2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.aai.auth;
23 import static org.junit.Assert.*;
25 import org.junit.Before;
26 import org.junit.Test;
27 import org.onap.aai.AAISetup;
28 import org.onap.aai.auth.exceptions.AAIUnrecognizedFunctionException;
30 public class AAIAuthCoreTest extends AAISetup {
32 private AAIAuthCore authCore;
36 authCore = new AAIAuthCore("/aai");
40 public void getAuthPolicyFunctionNameTest() {
42 String uri = "/aai/v3/search/edge-tag-query";
43 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
45 uri = "/aai/v10/search/edge-tag-query";
46 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
48 uri = "/aai/search/model";
49 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
51 uri = "/aai/v9/cloud-infrastructure/cloud-regions/cloud-region/somecloudregion/some-cloud-owner";
52 assertEquals("Get aai function name from " + uri, "cloud-infrastructure", authCore.getAuthPolicyFunctName(uri));
54 uri = "/aai/v8/network/pnfs/pnf/ff4ca01orc/p-interfaces";
55 assertEquals("Get aai function name from " + uri, "network", authCore.getAuthPolicyFunctName(uri));
57 uri = "/aai/util/echo";
58 assertEquals("Get aai function name from " + uri, "util", authCore.getAuthPolicyFunctName(uri));
61 assertEquals("Get aai function name from " + uri, "tools", authCore.getAuthPolicyFunctName(uri));
63 uri = "/aai/v12/bulk/single-transaction";
64 assertEquals("Get aai function name from " + uri, "bulk", authCore.getAuthPolicyFunctName(uri));
69 public void validUsernameAuthTest() throws AAIUnrecognizedFunctionException {
70 assertTrue(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
74 public void validUsernameInvalidHttpMethodAuthTest() throws AAIUnrecognizedFunctionException {
75 assertFalse(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", ""));
78 @Test(expected = AAIUnrecognizedFunctionException.class)
79 public void validUsernameInvalidFunctionInURIAuthTest() throws AAIUnrecognizedFunctionException {
80 authCore.authorize("testUser".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "");
84 public void invalidUsernameAuthTest() throws AAIUnrecognizedFunctionException {
85 assertFalse(authCore.authorize("invlaidTestUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
89 public void validUsernameIsTheExactWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
90 assertTrue(authCore.authorize("testWildcardId".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
94 public void validUsernameContainsTheWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
95 assertTrue(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
96 "PUT", "", "aafWildCardIssuer"));
100 public void validUsernameContainsTheWildcardIdInvalidIssuerAuthTest() throws AAIUnrecognizedFunctionException {
101 assertFalse(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
102 "PUT", "", "invalidIssuer"));
106 public void invalidUsernameContainsRegularUsernameAuthTest() throws AAIUnrecognizedFunctionException {
108 authCore.authorize("cn=blah, testUser, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
112 public void haProxyUsernameAuthTest() throws AAIUnrecognizedFunctionException {
113 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/util/echo", "GET", ""));
117 public void haProxyUsernameInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
118 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
122 public void validUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
123 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
124 "testUser".toLowerCase()));
128 public void validUsernameInvalidHttpMethodViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
129 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "POST",
130 "testUser".toLowerCase()));
133 @Test(expected = AAIUnrecognizedFunctionException.class)
134 public void validUsernameInvalidFunctionInURIViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
135 authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT",
136 "testUser".toLowerCase());
140 public void invalidUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
141 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
142 "invlaidTestUser".toLowerCase()));
146 public void validUsernameIsTheExactWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
147 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
148 "testWildcardId".toLowerCase()));
152 public void validUsernameContainsTheWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
153 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
154 "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
158 public void invalidUsernameContainsRegularUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
159 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
160 "cn=blah, testUser, O=".toLowerCase()));
164 public void haProxyUsernameTwiceAuthTest() throws AAIUnrecognizedFunctionException {
165 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
166 "ha-proxy-user".toLowerCase()));
170 public void haProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
171 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/util/echo", "GET", "",
172 "aafWildCardIssuer"));
176 public void haProxyWildcardIdInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
177 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
178 "/aai/v0/testFunction/someUri", "PUT", ""));
182 public void validUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
183 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
184 "PUT", "testUser".toLowerCase(), "aafWildCardIssuer"));
188 public void validUsernameInvalidHttpMethodViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
189 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
190 "/aai/v0/testFunction/someUri", "POST", "testUser".toLowerCase()));
193 @Test(expected = AAIUnrecognizedFunctionException.class)
194 public void validUsernameInvalidFunctionInURIViaHaProxyWildcardIdAuthTest()
195 throws AAIUnrecognizedFunctionException {
196 authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT",
197 "testUser".toLowerCase());
201 public void invalidUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
202 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
203 "/aai/v0/testFunction/someUri", "PUT", "invlaidTestUser".toLowerCase()));
207 public void validUsernameIsTheExactWildcardIdViaHaProxyWildcardIdAuthTest()
208 throws AAIUnrecognizedFunctionException {
209 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
210 "PUT", "testWildcardId".toLowerCase(), "aafWildCardIssuer"));
214 public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdAuthTest()
215 throws AAIUnrecognizedFunctionException {
216 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
217 "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
221 public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdInvalidIssuerAuthTest()
222 throws AAIUnrecognizedFunctionException {
223 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
224 "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "invalidIssuer"));
228 public void invalidUsernameContainsRegularUsernameViaHaProxyWildcardIdAuthTest()
229 throws AAIUnrecognizedFunctionException {
230 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
231 "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testUser, O=".toLowerCase()));