1 /*******************************************************************************
2 * ============LICENSE_START====================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
21 ******************************************************************************/
23 package org.onap.aaf.auth.validation.test;
25 import static org.junit.Assert.*;
26 import static org.mockito.Mockito.*;
28 import java.lang.reflect.InvocationTargetException;
29 import java.lang.reflect.Method;
30 import java.util.regex.Pattern;
32 import static org.mockito.Matchers.*;
33 import org.mockito.Mock;
35 import org.junit.Before;
36 import org.junit.Test;
37 import org.junit.Test;
38 import org.onap.aaf.auth.env.AuthzTrans;
39 import org.onap.aaf.auth.env.AuthzTransOnlyFilter;
40 import org.onap.aaf.auth.layer.Result;
41 import org.onap.aaf.auth.validation.Validator;
42 import org.onap.aaf.cadi.principal.TaggedPrincipal;
44 import junit.framework.Assert;
46 public class JU_Validator {
49 String base = "\\x25\\x28\\x29\\x2C-\\x2E\\x30-\\x39\\x3D\\x40-\\x5A\\x5F\\x61-\\x7A";
53 validator = new Validator();
57 public void testNullOrBlank() {
58 validator.nullOrBlank(null, "str");
59 validator.nullOrBlank("test", "");
60 validator.nullOrBlank("test", null);
64 public void testIsNull() {
65 Object o = new Object();
66 validator.isNull(null, null);
67 validator.isNull(null, o);
71 public void testDescription() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
72 Class c = validator.getClass();
73 Class[] cArg = new Class[2];
74 cArg[0] = String.class;
75 cArg[1] = String.class; //Steps to test a protected method
76 Method descriptionMethod = c.getDeclaredMethod("description", cArg);
77 descriptionMethod.setAccessible(true);
78 descriptionMethod.invoke(validator,"test", "test1");
79 descriptionMethod.invoke(validator,null, null);
80 descriptionMethod.invoke(validator,null, "[\\\\x25\\\\x28\\\\x29\\\\x2C-\\\\x2E\\\\x30-\\\\x39\\\\x3D\\\\x40-\\\\x5A\\\\x5F\\\\x61-\\\\x7A\\\\x20]+");
86 public void testPermType() {
87 Assert.assertNotNull(validator.permType("[\\\\w.-]+"));
88 Assert.assertNotNull(validator.permType(null));
89 Assert.assertNotNull(validator.permType(""));
90 Assert.assertNotNull(validator.permType("aewfew"));
94 public void testPermType1() {
95 Assert.assertNotNull(validator.permType("[\\\\w.-]+",null));
96 Assert.assertNotNull(validator.permType(null,null));
97 Assert.assertNotNull(validator.permType("","test"));
98 Assert.assertNotNull(validator.permType("aewfew","test"));
102 public void testPermInstance() {
104 String middle = "]+[\\\\*]*|\\\\*|(([:/]\\\\*)|([:/][!]{0,1}[";
105 Assert.assertNotNull(validator.permInstance("[" + base + middle + base + "]+[\\\\*]*[:/]*))+"));
106 Assert.assertNotNull(validator.permInstance(null));
107 Assert.assertNotNull(validator.permInstance(""));
108 Assert.assertNotNull(validator.permInstance("test"));
112 public void testErr() {
113 Assert.assertFalse(validator.err());
114 validator.isNull("test", null);
115 Assert.assertTrue(validator.err());
119 public void testErrs() {
120 validator.isNull("test", null);
121 Assert.assertNotNull(validator.errs());
125 public void testPermAction() {
126 Assert.assertNotNull(validator.permAction("[" + base + "]+" + "|\\\\*"));
127 Assert.assertNotNull(validator.permAction("test"));
131 public void testRole() {
132 Assert.assertNotNull(validator.role("[\\\\w.-]+"));
133 Assert.assertNotNull(validator.role(null));
134 Assert.assertNotNull(validator.role(""));
135 Assert.assertNotNull(validator.role("aewfew"));
139 public void testNs() {
140 Assert.assertNotNull(validator.ns("[\\\\w.-]+"));
141 Assert.assertNotNull(validator.ns(""));
142 Assert.assertNotNull(validator.ns(".access"));
146 public void testKey() {
147 Assert.assertNotNull(validator.key("[\\\\w.-]+"));
148 Assert.assertNotNull(validator.key(""));
149 Assert.assertNotNull(validator.key(".access"));
153 public void testValue() {
154 Assert.assertNotNull(validator.value(base));
155 Assert.assertNotNull(validator.value(""));
156 Assert.assertNotNull(validator.value(".access"));
160 public void testNotOK() {
161 Result<?> test = mock(Result.class);
162 validator.isNull("test", null);
163 when(test.notOK()).thenReturn(true);
164 Assert.assertNotNull(validator.notOK(null));
165 Assert.assertNotNull(validator.notOK(test));
169 public void testIntRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
170 Class c = validator.getClass();
171 Class[] cArg = new Class[4];
172 cArg[0] = String.class;
175 cArg[3] = int.class; //Steps to test a protected method
176 Method intRangeMethod = c.getDeclaredMethod("intRange", cArg);
177 intRangeMethod.setAccessible(true);
178 intRangeMethod.invoke(validator,"Test",5,1,10);
179 intRangeMethod.invoke(validator,"Test",1,5,10);
180 intRangeMethod.invoke(validator,"Test",11,5,10);
181 intRangeMethod.invoke(validator,"Test",5,6,4);
185 public void testFloatRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
186 Class c = validator.getClass();
187 Class[] cArg = new Class[4];
188 cArg[0] = String.class;
189 cArg[1] = float.class;
190 cArg[2] = float.class;
191 cArg[3] = float.class; //Steps to test a protected method
192 Method floatRangeMethod = c.getDeclaredMethod("floatRange", cArg);
193 floatRangeMethod.setAccessible(true);
194 floatRangeMethod.invoke(validator,"Test",5f,1f,10f);
195 floatRangeMethod.invoke(validator,"Test",1f,5f,10f);
196 floatRangeMethod.invoke(validator,"Test",11f,5f,10f);
197 floatRangeMethod.invoke(validator,"Test",5f,6f,4f);
202 assertTrue(Validator.ACTION_CHARS.matcher("HowdyDoody").matches());
203 assertFalse(Validator.ACTION_CHARS.matcher("Howd?yDoody").matches());
204 assertTrue(Validator.ACTION_CHARS.matcher("_HowdyDoody").matches());
205 assertTrue(Validator.INST_CHARS.matcher("HowdyDoody").matches());
206 assertFalse(Validator.INST_CHARS.matcher("Howd?yDoody").matches());
207 assertTrue(Validator.INST_CHARS.matcher("_HowdyDoody").matches());
210 assertTrue(Validator.ACTION_CHARS.matcher("*").matches());
211 assertTrue(Validator.INST_CHARS.matcher("*").matches());
212 assertFalse(Validator.ACTION_CHARS.matcher(":*").matches());
213 assertTrue(Validator.INST_CHARS.matcher(":*").matches());
214 assertFalse(Validator.ACTION_CHARS.matcher(":*:*").matches());
215 assertTrue(Validator.INST_CHARS.matcher(":*:*").matches());
217 assertFalse(Validator.ACTION_CHARS.matcher(":hello").matches());
218 assertTrue(Validator.INST_CHARS.matcher(":hello").matches());
219 assertFalse(Validator.INST_CHARS.matcher("hello:").matches());
220 assertFalse(Validator.INST_CHARS.matcher("hello:d").matches());
222 assertFalse(Validator.ACTION_CHARS.matcher(":hello:*").matches());
223 assertTrue(Validator.INST_CHARS.matcher(":hello:*").matches());
224 assertFalse(Validator.ACTION_CHARS.matcher(":hello:d*:*").matches());
225 assertFalse(Validator.INST_CHARS.matcher(":hello:d*d:*").matches());
226 assertTrue(Validator.INST_CHARS.matcher(":hello:d*:*").matches());
227 assertFalse(Validator.ACTION_CHARS.matcher("HowdyDoody*").matches());
228 assertFalse(Validator.INST_CHARS.matcher("Howdy*Doody").matches());
229 assertTrue(Validator.INST_CHARS.matcher("HowdyDoody*").matches());
230 assertFalse(Validator.ACTION_CHARS.matcher("*HowdyDoody").matches());
231 assertFalse(Validator.INST_CHARS.matcher("*HowdyDoody").matches());
232 assertFalse(Validator.ACTION_CHARS.matcher(":h*").matches());
233 assertFalse(Validator.INST_CHARS.matcher(":h*h*").matches());
234 assertTrue(Validator.INST_CHARS.matcher(":h*").matches());
235 assertFalse(Validator.ACTION_CHARS.matcher(":h:h*:*").matches());
236 assertTrue(Validator.INST_CHARS.matcher(":h:h*:*").matches());
237 assertFalse(Validator.INST_CHARS.matcher(":h:h*h:*").matches());
238 assertFalse(Validator.INST_CHARS.matcher(":h:h*h*:*").matches());
239 assertFalse(Validator.ACTION_CHARS.matcher(":h:*:*h").matches());
240 assertFalse(Validator.INST_CHARS.matcher(":h:*:*h").matches());
241 assertTrue(Validator.INST_CHARS.matcher(":com.test.*:ns:*").matches());
244 assertFalse(Validator.ACTION_CHARS.matcher("1234+235gd").matches());
245 assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd").matches());
246 assertTrue(Validator.ACTION_CHARS.matcher("1234-23_5gd").matches());
247 assertTrue(Validator.ACTION_CHARS.matcher("1234-235g,d").matches());
248 assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd(Version12)").matches());
249 assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
250 assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
251 assertFalse(Validator.ACTION_CHARS.matcher("1234-23 5gd").matches());
252 assertFalse(Validator.ACTION_CHARS.matcher("1234-235gd ").matches());
253 assertFalse(Validator.ACTION_CHARS.matcher(" 1234-235gd").matches());
254 assertFalse(Validator.ACTION_CHARS.matcher("").matches());
255 assertFalse(Validator.ACTION_CHARS.matcher(" ").matches());
257 // Allow % and = (Needed for Escaping & Base64 usages) jg
258 assertTrue(Validator.ACTION_CHARS.matcher("1234%235g=d").matches());
259 assertFalse(Validator.ACTION_CHARS.matcher(":1234%235g=d").matches());
260 assertTrue(Validator.INST_CHARS.matcher("1234%235g=d").matches());
261 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d").matches());
262 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:%20==").matches());
263 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:=%23").matches());
264 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:*:=%23").matches());
265 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:*").matches());
266 assertTrue(Validator.INST_CHARS.matcher(":*:==%20:*").matches());
268 // Allow / instead of : (more natural instance expression) jg
269 assertFalse(Validator.INST_CHARS.matcher("1234/a").matches());
270 assertTrue(Validator.INST_CHARS.matcher("/1234/a").matches());
271 assertTrue(Validator.INST_CHARS.matcher("/1234/*/a/").matches());
272 assertTrue(Validator.INST_CHARS.matcher("/1234//a").matches());
273 assertFalse(Validator.ACTION_CHARS.matcher("1234/a").matches());
274 assertFalse(Validator.ACTION_CHARS.matcher("/1234/*/a/").matches());
275 assertFalse(Validator.ACTION_CHARS.matcher("1234//a").matches());
278 assertFalse(Validator.INST_CHARS.matcher("1234+235gd").matches());
279 assertTrue(Validator.INST_CHARS.matcher("1234-235gd").matches());
280 assertTrue(Validator.INST_CHARS.matcher("1234-23_5gd").matches());
281 assertTrue(Validator.INST_CHARS.matcher("1234-235g,d").matches());
282 assertTrue(Validator.INST_CHARS.matcher("m1234@shb.dd.com").matches());
283 assertTrue(Validator.INST_CHARS.matcher("1234-235gd(Version12)").matches());
284 assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
285 assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
286 assertFalse(Validator.INST_CHARS.matcher("").matches());
289 for( char c=0x20;c<0x7F;++c) {
295 continue; // test separately
305 assertFalse(Validator.ID_CHARS.matcher("abc").matches());
306 assertFalse(Validator.ID_CHARS.matcher("").matches());
307 assertTrue(Validator.ID_CHARS.matcher("abc@att.com").matches());
308 assertTrue(Validator.ID_CHARS.matcher("ab-me@att.com").matches());
309 assertTrue(Validator.ID_CHARS.matcher("ab-me_.x@att._-com").matches());
311 assertFalse(Validator.NAME_CHARS.matcher("ab-me_.x@att._-com").matches());
312 assertTrue(Validator.NAME_CHARS.matcher("ab-me").matches());
313 assertTrue(Validator.NAME_CHARS.matcher("ab-me_.xatt._-com").matches());
317 assertTrue(Validator.INST_CHARS.matcher(
318 "/!com.att.*/role/write").matches());
319 assertTrue(Validator.INST_CHARS.matcher(
320 ":!com.att.*:role:write").matches());