2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.aai.aaf.auth;
23 import static org.junit.Assert.assertEquals;
24 import static org.junit.Assert.assertFalse;
25 import static org.junit.Assert.assertTrue;
27 import org.junit.Before;
28 import org.junit.Test;
29 import org.onap.aai.aaf.auth.exceptions.AAIUnrecognizedFunctionException;
31 public class AAIAuthCoreTest extends AAISetup {
33 private AAIAuthCore authCore;
37 authCore = new AAIAuthCore("/aai");
41 public void getAuthPolicyFunctionNameTest() {
43 String uri = "/aai/v3/search/edge-tag-query";
44 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
46 uri = "/aai/v10/search/edge-tag-query";
47 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
49 uri = "/aai/search/model";
50 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
52 uri = "/aai/v9/cloud-infrastructure/cloud-regions/cloud-region/somecloudregion/some-cloud-owner";
53 assertEquals("Get aai function name from " + uri, "cloud-infrastructure", authCore.getAuthPolicyFunctName(uri));
55 uri = "/aai/v8/network/pnfs/pnf/ff4ca01orc/p-interfaces";
56 assertEquals("Get aai function name from " + uri, "network", authCore.getAuthPolicyFunctName(uri));
58 uri = "/aai/util/echo";
59 assertEquals("Get aai function name from " + uri, "util", authCore.getAuthPolicyFunctName(uri));
62 assertEquals("Get aai function name from " + uri, "tools", authCore.getAuthPolicyFunctName(uri));
64 uri = "/aai/v12/bulk/single-transaction";
65 assertEquals("Get aai function name from " + uri, "bulk", authCore.getAuthPolicyFunctName(uri));
70 public void validUsernameAuthTest() throws AAIUnrecognizedFunctionException {
71 assertTrue(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
75 public void validUsernameInvalidHttpMethodAuthTest() throws AAIUnrecognizedFunctionException {
76 assertFalse(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", ""));
79 @Test(expected = AAIUnrecognizedFunctionException.class)
80 public void validUsernameInvalidFunctionInURIAuthTest() throws AAIUnrecognizedFunctionException {
81 authCore.authorize("testUser".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "");
85 public void invalidUsernameAuthTest() throws AAIUnrecognizedFunctionException {
86 assertFalse(authCore.authorize("invlaidTestUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
90 public void validUsernameIsTheExactWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
91 assertTrue(authCore.authorize("testWildcardId".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
95 public void validUsernameContainsTheWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
96 assertTrue(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
97 "PUT", "", "aafWildCardIssuer"));
101 public void validUsernameContainsTheWildcardIdInvalidIssuerAuthTest() throws AAIUnrecognizedFunctionException {
102 assertFalse(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
103 "PUT", "", "invalidIssuer"));
107 public void invalidUsernameContainsRegularUsernameAuthTest() throws AAIUnrecognizedFunctionException {
109 authCore.authorize("cn=blah, testUser, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
113 public void haProxyUsernameAuthTest() throws AAIUnrecognizedFunctionException {
114 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/util/echo", "GET", ""));
118 public void haProxyUsernameInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
119 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
123 public void validUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
124 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
125 "testUser".toLowerCase()));
129 public void validUsernameInvalidHttpMethodViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
130 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "POST",
131 "testUser".toLowerCase()));
134 @Test(expected = AAIUnrecognizedFunctionException.class)
135 public void validUsernameInvalidFunctionInURIViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
136 authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT",
137 "testUser".toLowerCase());
141 public void invalidUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
142 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
143 "invlaidTestUser".toLowerCase()));
147 public void validUsernameIsTheExactWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
148 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
149 "testWildcardId".toLowerCase()));
153 public void validUsernameContainsTheWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
154 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
155 "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
159 public void invalidUsernameContainsRegularUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
160 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
161 "cn=blah, testUser, O=".toLowerCase()));
165 public void haProxyUsernameTwiceAuthTest() throws AAIUnrecognizedFunctionException {
166 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
167 "ha-proxy-user".toLowerCase()));
171 public void haProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
172 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/util/echo", "GET", "",
173 "aafWildCardIssuer"));
177 public void haProxyWildcardIdInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
178 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
179 "/aai/v0/testFunction/someUri", "PUT", ""));
183 public void validUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
184 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
185 "PUT", "testUser".toLowerCase(), "aafWildCardIssuer"));
189 public void validUsernameInvalidHttpMethodViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
190 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
191 "/aai/v0/testFunction/someUri", "POST", "testUser".toLowerCase()));
194 @Test(expected = AAIUnrecognizedFunctionException.class)
195 public void validUsernameInvalidFunctionInURIViaHaProxyWildcardIdAuthTest()
196 throws AAIUnrecognizedFunctionException {
197 authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT",
198 "testUser".toLowerCase());
202 public void invalidUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
203 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
204 "/aai/v0/testFunction/someUri", "PUT", "invlaidTestUser".toLowerCase()));
208 public void validUsernameIsTheExactWildcardIdViaHaProxyWildcardIdAuthTest()
209 throws AAIUnrecognizedFunctionException {
210 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
211 "PUT", "testWildcardId".toLowerCase(), "aafWildCardIssuer"));
215 public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdAuthTest()
216 throws AAIUnrecognizedFunctionException {
217 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
218 "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
222 public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdInvalidIssuerAuthTest()
223 throws AAIUnrecognizedFunctionException {
224 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
225 "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "invalidIssuer"));
229 public void invalidUsernameContainsRegularUsernameViaHaProxyWildcardIdAuthTest()
230 throws AAIUnrecognizedFunctionException {
231 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
232 "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testUser, O=".toLowerCase()));