X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Ftest%2Fjava%2Forg%2Fonap%2Faai%2Fbabel%2FMicroServiceAuthTest.java;h=aae78464d6622e2f7249e5d31e19370834435e38;hb=4217e6f7018d08b11291490b3ad5c54064cdc031;hp=f24cbf1aef49856f6791cd98827a1e192199766c;hpb=1433a67a9e3dcad20d0dda8edcaad9403320f4f9;p=aai%2Fbabel.git diff --git a/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java b/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java index f24cbf1..aae7846 100644 --- a/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java +++ b/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java @@ -2,8 +2,8 @@ * ============LICENSE_START======================================================= * org.onap.aai * ================================================================================ - * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * Copyright © 2017 European Software Marketing Ltd. + * Copyright © 2017-2019 AT&T Intellectual Property. All rights reserved. + * Copyright © 2017-2019 European Software Marketing Ltd. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,12 +17,10 @@ * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END========================================================= - * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. */ + package org.onap.aai.babel; -import static org.hamcrest.CoreMatchers.equalTo; import static org.hamcrest.CoreMatchers.is; import static org.junit.Assert.assertThat; @@ -40,7 +38,7 @@ import org.onap.aai.babel.config.BabelAuthConfig; import org.springframework.mock.web.MockHttpServletRequest; /** - * Tests @{link AAIMicroServiceAuth} + * Tests @{link AAIMicroServiceAuth}. */ public class MicroServiceAuthTest { @@ -49,63 +47,67 @@ public class MicroServiceAuthTest { private static final String authPolicyFile = "auth_policy.json"; static { - System.setProperty("CONFIG_HOME", - System.getProperty("user.dir") + File.separator + "src/test/resources"); + System.setProperty("CONFIG_HOME", System.getProperty("user.dir") + File.separator + "src/test/resources"); } /** * Temporarily invalidate the default policy file and then try to initialise the authorisation class using the name * of a policy file that does not exist. - * + * * @throws AAIAuthException - * @throws IOException + * if the Auth policy file cannot be loaded */ @Test(expected = AAIAuthException.class) - public void missingPolicyFile() throws AAIAuthException, IOException { + public void missingPolicyFile() throws AAIAuthException { String defaultFile = AAIMicroServiceAuthCore.getDefaultAuthFileName(); try { AAIMicroServiceAuthCore.setDefaultAuthFileName("invalid.default.file"); - BabelAuthConfig gapServiceAuthConfig = new BabelAuthConfig(); - gapServiceAuthConfig.setAuthPolicyFile("invalid.file.name"); - new AAIMicroServiceAuth(gapServiceAuthConfig); + BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig(); + babelServiceAuthConfig.setAuthPolicyFile("invalid.file.name"); + new AAIMicroServiceAuth(babelServiceAuthConfig); } finally { AAIMicroServiceAuthCore.setDefaultAuthFileName(defaultFile); } } /** - * Test loading of a temporary file created with the specified roles - * + * Test loading of a temporary file created with the specified roles. + * * @throws AAIAuthException + * if the test creates invalid Auth Policy roles * @throws IOException + * for I/O failures * @throws JSONException + * if this test creates an invalid JSON object */ @Test - public void createLocalAuthFile() throws AAIAuthException, IOException, JSONException { + public void createLocalAuthFile() throws JSONException, AAIAuthException, IOException { JSONObject roles = createRoleObject("role", createUserObject("user"), createFunctionObject("func")); - AAIMicroServiceAuth auth = createAuthService(roles); - assertThat(auth.authorize("nosuchuser", "method:func"), is(false)); - assertThat(auth.authorize("user", "method:func"), is(true)); + createAuthService(roles); + assertThat(AAIMicroServiceAuthCore.authorize("nosuchuser", "method:func"), is(false)); + assertThat(AAIMicroServiceAuthCore.authorize("user", "method:func"), is(true)); } /** - * Test that the default policy file is loaded when a non-existent file is passed to the authorisation clas. - * + * Test that the default policy file is loaded when a non-existent file is passed to the authorisation class. + * * @throws AAIAuthException + * if the Auth Policy cannot be loaded */ @Test public void createAuthFromDefaultFile() throws AAIAuthException { - BabelAuthConfig gapServiceAuthConfig = new BabelAuthConfig(); - gapServiceAuthConfig.setAuthPolicyFile("non-existent-file"); - AAIMicroServiceAuth auth = new AAIMicroServiceAuth(gapServiceAuthConfig); + BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig(); + babelServiceAuthConfig.setAuthPolicyFile("non-existent-file"); + AAIMicroServiceAuth auth = new AAIMicroServiceAuth(babelServiceAuthConfig); // The default policy will have been loaded assertAdminUserAuthorisation(auth, VALID_ADMIN_USER); } /** - * Test loading of the policy file relative to CONFIG_HOME - * + * Test loading of the policy file relative to CONFIG_HOME. + * * @throws AAIAuthException + * if the Auth Policy cannot be loaded */ @Test public void createAuth() throws AAIAuthException { @@ -115,33 +117,35 @@ public class MicroServiceAuthTest { @Test public void testAuthUser() throws AAIAuthException { - AAIMicroServiceAuth auth = createStandardAuth(); - assertThat(auth.authenticate(VALID_ADMIN_USER, "GET:actions"), is(equalTo("OK"))); - assertThat(auth.authenticate(VALID_ADMIN_USER, "WRONG:action"), is(equalTo("AAI_9101"))); + createStandardAuth(); + assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "GET:actions"), is(true)); + assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "WRONG:action"), is(false)); } - - @Test public void testValidateRequest() throws AAIAuthException { AAIMicroServiceAuth auth = createStandardAuth(); - assertThat(auth.validateRequest(null, new MockHttpServletRequest(), null, "app/v1/gap"), is(false)); + assertThat(auth.validateRequest(null, new MockHttpServletRequest(), null, "app/v1/babel"), is(false)); } private AAIMicroServiceAuth createStandardAuth() throws AAIAuthException { - BabelAuthConfig gapServiceAuthConfig = new BabelAuthConfig(); - gapServiceAuthConfig.setAuthPolicyFile(authPolicyFile); - return new AAIMicroServiceAuth(gapServiceAuthConfig); + BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig(); + babelServiceAuthConfig.setAuthPolicyFile(authPolicyFile); + return new AAIMicroServiceAuth(babelServiceAuthConfig); } /** - * @param rolesJson - * @return + * Create a test Auth policy JSON file and pass this to the Auth Service. + * + * @param roles + * the Auth policy JSON content + * @return a new Auth Service configured with the supplied roles * @throws IOException + * for I/O failures * @throws AAIAuthException + * if the auth policy file cannot be loaded */ - private AAIMicroServiceAuth createAuthService(JSONObject roles) throws IOException, AAIAuthException { - BabelAuthConfig babelAuthConfig = new BabelAuthConfig(); + private AAIMicroServiceAuth createAuthService(JSONObject roles) throws AAIAuthException, IOException { File file = File.createTempFile("auth-policy", "json"); file.deleteOnExit(); FileWriter fileWriter = new FileWriter(file); @@ -149,22 +153,26 @@ public class MicroServiceAuthTest { fileWriter.flush(); fileWriter.close(); + BabelAuthConfig babelAuthConfig = new BabelAuthConfig(); babelAuthConfig.setAuthPolicyFile(file.getAbsolutePath()); return new AAIMicroServiceAuth(babelAuthConfig); } /** - * Assert authorisation results for an admin user based on the test policy file - * + * Assert authorisation results for an admin user based on the test policy file. + * * @param auth + * the Auth Service to test * @param adminUser + * admin username * @throws AAIAuthException + * if the Auth Service is not initialized */ private void assertAdminUserAuthorisation(AAIMicroServiceAuth auth, String adminUser) throws AAIAuthException { - assertThat(auth.authorize(adminUser, "GET:actions"), is(true)); - assertThat(auth.authorize(adminUser, "POST:actions"), is(true)); - assertThat(auth.authorize(adminUser, "PUT:actions"), is(true)); - assertThat(auth.authorize(adminUser, "DELETE:actions"), is(true)); + assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "GET:actions"), is(true)); + assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "POST:actions"), is(true)); + assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "PUT:actions"), is(true)); + assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "DELETE:actions"), is(true)); } private JSONArray createFunctionObject(String functionName) throws JSONException { @@ -194,8 +202,6 @@ public class MicroServiceAuthTest { private JSONObject createRoleObject(String roleName, JSONArray usersArray, JSONArray functionsArray) throws JSONException { - JSONObject roles = new JSONObject(); - JSONObject role = new JSONObject(); role.put("name", roleName); role.put("functions", functionsArray); @@ -203,8 +209,9 @@ public class MicroServiceAuthTest { JSONArray rolesArray = new JSONArray(); rolesArray.put(role); - roles.put("roles", rolesArray); + JSONObject roles = new JSONObject(); + roles.put("roles", rolesArray); return roles; }