1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.cadi.lur.aaf.test;
\r
26 import static org.junit.Assert.assertEquals;
\r
28 import java.io.BufferedReader;
\r
29 import java.io.IOException;
\r
30 import java.io.UnsupportedEncodingException;
\r
31 import java.net.HttpURLConnection;
\r
32 import java.security.Principal;
\r
33 import java.util.Collection;
\r
34 import java.util.Enumeration;
\r
35 import java.util.Locale;
\r
36 import java.util.Map;
\r
38 import javax.servlet.AsyncContext;
\r
39 import javax.servlet.DispatcherType;
\r
40 import javax.servlet.RequestDispatcher;
\r
41 import javax.servlet.ServletContext;
\r
42 import javax.servlet.ServletException;
\r
43 import javax.servlet.ServletInputStream;
\r
44 import javax.servlet.ServletRequest;
\r
45 import javax.servlet.ServletResponse;
\r
46 import javax.servlet.http.Cookie;
\r
47 import javax.servlet.http.HttpServletRequest;
\r
48 import javax.servlet.http.HttpServletResponse;
\r
49 import javax.servlet.http.HttpSession;
\r
50 import javax.servlet.http.Part;
\r
52 import org.junit.BeforeClass;
\r
53 import org.junit.Test;
\r
55 import com.att.cadi.CadiException;
\r
56 import com.att.cadi.Lur;
\r
57 import com.att.cadi.Permission;
\r
58 import com.att.cadi.PropAccess;
\r
59 import com.att.cadi.Symm;
\r
60 import com.att.cadi.Taf.LifeForm;
\r
61 import com.att.cadi.aaf.AAFPermission;
\r
62 import com.att.cadi.aaf.v2_0.AAFConHttp;
\r
63 import com.att.cadi.aaf.v2_0.AAFLurPerm;
\r
64 import com.att.cadi.aaf.v2_0.AAFTaf;
\r
65 import com.att.cadi.locator.DNSLocator;
\r
66 import com.att.cadi.lur.ConfigPrincipal;
\r
67 import com.att.cadi.lur.LocalPermission;
\r
68 import com.att.cadi.taf.TafResp;
\r
70 public class JU_Lur2_0Call {
\r
71 private static AAFConHttp aaf;
\r
72 private static PropAccess access;
\r
75 public static void setUpBeforeClass() throws Exception {
\r
76 access = new PropAccess();
\r
77 aaf = new AAFConHttp(access,new DNSLocator(access,"https","localhost","8100"));
\r
78 aaf.basicAuth("testid", "whatever");
\r
82 public void test() throws Exception {
\r
84 AAFLurPerm aafLur = aaf.newLur();
\r
86 Principal pri = new ConfigPrincipal("testid@aaf.att.com","whatever");
\r
87 for (int i = 0; i < 10; ++i) {
\r
88 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),true);
\r
89 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|write"),false);
\r
90 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|read"),true);
\r
91 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|read"),true);
\r
93 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","write"),true);
\r
94 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","write"),false);
\r
95 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","read"),true);
\r
96 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","read"),true);
\r
98 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum.*|read"),true);
\r
99 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
\r
100 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true);
\r
102 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum.*","read"),true);
\r
103 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
\r
105 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum[Qq]uat|read"),true);
\r
106 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
\r
107 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
\r
108 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
\r
110 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum[Qq]uat","read"),true);
\r
111 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
\r
112 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
\r
113 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
\r
116 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my.nstance|!wr*"),true);
\r
117 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
\r
119 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
\r
121 //Maitrayee, aren't we going to have issues if we do RegExp with "."?
\r
122 //Is it too expensive to only do Reg Ex in presence of special characters, []{}*, etc? Not sure this helps for GRID.
\r
123 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kum.quat|read"),true);
\r
124 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum..uat|read"),true);
\r
126 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true); // ok if Stored Action is "*"
\r
129 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:!my.*|write"),true); // ok if Stored Action is "*"
\r
130 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*|write"),false); // not ok if key lengths don't match "*"
\r
131 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:myCF|write"),true); // ok if Stored Action is "*"
\r
132 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:!my.*","write"),true); // ok if Stored Action is "*"
\r
133 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:myCF","write"),true); // ok if Stored Action is "*"
\r
134 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*","write"),false); // not ok if key lengths don't match
\r
138 print(aafLur, pri, new LocalPermission("bogus"),false);
\r
141 // Thread.sleep(7000);
\r
142 // } catch (InterruptedException e) {
\r
143 // e.printStackTrace();
\r
145 for (int i = 0; i < 10; ++i)
\r
146 print(aafLur, pri, new LocalPermission("supergroup"),false);
\r
148 System.out.println("All Done");
\r
151 public void testTaf() throws Exception {
\r
152 AAFTaf<?> aaft = new AAFTaf<HttpURLConnection>(aaf,true);
\r
156 resp = aaft.validate(LifeForm.CBLF, new Req(), null);
\r
157 assertEquals(TafResp.RESP.TRY_AUTHENTICATING, resp.isAuthenticated());
\r
159 String auth = "Basic " + Symm.base64.encode("testid:whatever");
\r
160 resp = aaft.validate(LifeForm.CBLF, new Req("Authorization",auth), null);
\r
161 assertEquals(TafResp.RESP.IS_AUTHENTICATED, resp.isAuthenticated());
\r
165 // public void testRole() throws CadiException {
\r
166 // TestAccess ta = new TestAccess();
\r
167 // AAFLurRole1_0 aafLur = new AAFLurRole1_0(
\r
169 //// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=UAT/routeOffer=BAU_SE",
\r
170 // "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=DEV/routeOffer=D1",
\r
171 // "m12345", "m12345pass", 50000, // dme Time
\r
172 // // 5*60000); // 5 minutes User Expiration
\r
173 // 50000, // 5 seconds after Expiration
\r
174 // 200); // High Count of items.. These do not take much memory
\r
176 // Principal pri = new ConfigPrincipal("xy1234","whatever);
\r
177 // for (int i = 0; i < 10; ++i) {
\r
178 //// print(aafLur, pri, new LocalPermission("*|*|*|com.att.authz"));
\r
179 // print(aafLur, pri, new LocalPermission("service|myInstance|write"),false);
\r
180 // print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),false);
\r
181 // print(aafLur, pri, new LocalPermission("com.att.cadi"),true);
\r
182 // print(aafLur, pri, new LocalPermission("global"),true);
\r
183 // print(aafLur, pri, new LocalPermission("kumquat"),false);
\r
186 // print(aafLur, pri, new LocalPermission("bogus"),false);
\r
188 // for (int i = 0; i < 10; ++i)
\r
189 // print(aafLur, pri, new LocalPermission("supergroup"),false);
\r
191 // System.out.println("All Done");
\r
195 private void print(Lur aafLur, Principal pri, Permission perm, boolean shouldBe)
\r
196 throws CadiException {
\r
197 long start = System.nanoTime();
\r
200 boolean ok = aafLur.fish(pri, perm);
\r
202 assertEquals(shouldBe,ok);
\r
203 float ms = (System.nanoTime() - start) / 1000000f;
\r
205 System.out.println("Yes, part of " + perm.getKey() + " (" + ms
\r
208 System.out.println("No, not part of " + perm.getKey() + " (" + ms
\r
213 @SuppressWarnings("rawtypes")
\r
214 public class Req implements HttpServletRequest {
\r
215 private String[] headers;
\r
217 public Req(String ... headers) {
\r
218 this.headers = headers;
\r
221 public Object getAttribute(String name) {
\r
222 // TODO Auto-generated method stub
\r
226 @SuppressWarnings("unchecked")
\r
227 public Enumeration getAttributeNames() {
\r
228 // TODO Auto-generated method stub
\r
232 public String getCharacterEncoding() {
\r
233 // TODO Auto-generated method stub
\r
237 public void setCharacterEncoding(String env)
\r
238 throws UnsupportedEncodingException {
\r
239 // TODO Auto-generated method stub
\r
243 public int getContentLength() {
\r
244 // TODO Auto-generated method stub
\r
248 public String getContentType() {
\r
249 // TODO Auto-generated method stub
\r
253 public ServletInputStream getInputStream() throws IOException {
\r
254 // TODO Auto-generated method stub
\r
258 public String getParameter(String name) {
\r
259 // TODO Auto-generated method stub
\r
263 @SuppressWarnings("unchecked")
\r
264 public Enumeration getParameterNames() {
\r
265 // TODO Auto-generated method stub
\r
269 public String[] getParameterValues(String name) {
\r
270 // TODO Auto-generated method stub
\r
274 @SuppressWarnings("unchecked")
\r
275 public Map getParameterMap() {
\r
276 // TODO Auto-generated method stub
\r
280 public String getProtocol() {
\r
281 // TODO Auto-generated method stub
\r
285 public String getScheme() {
\r
286 // TODO Auto-generated method stub
\r
290 public String getServerName() {
\r
291 // TODO Auto-generated method stub
\r
295 public int getServerPort() {
\r
296 // TODO Auto-generated method stub
\r
300 public BufferedReader getReader() throws IOException {
\r
301 // TODO Auto-generated method stub
\r
305 public String getRemoteAddr() {
\r
306 // TODO Auto-generated method stub
\r
310 public String getRemoteHost() {
\r
311 // TODO Auto-generated method stub
\r
315 public void setAttribute(String name, Object o) {
\r
316 // TODO Auto-generated method stub
\r
320 public void removeAttribute(String name) {
\r
321 // TODO Auto-generated method stub
\r
325 public Locale getLocale() {
\r
326 // TODO Auto-generated method stub
\r
330 @SuppressWarnings("unchecked")
\r
331 public Enumeration getLocales() {
\r
332 // TODO Auto-generated method stub
\r
336 public boolean isSecure() {
\r
337 // TODO Auto-generated method stub
\r
341 public RequestDispatcher getRequestDispatcher(String path) {
\r
342 // TODO Auto-generated method stub
\r
346 public String getRealPath(String path) {
\r
347 // TODO Auto-generated method stub
\r
351 public int getRemotePort() {
\r
352 // TODO Auto-generated method stub
\r
356 public String getLocalName() {
\r
357 // TODO Auto-generated method stub
\r
361 public String getLocalAddr() {
\r
362 // TODO Auto-generated method stub
\r
366 public int getLocalPort() {
\r
367 // TODO Auto-generated method stub
\r
371 public String getAuthType() {
\r
372 // TODO Auto-generated method stub
\r
376 public Cookie[] getCookies() {
\r
377 // TODO Auto-generated method stub
\r
381 public long getDateHeader(String name) {
\r
382 // TODO Auto-generated method stub
\r
386 public String getHeader(String name) {
\r
387 for(int i=1;i<headers.length;i=i+2) {
\r
388 if(headers[i-1].equals(name)) return headers[i];
\r
393 @SuppressWarnings("unchecked")
\r
394 public Enumeration getHeaders(String name) {
\r
395 // TODO Auto-generated method stub
\r
399 @SuppressWarnings("unchecked")
\r
400 public Enumeration getHeaderNames() {
\r
401 // TODO Auto-generated method stub
\r
405 public int getIntHeader(String name) {
\r
406 // TODO Auto-generated method stub
\r
410 public String getMethod() {
\r
411 // TODO Auto-generated method stub
\r
415 public String getPathInfo() {
\r
416 // TODO Auto-generated method stub
\r
420 public String getPathTranslated() {
\r
421 // TODO Auto-generated method stub
\r
425 public String getContextPath() {
\r
426 // TODO Auto-generated method stub
\r
430 public String getQueryString() {
\r
431 // TODO Auto-generated method stub
\r
435 public String getRemoteUser() {
\r
436 // TODO Auto-generated method stub
\r
440 public boolean isUserInRole(String role) {
\r
441 // TODO Auto-generated method stub
\r
445 public Principal getUserPrincipal() {
\r
446 // TODO Auto-generated method stub
\r
450 public String getRequestedSessionId() {
\r
451 // TODO Auto-generated method stub
\r
455 public String getRequestURI() {
\r
456 // TODO Auto-generated method stub
\r
460 public StringBuffer getRequestURL() {
\r
461 // TODO Auto-generated method stub
\r
465 public String getServletPath() {
\r
466 // TODO Auto-generated method stub
\r
470 public HttpSession getSession(boolean create) {
\r
471 // TODO Auto-generated method stub
\r
475 public HttpSession getSession() {
\r
476 // TODO Auto-generated method stub
\r
480 public boolean isRequestedSessionIdValid() {
\r
481 // TODO Auto-generated method stub
\r
485 public boolean isRequestedSessionIdFromCookie() {
\r
486 // TODO Auto-generated method stub
\r
490 public boolean isRequestedSessionIdFromURL() {
\r
491 // TODO Auto-generated method stub
\r
495 public boolean isRequestedSessionIdFromUrl() {
\r
496 // TODO Auto-generated method stub
\r
501 public ServletContext getServletContext() {
\r
502 // TODO Auto-generated method stub
\r
507 public AsyncContext startAsync() throws IllegalStateException {
\r
508 // TODO Auto-generated method stub
\r
513 public AsyncContext startAsync(ServletRequest servletRequest,
\r
514 ServletResponse servletResponse) throws IllegalStateException {
\r
515 // TODO Auto-generated method stub
\r
520 public boolean isAsyncStarted() {
\r
521 // TODO Auto-generated method stub
\r
526 public boolean isAsyncSupported() {
\r
527 // TODO Auto-generated method stub
\r
532 public AsyncContext getAsyncContext() {
\r
533 // TODO Auto-generated method stub
\r
538 public DispatcherType getDispatcherType() {
\r
539 // TODO Auto-generated method stub
\r
544 public boolean authenticate(HttpServletResponse response)
\r
545 throws IOException, ServletException {
\r
546 // TODO Auto-generated method stub
\r
551 public void login(String username, String password)
\r
552 throws ServletException {
\r
553 // TODO Auto-generated method stub
\r
558 public void logout() throws ServletException {
\r
559 // TODO Auto-generated method stub
\r
564 public Collection<Part> getParts() throws IOException, ServletException {
\r
565 // TODO Auto-generated method stub
\r
570 public Part getPart(String name) throws IOException, ServletException {
\r
571 // TODO Auto-generated method stub
\r
Code Review / aaf / cadi.git / blob