aai-core/src/test/java/org/onap/aai/auth/AAIAuthCoreTest.java

   1 /**
   2  * ============LICENSE_START=======================================================
   3  * org.onap.aai
   4  * ================================================================================
   5  * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *    http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20 package org.onap.aai.auth;
  21
  22 import org.junit.Before;
  23 import org.junit.Test;
  24 import org.onap.aai.AAISetup;
  25 import org.onap.aai.auth.exceptions.AAIUnrecognizedFunctionException;
  26
  27 import static org.junit.Assert.*;
  28
  29 public class AAIAuthCoreTest extends AAISetup {
  30
  31         private AAIAuthCore authCore;
  32
  33         @Before
  34         public void setup(){
  35             authCore = new AAIAuthCore("/aai");
  36         }
  37
  38         @Test
  39         public void getAuthPolicyFunctionNameTest() {
  40
  41                 String uri = "/aai/v3/search/edge-tag-query";
  42                 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
  43
  44                 uri = "/aai/v10/search/edge-tag-query";
  45                 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
  46
  47                 uri = "/aai/search/model";
  48                 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
  49
  50                 uri = "/aai/v9/cloud-infrastructure/cloud-regions/cloud-region/somecloudregion/some-cloud-owner";
  51                 assertEquals("Get aai function name from " + uri, "cloud-infrastructure", authCore.getAuthPolicyFunctName(uri));
  52
  53                 uri = "/aai/v8/network/pnfs/pnf/ff4ca01orc/p-interfaces";
  54                 assertEquals("Get aai function name from " + uri, "network", authCore.getAuthPolicyFunctName(uri));
  55
  56                 uri = "/aai/util/echo";
  57                 assertEquals("Get aai function name from " + uri, "util", authCore.getAuthPolicyFunctName(uri));
  58
  59                 uri = "/aai/tools";
  60                 assertEquals("Get aai function name from " + uri, "tools", authCore.getAuthPolicyFunctName(uri));
  61
  62                 uri = "/aai/v12/bulk/single-transaction";
  63                 assertEquals("Get aai function name from " + uri, "bulk", authCore.getAuthPolicyFunctName(uri));
  64
  65         }
  66
  67         @Test
  68         public void validUsernameAuthTest() throws AAIUnrecognizedFunctionException {
  69                 assertTrue(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
  70         }
  71
  72         @Test
  73         public void validUsernameInvalidHttpMethodAuthTest() throws AAIUnrecognizedFunctionException {
  74                 assertFalse(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", ""));
  75         }
  76
  77         @Test(expected = AAIUnrecognizedFunctionException.class)
  78         public void validUsernameInvalidFunctionInURIAuthTest() throws AAIUnrecognizedFunctionException {
  79                 authCore.authorize("testUser".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "");
  80         }
  81
  82         @Test
  83         public void invalidUsernameAuthTest() throws AAIUnrecognizedFunctionException {
  84                 assertFalse(authCore.authorize("invlaidTestUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
  85         }
  86
  87         @Test
  88         public void validUsernameIsTheExactWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
  89                 assertTrue(authCore.authorize("testWildcardId".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
  90         }
  91
  92         @Test
  93         public void validUsernameContainsTheWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
  94                 assertTrue(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "", "aafWildCardIssuer"));
  95         }
  96
  97         @Test
  98         public void validUsernameContainsTheWildcardIdInvalidIssuerAuthTest() throws AAIUnrecognizedFunctionException {
  99                 assertFalse(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "", "invalidIssuer"));
 100         }
 101
 102         @Test
 103         public void invalidUsernameContainsRegularUsernameAuthTest() throws AAIUnrecognizedFunctionException {
 104                 assertFalse(authCore.authorize("cn=blah, testUser, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
 105         }
 106
 107         @Test
 108         public void haProxyUsernameAuthTest() throws AAIUnrecognizedFunctionException {
 109                 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/util/echo", "GET", ""));
 110         }
 111
 112         @Test
 113         public void haProxyUsernameInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
 114                 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
 115         }
 116
 117         @Test
 118         public void validUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 119                 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testUser".toLowerCase()));
 120         }
 121
 122         @Test
 123         public void validUsernameInvalidHttpMethodViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 124                 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", "testUser".toLowerCase()));
 125         }
 126
 127         @Test(expected = AAIUnrecognizedFunctionException.class)
 128         public void validUsernameInvalidFunctionInURIViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 129                 authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "testUser".toLowerCase());
 130         }
 131
 132         @Test
 133         public void invalidUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 134                 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "invlaidTestUser".toLowerCase()));
 135         }
 136
 137         @Test
 138         public void validUsernameIsTheExactWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 139                 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testWildcardId".toLowerCase()));
 140         }
 141
 142         @Test
 143         public void validUsernameContainsTheWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 144                 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
 145         }
 146
 147         @Test
 148         public void invalidUsernameContainsRegularUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
 149                 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testUser, O=".toLowerCase()));
 150         }
 151
 152         @Test
 153         public void haProxyUsernameTwiceAuthTest() throws AAIUnrecognizedFunctionException {
 154                 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "ha-proxy-user".toLowerCase()));
 155         }
 156
 157
 158         @Test
 159         public void haProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 160                 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/util/echo", "GET", "", "aafWildCardIssuer"));
 161         }
 162
 163         @Test
 164         public void haProxyWildcardIdInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
 165                 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
 166         }
 167
 168         @Test
 169         public void validUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 170                 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testUser".toLowerCase(), "aafWildCardIssuer"));
 171         }
 172
 173         @Test
 174         public void validUsernameInvalidHttpMethodViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 175                 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", "testUser".toLowerCase()));
 176         }
 177
 178         @Test(expected = AAIUnrecognizedFunctionException.class)
 179         public void validUsernameInvalidFunctionInURIViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 180                 authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "testUser".toLowerCase());
 181         }
 182
 183         @Test
 184         public void invalidUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 185                 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "invlaidTestUser".toLowerCase()));
 186         }
 187
 188         @Test
 189         public void validUsernameIsTheExactWildcardIdViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 190                 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testWildcardId".toLowerCase(), "aafWildCardIssuer"));
 191         }
 192
 193         @Test
 194         public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 195                 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
 196         }
 197
 198         @Test
 199         public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdInvalidIssuerAuthTest() throws AAIUnrecognizedFunctionException {
 200                 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "invalidIssuer"));
 201         }
 202
 203         @Test
 204         public void invalidUsernameContainsRegularUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
 205                 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testUser, O=".toLowerCase()));
 206         }
 207
 208 }