use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider in project vespa by vespa-engine.
the class InstanceValidatorTest method invalid_signature.
@Test
public void invalid_signature() throws Exception {
KeyProvider keyProvider = new AutoGeneratedKeyProvider();
InstanceValidator instanceValidator = new InstanceValidator(keyProvider, null);
KeyProvider fakeKeyProvider = new AutoGeneratedKeyProvider();
InstanceConfirmation instanceConfirmation = createInstanceConfirmation(fakeKeyProvider.getPrivateKey(0), applicationId, domain, service);
assertFalse(instanceValidator.isInstanceSignatureValid(instanceConfirmation));
}
use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider in project vespa by vespa-engine.
the class InstanceValidatorTest method valid_signature.
@Test
public void valid_signature() throws Exception {
KeyProvider keyProvider = new AutoGeneratedKeyProvider();
InstanceValidator instanceValidator = new InstanceValidator(keyProvider, null);
InstanceConfirmation instanceConfirmation = createInstanceConfirmation(keyProvider.getPrivateKey(0), applicationId, domain, service);
assertTrue(instanceValidator.isInstanceSignatureValid(instanceConfirmation));
}
use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider in project vespa by vespa-engine.
the class IdentityDocumentGeneratorTest method generates_valid_identity_document.
@Test
public void generates_valid_identity_document() throws Exception {
String hostname = "x.y.com";
ApplicationId appid = ApplicationId.from(TenantName.from("tenant"), ApplicationName.from("application"), InstanceName.from("default"));
Allocation allocation = new Allocation(appid, ClusterMembership.from("container/default/0/0", Version.fromString("1.2.3")), Generation.inital(), false);
Node n = Node.create("ostkid", ImmutableSet.of("127.0.0.1"), new HashSet<>(), hostname, Optional.empty(), new MockNodeFlavors().getFlavorOrThrow("default"), NodeType.tenant).with(allocation);
NodeRepository nodeRepository = mock(NodeRepository.class);
when(nodeRepository.getNode(eq(hostname))).thenReturn(Optional.of(n));
AutoGeneratedKeyProvider keyProvider = new AutoGeneratedKeyProvider();
String dnsSuffix = "vespa.dns.suffix";
AthenzProviderServiceConfig config = getAthenzProviderConfig("domain", "service", dnsSuffix, ZONE);
IdentityDocumentGenerator identityDocumentGenerator = new IdentityDocumentGenerator(config, nodeRepository, ZONE, keyProvider);
SignedIdentityDocument signedIdentityDocument = identityDocumentGenerator.generateSignedIdentityDocument(hostname);
// Verify attributes
assertEquals(hostname, signedIdentityDocument.identityDocument.instanceHostname);
String environment = "dev";
String region = "us-north-1";
String expectedZoneDnsSuffix = environment + "-" + region + "." + dnsSuffix;
assertEquals(expectedZoneDnsSuffix, signedIdentityDocument.dnsSuffix);
ProviderUniqueId expectedProviderUniqueId = new ProviderUniqueId("tenant", "application", environment, region, "default", "default", 0);
assertEquals(expectedProviderUniqueId, signedIdentityDocument.identityDocument.providerUniqueId);
// Validate signature
assertTrue("Message", InstanceValidator.isSignatureValid(keyProvider.getPublicKey(0), signedIdentityDocument.rawIdentityDocument, signedIdentityDocument.signature));
}
Aggregations