1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package com.att.cadi.lur.aaf.test;
\r
25 import static org.junit.Assert.assertEquals;
\r
27 import java.io.BufferedReader;
\r
28 import java.io.IOException;
\r
29 import java.io.UnsupportedEncodingException;
\r
30 import java.net.HttpURLConnection;
\r
31 import java.security.Principal;
\r
32 import java.util.Collection;
\r
33 import java.util.Enumeration;
\r
34 import java.util.Locale;
\r
35 import java.util.Map;
\r
37 import javax.servlet.AsyncContext;
\r
38 import javax.servlet.DispatcherType;
\r
39 import javax.servlet.RequestDispatcher;
\r
40 import javax.servlet.ServletContext;
\r
41 import javax.servlet.ServletException;
\r
42 import javax.servlet.ServletInputStream;
\r
43 import javax.servlet.ServletRequest;
\r
44 import javax.servlet.ServletResponse;
\r
45 import javax.servlet.http.Cookie;
\r
46 import javax.servlet.http.HttpServletRequest;
\r
47 import javax.servlet.http.HttpServletResponse;
\r
48 import javax.servlet.http.HttpSession;
\r
49 import javax.servlet.http.Part;
\r
51 import org.junit.BeforeClass;
\r
52 import org.junit.Test;
\r
54 import com.att.cadi.CadiException;
\r
55 import com.att.cadi.Lur;
\r
56 import com.att.cadi.Permission;
\r
57 import com.att.cadi.PropAccess;
\r
58 import com.att.cadi.Symm;
\r
59 import com.att.cadi.Taf.LifeForm;
\r
60 import com.att.cadi.aaf.AAFPermission;
\r
61 import com.att.cadi.aaf.v2_0.AAFConHttp;
\r
62 import com.att.cadi.aaf.v2_0.AAFLurPerm;
\r
63 import com.att.cadi.aaf.v2_0.AAFTaf;
\r
64 import com.att.cadi.locator.DNSLocator;
\r
65 import com.att.cadi.lur.ConfigPrincipal;
\r
66 import com.att.cadi.lur.LocalPermission;
\r
67 import com.att.cadi.taf.TafResp;
\r
69 public class JU_Lur2_0Call {
\r
70 private static AAFConHttp aaf;
\r
71 private static PropAccess access;
\r
74 public static void setUpBeforeClass() throws Exception {
\r
75 access = new PropAccess();
\r
76 aaf = new AAFConHttp(access,new DNSLocator(access,"https","localhost","8100"));
\r
77 aaf.basicAuth("testid", "whatever");
\r
81 public void test() throws Exception {
\r
83 AAFLurPerm aafLur = aaf.newLur();
\r
85 Principal pri = new ConfigPrincipal("testid@aaf.att.com","whatever");
\r
86 for (int i = 0; i < 10; ++i) {
\r
87 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),true);
\r
88 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|write"),false);
\r
89 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|read"),true);
\r
90 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|read"),true);
\r
92 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","write"),true);
\r
93 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","write"),false);
\r
94 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","read"),true);
\r
95 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","read"),true);
\r
97 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum.*|read"),true);
\r
98 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
\r
99 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true);
\r
101 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum.*","read"),true);
\r
102 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
\r
104 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum[Qq]uat|read"),true);
\r
105 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
\r
106 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
\r
107 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
\r
109 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum[Qq]uat","read"),true);
\r
110 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
\r
111 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
\r
112 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
\r
115 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my.nstance|!wr*"),true);
\r
116 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
\r
118 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
\r
120 //Maitrayee, aren't we going to have issues if we do RegExp with "."?
\r
121 //Is it too expensive to only do Reg Ex in presence of special characters, []{}*, etc? Not sure this helps for GRID.
\r
122 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kum.quat|read"),true);
\r
123 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum..uat|read"),true);
\r
125 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true); // ok if Stored Action is "*"
\r
128 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:!my.*|write"),true); // ok if Stored Action is "*"
\r
129 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*|write"),false); // not ok if key lengths don't match "*"
\r
130 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:myCF|write"),true); // ok if Stored Action is "*"
\r
131 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:!my.*","write"),true); // ok if Stored Action is "*"
\r
132 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:myCF","write"),true); // ok if Stored Action is "*"
\r
133 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*","write"),false); // not ok if key lengths don't match
\r
137 print(aafLur, pri, new LocalPermission("bogus"),false);
\r
140 // Thread.sleep(7000);
\r
141 // } catch (InterruptedException e) {
\r
142 // e.printStackTrace();
\r
144 for (int i = 0; i < 10; ++i)
\r
145 print(aafLur, pri, new LocalPermission("supergroup"),false);
\r
147 System.out.println("All Done");
\r
150 public void testTaf() throws Exception {
\r
151 AAFTaf<?> aaft = new AAFTaf<HttpURLConnection>(aaf,true);
\r
155 resp = aaft.validate(LifeForm.CBLF, new Req(), null);
\r
156 assertEquals(TafResp.RESP.TRY_AUTHENTICATING, resp.isAuthenticated());
\r
158 String auth = "Basic " + Symm.base64.encode("testid:whatever");
\r
159 resp = aaft.validate(LifeForm.CBLF, new Req("Authorization",auth), null);
\r
160 assertEquals(TafResp.RESP.IS_AUTHENTICATED, resp.isAuthenticated());
\r
164 // public void testRole() throws CadiException {
\r
165 // TestAccess ta = new TestAccess();
\r
166 // AAFLurRole1_0 aafLur = new AAFLurRole1_0(
\r
168 //// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=UAT/routeOffer=BAU_SE",
\r
169 // "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=DEV/routeOffer=D1",
\r
170 // "m12345", "m12345pass", 50000, // dme Time
\r
171 // // 5*60000); // 5 minutes User Expiration
\r
172 // 50000, // 5 seconds after Expiration
\r
173 // 200); // High Count of items.. These do not take much memory
\r
175 // Principal pri = new ConfigPrincipal("xy1234","whatever);
\r
176 // for (int i = 0; i < 10; ++i) {
\r
177 //// print(aafLur, pri, new LocalPermission("*|*|*|com.att.authz"));
\r
178 // print(aafLur, pri, new LocalPermission("service|myInstance|write"),false);
\r
179 // print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),false);
\r
180 // print(aafLur, pri, new LocalPermission("com.att.cadi"),true);
\r
181 // print(aafLur, pri, new LocalPermission("global"),true);
\r
182 // print(aafLur, pri, new LocalPermission("kumquat"),false);
\r
185 // print(aafLur, pri, new LocalPermission("bogus"),false);
\r
187 // for (int i = 0; i < 10; ++i)
\r
188 // print(aafLur, pri, new LocalPermission("supergroup"),false);
\r
190 // System.out.println("All Done");
\r
194 private void print(Lur aafLur, Principal pri, Permission perm, boolean shouldBe)
\r
195 throws CadiException {
\r
196 long start = System.nanoTime();
\r
199 boolean ok = aafLur.fish(pri, perm);
\r
201 assertEquals(shouldBe,ok);
\r
202 float ms = (System.nanoTime() - start) / 1000000f;
\r
204 System.out.println("Yes, part of " + perm.getKey() + " (" + ms
\r
207 System.out.println("No, not part of " + perm.getKey() + " (" + ms
\r
212 @SuppressWarnings("rawtypes")
\r
213 public class Req implements HttpServletRequest {
\r
214 private String[] headers;
\r
216 public Req(String ... headers) {
\r
217 this.headers = headers;
\r
220 public Object getAttribute(String name) {
\r
221 // TODO Auto-generated method stub
\r
225 @SuppressWarnings("unchecked")
\r
226 public Enumeration getAttributeNames() {
\r
227 // TODO Auto-generated method stub
\r
231 public String getCharacterEncoding() {
\r
232 // TODO Auto-generated method stub
\r
236 public void setCharacterEncoding(String env)
\r
237 throws UnsupportedEncodingException {
\r
238 // TODO Auto-generated method stub
\r
242 public int getContentLength() {
\r
243 // TODO Auto-generated method stub
\r
247 public String getContentType() {
\r
248 // TODO Auto-generated method stub
\r
252 public ServletInputStream getInputStream() throws IOException {
\r
253 // TODO Auto-generated method stub
\r
257 public String getParameter(String name) {
\r
258 // TODO Auto-generated method stub
\r
262 @SuppressWarnings("unchecked")
\r
263 public Enumeration getParameterNames() {
\r
264 // TODO Auto-generated method stub
\r
268 public String[] getParameterValues(String name) {
\r
269 // TODO Auto-generated method stub
\r
273 @SuppressWarnings("unchecked")
\r
274 public Map getParameterMap() {
\r
275 // TODO Auto-generated method stub
\r
279 public String getProtocol() {
\r
280 // TODO Auto-generated method stub
\r
284 public String getScheme() {
\r
285 // TODO Auto-generated method stub
\r
289 public String getServerName() {
\r
290 // TODO Auto-generated method stub
\r
294 public int getServerPort() {
\r
295 // TODO Auto-generated method stub
\r
299 public BufferedReader getReader() throws IOException {
\r
300 // TODO Auto-generated method stub
\r
304 public String getRemoteAddr() {
\r
305 // TODO Auto-generated method stub
\r
309 public String getRemoteHost() {
\r
310 // TODO Auto-generated method stub
\r
314 public void setAttribute(String name, Object o) {
\r
315 // TODO Auto-generated method stub
\r
319 public void removeAttribute(String name) {
\r
320 // TODO Auto-generated method stub
\r
324 public Locale getLocale() {
\r
325 // TODO Auto-generated method stub
\r
329 @SuppressWarnings("unchecked")
\r
330 public Enumeration getLocales() {
\r
331 // TODO Auto-generated method stub
\r
335 public boolean isSecure() {
\r
336 // TODO Auto-generated method stub
\r
340 public RequestDispatcher getRequestDispatcher(String path) {
\r
341 // TODO Auto-generated method stub
\r
345 public String getRealPath(String path) {
\r
346 // TODO Auto-generated method stub
\r
350 public int getRemotePort() {
\r
351 // TODO Auto-generated method stub
\r
355 public String getLocalName() {
\r
356 // TODO Auto-generated method stub
\r
360 public String getLocalAddr() {
\r
361 // TODO Auto-generated method stub
\r
365 public int getLocalPort() {
\r
366 // TODO Auto-generated method stub
\r
370 public String getAuthType() {
\r
371 // TODO Auto-generated method stub
\r
375 public Cookie[] getCookies() {
\r
376 // TODO Auto-generated method stub
\r
380 public long getDateHeader(String name) {
\r
381 // TODO Auto-generated method stub
\r
385 public String getHeader(String name) {
\r
386 for(int i=1;i<headers.length;i=i+2) {
\r
387 if(headers[i-1].equals(name)) return headers[i];
\r
392 @SuppressWarnings("unchecked")
\r
393 public Enumeration getHeaders(String name) {
\r
394 // TODO Auto-generated method stub
\r
398 @SuppressWarnings("unchecked")
\r
399 public Enumeration getHeaderNames() {
\r
400 // TODO Auto-generated method stub
\r
404 public int getIntHeader(String name) {
\r
405 // TODO Auto-generated method stub
\r
409 public String getMethod() {
\r
410 // TODO Auto-generated method stub
\r
414 public String getPathInfo() {
\r
415 // TODO Auto-generated method stub
\r
419 public String getPathTranslated() {
\r
420 // TODO Auto-generated method stub
\r
424 public String getContextPath() {
\r
425 // TODO Auto-generated method stub
\r
429 public String getQueryString() {
\r
430 // TODO Auto-generated method stub
\r
434 public String getRemoteUser() {
\r
435 // TODO Auto-generated method stub
\r
439 public boolean isUserInRole(String role) {
\r
440 // TODO Auto-generated method stub
\r
444 public Principal getUserPrincipal() {
\r
445 // TODO Auto-generated method stub
\r
449 public String getRequestedSessionId() {
\r
450 // TODO Auto-generated method stub
\r
454 public String getRequestURI() {
\r
455 // TODO Auto-generated method stub
\r
459 public StringBuffer getRequestURL() {
\r
460 // TODO Auto-generated method stub
\r
464 public String getServletPath() {
\r
465 // TODO Auto-generated method stub
\r
469 public HttpSession getSession(boolean create) {
\r
470 // TODO Auto-generated method stub
\r
474 public HttpSession getSession() {
\r
475 // TODO Auto-generated method stub
\r
479 public boolean isRequestedSessionIdValid() {
\r
480 // TODO Auto-generated method stub
\r
484 public boolean isRequestedSessionIdFromCookie() {
\r
485 // TODO Auto-generated method stub
\r
489 public boolean isRequestedSessionIdFromURL() {
\r
490 // TODO Auto-generated method stub
\r
494 public boolean isRequestedSessionIdFromUrl() {
\r
495 // TODO Auto-generated method stub
\r
500 public ServletContext getServletContext() {
\r
501 // TODO Auto-generated method stub
\r
506 public AsyncContext startAsync() throws IllegalStateException {
\r
507 // TODO Auto-generated method stub
\r
512 public AsyncContext startAsync(ServletRequest servletRequest,
\r
513 ServletResponse servletResponse) throws IllegalStateException {
\r
514 // TODO Auto-generated method stub
\r
519 public boolean isAsyncStarted() {
\r
520 // TODO Auto-generated method stub
\r
525 public boolean isAsyncSupported() {
\r
526 // TODO Auto-generated method stub
\r
531 public AsyncContext getAsyncContext() {
\r
532 // TODO Auto-generated method stub
\r
537 public DispatcherType getDispatcherType() {
\r
538 // TODO Auto-generated method stub
\r
543 public boolean authenticate(HttpServletResponse response)
\r
544 throws IOException, ServletException {
\r
545 // TODO Auto-generated method stub
\r
550 public void login(String username, String password)
\r
551 throws ServletException {
\r
552 // TODO Auto-generated method stub
\r
557 public void logout() throws ServletException {
\r
558 // TODO Auto-generated method stub
\r
563 public Collection<Part> getParts() throws IOException, ServletException {
\r
564 // TODO Auto-generated method stub
\r
569 public Part getPart(String name) throws IOException, ServletException {
\r
570 // TODO Auto-generated method stub
\r