private Clean clean;
protected Access access;
-// private final static Permission teaser = new LocalPermission("***NoPERM****");
protected AbsUserCache(Access access, long cleanInterval, int highCount, int usageCount) {
this.access = access;
for(User<PERM> user : al) {
++total;
if(user.count>usageTriggerCount) {
- // access.log(Level.AUDIT, "Checking Thread", new Date(now));
boolean touched = false, removed=false;
if(user.principal instanceof CachedPrincipal) {
CachedPrincipal cp = (CachedPrincipal)user.principal;
break;
case REVALIDATED:
user.resetCount();
- // access.log(Level.AUDIT, "CACHE revalidated credentials");
touched = true;
break;
default:
}
}
- // access.log(Level.AUDIT, "User Perm Expires", new Date(user.permExpires));
if(!removed && lur!=null && user.permExpires<= now ) {
- // access.log(Level.AUDIT, "Reloading");
if(lur.reload(user).equals(Resp.REVALIDATED)) {
user.renewPerm();
access.log(Level.DEBUG, "Reloaded Perms for",user);
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.config.Config;
-
/**
* An in-memory Lur that can be configured locally with User info via properties, similar to Tomcat-users.xml mechanisms.
- *
+ *
* @author Jonathan
*
*/
public static final String COLON = "\\s*:\\s*";
public static final String COMMA = "\\s*,\\s*";
public static final String PERCENT = "\\s*%\\s*";
-
+
// Use to quickly determine whether any given group is supported by this LUR
private final Set<String> supportingGroups;
- private String supportedRealm;
-
+ private String supportedRealm;
+
/**
* Construct by building structure, see "build"
- *
+ *
* Reconstruct with "build"
- *
- * @param userProperty
- * @param groupProperty
+ *
+ * @param userProperties
+ * @param groupProperties
* @param decryptor
* @throws IOException
*/
- public LocalLur(Access access, String userProperty, String groupProperty) throws IOException {
+ public LocalLur(Access access, String userProperties, String groupProperties) throws IOException {
super(access, 0, 0, Integer.MAX_VALUE); // data doesn't expire
supportedRealm = access.getProperty(Config.BASIC_REALM, "localized");
- supportingGroups = new TreeSet<String>();
-
- if(userProperty!=null) {
- // For each User name...
- for(String user : userProperty.trim().split(SEMI)) {
- String[] us = user.split(COLON,2);
- String[] userpass = us[0].split(PERCENT,2);
- String u;
- User<LocalPermission> usr;
- if(userpass.length>1) {
- if(userpass.length>0 && userpass[0].indexOf('@')<0) {
- userpass[0]=userpass[0] + '@' + access.getProperty(Config.AAF_DEFAULT_REALM,Config.getDefaultRealm());
- }
-
- u = userpass[0];
- byte[] pass = access.decrypt(userpass[1], true).getBytes();
- usr = new User<LocalPermission>(new ConfigPrincipal(u, pass));
- } else {
- u = us[0];
- usr = new User<LocalPermission>(new ConfigPrincipal(u, (byte[])null));
- }
- addUser(usr);
- access.log(Level.INIT, "Local User:",usr.principal);
-
- if(us.length>1) {
- Map<String, Permission> newMap = usr.newMap();
- for(String group : us[1].split(COMMA)) {
- supportingGroups.add(group);
- usr.add(newMap,new LocalPermission(group));
- }
- usr.setMap(newMap);
- }
- }
+ supportingGroups = new TreeSet<>();
+
+ if (userProperties != null) {
+ parseUserProperties(userProperties);
}
- if(groupProperty!=null) {
- // For each Group name...
- for(String group : groupProperty.trim().split(SEMI)) {
- String[] gs = group.split(COLON,2);
- if(gs.length>1) {
- supportingGroups.add(gs[0]);
- LocalPermission p = new LocalPermission(gs[0]);
- // Add all users (known by comma separators)
-
- for(String grpMem : gs[1].split(COMMA)) {
- // look for password, if so, put in passMap
- String[] userpass = grpMem.split(PERCENT,2);
- if(userpass.length>0 && userpass[0].indexOf('@')<0) {
- userpass[0]=userpass[0] + '@' + access.getProperty(Config.AAF_DEFAULT_REALM,Config.getDefaultRealm());
- }
- User<LocalPermission> usr = null;
- if(userpass.length>1) {
- byte[] pass = access.decrypt(userpass[1], true).getBytes();
- usr = getUser(userpass[0],pass);
- if(usr==null)addUser(usr=new User<LocalPermission>(new ConfigPrincipal(userpass[0],pass)));
- else usr.principal=new ConfigPrincipal(userpass[0],pass);
- } else {
- addUser(usr=new User<LocalPermission>(new ConfigPrincipal(userpass[0],(byte[])null)));
- }
- usr.add(p);
- access.log(Level.INIT, "Local User:",usr.principal);
- }
- }
- }
+
+ if (groupProperties != null) {
+ parseGroupProperties(groupProperties);
}
}
-
+
public boolean validate(String user, CredVal.Type type, byte[] cred, Object state) {
- User<LocalPermission> usr = getUser(user,cred);
- switch(type) {
- case PASSWORD:
- // covers null as well as bad pass
- if(usr!=null && cred!=null && usr.principal instanceof ConfigPrincipal) {
- return Hash.isEqual(cred,((ConfigPrincipal)usr.principal).getCred());
- }
- break;
+ if (cred == null) {
+ return false;
+ }
+ User<LocalPermission> usr = getUser(user, cred);
+ if (usr == null) {
+ return false;
+ }
+ // covers null as well as bad pass
+ if ((type == Type.PASSWORD) && (usr.principal instanceof ConfigPrincipal)) {;
+ return Hash.isEqual(cred, ((ConfigPrincipal)usr.principal).getCred());
}
return false;
}
// @Override
public boolean fish(Principal bait, Permission pond) {
- if(pond == null) {
+ if (pond == null) {
return false;
}
- if(handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions
- User<LocalPermission> user = getUser(bait);
- return user==null?false:user.contains((LocalPermission)pond);
+ if (handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions
+ User<LocalPermission> user = getUser(bait);
+ if (user != null) {
+ return user.contains((LocalPermission)pond);
}
+ }
return false;
}
// We do not want to expose the actual Group, so make a copy.
public void fishAll(Principal bait, List<Permission> perms) {
- if(handles(bait)) {
+ if (handles(bait)) {
User<LocalPermission> user = getUser(bait);
- if(user!=null) {
+ if (user != null) {
user.copyPermsTo(perms);
}
}
*/
@Override
public boolean handles(Principal principal) {
- return principal!=null && principal.getName().endsWith(supportedRealm);
+ if (principal == null) {
+ return false;
+ }
+ return principal.getName().endsWith(supportedRealm);
}
-// public boolean supports(String userName) {
-// return userName!=null && userName.endsWith(supportedRealm);
-// }
-//
public boolean handlesExclusively(Permission pond) {
return supportingGroups.contains(pond.getKey());
}
public Permission createPerm(String p) {
return new LocalPermission(p);
}
+
+ private void parseUserProperties(String userProperties) throws IOException {
+ // For each User name...
+ for (String userProperty : userProperties.trim().split(SEMI)) {
+ String[] userInfo = userProperty.split(COLON, 2);
+ String[] userPass = userInfo[0].split(PERCENT, 2);
+ String userName = userPass[0];
+
+ byte[] password = null;
+ if (userPass.length > 1) {
+ password = access.decrypt(userPass[1], true).getBytes();
+ if (userName.indexOf('@') < 0) {
+ userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
+ }
+ }
+ User<LocalPermission> usr;
+ usr = new User<>(new ConfigPrincipal(userName, password));
+ addUser(usr);
+ access.log(Level.INIT, "Local User:", usr.principal);
+
+ if (userInfo.length > 1) {
+ Map<String, Permission> newMap = usr.newMap();
+ for (String group : userInfo[1].split(COMMA)) {
+ supportingGroups.add(group);
+ usr.add(newMap, new LocalPermission(group));
+ }
+ usr.setMap(newMap);
+ }
+ }
+ }
+
+
+ private void parseGroupProperties(String groupProperties) throws IOException {
+ // For each Group name...
+ for (String group : groupProperties.trim().split(SEMI)) {
+ String[] groups = group.split(COLON, 2);
+ if (groups.length <= 1) {
+ continue;
+ }
+ supportingGroups.add(groups[0]);
+ LocalPermission p = new LocalPermission(groups[0]);
+
+ // Add all users (known by comma separators)
+ for (String groupMember : groups[1].split(COMMA)) {
+ // look for password, if so, put in passMap
+ String[] userPass = groupMember.split(PERCENT, 2);
+ String userName = userPass[0];
+ if (userName.indexOf('@') < 0) {
+ userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
+ }
+
+ User<LocalPermission> usr = null;
+ byte[] password = null;
+ if (userPass.length > 1) {
+ password = access.decrypt(userPass[1], true).getBytes();
+ }
+ usr = getUser(userName, password);
+ if (usr == null) {
+ usr = new User<>(new ConfigPrincipal(userName, password));
+ addUser(usr);
+ }
+ else {
+ usr.principal = new ConfigPrincipal(userName, password);
+ }
+ usr.add(p);
+ access.log(Level.INIT, "Local User:", usr.principal);
+ }
+ }
+ }
}
* Respond in the affirmative if the TAF was able to Authenticate
*/
public boolean isValid() {
- return principal!=null;
+ return principal != null;
}
/**
package org.onap.aaf.cadi.wsse;
-import java.io.IOException;
import java.io.InputStream;
import javax.xml.stream.XMLStreamException;
private static final String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/";
private static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
private Match<BasicCred> parseTree;
- //private XMLInputFactory inputFactory;
public WSSEParser() {
// soap:Envelope/soap:Header/wsse:Security/wsse:UsernameToken/[wsse:Password&wsse:Username]
).stopAfter() // Stop Processing when Header Ends
).exclusive()// Envelope must match Header, and no other. FYI, Body comes after Header short circuits (see above), so it's ok
).exclusive(); // root must be Envelope
- //inputFactory = XMLInputFactory.newInstance();
}
- public XMLStreamException parse(BasicCred bc, InputStream is) throws IOException {
+ public XMLStreamException parse(BasicCred bc, InputStream is) {
try {
parseTree.onMatch(bc, new XReader(is));
return null;
package org.onap.aaf.cadi.config.test;
-import static org.junit.Assert.*;
-import static org.hamcrest.CoreMatchers.*;
-import static org.mockito.Mockito.*;
-import org.junit.*;
-import org.mockito.*;
+
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
import java.io.ByteArrayOutputStream;
import java.io.File;
package org.onap.aaf.cadi.config.test;
-import static org.junit.Assert.*;
-import static org.hamcrest.CoreMatchers.*;
-import org.junit.*;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.junit.Assert.assertThat;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
import java.io.ByteArrayOutputStream;
import java.io.File;
private final static String names = "admin:myname,yourname;suser:hisname,hername,m1234";
private AbsUserCache<LocalPermission> lur;
-
+
@Before
public void setup() throws IOException {
outStream = new ByteArrayOutputStream();
UsersDump.write(outStream, lur);
String[] actualLines = Split.splitTrim('\n', outStream.toString());
String[] expectedLines = Split.splitTrim('\n', expected);
+ for (String s : actualLines) {
+ System.out.println(s);
+ }
assertThat(actualLines.length, is(expectedLines.length));
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
- * *
+ * *
* * http://www.apache.org/licenses/LICENSE-2.0
- * *
+ * *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* *
* *
******************************************************************************/
+
package org.onap.aaf.cadi.lur.test;
-import static junit.framework.Assert.assertEquals;
-import static junit.framework.Assert.assertFalse;
-import static junit.framework.Assert.assertTrue;
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Mockito.when;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
+import java.io.PrintStream;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
-import java.util.Set;
-import java.util.TreeSet;
+import org.junit.Before;
import org.junit.Test;
-import org.onap.aaf.cadi.Lur;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.Symm;
+import org.onap.aaf.cadi.AbsUserCache;
import org.onap.aaf.cadi.CredVal.Type;
-import org.onap.aaf.cadi.config.UsersDump;
+import org.onap.aaf.cadi.lur.ConfigPrincipal;
import org.onap.aaf.cadi.lur.LocalLur;
import org.onap.aaf.cadi.lur.LocalPermission;
public class JU_LocalLur {
- @Test
- public void test() throws IOException {
- final Symm symmetric = Symm.baseCrypt().obtain();
- LocalLur up;
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- baos.write(Symm.ENC.getBytes());
- symmetric.enpass("<pass>", baos);
- PropAccess ta = new PropAccess() {
- @Override
- public String decrypt(String encrypted, boolean anytext) throws IOException {
- return symmetric.depass(encrypted);
- }
+ private static final String password = "<pass>";
+ private String encrypted;
+
+ private PropAccess access;
+ private ByteArrayOutputStream outStream;
+
+ @Mock Permission permMock;
+
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
+
+ encrypted = rot13(password);
- @Override
- public String encrypt(String unencrypted) throws IOException {
- return symmetric.enpass(unencrypted);
+ outStream = new ByteArrayOutputStream();
+ access = new PropAccess(new PrintStream(outStream), new String[0]) {
+ @Override public String decrypt(String encrypted, boolean anytext) throws IOException {
+ return rot13(encrypted);
+ }
+ @Override public String encrypt(String unencrypted) throws IOException {
+ return rot13(unencrypted);
}
-
};
+
+ }
+
+ @Test
+ public void test() throws IOException {
+ LocalLur lur;
+ List<AbsUserCache<LocalPermission>.DumpInfo> info;
+
+ lur = new LocalLur(access, null, null);
+ assertThat(lur.dumpInfo().size(), is(0));
+
+ lur = new LocalLur(access, "user1", null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1"));
+
+ lur.clearAll();
+ assertThat(lur.dumpInfo().size(), is(0));
+
+ lur = new LocalLur(access, "user1%" + encrypted, null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1@none"));
+
+ lur.clearAll();
+ assertThat(lur.dumpInfo().size(), is(0));
+
+ lur = new LocalLur(access, "user1@domain%" + encrypted, null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1@domain"));
+
+ lur = new LocalLur(access, "user1@domain%" + encrypted + ":groupA", null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1@domain"));
+
+ when(permMock.getKey()).thenReturn("groupA");
+ assertThat(lur.handlesExclusively(permMock), is(true));
+ when(permMock.getKey()).thenReturn("groupB");
+ assertThat(lur.handlesExclusively(permMock), is(false));
- Lur ml = up = new LocalLur(ta,"myname:groupA,groupB","admin:myname,yourname;suser:hisname,hername,m1234%"+baos.toString());
+ assertThat(lur.fish(null, null), is(false));
+
+ Principal princ = new ConfigPrincipal("user1@localized", encrypted);
+
+ lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
+ assertThat(lur.fish(princ, lur.createPerm("groupA")), is(true));
+ assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
+ assertThat(lur.fish(princ, permMock), is(false));
+
+ princ = new ConfigPrincipal("user1@domain", encrypted);
+ assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
+ princ = new ConfigPrincipal("user1@localized", "badpass");
+ assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
-// Permission admin = new LocalPermission("admin");
-// Permission suser = new LocalPermission("suser");
-//
-// // Check User fish
-// assertTrue(ml.fish(new JUPrincipal("myname"),admin));
-// assertTrue(ml.fish(new JUPrincipal("hisname"),admin));
-// assertFalse(ml.fish(new JUPrincipal("noname"),admin));
-// assertTrue(ml.fish(new JUPrincipal("itsname"),suser));
-// assertTrue(ml.fish(new JUPrincipal("hername"),suser));
-// assertFalse(ml.fish(new JUPrincipal("myname"),suser));
-//
-// // Check validate password
-// assertTrue(up.validate("m1234",Type.PASSWORD, "<pass>".getBytes()));
-// assertFalse(up.validate("m1234",Type.PASSWORD, "badPass".getBytes()));
-//
- // Check fishAll
- Set<String> set = new TreeSet<String>();
- List<Permission> perms = new ArrayList<Permission>();
- ml.fishAll(new JUPrincipal("myname"), perms);
- for(Permission p : perms) {
- set.add(p.getKey());
- }
-// assertEquals("[admin, groupA, groupB]",set.toString());
- UsersDump.write(System.out, up);
- System.out.flush();
+ assertThat(lur.handles(null), is(false));
+ lur.fishAll(null, null);
+
+ List<Permission> perms = new ArrayList<>();
+ perms.add(lur.createPerm("groupB"));
+ perms.add(lur.createPerm("groupA"));
+ princ = new ConfigPrincipal("user1@localized", encrypted);
+ lur.fishAll(princ, perms);
+ princ = new ConfigPrincipal("user1@localized", "badpass");
+ lur.fishAll(princ, perms);
+
+ assertThat(lur.validate(null, null, null, null), is(false));
+ assertThat(lur.validate("user", null, "badpass".getBytes(), null), is(false));
+ assertThat(lur.validate("user1@localized", null, encrypted.getBytes(), null), is(false));
+
+ lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
+ assertThat(lur.validate("user1@localized", Type.PASSWORD, encrypted.getBytes(), null), is(true));
+
+ lur = new LocalLur(access, null, "admin");
+ lur = new LocalLur(access, null, "admin:user1");
+ lur = new LocalLur(access, null, "admin:user1@localized");
+ lur = new LocalLur(access, null, "admin:user1@localized,user2@localized%" + password + ";user:user1@localized");
}
-
- // Simplistic Principal for testing purposes
- private static class JUPrincipal implements Principal {
- private String name;
- public JUPrincipal(String name) {
- this.name = name;
- }
-// @Override
- public String getName() {
- return name;
+
+ public static String rot13(String input) {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < input.length(); i++) {
+ char c = input.charAt(i);
+ if (c >= 'a' && c <= 'm') {
+ c += 13;
+ } else if (c >= 'A' && c <= 'M') {
+ c += 13;
+ } else if (c >= 'n' && c <= 'z') {
+ c -= 13;
+ } else if (c >= 'N' && c <= 'Z') {
+ c -= 13;
+ }
+ sb.append(c);
}
+ return sb.toString();
}
-
-
-
-
}
+
package org.onap.aaf.cadi.principal.test;
-import static org.junit.Assert.*;
-import static org.hamcrest.CoreMatchers.*;
-import static org.mockito.Mockito.*;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.mock;
import org.junit.*;
import java.io.IOException;
import org.onap.aaf.cadi.BasicCred;
import org.onap.aaf.cadi.Symm;
import org.onap.aaf.cadi.principal.BasicPrincipal;
-import org.onap.aaf.cadi.principal.StringTagLookup;
-import org.onap.aaf.cadi.principal.TaggedPrincipal;
-import org.onap.aaf.cadi.principal.TaggedPrincipal.TagLookup;
public class JU_BasicPrincipal {
package org.onap.aaf.cadi.principal.test;
-import static org.junit.Assert.*;
-import static org.hamcrest.CoreMatchers.*;
-import static org.mockito.Mockito.*;
-import org.junit.*;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+import static org.hamcrest.CoreMatchers.is;
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.mock;
+
+import org.junit.Before;
+import org.junit.Test;
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
import java.io.IOException;
import java.lang.reflect.Field;
-import java.util.Date;
import org.onap.aaf.cadi.BasicCred;
import org.onap.aaf.cadi.CachedPrincipal;
-import org.onap.aaf.cadi.CachedPrincipal.Resp;
-import org.onap.aaf.cadi.Symm;
import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
-import org.onap.aaf.cadi.principal.StringTagLookup;
-import org.onap.aaf.cadi.principal.TaggedPrincipal;
-import org.onap.aaf.cadi.principal.TaggedPrincipal.TagLookup;
import org.onap.aaf.cadi.taf.HttpTaf;
public class JU_CachedBasicPrincipal {
--- /dev/null
+/*******************************************************************************
+* ============LICENSE_START====================================================
+* * org.onap.aaf
+* * ===========================================================================
+* * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+* * ===========================================================================
+* * Licensed under the Apache License, Version 2.0 (the "License");
+* * you may not use this file except in compliance with the License.
+* * You may obtain a copy of the License at
+* *
+* * http://www.apache.org/licenses/LICENSE-2.0
+* *
+* * Unless required by applicable law or agreed to in writing, software
+* * distributed under the License is distributed on an "AS IS" BASIS,
+* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* * See the License for the specific language governing permissions and
+* * limitations under the License.
+* * ============LICENSE_END====================================================
+* *
+* *
+******************************************************************************/
+
+package org.onap.aaf.cadi.taf.test;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.junit.Assert.assertThat;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.PrintStream;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.principal.TaggedPrincipal;
+import org.onap.aaf.cadi.taf.AbsTafResp;
+import org.onap.aaf.cadi.taf.TafResp.RESP;
+
+public class JU_AbsTafResp {
+
+ private static final String name = "name";
+ private static final String tag = "tag";
+ private static final String description = "description";
+
+ private Access access;
+ private TaggedPrincipal taggedPrinc;
+
+ @Before
+ public void setup() {
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ taggedPrinc = new TaggedPrincipal() {
+ @Override public String getName() { return name; }
+ @Override public String tag() { return tag; }
+ };
+ }
+
+ @Test
+ public void test() {
+ AbsTafResp tafResp = new AbsTafResp(access, taggedPrinc, description) {
+ @Override public RESP authenticate() throws IOException {
+ return null;
+ }
+ };
+
+ assertThat(tafResp.isValid(), is(true));
+ assertThat(tafResp.desc(), is(description));
+ assertThat(tafResp.isAuthenticated(), is(RESP.IS_AUTHENTICATED));
+ assertThat(tafResp.getPrincipal(), is(taggedPrinc));
+ assertThat(tafResp.getAccess(), is(access));
+ assertThat(tafResp.isFailedAttempt(), is(false));
+
+ tafResp = new AbsTafResp(null, null, null) {
+ @Override public RESP authenticate() throws IOException {
+ return null;
+ }
+ };
+
+ assertThat(tafResp.isValid(), is(false));
+ assertThat(tafResp.isAuthenticated(), is(RESP.TRY_ANOTHER_TAF));
+ assertThat(tafResp.getPrincipal(), is(nullValue()));
+ assertThat(tafResp.getAccess(), is(nullValue()));
+ assertThat(tafResp.isFailedAttempt(), is(false));
+ }
+
+}
package org.onap.aaf.cadi.test;
-import static org.junit.Assert.*;
-import static org.hamcrest.CoreMatchers.*;
-import static org.mockito.Mockito.*;
-import org.junit.*;
-import org.mockito.*;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
import org.onap.aaf.cadi.AbsUserCache;
-import org.onap.aaf.cadi.AbsUserCache.*;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.CachedPrincipal.Resp;
import org.onap.aaf.cadi.CachingLur;
import org.onap.aaf.cadi.GetCred;
-import org.onap.aaf.cadi.Hash;
import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.PropAccess;
import org.onap.aaf.cadi.User;
public class JU_AbsUserCache {
@Mock private CachingLur<Permission> cl;
-
@Mock private Principal principal;
-
@Mock private CachedBasicPrincipal cbp;
-
@Mock private LocalPermission permission1;
@Mock private LocalPermission permission2;
-
private Access access;
private String name1 = "name1";
private String name2 = "name2";
private byte[] password = "password".getBytes();
-
+
private static Field timerField;
@BeforeClass
@Test
public void handlesExclusivelyTest() {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
assertFalse(aucs.handlesExclusively(permission1));
assertFalse(aucs.handlesExclusively(permission2));
}
@Test
public void destroyTest() {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
aucs.destroy();
- aucs = new AbsUserCacheStub<Permission>(access, 1, 1, Integer.MAX_VALUE);
+ aucs = new AbsUserCacheStub<Permission>(access, 1, 1, Integer.MAX_VALUE);
aucs.destroy();
}
@Test
public void missTest() throws IOException {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
// Add the Miss to the missmap
assertTrue(aucs.addMiss("key", password)); // This one actually adds it
assertTrue(aucs.addMiss("key", password)); // this one doesn't really do anything
}
class AbsUserCacheStub<PERM extends Permission> extends AbsUserCache<PERM> {
- public AbsUserCacheStub(Access access, long cleanInterval, int highCount, int usageCount) { super(access, cleanInterval, highCount, usageCount); }
- public AbsUserCacheStub(AbsUserCache<PERM> cache) { super(cache); }
- @Override public void setLur(CachingLur<PERM> lur) { super.setLur(lur); }
- @Override public void addUser(User<PERM> user) { super.addUser(user); }
- @Override public void addUser(String key, User<PERM> user) { super.addUser(key, user); }
- @Override public User<PERM> getUser(Principal p) { return super.getUser(p); }
- @Override public User<PERM> getUser(CachedBasicPrincipal p) { return super.getUser(p); }
- @Override public User<PERM> getUser(String user, byte[] cred) { return super.getUser(user, cred); }
+ public AbsUserCacheStub(Access access, long cleanInterval, int highCount, int usageCount) { super(access, cleanInterval, highCount, usageCount); }
+ public AbsUserCacheStub(AbsUserCache<PERM> cache) { super(cache); }
+ @Override public void setLur(CachingLur<PERM> lur) { super.setLur(lur); }
+ @Override public void addUser(User<PERM> user) { super.addUser(user); }
+ @Override public void addUser(String key, User<PERM> user) { super.addUser(key, user); }
+ @Override public User<PERM> getUser(Principal p) { return super.getUser(p); }
+ @Override public User<PERM> getUser(CachedBasicPrincipal p) { return super.getUser(p); }
+ @Override public User<PERM> getUser(String user, byte[] cred) { return super.getUser(user, cred); }
@Override public void remove(User<PERM> user) { super.remove(user); }
@Override public boolean addMiss(String key, byte[] bs) { return super.addMiss(key, bs); }
@Override public Miss missed(String key, byte[] bs) throws IOException { return super.missed(key, bs); }
}
class AbsUserCacheCLStub<PERM extends Permission> extends AbsUserCache<PERM> implements CachingLur<PERM> {
- public AbsUserCacheCLStub(AbsUserCache<PERM> cache) { super(cache); }
- @Override public Permission createPerm(String p) { return null; }
- @Override public boolean fish(Principal bait, Permission pond) { return false; }
- @Override public void fishAll(Principal bait, List<Permission> permissions) { }
- @Override public boolean handles(Principal principal) { return false; }
- @Override public Resp reload(User<PERM> user) { return null; }
+ public AbsUserCacheCLStub(AbsUserCache<PERM> cache) { super(cache); }
+ @Override public Permission createPerm(String p) { return null; }
+ @Override public boolean fish(Principal bait, Permission pond) { return false; }
+ @Override public void fishAll(Principal bait, List<Permission> permissions) { }
+ @Override public boolean handles(Principal principal) { return false; }
+ @Override public Resp reload(User<PERM> user) { return null; }
@Override public void setDebug(String commaDelimIDsOrNull) { }
}
@Test
public void convertTest1() {
- String test = "te%t";
List<String> list = new ArrayList<String>();
list.add("method");
assertEquals(Vars.convert("test", list), "test");
@Test
public void convertTest2() {
- String test = "te%s%t";
List<String> list = new ArrayList<String>();
list.add("method");
assertEquals(Vars.convert("test", list), "test");
--- /dev/null
+/*******************************************************************************
+* ============LICENSE_START====================================================
+* * org.onap.aaf
+* * ===========================================================================
+* * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+* * ===========================================================================
+* * Licensed under the Apache License, Version 2.0 (the "License");
+* * you may not use this file except in compliance with the License.
+* * You may obtain a copy of the License at
+* *
+* * http://www.apache.org/licenses/LICENSE-2.0
+* *
+* * Unless required by applicable law or agreed to in writing, software
+* * distributed under the License is distributed on an "AS IS" BASIS,
+* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* * See the License for the specific language governing permissions and
+* * limitations under the License.
+* * ============LICENSE_END====================================================
+* *
+* *
+******************************************************************************/
+package org.onap.aaf.cadi.wsse.test;
+
+import org.junit.Test;
+import org.onap.aaf.cadi.wsse.WSSEParser;
+
+public class JU_WSSEParser {
+
+ @Test
+ public void test() {
+ @SuppressWarnings("unused")
+ WSSEParser wp = new WSSEParser();
+
+ // TODO: test the rest of this class
+// final BasicCred bc = new BasicCred() {
+// private String user;
+// private byte[] password;
+//
+// public void setUser(String user) { this.user = user; }
+// public void setCred(byte[] passwd) { this.password = passwd; }
+// public String getUser() { return user; }
+// public byte[] getCred() { return password; }
+// };
+
+// FileInputStream fis;
+// fis = new FileInputStream("test/example.xml");
+// BufferedServletInputStream is = new BufferedServletInputStream(fis);
+// try {
+// is.mark(1536);
+// try {
+// assertNull(wp.parse(bc, is));
+// } finally {
+// is.reset();
+// assertEquals(814,is.buffered());
+// }
+// String password = new String(bc.getCred());
+// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
+// assertEquals("some_user", bc.getUser());
+// assertEquals("some_password", password);
+//
+// } finally {
+// fis.close();
+// }
+//
+// // CBUS (larger)
+// fis = new FileInputStream("test/CBUSevent.xml");
+// is = new BufferedServletInputStream(fis);
+// try {
+// is.mark(1536);
+// try {
+// assertNull(wp.parse(bc, is));
+// } finally {
+// is.reset();
+// assertEquals(667,is.buffered());
+// }
+// String password = new String(bc.getCred());
+// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
+// assertEquals("none", bc.getUser());
+// assertEquals("none", password);
+//
+// } finally {
+// fis.close();
+// }
+//
+// // Closed Stream
+// fis = new FileInputStream("test/example.xml");
+// fis.close();
+// bc.setCred(null);
+// bc.setUser(null);
+// XMLStreamException ex = wp.parse(bc, fis);
+// assertNotNull(ex);
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
+//
+//
+// fis = new FileInputStream("test/exampleNoSecurity.xml");
+// try {
+// bc.setCred(null);
+// bc.setUser(null);
+// assertNull(wp.parse(bc, fis));
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
+// } finally {
+// fis.close();
+// }
+//
+// fis = new FileInputStream("test/exampleBad1.xml");
+// try {
+// bc.setCred(null);
+// bc.setUser(null);
+// assertNull(wp.parse(bc, fis));
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
+// } finally {
+// fis.close();
+// }
+//
+// XMLStreamException e = wp.parse(bc, new ByteArrayInputStream("Not XML".getBytes())); // empty
+// assertNotNull(e);
+//
+// e = wp.parse(bc, new ByteArrayInputStream("".getBytes())); // empty
+// assertNotNull(e);
+//
+//
+// long start, count = 0L;
+// int iter = 30000;
+// File f = new File("test/CBUSevent.xml");
+// fis = new FileInputStream(f);
+// is = new BufferedServletInputStream(fis);
+// is.mark(0);
+// try {
+// while(is.read()>=0);
+// } finally {
+// fis.close();
+// }
+//
+// for(int i=0;i<iter;++i) {
+// start = System.nanoTime();
+// is.reset();
+// try {
+// assertNull(wp.parse(bc, is));
+// } finally {
+// count += System.nanoTime()-start;
+// }
+// }
+// float ms = count/1000000f;
+// System.out.println("Executed " + iter + " WSSE reads from Memory Stream in " + ms + "ms. " + ms/iter + "ms per trans");
+//
+// // SPECIFIC ISSUES
+//
+// fis = new FileInputStream("test/error2013_04_23.xml");
+// try {
+// bc.setCred(null);
+// bc.setUser(null);
+// assertNull(wp.parse(bc, fis));
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
+// } finally {
+// fis.close();
+// }
+ }
+
+}
+++ /dev/null
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * *
- ******************************************************************************/
-package org.onap.aaf.cadi.wsse.test;
-
-import static junit.framework.Assert.assertEquals;
-import static junit.framework.Assert.assertNotNull;
-import static junit.framework.Assert.assertNull;
-
-import java.io.ByteArrayInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-
-import javax.xml.stream.XMLStreamException;
-
-import org.junit.Test;
-import org.onap.aaf.cadi.BasicCred;
-import org.onap.aaf.cadi.BufferedServletInputStream;
-import org.onap.aaf.cadi.wsse.WSSEParser;
-
-public class JU_WSSE_Read {
-
-// @Test
-// public void test() {
-// try {
-// final BasicCred bc = new BasicCred() {
-
-// private String user;
-// private byte[] password;
-
-// public void setUser(String user) {
-// this.user = user;
-// }
-
-// public void setCred(byte[] passwd) {
-// this.password = passwd;
-// }
-
-// public String getUser() {
-// return user;
-// }
-
-// public byte[] getCred() {
-// return password;
-// }
-// };
-
-// WSSEParser wp = new WSSEParser();
-
-// FileInputStream fis;
-// fis = new FileInputStream("test/example.xml");
-// BufferedServletInputStream is = new BufferedServletInputStream(fis);
-// try {
-// is.mark(1536);
-// try {
-// assertNull(wp.parse(bc, is));
-// } finally {
-// is.reset();
-// assertEquals(814,is.buffered());
-// }
-// String password = new String(bc.getCred());
-// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
-// assertEquals("some_user", bc.getUser());
-// assertEquals("some_password", password);
-
-// } finally {
-// fis.close();
-// }
-
-// // CBUS (larger)
-// fis = new FileInputStream("test/CBUSevent.xml");
-// is = new BufferedServletInputStream(fis);
-// try {
-// is.mark(1536);
-// try {
-// assertNull(wp.parse(bc, is));
-// } finally {
-// is.reset();
-// assertEquals(667,is.buffered());
-// }
-// String password = new String(bc.getCred());
-// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
-// assertEquals("none", bc.getUser());
-// assertEquals("none", password);
-
-// } finally {
-// fis.close();
-// }
-
-// // Closed Stream
-// fis = new FileInputStream("test/example.xml");
-// fis.close();
-// bc.setCred(null);
-// bc.setUser(null);
-// XMLStreamException ex = wp.parse(bc, fis);
-// assertNotNull(ex);
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
-
-
-// fis = new FileInputStream("test/exampleNoSecurity.xml");
-// try {
-// bc.setCred(null);
-// bc.setUser(null);
-// assertNull(wp.parse(bc, fis));
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
-// } finally {
-// fis.close();
-// }
-
-// fis = new FileInputStream("test/exampleBad1.xml");
-// try {
-// bc.setCred(null);
-// bc.setUser(null);
-// assertNull(wp.parse(bc, fis));
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
-// } finally {
-// fis.close();
-// }
-
-// XMLStreamException e = wp.parse(bc, new ByteArrayInputStream("Not XML".getBytes())); // empty
-// assertNotNull(e);
-
-// e = wp.parse(bc, new ByteArrayInputStream("".getBytes())); // empty
-// assertNotNull(e);
-
-
-// long start, count = 0L;
-// int iter = 30000;
-// File f = new File("test/CBUSevent.xml");
-// fis = new FileInputStream(f);
-// is = new BufferedServletInputStream(fis);
-// is.mark(0);
-// try {
-// while(is.read()>=0);
-// } finally {
-// fis.close();
-// }
-
-// for(int i=0;i<iter;++i) {
-// start = System.nanoTime();
-// is.reset();
-// try {
-// assertNull(wp.parse(bc, is));
-// } finally {
-// count += System.nanoTime()-start;
-// }
-// }
-// float ms = count/1000000f;
-// System.out.println("Executed " + iter + " WSSE reads from Memory Stream in " + ms + "ms. " + ms/iter + "ms per trans");
-
-// // SPECIFIC ISSUES
-
-// fis = new FileInputStream("test/error2013_04_23.xml");
-// try {
-// bc.setCred(null);
-// bc.setUser(null);
-// assertNull(wp.parse(bc, fis));
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
-// } finally {
-// fis.close();
-// }
-// } catch(Exception e) {
-// e.printStackTrace(System.err);
-// }
-// }
-
-}
******************************************************************************/
package org.onap.aaf.cadi.wsse.test;
-import static org.junit.Assert.*;
-import static org.hamcrest.CoreMatchers.*;
-import org.junit.*;
+import static org.junit.Assert.assertThat;
+import static org.hamcrest.CoreMatchers.is;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.PrintWriter;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.XMLEvent;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
import org.onap.aaf.cadi.wsse.XEvent;
import org.onap.aaf.cadi.wsse.XReader;
}
}
- // @Test
- // public void tagTest() {
- // String prefix = "prefix";
- // String name = "name";
- // String value = "value";
- // XReader.Tag tag = new Tag(prefix, name, value);
-
- // assertThat(tag.toString(), is(prefix + ':' + name + "=\'" + value + "'"));
- // }
-
-
private static XEvent getNextEvent(XReader xr) throws XMLStreamException {
if (xr.hasNext()) {
return xr.nextEvent();
Code Review / aaf / authz.git / commitdiff