1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package org.onap.aaf.cadi.lur.aaf.test;
\r
25 import static org.junit.Assert.assertEquals;
\r
27 import java.io.BufferedReader;
\r
28 import java.io.IOException;
\r
29 import java.io.UnsupportedEncodingException;
\r
30 import java.net.HttpURLConnection;
\r
31 import java.security.Principal;
\r
32 import java.util.Collection;
\r
33 import java.util.Enumeration;
\r
34 import java.util.Locale;
\r
35 import java.util.Map;
\r
37 import javax.servlet.AsyncContext;
\r
38 import javax.servlet.DispatcherType;
\r
39 import javax.servlet.RequestDispatcher;
\r
40 import javax.servlet.ServletContext;
\r
41 import javax.servlet.ServletException;
\r
42 import javax.servlet.ServletInputStream;
\r
43 import javax.servlet.ServletRequest;
\r
44 import javax.servlet.ServletResponse;
\r
45 import javax.servlet.http.Cookie;
\r
46 import javax.servlet.http.HttpServletRequest;
\r
47 import javax.servlet.http.HttpServletResponse;
\r
48 import javax.servlet.http.HttpSession;
\r
49 import javax.servlet.http.Part;
\r
51 import org.junit.BeforeClass;
\r
52 import org.junit.Test;
\r
53 import org.onap.aaf.cadi.CadiException;
\r
54 import org.onap.aaf.cadi.Lur;
\r
55 import org.onap.aaf.cadi.Permission;
\r
56 import org.onap.aaf.cadi.PropAccess;
\r
57 import org.onap.aaf.cadi.Symm;
\r
58 import org.onap.aaf.cadi.Taf.LifeForm;
\r
59 import org.onap.aaf.cadi.aaf.AAFPermission;
\r
60 import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
\r
61 import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
\r
62 import org.onap.aaf.cadi.aaf.v2_0.AAFTaf;
\r
63 import org.onap.aaf.cadi.locator.DNSLocator;
\r
64 import org.onap.aaf.cadi.lur.ConfigPrincipal;
\r
65 import org.onap.aaf.cadi.lur.LocalPermission;
\r
66 import org.onap.aaf.cadi.taf.TafResp;
\r
68 public class JU_Lur2_0Call {
\r
69 private static AAFConHttp aaf;
\r
70 private static PropAccess access;
\r
73 public static void setUpBeforeClass() throws Exception {
\r
74 access = new PropAccess();
\r
75 aaf = new AAFConHttp(access,new DNSLocator(access,"https","localhost","8100"));
\r
76 aaf.basicAuth("testid", "whatever");
\r
80 public void test() throws Exception {
\r
82 AAFLurPerm aafLur = aaf.newLur();
\r
84 Principal pri = new ConfigPrincipal("testid@aaf.att.com","whatever");
\r
85 for (int i = 0; i < 10; ++i) {
\r
86 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),true);
\r
87 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|write"),false);
\r
88 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|read"),true);
\r
89 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|read"),true);
\r
91 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","write"),true);
\r
92 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","write"),false);
\r
93 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","read"),true);
\r
94 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","read"),true);
\r
96 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum.*|read"),true);
\r
97 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
\r
98 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true);
\r
100 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum.*","read"),true);
\r
101 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
\r
103 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum[Qq]uat|read"),true);
\r
104 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
\r
105 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
\r
106 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
\r
108 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum[Qq]uat","read"),true);
\r
109 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
\r
110 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
\r
111 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
\r
114 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my.nstance|!wr*"),true);
\r
115 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
\r
117 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
\r
119 //Maitrayee, aren't we going to have issues if we do RegExp with "."?
\r
120 //Is it too expensive to only do Reg Ex in presence of special characters, []{}*, etc? Not sure this helps for GRID.
\r
121 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kum.quat|read"),true);
\r
122 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum..uat|read"),true);
\r
124 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true); // ok if Stored Action is "*"
\r
127 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:!my.*|write"),true); // ok if Stored Action is "*"
\r
128 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*|write"),false); // not ok if key lengths don't match "*"
\r
129 print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:myCF|write"),true); // ok if Stored Action is "*"
\r
130 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:!my.*","write"),true); // ok if Stored Action is "*"
\r
131 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:myCF","write"),true); // ok if Stored Action is "*"
\r
132 print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*","write"),false); // not ok if key lengths don't match
\r
136 print(aafLur, pri, new LocalPermission("bogus"),false);
\r
139 // Thread.sleep(7000);
\r
140 // } catch (InterruptedException e) {
\r
141 // e.printStackTrace();
\r
143 for (int i = 0; i < 10; ++i)
\r
144 print(aafLur, pri, new LocalPermission("supergroup"),false);
\r
146 System.out.println("All Done");
\r
149 public void testTaf() throws Exception {
\r
150 AAFTaf<?> aaft = new AAFTaf<HttpURLConnection>(aaf,true);
\r
154 resp = aaft.validate(LifeForm.CBLF, new Req(), null);
\r
155 assertEquals(TafResp.RESP.TRY_AUTHENTICATING, resp.isAuthenticated());
\r
157 String auth = "Basic " + Symm.base64.encode("testid:whatever");
\r
158 resp = aaft.validate(LifeForm.CBLF, new Req("Authorization",auth), null);
\r
159 assertEquals(TafResp.RESP.IS_AUTHENTICATED, resp.isAuthenticated());
\r
163 // public void testRole() throws CadiException {
\r
164 // TestAccess ta = new TestAccess();
\r
165 // AAFLurRole1_0 aafLur = new AAFLurRole1_0(
\r
167 //// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=UAT/routeOffer=BAU_SE",
\r
168 // "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=DEV/routeOffer=D1",
\r
169 // "m12345", "m12345pass", 50000, // dme Time
\r
170 // // 5*60000); // 5 minutes User Expiration
\r
171 // 50000, // 5 seconds after Expiration
\r
172 // 200); // High Count of items.. These do not take much memory
\r
174 // Principal pri = new ConfigPrincipal("xy1234","whatever);
\r
175 // for (int i = 0; i < 10; ++i) {
\r
176 //// print(aafLur, pri, new LocalPermission("*|*|*|com.att.authz"));
\r
177 // print(aafLur, pri, new LocalPermission("service|myInstance|write"),false);
\r
178 // print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),false);
\r
179 // print(aafLur, pri, new LocalPermission("com.att.cadi"),true);
\r
180 // print(aafLur, pri, new LocalPermission("global"),true);
\r
181 // print(aafLur, pri, new LocalPermission("kumquat"),false);
\r
184 // print(aafLur, pri, new LocalPermission("bogus"),false);
\r
186 // for (int i = 0; i < 10; ++i)
\r
187 // print(aafLur, pri, new LocalPermission("supergroup"),false);
\r
189 // System.out.println("All Done");
\r
193 private void print(Lur aafLur, Principal pri, Permission perm, boolean shouldBe)
\r
194 throws CadiException {
\r
195 long start = System.nanoTime();
\r
198 boolean ok = aafLur.fish(pri, perm);
\r
200 assertEquals(shouldBe,ok);
\r
201 float ms = (System.nanoTime() - start) / 1000000f;
\r
203 System.out.println("Yes, part of " + perm.getKey() + " (" + ms
\r
206 System.out.println("No, not part of " + perm.getKey() + " (" + ms
\r
211 @SuppressWarnings("rawtypes")
\r
212 public class Req implements HttpServletRequest {
\r
213 private String[] headers;
\r
215 public Req(String ... headers) {
\r
216 this.headers = headers;
\r
219 public Object getAttribute(String name) {
\r
220 // TODO Auto-generated method stub
\r
224 @SuppressWarnings("unchecked")
\r
225 public Enumeration getAttributeNames() {
\r
226 // TODO Auto-generated method stub
\r
230 public String getCharacterEncoding() {
\r
231 // TODO Auto-generated method stub
\r
235 public void setCharacterEncoding(String env)
\r
236 throws UnsupportedEncodingException {
\r
237 // TODO Auto-generated method stub
\r
241 public int getContentLength() {
\r
242 // TODO Auto-generated method stub
\r
246 public String getContentType() {
\r
247 // TODO Auto-generated method stub
\r
251 public ServletInputStream getInputStream() throws IOException {
\r
252 // TODO Auto-generated method stub
\r
256 public String getParameter(String name) {
\r
257 // TODO Auto-generated method stub
\r
261 @SuppressWarnings("unchecked")
\r
262 public Enumeration getParameterNames() {
\r
263 // TODO Auto-generated method stub
\r
267 public String[] getParameterValues(String name) {
\r
268 // TODO Auto-generated method stub
\r
272 @SuppressWarnings("unchecked")
\r
273 public Map getParameterMap() {
\r
274 // TODO Auto-generated method stub
\r
278 public String getProtocol() {
\r
279 // TODO Auto-generated method stub
\r
283 public String getScheme() {
\r
284 // TODO Auto-generated method stub
\r
288 public String getServerName() {
\r
289 // TODO Auto-generated method stub
\r
293 public int getServerPort() {
\r
294 // TODO Auto-generated method stub
\r
298 public BufferedReader getReader() throws IOException {
\r
299 // TODO Auto-generated method stub
\r
303 public String getRemoteAddr() {
\r
304 // TODO Auto-generated method stub
\r
308 public String getRemoteHost() {
\r
309 // TODO Auto-generated method stub
\r
313 public void setAttribute(String name, Object o) {
\r
314 // TODO Auto-generated method stub
\r
318 public void removeAttribute(String name) {
\r
319 // TODO Auto-generated method stub
\r
323 public Locale getLocale() {
\r
324 // TODO Auto-generated method stub
\r
328 @SuppressWarnings("unchecked")
\r
329 public Enumeration getLocales() {
\r
330 // TODO Auto-generated method stub
\r
334 public boolean isSecure() {
\r
335 // TODO Auto-generated method stub
\r
339 public RequestDispatcher getRequestDispatcher(String path) {
\r
340 // TODO Auto-generated method stub
\r
344 public String getRealPath(String path) {
\r
345 // TODO Auto-generated method stub
\r
349 public int getRemotePort() {
\r
350 // TODO Auto-generated method stub
\r
354 public String getLocalName() {
\r
355 // TODO Auto-generated method stub
\r
359 public String getLocalAddr() {
\r
360 // TODO Auto-generated method stub
\r
364 public int getLocalPort() {
\r
365 // TODO Auto-generated method stub
\r
369 public String getAuthType() {
\r
370 // TODO Auto-generated method stub
\r
374 public Cookie[] getCookies() {
\r
375 // TODO Auto-generated method stub
\r
379 public long getDateHeader(String name) {
\r
380 // TODO Auto-generated method stub
\r
384 public String getHeader(String name) {
\r
385 for(int i=1;i<headers.length;i=i+2) {
\r
386 if(headers[i-1].equals(name)) return headers[i];
\r
391 @SuppressWarnings("unchecked")
\r
392 public Enumeration getHeaders(String name) {
\r
393 // TODO Auto-generated method stub
\r
397 @SuppressWarnings("unchecked")
\r
398 public Enumeration getHeaderNames() {
\r
399 // TODO Auto-generated method stub
\r
403 public int getIntHeader(String name) {
\r
404 // TODO Auto-generated method stub
\r
408 public String getMethod() {
\r
409 // TODO Auto-generated method stub
\r
413 public String getPathInfo() {
\r
414 // TODO Auto-generated method stub
\r
418 public String getPathTranslated() {
\r
419 // TODO Auto-generated method stub
\r
423 public String getContextPath() {
\r
424 // TODO Auto-generated method stub
\r
428 public String getQueryString() {
\r
429 // TODO Auto-generated method stub
\r
433 public String getRemoteUser() {
\r
434 // TODO Auto-generated method stub
\r
438 public boolean isUserInRole(String role) {
\r
439 // TODO Auto-generated method stub
\r
443 public Principal getUserPrincipal() {
\r
444 // TODO Auto-generated method stub
\r
448 public String getRequestedSessionId() {
\r
449 // TODO Auto-generated method stub
\r
453 public String getRequestURI() {
\r
454 // TODO Auto-generated method stub
\r
458 public StringBuffer getRequestURL() {
\r
459 // TODO Auto-generated method stub
\r
463 public String getServletPath() {
\r
464 // TODO Auto-generated method stub
\r
468 public HttpSession getSession(boolean create) {
\r
469 // TODO Auto-generated method stub
\r
473 public HttpSession getSession() {
\r
474 // TODO Auto-generated method stub
\r
478 public boolean isRequestedSessionIdValid() {
\r
479 // TODO Auto-generated method stub
\r
483 public boolean isRequestedSessionIdFromCookie() {
\r
484 // TODO Auto-generated method stub
\r
488 public boolean isRequestedSessionIdFromURL() {
\r
489 // TODO Auto-generated method stub
\r
493 public boolean isRequestedSessionIdFromUrl() {
\r
494 // TODO Auto-generated method stub
\r
499 public ServletContext getServletContext() {
\r
500 // TODO Auto-generated method stub
\r
505 public AsyncContext startAsync() throws IllegalStateException {
\r
506 // TODO Auto-generated method stub
\r
511 public AsyncContext startAsync(ServletRequest servletRequest,
\r
512 ServletResponse servletResponse) throws IllegalStateException {
\r
513 // TODO Auto-generated method stub
\r
518 public boolean isAsyncStarted() {
\r
519 // TODO Auto-generated method stub
\r
524 public boolean isAsyncSupported() {
\r
525 // TODO Auto-generated method stub
\r
530 public AsyncContext getAsyncContext() {
\r
531 // TODO Auto-generated method stub
\r
536 public DispatcherType getDispatcherType() {
\r
537 // TODO Auto-generated method stub
\r
542 public boolean authenticate(HttpServletResponse response)
\r
543 throws IOException, ServletException {
\r
544 // TODO Auto-generated method stub
\r
549 public void login(String username, String password)
\r
550 throws ServletException {
\r
551 // TODO Auto-generated method stub
\r
556 public void logout() throws ServletException {
\r
557 // TODO Auto-generated method stub
\r
562 public Collection<Part> getParts() throws IOException, ServletException {
\r
563 // TODO Auto-generated method stub
\r
568 public Part getPart(String name) throws IOException, ServletException {
\r
569 // TODO Auto-generated method stub
\r