1 /*******************************************************************************
2 * ============LICENSE_START====================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
21 ******************************************************************************/
22 package org.onap.aaf.auth.validation.test;
24 import static org.junit.Assert.*;
25 import static org.mockito.Mockito.*;
27 import java.lang.reflect.InvocationTargetException;
28 import java.lang.reflect.Method;
29 import java.util.regex.Pattern;
31 import static org.mockito.Matchers.*;
32 import org.mockito.Mock;
34 import org.junit.Before;
35 import org.junit.Test;
36 import org.junit.Test;
37 import org.onap.aaf.auth.env.AuthzTrans;
38 import org.onap.aaf.auth.env.AuthzTransOnlyFilter;
39 import org.onap.aaf.auth.layer.Result;
40 import org.onap.aaf.auth.validation.Validator;
41 import org.onap.aaf.cadi.principal.TaggedPrincipal;
43 import junit.framework.Assert;
45 public class JU_Validator {
48 String base = "\\x25\\x28\\x29\\x2C-\\x2E\\x30-\\x39\\x3D\\x40-\\x5A\\x5F\\x61-\\x7A";
52 validator = new Validator();
56 public void testNullOrBlank() {
57 validator.nullOrBlank(null, "str");
58 validator.nullOrBlank("test", "");
59 validator.nullOrBlank("test", null);
63 public void testIsNull() {
64 Object o = new Object();
65 validator.isNull(null, null);
66 validator.isNull(null, o);
70 public void testDescription() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
71 Class c = validator.getClass();
72 Class[] cArg = new Class[2];
73 cArg[0] = String.class;
74 cArg[1] = String.class; //Steps to test a protected method
75 Method descriptionMethod = c.getDeclaredMethod("description", cArg);
76 descriptionMethod.setAccessible(true);
77 descriptionMethod.invoke(validator,"test", "test1");
78 descriptionMethod.invoke(validator,null, null);
79 descriptionMethod.invoke(validator,null, "[\\\\x25\\\\x28\\\\x29\\\\x2C-\\\\x2E\\\\x30-\\\\x39\\\\x3D\\\\x40-\\\\x5A\\\\x5F\\\\x61-\\\\x7A\\\\x20]+");
85 public void testPermType() {
86 Assert.assertNotNull(validator.permType("[\\\\w.-]+"));
87 Assert.assertNotNull(validator.permType(null));
88 Assert.assertNotNull(validator.permType(""));
89 Assert.assertNotNull(validator.permType("aewfew"));
93 public void testPermType1() {
94 Assert.assertNotNull(validator.permType("[\\\\w.-]+",null));
95 Assert.assertNotNull(validator.permType(null,null));
96 Assert.assertNotNull(validator.permType("","test"));
97 Assert.assertNotNull(validator.permType("aewfew","test"));
101 public void testPermInstance() {
103 String middle = "]+[\\\\*]*|\\\\*|(([:/]\\\\*)|([:/][!]{0,1}[";
104 Assert.assertNotNull(validator.permInstance("[" + base + middle + base + "]+[\\\\*]*[:/]*))+"));
105 Assert.assertNotNull(validator.permInstance(null));
106 Assert.assertNotNull(validator.permInstance(""));
107 Assert.assertNotNull(validator.permInstance("test"));
111 public void testErr() {
112 Assert.assertFalse(validator.err());
113 validator.isNull("test", null);
114 Assert.assertTrue(validator.err());
118 public void testErrs() {
119 validator.isNull("test", null);
120 Assert.assertNotNull(validator.errs());
124 public void testPermAction() {
125 Assert.assertNotNull(validator.permAction("[" + base + "]+" + "|\\\\*"));
126 Assert.assertNotNull(validator.permAction("test"));
130 public void testRole() {
131 Assert.assertNotNull(validator.role("[\\\\w.-]+"));
132 Assert.assertNotNull(validator.role(null));
133 Assert.assertNotNull(validator.role(""));
134 Assert.assertNotNull(validator.role("aewfew"));
138 public void testNs() {
139 Assert.assertNotNull(validator.ns("[\\\\w.-]+"));
140 Assert.assertNotNull(validator.ns(""));
141 Assert.assertNotNull(validator.ns(".access"));
145 public void testKey() {
146 Assert.assertNotNull(validator.key("[\\\\w.-]+"));
147 Assert.assertNotNull(validator.key(""));
148 Assert.assertNotNull(validator.key(".access"));
152 public void testValue() {
153 Assert.assertNotNull(validator.value(base));
154 Assert.assertNotNull(validator.value(""));
155 Assert.assertNotNull(validator.value(".access"));
159 public void testNotOK() {
160 Result<?> test = mock(Result.class);
161 validator.isNull("test", null);
162 when(test.notOK()).thenReturn(true);
163 Assert.assertNotNull(validator.notOK(null));
164 Assert.assertNotNull(validator.notOK(test));
168 public void testIntRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
169 Class c = validator.getClass();
170 Class[] cArg = new Class[4];
171 cArg[0] = String.class;
174 cArg[3] = int.class; //Steps to test a protected method
175 Method intRangeMethod = c.getDeclaredMethod("intRange", cArg);
176 intRangeMethod.setAccessible(true);
177 intRangeMethod.invoke(validator,"Test",5,1,10);
178 intRangeMethod.invoke(validator,"Test",1,5,10);
179 intRangeMethod.invoke(validator,"Test",11,5,10);
180 intRangeMethod.invoke(validator,"Test",5,6,4);
184 public void testFloatRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
185 Class c = validator.getClass();
186 Class[] cArg = new Class[4];
187 cArg[0] = String.class;
188 cArg[1] = float.class;
189 cArg[2] = float.class;
190 cArg[3] = float.class; //Steps to test a protected method
191 Method floatRangeMethod = c.getDeclaredMethod("floatRange", cArg);
192 floatRangeMethod.setAccessible(true);
193 floatRangeMethod.invoke(validator,"Test",5f,1f,10f);
194 floatRangeMethod.invoke(validator,"Test",1f,5f,10f);
195 floatRangeMethod.invoke(validator,"Test",11f,5f,10f);
196 floatRangeMethod.invoke(validator,"Test",5f,6f,4f);
201 assertTrue(Validator.ACTION_CHARS.matcher("HowdyDoody").matches());
202 assertFalse(Validator.ACTION_CHARS.matcher("Howd?yDoody").matches());
203 assertTrue(Validator.ACTION_CHARS.matcher("_HowdyDoody").matches());
204 assertTrue(Validator.INST_CHARS.matcher("HowdyDoody").matches());
205 assertFalse(Validator.INST_CHARS.matcher("Howd?yDoody").matches());
206 assertTrue(Validator.INST_CHARS.matcher("_HowdyDoody").matches());
209 assertTrue(Validator.ACTION_CHARS.matcher("*").matches());
210 assertTrue(Validator.INST_CHARS.matcher("*").matches());
211 assertFalse(Validator.ACTION_CHARS.matcher(":*").matches());
212 assertTrue(Validator.INST_CHARS.matcher(":*").matches());
213 assertFalse(Validator.ACTION_CHARS.matcher(":*:*").matches());
214 assertTrue(Validator.INST_CHARS.matcher(":*:*").matches());
216 assertFalse(Validator.ACTION_CHARS.matcher(":hello").matches());
217 assertTrue(Validator.INST_CHARS.matcher(":hello").matches());
218 assertFalse(Validator.INST_CHARS.matcher("hello:").matches());
219 assertFalse(Validator.INST_CHARS.matcher("hello:d").matches());
221 assertFalse(Validator.ACTION_CHARS.matcher(":hello:*").matches());
222 assertTrue(Validator.INST_CHARS.matcher(":hello:*").matches());
223 assertFalse(Validator.ACTION_CHARS.matcher(":hello:d*:*").matches());
224 assertFalse(Validator.INST_CHARS.matcher(":hello:d*d:*").matches());
225 assertTrue(Validator.INST_CHARS.matcher(":hello:d*:*").matches());
226 assertFalse(Validator.ACTION_CHARS.matcher("HowdyDoody*").matches());
227 assertFalse(Validator.INST_CHARS.matcher("Howdy*Doody").matches());
228 assertTrue(Validator.INST_CHARS.matcher("HowdyDoody*").matches());
229 assertFalse(Validator.ACTION_CHARS.matcher("*HowdyDoody").matches());
230 assertFalse(Validator.INST_CHARS.matcher("*HowdyDoody").matches());
231 assertFalse(Validator.ACTION_CHARS.matcher(":h*").matches());
232 assertFalse(Validator.INST_CHARS.matcher(":h*h*").matches());
233 assertTrue(Validator.INST_CHARS.matcher(":h*").matches());
234 assertFalse(Validator.ACTION_CHARS.matcher(":h:h*:*").matches());
235 assertTrue(Validator.INST_CHARS.matcher(":h:h*:*").matches());
236 assertFalse(Validator.INST_CHARS.matcher(":h:h*h:*").matches());
237 assertFalse(Validator.INST_CHARS.matcher(":h:h*h*:*").matches());
238 assertFalse(Validator.ACTION_CHARS.matcher(":h:*:*h").matches());
239 assertFalse(Validator.INST_CHARS.matcher(":h:*:*h").matches());
240 assertTrue(Validator.INST_CHARS.matcher(":com.test.*:ns:*").matches());
243 assertFalse(Validator.ACTION_CHARS.matcher("1234+235gd").matches());
244 assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd").matches());
245 assertTrue(Validator.ACTION_CHARS.matcher("1234-23_5gd").matches());
246 assertTrue(Validator.ACTION_CHARS.matcher("1234-235g,d").matches());
247 assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd(Version12)").matches());
248 assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
249 assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
250 assertFalse(Validator.ACTION_CHARS.matcher("1234-23 5gd").matches());
251 assertFalse(Validator.ACTION_CHARS.matcher("1234-235gd ").matches());
252 assertFalse(Validator.ACTION_CHARS.matcher(" 1234-235gd").matches());
253 assertFalse(Validator.ACTION_CHARS.matcher("").matches());
254 assertFalse(Validator.ACTION_CHARS.matcher(" ").matches());
256 // Allow % and = (Needed for Escaping & Base64 usages) jg
257 assertTrue(Validator.ACTION_CHARS.matcher("1234%235g=d").matches());
258 assertFalse(Validator.ACTION_CHARS.matcher(":1234%235g=d").matches());
259 assertTrue(Validator.INST_CHARS.matcher("1234%235g=d").matches());
260 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d").matches());
261 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:%20==").matches());
262 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:=%23").matches());
263 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:*:=%23").matches());
264 assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:*").matches());
265 assertTrue(Validator.INST_CHARS.matcher(":*:==%20:*").matches());
267 // Allow / instead of : (more natural instance expression) jg
268 assertFalse(Validator.INST_CHARS.matcher("1234/a").matches());
269 assertTrue(Validator.INST_CHARS.matcher("/1234/a").matches());
270 assertTrue(Validator.INST_CHARS.matcher("/1234/*/a/").matches());
271 assertTrue(Validator.INST_CHARS.matcher("/1234//a").matches());
272 assertFalse(Validator.ACTION_CHARS.matcher("1234/a").matches());
273 assertFalse(Validator.ACTION_CHARS.matcher("/1234/*/a/").matches());
274 assertFalse(Validator.ACTION_CHARS.matcher("1234//a").matches());
277 assertFalse(Validator.INST_CHARS.matcher("1234+235gd").matches());
278 assertTrue(Validator.INST_CHARS.matcher("1234-235gd").matches());
279 assertTrue(Validator.INST_CHARS.matcher("1234-23_5gd").matches());
280 assertTrue(Validator.INST_CHARS.matcher("1234-235g,d").matches());
281 assertTrue(Validator.INST_CHARS.matcher("m1234@shb.dd.com").matches());
282 assertTrue(Validator.INST_CHARS.matcher("1234-235gd(Version12)").matches());
283 assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
284 assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
285 assertFalse(Validator.INST_CHARS.matcher("").matches());
288 for( char c=0x20;c<0x7F;++c) {
294 continue; // test separately
304 assertFalse(Validator.ID_CHARS.matcher("abc").matches());
305 assertFalse(Validator.ID_CHARS.matcher("").matches());
306 assertTrue(Validator.ID_CHARS.matcher("abc@att.com").matches());
307 assertTrue(Validator.ID_CHARS.matcher("ab-me@att.com").matches());
308 assertTrue(Validator.ID_CHARS.matcher("ab-me_.x@att._-com").matches());
310 assertFalse(Validator.NAME_CHARS.matcher("ab-me_.x@att._-com").matches());
311 assertTrue(Validator.NAME_CHARS.matcher("ab-me").matches());
312 assertTrue(Validator.NAME_CHARS.matcher("ab-me_.xatt._-com").matches());
316 assertTrue(Validator.INST_CHARS.matcher(
317 "/!com.att.*/role/write").matches());
318 assertTrue(Validator.INST_CHARS.matcher(
319 ":!com.att.*:role:write").matches());