2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.aaf.v2_0.test;
24 import static org.hamcrest.CoreMatchers.is;
25 import static org.junit.Assert.assertThat;
26 import static org.mockito.Mockito.when;
28 import java.io.ByteArrayOutputStream;
29 import java.io.PrintStream;
31 import javax.servlet.http.HttpServletRequest;
33 import org.junit.Before;
34 import org.junit.Test;
35 import org.mockito.Mock;
36 import org.mockito.MockitoAnnotations;
37 import org.onap.aaf.cadi.Access;
38 import org.onap.aaf.cadi.Lur;
39 import org.onap.aaf.cadi.PropAccess;
40 import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker;
41 import org.onap.aaf.cadi.config.Config;
42 import org.onap.aaf.cadi.principal.TaggedPrincipal;
43 import org.onap.aaf.cadi.taf.TafResp;
44 import org.onap.aaf.cadi.taf.TrustNotTafResp;
45 import org.onap.aaf.cadi.taf.TrustTafResp;
46 import org.onap.aaf.misc.env.Env;
48 public class JU_AAFTrustChecker {
50 private final static String type = "type";
51 private final static String instance = "instance";
52 private final static String action = "action";
53 private final static String key = type + '|' + instance + '|' + action;
54 private final static String name = "name";
55 private final static String otherName = "otherName";
57 private PropAccess access;
59 @Mock private Env envMock;
60 @Mock private TafResp trespMock;
61 @Mock private HttpServletRequest reqMock;
62 @Mock private TaggedPrincipal tpMock;
63 @Mock private Lur lurMock;
64 @Mock private TaggedPrincipal princMock;
68 MockitoAnnotations.initMocks(this);
69 access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
74 AAFTrustChecker trustChecker;
77 trustChecker = new AAFTrustChecker(access);
78 trustChecker = new AAFTrustChecker(envMock);
80 access.setProperty(Config.CADI_TRUST_PERM, "example");
81 when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn("example");
82 trustChecker = new AAFTrustChecker(access);
83 trustChecker = new AAFTrustChecker(envMock);
85 access.setProperty(Config.CADI_TRUST_PERM, key);
86 when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(key);
87 trustChecker = new AAFTrustChecker(access);
88 trustChecker = new AAFTrustChecker(envMock);
90 trustChecker.setLur(lurMock);
92 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
94 when(reqMock.getHeader(null)).thenReturn("comma,comma,comma");
95 when(trespMock.getAccess()).thenReturn(Access.NULL);
96 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
98 when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:colon,comma,comma");
99 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
101 when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:AS,comma,comma");
102 when(trespMock.getPrincipal()).thenReturn(tpMock);
103 when(tpMock.getName()).thenReturn(name);
104 when(lurMock.fish(princMock, null)).thenReturn(true);
105 TafResp tntResp = trustChecker.mayTrust(trespMock, reqMock);
107 assertThat(tntResp instanceof TrustNotTafResp, is(true));
108 assertThat(tntResp.toString(), is("name requested trust as colon, but does not have Authorization"));
110 when(reqMock.getHeader(null)).thenReturn(name + ":colon:colon:AS,comma,comma");
111 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
113 when(envMock.getProperty(Config.CADI_ALIAS, null)).thenReturn(name);
114 when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(null);
115 trustChecker = new AAFTrustChecker(envMock);
116 trustChecker.setLur(lurMock);
118 when(trespMock.getPrincipal()).thenReturn(princMock);
119 when(princMock.getName()).thenReturn(otherName);
120 when(lurMock.fish(princMock, null)).thenReturn(true);
121 TafResp ttResp = trustChecker.mayTrust(trespMock, reqMock);
122 assertThat(ttResp instanceof TrustTafResp, is(true));
123 assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));
125 when(princMock.getName()).thenReturn(name);
126 ttResp = trustChecker.mayTrust(trespMock, reqMock);
127 assertThat(ttResp instanceof TrustTafResp, is(true));
128 assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));