aai-core/src/test/java/org/onap/aai/auth/AAIAuthCoreTest.java

   1 /**
   2  * ============LICENSE_START=======================================================
   3  * org.onap.aai
   4  * ================================================================================
   5  * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *    http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.aai.auth;
  22
  23 import static org.junit.Assert.*;
  24
  25 import org.junit.Before;
  26 import org.junit.Test;
  27 import org.onap.aai.AAISetup;
  28 import org.onap.aai.auth.exceptions.AAIUnrecognizedFunctionException;
  29
  30 public class AAIAuthCoreTest extends AAISetup {
  31
  32     private AAIAuthCore authCore;
  33
  34     @Before
  35     public void setup() {
  36         authCore = new AAIAuthCore("/aai");
  37     }
  38
  39     @Test
  40     public void getAuthPolicyFunctionNameTest() {
  41
  42         String uri = "/aai/v3/search/edge-tag-query";
  43         assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
  44
  45         uri = "/aai/v10/search/edge-tag-query";
  46         assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
  47
  48         uri = "/aai/search/model";
  49         assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
  50
  51         uri = "/aai/v9/cloud-infrastructure/cloud-regions/cloud-region/somecloudregion/some-cloud-owner";
  52         assertEquals("Get aai function name from " + uri, "cloud-infrastructure", authCore.getAuthPolicyFunctName(uri));
  53
  54         uri = "/aai/v8/network/pnfs/pnf/ff4ca01orc/p-interfaces";
  55         assertEquals("Get aai function name from " + uri, "network", authCore.getAuthPolicyFunctName(uri));
  56
  57         uri = "/aai/util/echo";
  58         assertEquals("Get aai function name from " + uri, "util", authCore.getAuthPolicyFunctName(uri));
  59
  60         uri = "/aai/tools";
  61         assertEquals("Get aai function name from " + uri, "tools", authCore.getAuthPolicyFunctName(uri));
  62
  63         uri = "/aai/v12/bulk/single-transaction";
  64         assertEquals("Get aai function name from " + uri, "bulk", authCore.getAuthPolicyFunctName(uri));
  65
  66     }
  67
  68     @Test
  69     public void validUsernameAuthTest() throws AAIUnrecognizedFunctionException {
  70         assertTrue(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
  71     }
  72
  73     @Test
  74     public void validUsernameInvalidHttpMethodAuthTest() throws AAIUnrecognizedFunctionException {
  75         assertFalse(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", ""));
  76     }
  77
  78     @Test(expected = AAIUnrecognizedFunctionException.class)
  79     public void validUsernameInvalidFunctionInURIAuthTest() throws AAIUnrecognizedFunctionException {
  80         authCore.authorize("testUser".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "");
  81     }
  82
  83     @Test
  84     public void invalidUsernameAuthTest() throws AAIUnrecognizedFunctionException {
  85         assertFalse(authCore.authorize("invlaidTestUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
  86     }
  87
  88     @Test
  89     public void validUsernameIsTheExactWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
  90         assertTrue(authCore.authorize("testWildcardId".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
  91     }
  92
  93     @Test
  94     public void validUsernameContainsTheWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
  95         assertTrue(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
  96                 "PUT", "", "aafWildCardIssuer"));
  97     }
  98
  99     @Test
 100     public void validUsernameContainsTheWildcardIdInvalidIssuerAuthTest() throws AAIUnrecognizedFunctionException {
 101         assertFalse(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
 102                 "PUT", "", "invalidIssuer"));
 103     }
 104
 105     @Test
 106     public void invalidUsernameContainsRegularUsernameAuthTest() throws AAIUnrecognizedFunctionException {
 107         assertFalse(
 108                 authCore.authorize("cn=blah, testUser, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
 109     }
 110
 111     @Test
 112     public void haProxyUsernameAuthTest() throws AAIUnrecognizedFunctionException {
 113         assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/util/echo", "GET", ""));
 114     }
 115
 116     @Test
 117     public void haProxyUsernameInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
 118         assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
 119     }
 120
 121     @Test
 122     public void validUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 123         assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
 124                 "testUser".toLowerCase()));
 125     }
 126
 127     @Test
 128     public void validUsernameInvalidHttpMethodViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 129         assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "POST",
 130                 "testUser".toLowerCase()));
 131     }
 132
 133     @Test(expected = AAIUnrecognizedFunctionException.class)
 134     public void validUsernameInvalidFunctionInURIViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 135         authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT",
 136                 "testUser".toLowerCase());
 137     }
 138
 139     @Test
 140     public void invalidUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 141         assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
 142                 "invlaidTestUser".toLowerCase()));
 143     }
 144
 145     @Test
 146     public void validUsernameIsTheExactWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 147         assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
 148                 "testWildcardId".toLowerCase()));
 149     }
 150
 151     @Test
 152     public void validUsernameContainsTheWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 153         assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
 154                 "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
 155     }
 156
 157     @Test
 158     public void invalidUsernameContainsRegularUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 159         assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
 160                 "cn=blah, testUser, O=".toLowerCase()));
 161     }
 162
 163     @Test
 164     public void haProxyUsernameTwiceAuthTest() throws AAIUnrecognizedFunctionException {
 165         assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT",
 166                 "ha-proxy-user".toLowerCase()));
 167     }
 168
 169     @Test
 170     public void haProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 171         assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/util/echo", "GET", "",
 172                 "aafWildCardIssuer"));
 173     }
 174
 175     @Test
 176     public void haProxyWildcardIdInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
 177         assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
 178                 "/aai/v0/testFunction/someUri", "PUT", ""));
 179     }
 180
 181     @Test
 182     public void validUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 183         assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
 184                 "PUT", "testUser".toLowerCase(), "aafWildCardIssuer"));
 185     }
 186
 187     @Test
 188     public void validUsernameInvalidHttpMethodViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 189         assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
 190                 "/aai/v0/testFunction/someUri", "POST", "testUser".toLowerCase()));
 191     }
 192
 193     @Test(expected = AAIUnrecognizedFunctionException.class)
 194     public void validUsernameInvalidFunctionInURIViaHaProxyWildcardIdAuthTest()
 195             throws AAIUnrecognizedFunctionException {
 196         authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT",
 197                 "testUser".toLowerCase());
 198     }
 199
 200     @Test
 201     public void invalidUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 202         assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
 203                 "/aai/v0/testFunction/someUri", "PUT", "invlaidTestUser".toLowerCase()));
 204     }
 205
 206     @Test
 207     public void validUsernameIsTheExactWildcardIdViaHaProxyWildcardIdAuthTest()
 208             throws AAIUnrecognizedFunctionException {
 209         assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
 210                 "PUT", "testWildcardId".toLowerCase(), "aafWildCardIssuer"));
 211     }
 212
 213     @Test
 214     public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdAuthTest()
 215             throws AAIUnrecognizedFunctionException {
 216         assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri",
 217                 "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
 218     }
 219
 220     @Test
 221     public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdInvalidIssuerAuthTest()
 222             throws AAIUnrecognizedFunctionException {
 223         assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
 224                 "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "invalidIssuer"));
 225     }
 226
 227     @Test
 228     public void invalidUsernameContainsRegularUsernameViaHaProxyWildcardIdAuthTest()
 229             throws AAIUnrecognizedFunctionException {
 230         assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(),
 231                 "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testUser, O=".toLowerCase()));
 232     }
 233
 234 }