1 /*******************************************************************************
2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
20 *******************************************************************************/
21 package org.onap.dmaap.kafkaAuthorize;
23 import static org.junit.Assert.assertNotNull;
24 import static org.junit.Assert.assertTrue;
26 import org.apache.kafka.common.acl.AclOperation;
27 import org.apache.kafka.common.security.auth.KafkaPrincipal;
28 import org.junit.Before;
29 import org.junit.Test;
30 import org.junit.runner.RunWith;
31 import org.mockito.Mock;
32 import org.mockito.MockitoAnnotations;
33 import org.onap.dmaap.commonauth.kafka.base.authorization.AuthorizationProvider;
34 import org.onap.dmaap.commonauth.kafka.base.authorization.AuthorizationProviderFactory;
35 import org.powermock.api.mockito.PowerMockito;
36 import org.powermock.core.classloader.annotations.PowerMockIgnore;
37 import org.powermock.core.classloader.annotations.PrepareForTest;
38 import org.powermock.modules.junit4.PowerMockRunner;
40 import kafka.network.RequestChannel.Session;
41 import kafka.security.auth.Operation;
42 import kafka.security.auth.Resource;
43 import kafka.security.auth.ResourceType;
45 @RunWith(PowerMockRunner.class)
46 @PowerMockIgnore({"javax.net.ssl.*", "javax.security.auth.*"})
47 @PrepareForTest({ AuthorizationProviderFactory.class })
48 public class KafkaCustomAuthorizerTest {
56 KafkaPrincipal principal;
58 ResourceType resourceType;
60 AuthorizationProviderFactory factory;
62 AuthorizationProvider provider;
64 KafkaCustomAuthorizer authorizer;
67 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
71 public void setUp() throws Exception {
73 MockitoAnnotations.initMocks(this);
74 PowerMockito.when(principal.getName()).thenReturn("fullName");
75 PowerMockito.when(arg0.principal()).thenReturn(principal);
76 PowerMockito.when(arg1.name()).thenReturn("Write");
77 PowerMockito.when(resourceType.name()).thenReturn("Topic");
78 PowerMockito.when(arg2.resourceType()).thenReturn(resourceType);
79 PowerMockito.when(arg2.name()).thenReturn("namespace.Topic");
80 PowerMockito.mockStatic(AuthorizationProviderFactory.class);
81 PowerMockito.when(AuthorizationProviderFactory.getProviderFactory()).thenReturn(factory);
82 PowerMockito.when(factory.getProvider()).thenReturn(provider);
87 public void testAuthorizerSuccess() {
90 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
92 authorizer = new KafkaCustomAuthorizer();
93 assertTrue(authorizer.authorize(arg0, arg1, arg2));
98 public void testAuthorizerFailure() {
99 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
100 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
101 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.CREATE);
102 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
103 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
105 authorizer = new KafkaCustomAuthorizer();
107 authorizer.authorize(arg0, arg1, arg2);
108 } catch (Exception e) {
115 public void testAuthorizerFailure1() {
116 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
117 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
118 PowerMockito.when(resourceType.name()).thenReturn("Cluster");
119 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.CREATE);
120 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
121 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
123 authorizer = new KafkaCustomAuthorizer();
125 authorizer.authorize(arg0, arg1, arg2);
126 } catch (Exception e) {
133 public void testAuthorizerFailure2() {
134 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
135 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
136 PowerMockito.when(resourceType.name()).thenReturn("Topic");
137 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.WRITE);
138 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
140 authorizer = new KafkaCustomAuthorizer();
142 authorizer.authorize(arg0, arg1, arg2);
143 } catch (Exception e) {
150 public void testAuthorizerFailure3() {
151 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
152 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
153 PowerMockito.when(resourceType.name()).thenReturn("Topic");
154 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.DESCRIBE);
155 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
157 authorizer = new KafkaCustomAuthorizer();
159 authorizer.authorize(arg0, arg1, arg2);
160 } catch (Exception e) {
166 public void testAuthorizerFailure4() {
167 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
168 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
169 PowerMockito.when(resourceType.name()).thenReturn("Topic");
170 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.READ);
171 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
173 authorizer = new KafkaCustomAuthorizer();
175 authorizer.authorize(arg0, arg1, arg2);
176 } catch (Exception e) {
183 public void testAuthorizerFailure5() {
184 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
185 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
186 PowerMockito.when(resourceType.name()).thenReturn("Cluster");
187 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.IDEMPOTENT_WRITE);
188 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
189 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
191 authorizer = new KafkaCustomAuthorizer();
193 authorizer.authorize(arg0, arg1, arg2);
194 } catch (Exception e) {
201 public void testAuthorizerFailure6() {
202 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
203 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
204 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.DELETE);
205 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
206 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
208 authorizer = new KafkaCustomAuthorizer();
210 authorizer.authorize(arg0, arg1, arg2);
211 } catch (Exception e) {