* ============LICENSE_START=======================================================
* org.onap.aai
* ================================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * Copyright © 2017 European Software Marketing Ltd.
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright © 2017-2018 European Software Marketing Ltd.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* See the License for the specific language governing permissions and
* limitations under the License.
* ============LICENSE_END=========================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
*/
package org.onap.aai.babel;
-import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertThat;
private static final String authPolicyFile = "auth_policy.json";
static {
- System.setProperty("CONFIG_HOME",
- System.getProperty("user.dir") + File.separator + "src/test/resources");
+ System.setProperty("CONFIG_HOME", System.getProperty("user.dir") + File.separator + "src/test/resources");
}
/**
* Temporarily invalidate the default policy file and then try to initialise the authorisation class using the name
* of a policy file that does not exist.
- *
+ *
* @throws AAIAuthException
* @throws IOException
*/
String defaultFile = AAIMicroServiceAuthCore.getDefaultAuthFileName();
try {
AAIMicroServiceAuthCore.setDefaultAuthFileName("invalid.default.file");
- BabelAuthConfig gapServiceAuthConfig = new BabelAuthConfig();
- gapServiceAuthConfig.setAuthPolicyFile("invalid.file.name");
- new AAIMicroServiceAuth(gapServiceAuthConfig);
+ BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig();
+ babelServiceAuthConfig.setAuthPolicyFile("invalid.file.name");
+ new AAIMicroServiceAuth(babelServiceAuthConfig);
} finally {
AAIMicroServiceAuthCore.setDefaultAuthFileName(defaultFile);
}
/**
* Test loading of a temporary file created with the specified roles
- *
+ *
* @throws AAIAuthException
* @throws IOException
* @throws JSONException
@Test
public void createLocalAuthFile() throws AAIAuthException, IOException, JSONException {
JSONObject roles = createRoleObject("role", createUserObject("user"), createFunctionObject("func"));
- AAIMicroServiceAuth auth = createAuthService(roles);
- assertThat(auth.authorize("nosuchuser", "method:func"), is(false));
- assertThat(auth.authorize("user", "method:func"), is(true));
+ createAuthService(roles);
+ assertThat(AAIMicroServiceAuthCore.authorize("nosuchuser", "method:func"), is(false));
+ assertThat(AAIMicroServiceAuthCore.authorize("user", "method:func"), is(true));
}
/**
* Test that the default policy file is loaded when a non-existent file is passed to the authorisation clas.
- *
+ *
* @throws AAIAuthException
*/
@Test
public void createAuthFromDefaultFile() throws AAIAuthException {
- BabelAuthConfig gapServiceAuthConfig = new BabelAuthConfig();
- gapServiceAuthConfig.setAuthPolicyFile("non-existent-file");
- AAIMicroServiceAuth auth = new AAIMicroServiceAuth(gapServiceAuthConfig);
+ BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig();
+ babelServiceAuthConfig.setAuthPolicyFile("non-existent-file");
+ AAIMicroServiceAuth auth = new AAIMicroServiceAuth(babelServiceAuthConfig);
// The default policy will have been loaded
assertAdminUserAuthorisation(auth, VALID_ADMIN_USER);
}
/**
* Test loading of the policy file relative to CONFIG_HOME
- *
+ *
* @throws AAIAuthException
*/
@Test
@Test
public void testAuthUser() throws AAIAuthException {
- AAIMicroServiceAuth auth = createStandardAuth();
- assertThat(auth.authenticate(VALID_ADMIN_USER, "GET:actions"), is(equalTo("OK")));
- assertThat(auth.authenticate(VALID_ADMIN_USER, "WRONG:action"), is(equalTo("AAI_9101")));
+ createStandardAuth();
+ assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "GET:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "WRONG:action"), is(false));
}
-
-
@Test
public void testValidateRequest() throws AAIAuthException {
AAIMicroServiceAuth auth = createStandardAuth();
- assertThat(auth.validateRequest(null, new MockHttpServletRequest(), null, "app/v1/gap"), is(false));
+ assertThat(auth.validateRequest(null, new MockHttpServletRequest(), null, "app/v1/babel"), is(false));
}
private AAIMicroServiceAuth createStandardAuth() throws AAIAuthException {
- BabelAuthConfig gapServiceAuthConfig = new BabelAuthConfig();
- gapServiceAuthConfig.setAuthPolicyFile(authPolicyFile);
- return new AAIMicroServiceAuth(gapServiceAuthConfig);
+ BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig();
+ babelServiceAuthConfig.setAuthPolicyFile(authPolicyFile);
+ return new AAIMicroServiceAuth(babelServiceAuthConfig);
}
/**
* @throws AAIAuthException
*/
private AAIMicroServiceAuth createAuthService(JSONObject roles) throws IOException, AAIAuthException {
- BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
File file = File.createTempFile("auth-policy", "json");
file.deleteOnExit();
FileWriter fileWriter = new FileWriter(file);
fileWriter.flush();
fileWriter.close();
+ BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
babelAuthConfig.setAuthPolicyFile(file.getAbsolutePath());
return new AAIMicroServiceAuth(babelAuthConfig);
}
/**
* Assert authorisation results for an admin user based on the test policy file
- *
+ *
* @param auth
* @param adminUser
* @throws AAIAuthException
*/
private void assertAdminUserAuthorisation(AAIMicroServiceAuth auth, String adminUser) throws AAIAuthException {
- assertThat(auth.authorize(adminUser, "GET:actions"), is(true));
- assertThat(auth.authorize(adminUser, "POST:actions"), is(true));
- assertThat(auth.authorize(adminUser, "PUT:actions"), is(true));
- assertThat(auth.authorize(adminUser, "DELETE:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "GET:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "POST:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "PUT:actions"), is(true));
+ assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "DELETE:actions"), is(true));
}
private JSONArray createFunctionObject(String functionName) throws JSONException {
private JSONObject createRoleObject(String roleName, JSONArray usersArray, JSONArray functionsArray)
throws JSONException {
- JSONObject roles = new JSONObject();
-
JSONObject role = new JSONObject();
role.put("name", roleName);
role.put("functions", functionsArray);
JSONArray rolesArray = new JSONArray();
rolesArray.put(role);
- roles.put("roles", rolesArray);
+ JSONObject roles = new JSONObject();
+ roles.put("roles", rolesArray);
return roles;
}