/**
- * ============LICENSE_START=======================================================
+ * ============LICENSE_START=======================================================
* org.onap.aai
* ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * Copyright © 2017-2018 European Software Marketing Ltd.
+ * Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (c) 2017-2019 European Software Marketing Ltd.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* limitations under the License.
* ============LICENSE_END=========================================================
*/
+
package org.onap.aai.babel;
-import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertThat;
import org.springframework.mock.web.MockHttpServletRequest;
/**
- * Tests @{link AAIMicroServiceAuth}
+ * Tests @{link AAIMicroServiceAuth}.
*/
public class MicroServiceAuthTest {
private static final String authPolicyFile = "auth_policy.json";
static {
- System.setProperty("CONFIG_HOME", System.getProperty("user.dir") + File.separator + "src/test/resources");
+ System.setProperty("CONFIG_HOME", "src/test/resources");
}
/**
- * Temporarily invalidate the default policy file and then try to initialise the authorisation class using the name
+ * Temporarily invalidate the default policy file and then try to initialize the authorization class using the name
* of a policy file that does not exist.
*
* @throws AAIAuthException
- * @throws IOException
+ * if the Auth policy file cannot be loaded
*/
@Test(expected = AAIAuthException.class)
- public void missingPolicyFile() throws AAIAuthException, IOException {
+ public void missingPolicyFile() throws AAIAuthException {
String defaultFile = AAIMicroServiceAuthCore.getDefaultAuthFileName();
try {
AAIMicroServiceAuthCore.setDefaultAuthFileName("invalid.default.file");
}
/**
- * Test loading of a temporary file created with the specified roles
+ * Test loading of a temporary file created with the specified roles.
*
* @throws AAIAuthException
+ * if the test creates invalid Auth Policy roles
* @throws IOException
+ * for I/O failures
* @throws JSONException
+ * if this test creates an invalid JSON object
*/
@Test
- public void createLocalAuthFile() throws AAIAuthException, IOException, JSONException {
+ public void createLocalAuthFile() throws JSONException, AAIAuthException, IOException {
JSONObject roles = createRoleObject("role", createUserObject("user"), createFunctionObject("func"));
- AAIMicroServiceAuth auth = createAuthService(roles);
- assertThat(auth.authorize("nosuchuser", "method:func"), is(false));
- assertThat(auth.authorize("user", "method:func"), is(true));
+ createAuthService(roles);
+ assertThat(AAIMicroServiceAuthCore.authorize("nosuchuser", "method:func"), is(false));
+ assertThat(AAIMicroServiceAuthCore.authorize("user", "method:func"), is(true));
}
/**
- * Test that the default policy file is loaded when a non-existent file is passed to the authorisation clas.
+ * Test that the default policy file is loaded when a non-existent file is passed to the authorisation class.
*
* @throws AAIAuthException
+ * if the Auth Policy cannot be loaded
*/
@Test
public void createAuthFromDefaultFile() throws AAIAuthException {
}
/**
- * Test loading of the policy file relative to CONFIG_HOME
+ * Test loading of the policy file relative to CONFIG_HOME.
*
* @throws AAIAuthException
+ * if the Auth Policy cannot be loaded
*/
@Test
public void createAuth() throws AAIAuthException {
@Test
public void testAuthUser() throws AAIAuthException {
- AAIMicroServiceAuth auth = createStandardAuth();
- assertThat(auth.authenticate(VALID_ADMIN_USER, "GET:actions"), is(equalTo("OK")));
- assertThat(auth.authenticate(VALID_ADMIN_USER, "WRONG:action"), is(equalTo("AAI_9101")));
+ createStandardAuth();
+ assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "GET:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "WRONG:action"), is(false));
}
-
-
@Test
public void testValidateRequest() throws AAIAuthException {
AAIMicroServiceAuth auth = createStandardAuth();
}
/**
- * @param rolesJson
- * @return
+ * Create a test Auth policy JSON file and pass this to the Auth Service.
+ *
+ * @param roles
+ * the Auth policy JSON content
+ * @return a new Auth Service configured with the supplied roles
* @throws IOException
+ * for I/O failures
* @throws AAIAuthException
+ * if the auth policy file cannot be loaded
*/
- private AAIMicroServiceAuth createAuthService(JSONObject roles) throws IOException, AAIAuthException {
- BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
+ private AAIMicroServiceAuth createAuthService(JSONObject roles) throws AAIAuthException, IOException {
File file = File.createTempFile("auth-policy", "json");
file.deleteOnExit();
FileWriter fileWriter = new FileWriter(file);
fileWriter.flush();
fileWriter.close();
+ BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
babelAuthConfig.setAuthPolicyFile(file.getAbsolutePath());
return new AAIMicroServiceAuth(babelAuthConfig);
}
/**
- * Assert authorisation results for an admin user based on the test policy file
+ * Assert authorisation results for an admin user based on the test policy file.
*
* @param auth
+ * the Auth Service to test
* @param adminUser
+ * admin username
* @throws AAIAuthException
+ * if the Auth Service is not initialized
*/
private void assertAdminUserAuthorisation(AAIMicroServiceAuth auth, String adminUser) throws AAIAuthException {
- assertThat(auth.authorize(adminUser, "GET:actions"), is(true));
- assertThat(auth.authorize(adminUser, "POST:actions"), is(true));
- assertThat(auth.authorize(adminUser, "PUT:actions"), is(true));
- assertThat(auth.authorize(adminUser, "DELETE:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "GET:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "POST:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "PUT:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "DELETE:actions"), is(true));
}
private JSONArray createFunctionObject(String functionName) throws JSONException {
private JSONObject createRoleObject(String roleName, JSONArray usersArray, JSONArray functionsArray)
throws JSONException {
- JSONObject roles = new JSONObject();
-
JSONObject role = new JSONObject();
role.put("name", roleName);
role.put("functions", functionsArray);
JSONArray rolesArray = new JSONArray();
rolesArray.put(role);
- roles.put("roles", rolesArray);
+ JSONObject roles = new JSONObject();
+ roles.put("roles", rolesArray);
return roles;
}