2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.oauth.test;
24 import static org.hamcrest.CoreMatchers.is;
25 import static org.junit.Assert.assertThat;
26 import static org.junit.Assert.fail;
27 import static org.mockito.Mockito.when;
29 import org.junit.Before;
30 import org.junit.Test;
31 import org.mockito.Mock;
32 import org.mockito.MockitoAnnotations;
34 import java.io.IOException;
35 import java.io.StringReader;
36 import java.nio.file.Files;
37 import java.nio.file.Path;
39 import org.onap.aaf.cadi.Permission;
40 import org.onap.aaf.cadi.oauth.TokenPerm;
41 import org.onap.aaf.cadi.oauth.TokenPerm.LoadPermissions;
42 import org.onap.aaf.cadi.persist.Persist;
43 import org.onap.aaf.misc.env.APIException;
44 import org.onap.aaf.misc.rosetta.ParseException;
45 import org.onap.aaf.misc.rosetta.env.RosettaDF;
47 import aaf.v2_0.Perms;
48 import aafoauth.v2_0.Introspect;
50 public class JU_TokenPerm {
52 private static final byte[] hash = "hashstring".getBytes();
54 private static final String clientId = "clientId";
55 private static final String username = "username";
56 private static final String token = "token";
57 private static final String scopes = "scopes";
58 private static final String content = "content";
60 private static final long expires = 10000L;
62 private static Path path;
64 @Mock private Persist<Introspect, ?> persistMock;
65 @Mock private RosettaDF<Perms> dfMock;
66 @Mock private Introspect introspectMock;
69 public void setup() throws IOException {
70 MockitoAnnotations.initMocks(this);
72 when(introspectMock.getExp()).thenReturn(expires);
73 when(introspectMock.getClientId()).thenReturn(clientId);
74 when(introspectMock.getUsername()).thenReturn(username);
75 when(introspectMock.getAccessToken()).thenReturn(token);
76 when(introspectMock.getScope()).thenReturn(scopes);
77 when(introspectMock.getExp()).thenReturn(expires);
79 path = Files.createTempFile("fake", ".txt");
83 public void tokenTest() throws APIException {
84 TokenPerm tokenPerm = new TokenPerm(persistMock, dfMock, introspectMock, hash, path);
85 assertThat(tokenPerm.perms().size(), is(0));
86 assertThat(tokenPerm.getClientId(), is(clientId));
87 assertThat(tokenPerm.getUsername(), is(username));
88 assertThat(tokenPerm.getToken(), is(token));
89 assertThat(tokenPerm.getScopes(), is(scopes));
90 assertThat(tokenPerm.getIntrospect(), is(introspectMock));
92 when(introspectMock.getContent()).thenReturn(content);
93 tokenPerm = new TokenPerm(persistMock, dfMock, introspectMock, hash, path);
97 public void test() throws ParseException {
102 json = "{\"perm\":[" +
103 " {\"ns\":\"com\",\"type\":\"access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
106 lp = new LoadPermissions(new StringReader(json));
107 assertThat(lp.perms.size(), is(1));
110 assertThat(p.getKey(), is("com|access|*|read,approve"));
111 assertThat(p.permType(), is("AAF"));
113 // Extra closing braces for coverage
114 json = "{\"perm\":[" +
115 " {\"ns\":\"com\",\"type\":\"access\",\"instance\":\"*\",\"action\":\"read,approve\"}}," +
118 lp = new LoadPermissions(new StringReader(json));
119 assertThat(lp.perms.size(), is(1));
122 assertThat(p.getKey(), is("com|access|*|read,approve"));
123 assertThat(p.permType(), is("AAF"));
125 // Test without a type
126 json = "{\"perm\":[" +
127 " {\"instance\":\"*\",\"action\":\"read,approve\"}," +
130 lp = new LoadPermissions(new StringReader(json));
131 assertThat(lp.perms.size(), is(0));
133 // Test without an instance
134 json = "{\"perm\":[" +
135 " {\"type\":\"com.access\",\"action\":\"read,approve\"}," +
138 lp = new LoadPermissions(new StringReader(json));
139 assertThat(lp.perms.size(), is(0));
141 // Test without an action
142 json = "{\"perm\":[" +
143 " {\"type\":\"com.access\",\"instance\":\"*\"}," +
146 lp = new LoadPermissions(new StringReader(json));
147 assertThat(lp.perms.size(), is(0));
151 public void redundancyTest() {
152 String json = "{\"perm\":[" +
153 " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
154 " {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"*\"}," +
155 " {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"read\"}," +
156 " {\"type\":\"org.osaaf.aaf.attrib\",\"instance\":\":com.att.*:swm\",\"action\":\"*\"}," +
157 " {\"type\":\"org.osaaf.aaf.bogus\",\"instance\":\"sample\",\"action\":\"read\"}," +
158 " {\"type\":\"org.osaaf.aaf.ca\",\"instance\":\"aaf\",\"action\":\"ip\"}," +
159 " {\"type\":\"org.osaaf.aaf.ca\",\"instance\":\"local\",\"action\":\"domain\"}," +
160 " {\"type\":\"org.osaaf.aaf.cache\",\"instance\":\"*\",\"action\":\"clear\"}," +
161 " {\"type\":\"org.osaaf.aaf.cass\",\"instance\":\":mithril\",\"action\":\"*\"}," +
162 " {\"type\":\"org.osaaf.aaf.certman\",\"instance\":\"local\",\"action\":\"read,request,showpass\"}," +
163 " {\"type\":\"org.osaaf.aaf.db\",\"instance\":\"pool\",\"action\":\"clear\"}," +
164 " {\"type\":\"org.osaaf.aaf.deny\",\"instance\":\"com.att\",\"action\":\"*\"}," +
165 " {\"type\":\"org.osaaf.aaf.jenkins\",\"instance\":\"mithrilcsp.sbc.com\",\"action\":\"admin\"}," +
166 " {\"type\":\"org.osaaf.aaf.log\",\"instance\":\"com.att\",\"action\":\"id\"}," +
167 " {\"type\":\"org.osaaf.aaf.myPerm\",\"instance\":\"myInstance\",\"action\":\"myAction\"}," +
168 " {\"type\":\"org.osaaf.aaf.ns\",\"instance\":\":com.att.*:ns\",\"action\":\"write\"}," +
169 " {\"type\":\"org.osaaf.aaf.ns\",\"instance\":\":com.att:ns\",\"action\":\"write\"}," +
170 " {\"type\":\"org.osaaf.aaf.password\",\"instance\":\"com.att\",\"action\":\"extend\"}," +
171 " {\"type\":\"org.osaaf.access\",\"instance\":\"*\",\"action\":\"read\"}," +
172 " {\"type\":\"org.osaaf.authz.access\",\"instance\":\"*\",\"action\":\"read\"}," +
173 " {\"type\":\"org.osaaf.authz.dev.access\",\"instance\":\"*\",\"action\":\"*\"}," +
174 " {\"type\":\"org.osaaf.authz.swm.star\",\"instance\":\"*\",\"action\":\"*\"}," +
175 " {\"type\":\"org.osaaf.cadi.access\",\"instance\":\"*\",\"action\":\"*\"}," +
176 " {\"type\":\"org.osaaf.chris.access\",\"instance\":\"*\",\"action\":\"*\"}," +
177 " {\"type\":\"org.osaaf.csid.lab.swm.node\",\"instance\":\"*\",\"action\":\"*\"}," +
178 " {\"type\":\"org.osaaf.myapp.access\",\"instance\":\"*\",\"action\":\"*\"}," +
179 " {\"type\":\"org.osaaf.myapp.access\",\"instance\":\"*\",\"action\":\"read\"}," +
180 " {\"type\":\"org.osaaf.sample.access\",\"instance\":\"*\",\"action\":\"read\"}," +
181 " {\"type\":\"org.osaaf.sample.swm.myPerm\",\"instance\":\"*\",\"action\":\"read\"}," +
182 " {\"type\":\"org.osaaf.temp.access\",\"instance\":\"*\",\"action\":\"read\"}," +
183 " {\"type\":\"org.osaaf.test.access\",\"instance\":\"*\",\"action\":\"*\"}," +
184 " {\"type\":\"org.osaaf.test.access\",\"instance\":\"*\",\"action\":\"read\"}," +
185 " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}," +
186 " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}" +
189 LoadPermissions lp = new LoadPermissions(new StringReader(json));
190 assertThat(lp.perms.size(), is(34));
191 } catch (ParseException e) {
192 fail(e.getMessage());
Code Review / aaf / authz.git / blob