when(responseSig.getStatus()).thenReturn(200);
Mockito.when(responseSig.getContentAsString()).thenReturn("pkcs7-signature");
ContentResponse responseInfo = Mockito.mock(ContentResponse.class);
Mockito.when(responseInfo.getStatus()).thenReturn(200);
Mockito.when(responseInfo.getContentAsString()).thenReturn(AWS_IAM_ROLE_INFO);
store.setHttpClient(httpClient);
Mockito.when(httpClient.GET("http://169.254.169.254/latest/dynamic/instance-identity/document")).thenReturn(responseDoc);
Mockito.when(httpClient.GET("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7")).thenReturn(responseSig);
Mockito.when(httpClient.GET("http://169.254.169.254/latest/meta-data/iam/info")).thenReturn(responseInfo);
assertTrue(store.loadBootMetaData());
assertEquals(store.awsRole, "athenz.zts");
assertEquals(store.awsRegion, "us-west-2");
store.close();
}
use of com.yahoo.athenz.zts.store.CloudStore in project athenz by yahoo.
the class CloudStoreTest method testParseIamRoleInfoInvalidInstanceProfile.
@Test
public void testParseIamRoleInfoInvalidInstanceProfile() {
CloudStore store = new CloudStore(null);
assertFalse(store.parseIamRoleInfo("{\"accountId\":\"012345678901\"}"));
assertFalse(store.parseIamRoleInfo("{\"accountId\":\"012345678901\",\"InstanceProfileArn\":\"invalid\"}"));
store.close();
}
Aggregations