2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.aaf.v2_0.test;
24 import static org.hamcrest.CoreMatchers.is;
25 import static org.junit.Assert.assertThat;
26 import static org.mockito.Mockito.when;
28 import org.junit.Before;
29 import org.junit.Test;
30 import org.mockito.Mock;
31 import org.mockito.MockitoAnnotations;
33 import java.io.ByteArrayOutputStream;
34 import java.io.PrintStream;
36 import javax.servlet.http.HttpServletRequest;
38 import org.onap.aaf.cadi.Access;
39 import org.onap.aaf.cadi.Lur;
40 import org.onap.aaf.cadi.PropAccess;
41 import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker;
42 import org.onap.aaf.cadi.config.Config;
43 import org.onap.aaf.cadi.principal.TaggedPrincipal;
44 import org.onap.aaf.cadi.taf.TafResp;
45 import org.onap.aaf.cadi.taf.TrustNotTafResp;
46 import org.onap.aaf.cadi.taf.TrustTafResp;
47 import org.onap.aaf.misc.env.Env;
49 public class JU_AAFTrustChecker {
51 private final static String type = "type";
52 private final static String instance = "instance";
53 private final static String action = "action";
54 private final static String key = type + '|' + instance + '|' + action;
55 private final static String name = "name";
56 private final static String otherName = "otherName";
58 private PropAccess access;
60 @Mock private Env envMock;
61 @Mock private TafResp trespMock;
62 @Mock private HttpServletRequest reqMock;
63 @Mock private TaggedPrincipal tpMock;
64 @Mock private Lur lurMock;
65 @Mock private TaggedPrincipal princMock;
69 MockitoAnnotations.initMocks(this);
70 access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
75 AAFTrustChecker trustChecker;
78 trustChecker = new AAFTrustChecker(access);
79 trustChecker = new AAFTrustChecker(envMock);
81 access.setProperty(Config.CADI_TRUST_PERM, "example");
82 when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn("example");
83 trustChecker = new AAFTrustChecker(access);
84 trustChecker = new AAFTrustChecker(envMock);
86 access.setProperty(Config.CADI_TRUST_PERM, key);
87 when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(key);
88 trustChecker = new AAFTrustChecker(access);
89 trustChecker = new AAFTrustChecker(envMock);
91 trustChecker.setLur(lurMock);
93 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
95 when(reqMock.getHeader(null)).thenReturn("comma,comma,comma");
96 when(trespMock.getAccess()).thenReturn(Access.NULL);
97 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
99 when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:colon,comma,comma");
100 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
102 when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:AS,comma,comma");
103 when(trespMock.getPrincipal()).thenReturn(tpMock);
104 when(tpMock.getName()).thenReturn(name);
105 when(lurMock.fish(princMock, null)).thenReturn(true);
106 TafResp tntResp = trustChecker.mayTrust(trespMock, reqMock);
108 assertThat(tntResp instanceof TrustNotTafResp, is(true));
109 assertThat(tntResp.toString(), is("name requested trust as colon, but does not have Authorization"));
111 when(reqMock.getHeader(null)).thenReturn(name + ":colon:colon:AS,comma,comma");
112 assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
114 when(envMock.getProperty(Config.CADI_ALIAS, null)).thenReturn(name);
115 when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(null);
116 trustChecker = new AAFTrustChecker(envMock);
117 trustChecker.setLur(lurMock);
119 when(trespMock.getPrincipal()).thenReturn(princMock);
120 when(princMock.getName()).thenReturn(otherName);
121 when(lurMock.fish(princMock, null)).thenReturn(true);
122 TafResp ttResp = trustChecker.mayTrust(trespMock, reqMock);
123 assertThat(ttResp instanceof TrustTafResp, is(true));
124 assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));
126 when(princMock.getName()).thenReturn(name);
127 ttResp = trustChecker.mayTrust(trespMock, reqMock);
128 assertThat(ttResp instanceof TrustTafResp, is(true));
129 assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));