auth/auth-core/src/test/java/org/onap/aaf/auth/validation/test/JU_Validator.java

   1 /*******************************************************************************
   2  * ============LICENSE_START====================================================
   3  * * org.onap.aaf
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * *
  21  ******************************************************************************/
  22 package org.onap.aaf.auth.validation.test;
  23
  24 import static org.junit.Assert.*;
  25 import static org.mockito.Mockito.*;
  26
  27 import java.lang.reflect.InvocationTargetException;
  28 import java.lang.reflect.Method;
  29 import java.util.regex.Pattern;
  30
  31 import static org.mockito.Matchers.*;
  32 import org.mockito.Mock;
  33
  34 import org.junit.Before;
  35 import org.junit.Test;
  36 import org.junit.Test;
  37 import org.onap.aaf.auth.env.AuthzTrans;
  38 import org.onap.aaf.auth.env.AuthzTransOnlyFilter;
  39 import org.onap.aaf.auth.layer.Result;
  40 import org.onap.aaf.auth.validation.Validator;
  41 import org.onap.aaf.cadi.principal.TaggedPrincipal;
  42
  43 import junit.framework.Assert;
  44
  45 public class JU_Validator {
  46
  47         Validator validator;
  48         String base = "\\x25\\x28\\x29\\x2C-\\x2E\\x30-\\x39\\x3D\\x40-\\x5A\\x5F\\x61-\\x7A";
  49
  50         @Before
  51         public void setUp() {
  52                 validator = new Validator();
  53         }
  54
  55         @Test
  56         public void testNullOrBlank() {
  57                 validator.nullOrBlank(null, "str");
  58                 validator.nullOrBlank("test", "");
  59                 validator.nullOrBlank("test", null);
  60         }
  61
  62         @Test
  63         public void testIsNull() {
  64                 Object o = new Object();
  65                 validator.isNull(null, null);
  66                 validator.isNull(null, o);
  67         }
  68
  69         @Test
  70         public void testDescription() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
  71                 Class c = validator.getClass();
  72                 Class[] cArg = new Class[2];
  73                 cArg[0] = String.class;
  74                 cArg[1] = String.class;         //Steps to test a protected method
  75                 Method descriptionMethod = c.getDeclaredMethod("description", cArg);
  76                 descriptionMethod.setAccessible(true);
  77                 descriptionMethod.invoke(validator,"test", "test1");
  78                 descriptionMethod.invoke(validator,null, null);
  79                 descriptionMethod.invoke(validator,null, "[\\\\x25\\\\x28\\\\x29\\\\x2C-\\\\x2E\\\\x30-\\\\x39\\\\x3D\\\\x40-\\\\x5A\\\\x5F\\\\x61-\\\\x7A\\\\x20]+");
  80
  81
  82         }
  83
  84         @Test
  85         public void testPermType() {
  86                 Assert.assertNotNull(validator.permType("[\\\\w.-]+"));
  87                 Assert.assertNotNull(validator.permType(null));
  88                 Assert.assertNotNull(validator.permType(""));
  89                 Assert.assertNotNull(validator.permType("aewfew"));
  90         }
  91
  92         @Test
  93         public void testPermType1() {
  94                 Assert.assertNotNull(validator.permType("[\\\\w.-]+",null));
  95                 Assert.assertNotNull(validator.permType(null,null));
  96                 Assert.assertNotNull(validator.permType("","test"));
  97                 Assert.assertNotNull(validator.permType("aewfew","test"));
  98         }
  99
 100         @Test
 101         public void testPermInstance() {
 102
 103                 String middle = "]+[\\\\*]*|\\\\*|(([:/]\\\\*)|([:/][!]{0,1}[";
 104                 Assert.assertNotNull(validator.permInstance("[" + base + middle + base + "]+[\\\\*]*[:/]*))+"));
 105                 Assert.assertNotNull(validator.permInstance(null));
 106                 Assert.assertNotNull(validator.permInstance(""));
 107                 Assert.assertNotNull(validator.permInstance("test"));
 108         }
 109
 110         @Test
 111         public void testErr() {
 112                 Assert.assertFalse(validator.err());
 113                 validator.isNull("test", null);
 114                 Assert.assertTrue(validator.err());
 115         }
 116
 117         @Test
 118         public void testErrs() {
 119                 validator.isNull("test", null);
 120                 Assert.assertNotNull(validator.errs());
 121         }
 122
 123         @Test
 124         public void testPermAction() {
 125                 Assert.assertNotNull(validator.permAction("[" + base + "]+" + "|\\\\*"));
 126                 Assert.assertNotNull(validator.permAction("test"));
 127         }
 128
 129         @Test
 130         public void testRole() {
 131                 Assert.assertNotNull(validator.role("[\\\\w.-]+"));
 132                 Assert.assertNotNull(validator.role(null));
 133                 Assert.assertNotNull(validator.role(""));
 134                 Assert.assertNotNull(validator.role("aewfew"));
 135         }
 136
 137         @Test
 138         public void testNs() {
 139                 Assert.assertNotNull(validator.ns("[\\\\w.-]+"));
 140                 Assert.assertNotNull(validator.ns(""));
 141                 Assert.assertNotNull(validator.ns(".access"));
 142         }
 143
 144         @Test
 145         public void testKey() {
 146                 Assert.assertNotNull(validator.key("[\\\\w.-]+"));
 147                 Assert.assertNotNull(validator.key(""));
 148                 Assert.assertNotNull(validator.key(".access"));
 149         }
 150
 151         @Test
 152         public void testValue() {
 153                 Assert.assertNotNull(validator.value(base));
 154                 Assert.assertNotNull(validator.value(""));
 155                 Assert.assertNotNull(validator.value(".access"));
 156         }
 157
 158         @Test
 159         public void testNotOK() {
 160                 Result<?> test = mock(Result.class);
 161                 validator.isNull("test", null);
 162                 when(test.notOK()).thenReturn(true);
 163                 Assert.assertNotNull(validator.notOK(null));
 164                 Assert.assertNotNull(validator.notOK(test));
 165         }
 166
 167         @Test
 168         public void testIntRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
 169                 Class c = validator.getClass();
 170                 Class[] cArg = new Class[4];
 171                 cArg[0] = String.class;
 172                 cArg[1] = int.class;
 173                 cArg[2] = int.class;
 174                 cArg[3] = int.class;            //Steps to test a protected method
 175                 Method intRangeMethod = c.getDeclaredMethod("intRange", cArg);
 176                 intRangeMethod.setAccessible(true);
 177                 intRangeMethod.invoke(validator,"Test",5,1,10);
 178                 intRangeMethod.invoke(validator,"Test",1,5,10);
 179                 intRangeMethod.invoke(validator,"Test",11,5,10);
 180                 intRangeMethod.invoke(validator,"Test",5,6,4);
 181         }
 182
 183         @Test
 184         public void testFloatRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
 185                 Class c = validator.getClass();
 186                 Class[] cArg = new Class[4];
 187                 cArg[0] = String.class;
 188                 cArg[1] = float.class;
 189                 cArg[2] = float.class;
 190                 cArg[3] = float.class;          //Steps to test a protected method
 191                 Method floatRangeMethod = c.getDeclaredMethod("floatRange", cArg);
 192                 floatRangeMethod.setAccessible(true);
 193                 floatRangeMethod.invoke(validator,"Test",5f,1f,10f);
 194                 floatRangeMethod.invoke(validator,"Test",1f,5f,10f);
 195                 floatRangeMethod.invoke(validator,"Test",11f,5f,10f);
 196                 floatRangeMethod.invoke(validator,"Test",5f,6f,4f);
 197         }
 198
 199         @Test
 200         public void test() {
 201                 assertTrue(Validator.ACTION_CHARS.matcher("HowdyDoody").matches());
 202                 assertFalse(Validator.ACTION_CHARS.matcher("Howd?yDoody").matches());
 203                 assertTrue(Validator.ACTION_CHARS.matcher("_HowdyDoody").matches());
 204                 assertTrue(Validator.INST_CHARS.matcher("HowdyDoody").matches());
 205                 assertFalse(Validator.INST_CHARS.matcher("Howd?yDoody").matches());
 206                 assertTrue(Validator.INST_CHARS.matcher("_HowdyDoody").matches());
 207
 208                 //
 209                 assertTrue(Validator.ACTION_CHARS.matcher("*").matches());
 210                 assertTrue(Validator.INST_CHARS.matcher("*").matches());
 211                 assertFalse(Validator.ACTION_CHARS.matcher(":*").matches());
 212                 assertTrue(Validator.INST_CHARS.matcher(":*").matches());
 213                 assertFalse(Validator.ACTION_CHARS.matcher(":*:*").matches());
 214                 assertTrue(Validator.INST_CHARS.matcher(":*:*").matches());
 215
 216                 assertFalse(Validator.ACTION_CHARS.matcher(":hello").matches());
 217                 assertTrue(Validator.INST_CHARS.matcher(":hello").matches());
 218                 assertFalse(Validator.INST_CHARS.matcher("hello:").matches());
 219                 assertFalse(Validator.INST_CHARS.matcher("hello:d").matches());
 220
 221                 assertFalse(Validator.ACTION_CHARS.matcher(":hello:*").matches());
 222                 assertTrue(Validator.INST_CHARS.matcher(":hello:*").matches());
 223                 assertFalse(Validator.ACTION_CHARS.matcher(":hello:d*:*").matches());
 224                 assertFalse(Validator.INST_CHARS.matcher(":hello:d*d:*").matches());
 225                 assertTrue(Validator.INST_CHARS.matcher(":hello:d*:*").matches());
 226                 assertFalse(Validator.ACTION_CHARS.matcher("HowdyDoody*").matches());
 227                 assertFalse(Validator.INST_CHARS.matcher("Howdy*Doody").matches());
 228                 assertTrue(Validator.INST_CHARS.matcher("HowdyDoody*").matches());
 229                 assertFalse(Validator.ACTION_CHARS.matcher("*HowdyDoody").matches());
 230                 assertFalse(Validator.INST_CHARS.matcher("*HowdyDoody").matches());
 231                 assertFalse(Validator.ACTION_CHARS.matcher(":h*").matches());
 232                 assertFalse(Validator.INST_CHARS.matcher(":h*h*").matches());
 233                 assertTrue(Validator.INST_CHARS.matcher(":h*").matches());
 234                 assertFalse(Validator.ACTION_CHARS.matcher(":h:h*:*").matches());
 235                 assertTrue(Validator.INST_CHARS.matcher(":h:h*:*").matches());
 236                 assertFalse(Validator.INST_CHARS.matcher(":h:h*h:*").matches());
 237                 assertFalse(Validator.INST_CHARS.matcher(":h:h*h*:*").matches());
 238                 assertFalse(Validator.ACTION_CHARS.matcher(":h:*:*h").matches());
 239                 assertFalse(Validator.INST_CHARS.matcher(":h:*:*h").matches());
 240                 assertTrue(Validator.INST_CHARS.matcher(":com.test.*:ns:*").matches());
 241
 242
 243                 assertFalse(Validator.ACTION_CHARS.matcher("1234+235gd").matches());
 244                 assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd").matches());
 245                 assertTrue(Validator.ACTION_CHARS.matcher("1234-23_5gd").matches());
 246                 assertTrue(Validator.ACTION_CHARS.matcher("1234-235g,d").matches());
 247                 assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd(Version12)").matches());
 248                 assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
 249                 assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
 250                 assertFalse(Validator.ACTION_CHARS.matcher("1234-23 5gd").matches());
 251                 assertFalse(Validator.ACTION_CHARS.matcher("1234-235gd ").matches());
 252                 assertFalse(Validator.ACTION_CHARS.matcher(" 1234-235gd").matches());
 253                 assertFalse(Validator.ACTION_CHARS.matcher("").matches());
 254                 assertFalse(Validator.ACTION_CHARS.matcher(" ").matches());
 255
 256                 // Allow % and =   (Needed for Escaping & Base64 usages) jg
 257                 assertTrue(Validator.ACTION_CHARS.matcher("1234%235g=d").matches());
 258                 assertFalse(Validator.ACTION_CHARS.matcher(":1234%235g=d").matches());
 259                 assertTrue(Validator.INST_CHARS.matcher("1234%235g=d").matches());
 260                 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d").matches());
 261                 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:%20==").matches());
 262                 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:=%23").matches());
 263                 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:*:=%23").matches());
 264                 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:*").matches());
 265                 assertTrue(Validator.INST_CHARS.matcher(":*:==%20:*").matches());
 266
 267                 // Allow / instead of :  (more natural instance expression) jg
 268                 assertFalse(Validator.INST_CHARS.matcher("1234/a").matches());
 269                 assertTrue(Validator.INST_CHARS.matcher("/1234/a").matches());
 270                 assertTrue(Validator.INST_CHARS.matcher("/1234/*/a/").matches());
 271                 assertTrue(Validator.INST_CHARS.matcher("/1234//a").matches());
 272                 assertFalse(Validator.ACTION_CHARS.matcher("1234/a").matches());
 273                 assertFalse(Validator.ACTION_CHARS.matcher("/1234/*/a/").matches());
 274                 assertFalse(Validator.ACTION_CHARS.matcher("1234//a").matches());
 275
 276
 277                 assertFalse(Validator.INST_CHARS.matcher("1234+235gd").matches());
 278                 assertTrue(Validator.INST_CHARS.matcher("1234-235gd").matches());
 279                 assertTrue(Validator.INST_CHARS.matcher("1234-23_5gd").matches());
 280                 assertTrue(Validator.INST_CHARS.matcher("1234-235g,d").matches());
 281                 assertTrue(Validator.INST_CHARS.matcher("m1234@shb.dd.com").matches());
 282                 assertTrue(Validator.INST_CHARS.matcher("1234-235gd(Version12)").matches());
 283                 assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
 284                 assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
 285                 assertFalse(Validator.INST_CHARS.matcher("").matches());
 286
 287
 288                 for( char c=0x20;c<0x7F;++c) {
 289                         boolean b;
 290                         switch(c) {
 291                                 case '?':
 292                                 case '|':
 293                                 case '*':
 294                                         continue; // test separately
 295                                 case '~':
 296                                 case ',':
 297                                         b = false;
 298                                         break;
 299                                 default:
 300                                         b=true;
 301                         }
 302                 }
 303
 304                 assertFalse(Validator.ID_CHARS.matcher("abc").matches());
 305                 assertFalse(Validator.ID_CHARS.matcher("").matches());
 306                 assertTrue(Validator.ID_CHARS.matcher("abc@att.com").matches());
 307                 assertTrue(Validator.ID_CHARS.matcher("ab-me@att.com").matches());
 308                 assertTrue(Validator.ID_CHARS.matcher("ab-me_.x@att._-com").matches());
 309
 310                 assertFalse(Validator.NAME_CHARS.matcher("ab-me_.x@att._-com").matches());
 311                 assertTrue(Validator.NAME_CHARS.matcher("ab-me").matches());
 312                 assertTrue(Validator.NAME_CHARS.matcher("ab-me_.xatt._-com").matches());
 313
 314
 315                 // 7/22/2016
 316                 assertTrue(Validator.INST_CHARS.matcher(
 317                                 "/!com.att.*/role/write").matches());
 318                 assertTrue(Validator.INST_CHARS.matcher(
 319                                 ":!com.att.*:role:write").matches());
 320
 321         }
 322
 323 }