1 /*******************************************************************************
2 * ============LICENSE_START====================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
21 ******************************************************************************/
23 package org.onap.aaf.cadi.lur.test;
25 import static org.hamcrest.CoreMatchers.is;
26 import static org.junit.Assert.assertThat;
27 import static org.mockito.Mockito.when;
29 import java.io.ByteArrayOutputStream;
30 import java.io.IOException;
31 import java.io.PrintStream;
32 import java.security.Principal;
33 import java.util.ArrayList;
34 import java.util.List;
36 import org.junit.Before;
37 import org.junit.Test;
38 import org.mockito.Mock;
39 import org.mockito.MockitoAnnotations;
40 import org.onap.aaf.cadi.Permission;
41 import org.onap.aaf.cadi.PropAccess;
42 import org.onap.aaf.cadi.AbsUserCache;
43 import org.onap.aaf.cadi.CredVal.Type;
44 import org.onap.aaf.cadi.lur.ConfigPrincipal;
45 import org.onap.aaf.cadi.lur.LocalLur;
46 import org.onap.aaf.cadi.lur.LocalPermission;
48 public class JU_LocalLur {
50 private static final String password = "<pass>";
51 private String encrypted;
53 private PropAccess access;
54 private ByteArrayOutputStream outStream;
56 @Mock Permission permMock;
59 public void setup() throws IOException {
60 MockitoAnnotations.initMocks(this);
62 encrypted = rot13(password);
64 outStream = new ByteArrayOutputStream();
65 access = new PropAccess(new PrintStream(outStream), new String[0]) {
66 @Override public String decrypt(String encrypted, boolean anytext) throws IOException {
67 return rot13(encrypted);
69 @Override public String encrypt(String unencrypted) throws IOException {
70 return rot13(unencrypted);
77 public void test() throws IOException {
79 List<AbsUserCache<LocalPermission>.DumpInfo> info;
81 lur = new LocalLur(access, null, null);
82 assertThat(lur.dumpInfo().size(), is(0));
84 lur = new LocalLur(access, "user1", null);
85 info = lur.dumpInfo();
86 assertThat(info.size(), is(1));
87 assertThat(info.get(0).user, is("user1"));
90 assertThat(lur.dumpInfo().size(), is(0));
92 lur = new LocalLur(access, "user1%" + encrypted, null);
93 info = lur.dumpInfo();
94 assertThat(info.size(), is(1));
95 assertThat(info.get(0).user, is("user1@none"));
98 assertThat(lur.dumpInfo().size(), is(0));
100 lur = new LocalLur(access, "user1@domain%" + encrypted, null);
101 info = lur.dumpInfo();
102 assertThat(info.size(), is(1));
103 assertThat(info.get(0).user, is("user1@domain"));
105 lur = new LocalLur(access, "user1@domain%" + encrypted + ":groupA", null);
106 info = lur.dumpInfo();
107 assertThat(info.size(), is(1));
108 assertThat(info.get(0).user, is("user1@domain"));
110 when(permMock.getKey()).thenReturn("groupA");
111 assertThat(lur.handlesExclusively(permMock), is(true));
112 when(permMock.getKey()).thenReturn("groupB");
113 assertThat(lur.handlesExclusively(permMock), is(false));
115 assertThat(lur.fish(null, null), is(false));
117 Principal princ = new ConfigPrincipal("user1@localized", encrypted);
119 lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
120 assertThat(lur.fish(princ, lur.createPerm("groupA")), is(true));
121 assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
122 assertThat(lur.fish(princ, permMock), is(false));
124 princ = new ConfigPrincipal("user1@domain", encrypted);
125 assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
127 princ = new ConfigPrincipal("user1@localized", "badpass");
128 assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
130 assertThat(lur.handles(null), is(false));
132 lur.fishAll(null, null);
134 List<Permission> perms = new ArrayList<>();
135 perms.add(lur.createPerm("groupB"));
136 perms.add(lur.createPerm("groupA"));
137 princ = new ConfigPrincipal("user1@localized", encrypted);
138 lur.fishAll(princ, perms);
139 princ = new ConfigPrincipal("user1@localized", "badpass");
140 lur.fishAll(princ, perms);
142 assertThat(lur.validate(null, null, null, null), is(false));
143 assertThat(lur.validate("user", null, "badpass".getBytes(), null), is(false));
144 assertThat(lur.validate("user1@localized", null, encrypted.getBytes(), null), is(false));
146 lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
147 assertThat(lur.validate("user1@localized", Type.PASSWORD, encrypted.getBytes(), null), is(true));
149 lur = new LocalLur(access, null, "admin");
150 lur = new LocalLur(access, null, "admin:user1");
151 lur = new LocalLur(access, null, "admin:user1@localized");
152 lur = new LocalLur(access, null, "admin:user1@localized,user2@localized%" + password + ";user:user1@localized");
155 public static String rot13(String input) {
156 StringBuilder sb = new StringBuilder();
157 for (int i = 0; i < input.length(); i++) {
158 char c = input.charAt(i);
159 if (c >= 'a' && c <= 'm') {
161 } else if (c >= 'A' && c <= 'M') {
163 } else if (c >= 'n' && c <= 'z') {
165 } else if (c >= 'N' && c <= 'Z') {
170 return sb.toString();
Code Review / aaf / authz.git / blob