2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.service.test;
24 import static org.mockito.Mockito.*;
26 import java.nio.ByteBuffer;
27 import java.security.NoSuchAlgorithmException;
28 import java.util.GregorianCalendar;
29 import java.util.List;
31 import org.junit.Before;
32 import org.junit.Test;
33 import org.junit.runner.RunWith;
34 import org.mockito.Mock;
35 import org.mockito.Spy;
36 import org.mockito.runners.MockitoJUnitRunner;
37 import org.onap.aaf.auth.dao.cass.CredDAO;
38 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
40 import org.onap.aaf.auth.dao.hl.Question;
41 import org.onap.aaf.auth.env.AuthzTrans;
42 import org.onap.aaf.auth.layer.Result;
43 import org.onap.aaf.auth.org.OrganizationException;
44 import org.onap.aaf.cadi.Hash;
45 import org.onap.aaf.cadi.util.FQI;
47 import aaf.v2_0.CredRequest;
48 import junit.framework.Assert;
50 @RunWith(MockitoJUnitRunner.class)
51 public class JU_ServiceImpl_createUserCred extends JU_BaseServiceImpl {
53 private Result<CredDAO.Data> rcdd;
56 public void setUp() throws Exception {
61 public void validCreateNewIsOwner() throws OrganizationException {
62 CredRequest cr = credRequest1();
63 final String fqi = "bob@people.onap.org";
64 when(trans.user()).thenReturn(fqi);
65 when(org.isValidPassword(trans, cr.getId(),cr.getPassword())).thenReturn("");
66 when(org.isValidCred(trans, cr.getId())).thenReturn(true);
67 when(org.canHaveMultipleCreds(cr.getId())).thenReturn(true);
68 when(org.getIdentity(trans, cr.getId())).thenReturn(orgIdentity);
69 when(orgIdentity.isFound()).thenReturn(true);
70 final String ns = "org.onap.sample";
71 whenRole(trans, fqi, ns, "owner", false, 100);
72 when(question.nsDAO().read(trans, ns)).thenReturn(Result.ok(nsData(ns)));
73 when(question.credDAO().readID(trans, cr.getId())).thenReturn(Result.ok(emptyList(CredDAO.Data.class)));
74 when(question.credDAO().create(any(AuthzTrans.class), any(CredDAO.Data.class) )).thenReturn(Result.ok(credDataFound(cr,100)));
75 when(question.credDAO().readNS(trans, ns)).thenReturn(Result.ok(listOf(credDataFound(cr,100))));
76 Result<?> result = acsi.createUserCred(trans,cr);
77 // Owner may do FIRST Creds
78 Assert.assertEquals(Result.OK,result.status);
82 public void validCreateNewOnlyAdmin() throws OrganizationException {
83 CredRequest cr = credRequest1();
84 final String fqi = "bob@people.onap.org";
85 when(trans.user()).thenReturn(fqi);
86 when(org.isValidPassword(trans, cr.getId(),cr.getPassword())).thenReturn("");
87 when(org.isValidCred(trans, cr.getId())).thenReturn(true);
88 when(org.canHaveMultipleCreds(cr.getId())).thenReturn(true);
89 when(org.getIdentity(trans, cr.getId())).thenReturn(orgIdentity);
90 when(orgIdentity.isFound()).thenReturn(true);
91 final String ns = "org.onap.sample";
92 whenRole(trans,fqi,ns,"owner",false, 100);
93 whenRole(trans,fqi,ns,"admin",true, 100);
94 when(question.nsDAO().read(trans, ns)).thenReturn(Result.ok(nsData(ns)));
95 when(question.credDAO().readID(trans, cr.getId())).thenReturn(Result.ok(emptyList(CredDAO.Data.class)));
96 when(question.credDAO().create(any(AuthzTrans.class), any(CredDAO.Data.class) )).thenReturn(Result.ok(credDataFound(cr,100)));
97 when(question.credDAO().readNS(trans, ns)).thenReturn(Result.ok(listOf(credDataFound(cr,100))));
98 Result<?> result = acsi.createUserCred(trans,cr);
99 // Admins may not do FIRST Creds
100 Assert.assertEquals(Result.ERR_Denied,result.status);
104 public void validCreateExisting() throws OrganizationException {
105 CredRequest cr = credRequest1();
106 when(org.isValidPassword(trans, cr.getId(),cr.getPassword())).thenReturn("");
107 when(org.isValidCred(trans, cr.getId())).thenReturn(true);
108 when(org.canHaveMultipleCreds(cr.getId())).thenReturn(true);
109 when(org.getIdentity(trans, cr.getId())).thenReturn(orgIdentity);
110 when(orgIdentity.isFound()).thenReturn(true);
111 String ns = "org.onap.sample";
112 when(question.nsDAO().read(trans, ns)).thenReturn(Result.ok(nsData(ns)));
114 CredDAO.Data cdd = credDataFound(cr,100);
115 when(question.credDAO().create(any(AuthzTrans.class), any(CredDAO.Data.class) )).thenReturn(Result.ok(cdd));
116 when(question.credDAO().readID(trans, cr.getId())).thenReturn(Result.ok(listOf(cdd)));
118 Result<?> result = acsi.createUserCred(trans,cr);
119 Assert.assertEquals(Result.OK,result.status);
122 private CredRequest credRequest1() {
123 CredRequest cr = new CredRequest();
124 cr.setId("m12345@sample.onap.org");
125 cr.setPassword("BobAndWeave");
126 cr.setType(CredDAO.RAW);
130 private CredDAO.Data credDataFound(CredRequest cr, int days) {
131 CredDAO.Data cdd = new CredDAO.Data();
133 cdd.ns = FQI.reverseDomain(cr.getId());
136 cdd.type = CredDAO.BASIC_AUTH_SHA256;
138 cdd.cred = ByteBuffer.wrap(Hash.hashSHA256(cr.getPassword().getBytes()));
139 } catch (NoSuchAlgorithmException e) {
140 Assert.fail(e.getMessage());
142 GregorianCalendar gc = new GregorianCalendar();
143 gc.add(GregorianCalendar.DAY_OF_YEAR, days);
144 cdd.expires = gc.getTime();