2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.aai.auth;
22 import org.junit.Before;
23 import org.junit.Test;
24 import org.onap.aai.AAISetup;
25 import org.onap.aai.auth.exceptions.AAIUnrecognizedFunctionException;
27 import static org.junit.Assert.*;
29 public class AAIAuthCoreTest extends AAISetup {
31 private AAIAuthCore authCore;
35 authCore = new AAIAuthCore("/aai");
39 public void getAuthPolicyFunctionNameTest() {
41 String uri = "/aai/v3/search/edge-tag-query";
42 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
44 uri = "/aai/v10/search/edge-tag-query";
45 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
47 uri = "/aai/search/model";
48 assertEquals("Get aai function name from " + uri, "search", authCore.getAuthPolicyFunctName(uri));
50 uri = "/aai/v9/cloud-infrastructure/cloud-regions/cloud-region/somecloudregion/some-cloud-owner";
51 assertEquals("Get aai function name from " + uri, "cloud-infrastructure", authCore.getAuthPolicyFunctName(uri));
53 uri = "/aai/v8/network/pnfs/pnf/ff4ca01orc/p-interfaces";
54 assertEquals("Get aai function name from " + uri, "network", authCore.getAuthPolicyFunctName(uri));
56 uri = "/aai/util/echo";
57 assertEquals("Get aai function name from " + uri, "util", authCore.getAuthPolicyFunctName(uri));
60 assertEquals("Get aai function name from " + uri, "tools", authCore.getAuthPolicyFunctName(uri));
62 uri = "/aai/v12/bulk/single-transaction";
63 assertEquals("Get aai function name from " + uri, "bulk", authCore.getAuthPolicyFunctName(uri));
68 public void validUsernameAuthTest() throws AAIUnrecognizedFunctionException {
69 assertTrue(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
73 public void validUsernameInvalidHttpMethodAuthTest() throws AAIUnrecognizedFunctionException {
74 assertFalse(authCore.authorize("testUser".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", ""));
77 @Test(expected = AAIUnrecognizedFunctionException.class)
78 public void validUsernameInvalidFunctionInURIAuthTest() throws AAIUnrecognizedFunctionException {
79 authCore.authorize("testUser".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "");
83 public void invalidUsernameAuthTest() throws AAIUnrecognizedFunctionException {
84 assertFalse(authCore.authorize("invlaidTestUser".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
88 public void validUsernameIsTheExactWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
89 assertTrue(authCore.authorize("testWildcardId".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
93 public void validUsernameContainsTheWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
94 assertTrue(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "", "aafWildCardIssuer"));
98 public void validUsernameContainsTheWildcardIdInvalidIssuerAuthTest() throws AAIUnrecognizedFunctionException {
99 assertFalse(authCore.authorize("cn=blah, testWildcardId, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "", "invalidIssuer"));
103 public void invalidUsernameContainsRegularUsernameAuthTest() throws AAIUnrecognizedFunctionException {
104 assertFalse(authCore.authorize("cn=blah, testUser, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
108 public void haProxyUsernameAuthTest() throws AAIUnrecognizedFunctionException {
109 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/util/echo", "GET", ""));
113 public void haProxyUsernameInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
114 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
118 public void validUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
119 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testUser".toLowerCase()));
123 public void validUsernameInvalidHttpMethodViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
124 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", "testUser".toLowerCase()));
127 @Test(expected = AAIUnrecognizedFunctionException.class)
128 public void validUsernameInvalidFunctionInURIViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
129 authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "testUser".toLowerCase());
133 public void invalidUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
134 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "invlaidTestUser".toLowerCase()));
138 public void validUsernameIsTheExactWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
139 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testWildcardId".toLowerCase()));
143 public void validUsernameContainsTheWildcardIdViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
144 assertTrue(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
148 public void invalidUsernameContainsRegularUsernameViaHaProxyAuthTest() throws AAIUnrecognizedFunctionException {
149 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testUser, O=".toLowerCase()));
153 public void haProxyUsernameTwiceAuthTest() throws AAIUnrecognizedFunctionException {
154 assertFalse(authCore.authorize("ha-proxy-user".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "ha-proxy-user".toLowerCase()));
159 public void haProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
160 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/util/echo", "GET", "", "aafWildCardIssuer"));
164 public void haProxyWildcardIdInvalidFunctionAuthTest() throws AAIUnrecognizedFunctionException {
165 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", ""));
169 public void validUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
170 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testUser".toLowerCase(), "aafWildCardIssuer"));
174 public void validUsernameInvalidHttpMethodViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
175 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "POST", "testUser".toLowerCase()));
178 @Test(expected = AAIUnrecognizedFunctionException.class)
179 public void validUsernameInvalidFunctionInURIViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
180 authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/badFunction/someUri", "PUT", "testUser".toLowerCase());
184 public void invalidUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
185 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "invlaidTestUser".toLowerCase()));
189 public void validUsernameIsTheExactWildcardIdViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
190 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "testWildcardId".toLowerCase(), "aafWildCardIssuer"));
194 public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
195 assertTrue(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "aafWildCardIssuer"));
199 public void validUsernameContainsTheWildcardIdViaHaProxyWildcardIdInvalidIssuerAuthTest() throws AAIUnrecognizedFunctionException {
200 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testWildcardId, O=".toLowerCase(), "invalidIssuer"));
204 public void invalidUsernameContainsRegularUsernameViaHaProxyWildcardIdAuthTest() throws AAIUnrecognizedFunctionException {
205 assertFalse(authCore.authorize("cn=blah, ha-proxy-wildcard-id, O=".toLowerCase(), "/aai/v0/testFunction/someUri", "PUT", "cn=blah, testUser, O=".toLowerCase()));