2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.taf.basic.test;
24 import static org.hamcrest.CoreMatchers.is;
25 import static org.hamcrest.CoreMatchers.not;
26 import static org.hamcrest.CoreMatchers.nullValue;
27 import static org.junit.Assert.assertThat;
28 import static org.mockito.Mockito.when;
30 import java.io.BufferedReader;
31 import java.io.ByteArrayOutputStream;
32 import java.io.IOException;
33 import java.io.PrintStream;
34 import java.io.UnsupportedEncodingException;
35 import java.security.Principal;
36 import java.util.Collection;
37 import java.util.Enumeration;
38 import java.util.Locale;
41 import javax.servlet.AsyncContext;
42 import javax.servlet.DispatcherType;
43 import javax.servlet.RequestDispatcher;
44 import javax.servlet.ServletContext;
45 import javax.servlet.ServletException;
46 import javax.servlet.ServletInputStream;
47 import javax.servlet.ServletRequest;
48 import javax.servlet.ServletResponse;
49 import javax.servlet.http.Cookie;
50 import javax.servlet.http.HttpServletRequest;
51 import javax.servlet.http.HttpServletResponse;
52 import javax.servlet.http.HttpSession;
53 import javax.servlet.http.Part;
55 import org.junit.Before;
56 import org.junit.Test;
57 import org.mockito.Mock;
58 import org.mockito.MockitoAnnotations;
59 import org.onap.aaf.cadi.BasicCred;
60 import org.onap.aaf.cadi.CachedPrincipal;
61 import org.onap.aaf.cadi.CachedPrincipal.Resp;
62 import org.onap.aaf.cadi.CredVal;
63 import org.onap.aaf.cadi.PropAccess;
64 import org.onap.aaf.cadi.Symm;
65 import org.onap.aaf.cadi.Taf.LifeForm;
66 import org.onap.aaf.cadi.taf.basic.BasicHttpTaf;
68 public class JU_BasicHttpTaf {
70 private final static String realm = "realm";
71 private final static String id = "id";
72 private final static String addr = "addr";
74 private final static String name = "User";
75 private final static String password = "password";
76 private final static String content = name + ":" + password;
77 private static String encrypted;
79 private final static long timeToLive = 10000L;
81 private PropAccess access;
83 @Mock private HttpServletResponse respMock;
84 @Mock private HttpServletRequest reqMock;
85 @Mock private CredVal rbacMock;
86 @Mock private CachedPrincipal princMock;
89 public void setup() throws IOException {
90 MockitoAnnotations.initMocks(this);
91 access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
92 encrypted = new String(Symm.base64.encode(content.getBytes()));
97 BasicHttpTaf taf = new BasicHttpTaf(access, rbacMock, realm, timeToLive, true);
98 BasicCredStub bcstub = new BasicCredStub();
99 assertThat(taf.validate(LifeForm.SBLF, bcstub, respMock), is(not(nullValue())));
101 assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
103 when(reqMock.getHeader("Authorization")).thenReturn("test");
104 assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
106 when(reqMock.getHeader("Authorization")).thenReturn("Basic " + encrypted);
107 assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
109 assertThat(taf.revalidate(princMock, "state"), is(Resp.NOT_MINE));
111 assertThat(taf.toString(), is("Basic Auth enabled on realm: " + realm));
114 private class BasicCredStub implements HttpServletRequest, BasicCred {
115 @Override public String getUser() { return id; }
116 @Override public String getRemoteAddr() { return addr; }
118 @Override public AsyncContext getAsyncContext() { return null; }
119 @Override public Object getAttribute(String arg0) { return null; }
120 @Override public Enumeration<String> getAttributeNames() { return null; }
121 @Override public String getCharacterEncoding() { return null; }
122 @Override public int getContentLength() { return 0; }
123 @Override public String getContentType() { return null; }
124 @Override public DispatcherType getDispatcherType() { return null; }
125 @Override public ServletInputStream getInputStream() throws IOException { return null; }
126 @Override public String getLocalAddr() { return null; }
127 @Override public String getLocalName() { return null; }
128 @Override public int getLocalPort() { return 0; }
129 @Override public Locale getLocale() { return null; }
130 @Override public Enumeration<Locale> getLocales() { return null; }
131 @Override public String getParameter(String arg0) { return null; }
132 @Override public Map<String, String[]> getParameterMap() { return null; }
133 @Override public Enumeration<String> getParameterNames() { return null; }
134 @Override public String[] getParameterValues(String arg0) { return null; }
135 @Override public String getProtocol() { return null; }
136 @Override public BufferedReader getReader() throws IOException { return null; }
137 @Override public String getRealPath(String arg0) { return null; }
138 @Override public String getRemoteHost() { return null; }
139 @Override public int getRemotePort() { return 0; }
140 @Override public RequestDispatcher getRequestDispatcher(String arg0) { return null; }
141 @Override public String getScheme() { return null; }
142 @Override public String getServerName() { return null; }
143 @Override public int getServerPort() { return 0; }
144 @Override public ServletContext getServletContext() { return null; }
145 @Override public boolean isAsyncStarted() { return false; }
146 @Override public boolean isAsyncSupported() { return false; }
147 @Override public boolean isSecure() { return false; }
148 @Override public void removeAttribute(String arg0) { }
149 @Override public void setAttribute(String arg0, Object arg1) { }
150 @Override public void setCharacterEncoding(String arg0) throws UnsupportedEncodingException { }
151 @Override public AsyncContext startAsync() throws IllegalStateException { return null; }
152 @Override public AsyncContext startAsync(ServletRequest arg0, ServletResponse arg1) throws IllegalStateException { return null; }
153 @Override public byte[] getCred() { return null; }
154 @Override public void setUser(String user) { }
155 @Override public void setCred(byte[] passwd) { }
156 @Override public boolean authenticate(HttpServletResponse arg0) throws IOException, ServletException { return false; }
157 @Override public String getAuthType() { return null; }
158 @Override public String getContextPath() { return null; }
159 @Override public Cookie[] getCookies() { return null; }
160 @Override public long getDateHeader(String arg0) { return 0; }
161 @Override public String getHeader(String arg0) { return null; }
162 @Override public Enumeration<String> getHeaderNames() { return null; }
163 @Override public Enumeration<String> getHeaders(String arg0) { return null; }
164 @Override public int getIntHeader(String arg0) { return 0; }
165 @Override public String getMethod() { return null; }
166 @Override public Part getPart(String arg0) throws IOException, ServletException { return null; }
167 @Override public Collection<Part> getParts() throws IOException, ServletException { return null; }
168 @Override public String getPathInfo() { return null; }
169 @Override public String getPathTranslated() { return null; }
170 @Override public String getQueryString() { return null; }
171 @Override public String getRemoteUser() { return null; }
172 @Override public String getRequestURI() { return null; }
173 @Override public StringBuffer getRequestURL() { return null; }
174 @Override public String getRequestedSessionId() { return null; }
175 @Override public String getServletPath() { return null; }
176 @Override public HttpSession getSession() { return null; }
177 @Override public HttpSession getSession(boolean arg0) { return null; }
178 @Override public Principal getUserPrincipal() { return null; }
179 @Override public boolean isRequestedSessionIdFromCookie() { return false; }
180 @Override public boolean isRequestedSessionIdFromURL() { return false; }
181 @Override public boolean isRequestedSessionIdFromUrl() { return false; }
182 @Override public boolean isRequestedSessionIdValid() { return false; }
183 @Override public boolean isUserInRole(String arg0) { return false; }
184 @Override public void login(String arg0, String arg1) throws ServletException { }
185 @Override public void logout() throws ServletException { }
Code Review / aaf / authz.git / blob