Configuration and Auto-Certificates

Issue-ID: AAF-378 Change-Id: Ic820a4e43684a6130f00b28b415a974876099fc3 Signed-off-by: Instrumental <jonathan.gathman@att.com>
author: Instrumental <jonathan.gathman@att.com> 2018-07-19 13:29:32 -0500
committer: Instrumental <jonathan.gathman@att.com> 2018-07-19 13:29:44 -0500
commit: 32cdd553a8668e6d03a9cf5b11b360d35a63c87f (patch)
tree: 48c02e4be820d87efb777d7be20bad57d517b61c /auth/auth-deforg
parent: 9c8a8b0926b13b07fb1e5394903401e7a3f1ff79 (diff)
3 files changed, 165 insertions, 15 deletions
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
index dd4a8260..b36c6f24 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
@@ -203,14 +203,27 @@ public class DefaultOrg implements Organization {
 	}
 
 	private static final String SPEC_CHARS = "!@#$%^*-+?/,:;.";
-	private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})");
+	private static final Pattern PASS_PATTERN=Pattern.compile("(((?=.*[a-z,A-Z])(((?=.*\\d))|(?=.*[" + SPEC_CHARS +"]))).{6,20})");
 	/**
+	 *  (				# Start of group
+	 *  (?=.*[a-z,A-Z])	#   must contain one character
+	 *  
+	 *  (?=.*\d)		#   must contain one digit from 0-9 
+	 *        OR
+	 *  (?=.*[@#$%])	#   must contain one special symbols in the list SPEC_CHARS
+	 *  
+	 *        	.		#     match anything with previous condition checking
+	 *          {6,20}	#        length at least 6 characters and maximum of 20
+	 *  )				# End of group
+	 *
+	 * Another example, more stringent pattern
+	 private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})");
 	 *  Attribution: from mkyong.com
 	 *  (				# Start of group
-	 *  (?=.*\d)			#   must contains one digit from 0-9
-	 *  (?=.*[a-z])		#   must contains one lowercase characters
-	 *  (?=.*[A-Z])		#   must contains one uppercase characters
-	 *  (?=.*[@#$%])		#   must contains one special symbols in the list SPEC_CHARS
+	 *  (?=.*\d)		#   must contain one digit from 0-9
+	 *  (?=.*[a-z])		#   must contain one lowercase characters
+	 *  (?=.*[A-Z])		#   must contain one uppercase characters
+	 *  (?=.*[@#$%])	#   must contain one special symbols in the list SPEC_CHARS
 	 *        	.		#     match anything with previous condition checking
 	 *          {6,20}	#        length at least 6 characters and maximum of 20
 	 *  )				# End of group
@@ -230,11 +243,11 @@ public class DefaultOrg implements Organization {
 	}
 
 	private static final String[] rules = new String[] {
-			"Passwords must contain one digit from 0-9",
-			"Passwords must contain one lowercase character",
-			"Passwords must contain one uppercase character",
-			"Passwords must contain one special symbols in the list \""+ SPEC_CHARS + '"',
-			"Passwords must be between 6 and 20 chars in length"
+			"Passwords must contain letters",
+			"Passwords must contain one of the following:",
+			"  Number",
+			"  One special symbols in the list \""+ SPEC_CHARS + '"',
+			"Passwords must be between 6 and 20 chars in length",
 	};
 
 	@Override
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
index e1bfda5b..b0ade8c0 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
@@ -21,7 +21,10 @@
  ******************************************************************************/
 package org.onap.aaf.org.test;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotSame;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 import static org.mockito.Matchers.any;
 import static org.mockito.Mockito.when;
 
@@ -34,6 +37,8 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mock;
 import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.local.AbsData.Reuse;
+import org.onap.aaf.auth.org.Organization.Identity;
 import org.onap.aaf.auth.org.OrganizationException;
 import org.onap.aaf.cadi.config.Config;
 import org.onap.aaf.misc.env.Env;
@@ -42,7 +47,6 @@ import org.onap.aaf.misc.env.TimeTaken;
 import org.onap.aaf.org.DefaultOrg;
 import org.onap.aaf.org.Identities;
 import org.powermock.modules.junit4.PowerMockRunner;
-import org.onap.aaf.auth.local.AbsData.Reuse;
 
 
 @RunWith(PowerMockRunner.class)
@@ -149,8 +153,8 @@ public class JU_DefaultOrg {
 	@Test
 	public void testDefOrgPasswords() {
 		assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
-		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),"");
-		
+		assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newtoyou", "Pilgrim"),"");
 	}
 
 	@Test
@@ -250,7 +254,15 @@ public class JU_DefaultOrg {
 	// 	System.out.println("value of res " +Result);
 	// 	assertNotNull(Result);
 	// }
-
+	
+	@Test
+	public void testResponsible() throws OrganizationException {
+		Identity id = defaultOrg.getIdentity(authzTransMock, "osaaf");
+		Identity rt = id.responsibleTo();
+		assertTrue(rt.id().equals("bdevl"));
+		
+	}
+	
 	//@Test
 	public void notYetImplemented() {
 		fail("Tests in this file should not be trusted");
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
new file mode 100644
index 00000000..72e4ff87
--- /dev/null
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
@@ -0,0 +1,125 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * * 
+ *  *      http://www.apache.org/licenses/LICENSE-2.0
+ * * 
+ *  * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * *
+ ******************************************************************************/
+package org.onap.aaf.org.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotSame;
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.when;
+
+import java.io.File;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.org.OrganizationException;
+import org.onap.aaf.misc.env.Env;
+import org.onap.aaf.misc.env.LogTarget;
+import org.onap.aaf.misc.env.TimeTaken;
+import org.onap.aaf.org.DefaultOrg;
+import org.onap.aaf.org.Identities;
+import org.powermock.modules.junit4.PowerMockRunner;
+
+
+@RunWith(PowerMockRunner.class)
+public class JU_Passwords {
+
+
+	private DefaultOrg defaultOrg;
+
+
+	Identities.Data data;
+
+	@Mock
+	Env envMock;
+
+	@Mock
+	AuthzTrans authzTransMock;
+
+	@Mock
+	TimeTaken ttMock;
+
+	@Mock
+	LogTarget logTargetMock;
+
+
+	private static final String REALM = "org.osaaf";
+	private static final String NAME = "Default Organization";
+
+	String mailHost,mailFromUserId,summary,supportAddress;
+
+	@Before
+	public void setUp() throws OrganizationException{
+
+		mailFromUserId = "frommail";
+		mailHost = "hostmail";
+		File file = new File("src/test/resources/");
+		when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
+		when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
+		when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
+		when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
+		when(envMock.warn()).thenReturn(logTargetMock);
+		when(authzTransMock.warn()).thenReturn(logTargetMock);
+		when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
+		when(authzTransMock.error()).thenReturn(logTargetMock);
+		when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
+
+		defaultOrg = new DefaultOrg(envMock, REALM);
+
+	}
+
+
+	@Test
+	public void testDefOrgPasswords() {
+		// Accepts letters and one of (number, Special Char, Upper)
+		assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou2", "Pilgrim"),"");
+		assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
+		assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
+		
+		// Don't accept just letters, Numbers or Special Chars, or without ANY letters
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyouA", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "NEWYOU", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyou", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "125343", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$@*^#", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$3333", "Pilgrim"),"");
+
+		// Length
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "w2Yu!", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "moreThan20somethingCharacters, even though good", "Pilgrim"),"");
+
+		// May not contain ID
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim1", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim#", "Pilgrim"),"");
+		assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "aPilgrim1", "Pilgrim"),"");
+
+		// Solid
+		assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
+
+		
+	}
+
+}
author	Instrumental <jonathan.gathman@att.com>	2018-07-19 13:29:32 -0500
committer	Instrumental <jonathan.gathman@att.com>	2018-07-19 13:29:44 -0500
commit	32cdd553a8668e6d03a9cf5b11b360d35a63c87f (patch)
tree	48c02e4be820d87efb777d7be20bad57d517b61c /auth/auth-deforg
parent	9c8a8b0926b13b07fb1e5394903401e7a3f1ff79 (diff)