diff options
Diffstat (limited to 'aaf/src/test/java/org')
11 files changed, 1605 insertions, 0 deletions
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java new file mode 100644 index 0000000..69c9688 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java @@ -0,0 +1,144 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cadi.lur.aaf.test;
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileReader;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.net.HttpURLConnection;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+import org.onap.aaf.cadi.aaf.v2_0.AAFTaf;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.locator.DNSLocator;
+import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
+
+import junit.framework.Assert;
+
+public class JU_JMeter {
+ private static AAFConHttp aaf;
+ private static AAFAuthn<HttpURLConnection> aafAuthn;
+ private static AAFLurPerm aafLur;
+ private static ArrayList<Principal> perfIDs;
+
+ private static AAFTaf<HttpURLConnection> aafTaf;
+ private static PropAccess access;
+
+ @BeforeClass
+ public static void before() throws Exception {
+ if(aafLur==null) {
+ Properties props = System.getProperties();
+ props.setProperty("AFT_LATITUDE", "32.780140");
+ props.setProperty("AFT_LONGITUDE", "-96.800451");
+ props.setProperty("DME2_EP_REGISTRY_CLASS","DME2FS");
+ props.setProperty("AFT_DME2_EP_REGISTRY_FS_DIR","/Volumes/Data/src/authz/dme2reg");
+ props.setProperty("AFT_ENVIRONMENT", "AFTUAT");
+ props.setProperty("SCLD_PLATFORM", "NON-PROD");
+ props.setProperty(Config.AAF_URL,"https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE");
+ props.setProperty(Config.AAF_READ_TIMEOUT, "2000");
+ int timeToLive = 3000;
+ props.setProperty(Config.AAF_CLEAN_INTERVAL, Integer.toString(timeToLive));
+ props.setProperty(Config.AAF_HIGH_COUNT, "4");
+
+ String aafPerfIDs = props.getProperty("AAF_PERF_IDS");
+ perfIDs = new ArrayList<Principal>();
+ File perfFile = null;
+ if(aafPerfIDs!=null) {
+ perfFile = new File(aafPerfIDs);
+ }
+
+ access = new PropAccess();
+ aaf = new AAFConHttp(access, new DNSLocator(access,"https","localhost","8100"));
+ aafTaf = new AAFTaf<HttpURLConnection>(aaf,false);
+ aafLur = aaf.newLur(aafTaf);
+ aafAuthn = aaf.newAuthn(aafTaf);
+ aaf.basicAuth("testid@aaf.att.com", "whatever");
+
+ if(perfFile==null||!perfFile.exists()) {
+ perfIDs.add(new CachedBasicPrincipal(aafTaf,
+ "Basic dGVzdGlkOndoYXRldmVy",
+ "aaf.att.com",timeToLive));
+ perfIDs.add(new Princ("ab1234@aaf.att.com")); // Example of Local ID, which isn't looked up
+ } else {
+ BufferedReader ir = new BufferedReader(new FileReader(perfFile));
+ try {
+ String line;
+ while((line = ir.readLine())!=null) {
+ if((line=line.trim()).length()>0)
+ perfIDs.add(new Princ(line));
+ }
+ } finally {
+ ir.close();
+ }
+ }
+ Assert.assertNotNull(aafLur);
+ }
+ }
+
+ private static class Princ implements Principal {
+ private String name;
+ public Princ(String name) {
+ this.name = name;
+ }
+ public String getName() {
+ return name;
+ }
+
+ };
+
+ private static int index = -1;
+
+ private synchronized Principal getIndex() {
+ if(perfIDs.size()<=++index)index=0;
+ return perfIDs.get(index);
+ }
+ @Test
+ public void test() {
+ try {
+ aafAuthn.validate("testid@aaf.att.com", "whatever");
+ List<Permission> perms = new ArrayList<Permission>();
+ aafLur.fishAll(getIndex(), perms);
+// Assert.assertFalse(perms.isEmpty());
+// for(Permission p : perms) {
+// //access.log(Access.Level.AUDIT, p.permType());
+// }
+ } catch (Exception e) {
+ StringWriter sw = new StringWriter();
+ e.printStackTrace(new PrintWriter(sw));
+ Assert.assertFalse(sw.toString(),true);
+ }
+ }
+
+}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java new file mode 100644 index 0000000..bd4e162 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java @@ -0,0 +1,574 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cadi.lur.aaf.test;
+
+import static org.junit.Assert.assertEquals;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.HttpURLConnection;
+import java.security.Principal;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.servlet.AsyncContext;
+import javax.servlet.DispatcherType;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletInputStream;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.Part;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.Lur;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.Symm;
+import org.onap.aaf.cadi.Taf.LifeForm;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+import org.onap.aaf.cadi.aaf.v2_0.AAFTaf;
+import org.onap.aaf.cadi.locator.DNSLocator;
+import org.onap.aaf.cadi.lur.ConfigPrincipal;
+import org.onap.aaf.cadi.lur.LocalPermission;
+import org.onap.aaf.cadi.taf.TafResp;
+
+public class JU_Lur2_0Call {
+ private static AAFConHttp aaf;
+ private static PropAccess access;
+
+ @BeforeClass
+ public static void setUpBeforeClass() throws Exception {
+ access = new PropAccess();
+ aaf = new AAFConHttp(access,new DNSLocator(access,"https","localhost","8100"));
+ aaf.basicAuth("testid", "whatever");
+ }
+
+ @Test
+ public void test() throws Exception {
+
+ AAFLurPerm aafLur = aaf.newLur();
+
+ Principal pri = new ConfigPrincipal("testid@aaf.att.com","whatever");
+ for (int i = 0; i < 10; ++i) {
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|write"),false);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|read"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|read"),true);
+
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","write"),true);
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","write"),false);
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","read"),true);
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","read"),true);
+
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum.*|read"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true);
+
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum.*","read"),true);
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
+
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum[Qq]uat|read"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true);
+
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum[Qq]uat","read"),true);
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true);
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true);
+
+
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my.nstance|!wr*"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
+
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false);
+
+ //Maitrayee, aren't we going to have issues if we do RegExp with "."?
+ //Is it too expensive to only do Reg Ex in presence of special characters, []{}*, etc? Not sure this helps for GRID.
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kum.quat|read"),true);
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum..uat|read"),true);
+
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true); // ok if Stored Action is "*"
+
+ // Key Evaluations
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:!my.*|write"),true); // ok if Stored Action is "*"
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*|write"),false); // not ok if key lengths don't match "*"
+ print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:myCF|write"),true); // ok if Stored Action is "*"
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:!my.*","write"),true); // ok if Stored Action is "*"
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:myCF","write"),true); // ok if Stored Action is "*"
+ print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*","write"),false); // not ok if key lengths don't match
+
+ }
+
+ print(aafLur, pri, new LocalPermission("bogus"),false);
+
+// try {
+// Thread.sleep(7000);
+// } catch (InterruptedException e) {
+// e.printStackTrace();
+// }
+ for (int i = 0; i < 10; ++i)
+ print(aafLur, pri, new LocalPermission("supergroup"),false);
+
+ System.out.println("All Done");
+ }
+ @Test
+ public void testTaf() throws Exception {
+ AAFTaf<?> aaft = new AAFTaf<HttpURLConnection>(aaf,true);
+
+ TafResp resp;
+ // No Header
+ resp = aaft.validate(LifeForm.CBLF, new Req(), null);
+ assertEquals(TafResp.RESP.TRY_AUTHENTICATING, resp.isAuthenticated());
+
+ String auth = "Basic " + Symm.base64.encode("testid:whatever");
+ resp = aaft.validate(LifeForm.CBLF, new Req("Authorization",auth), null);
+ assertEquals(TafResp.RESP.IS_AUTHENTICATED, resp.isAuthenticated());
+
+ }
+// @Test
+// public void testRole() throws CadiException {
+// TestAccess ta = new TestAccess();
+// AAFLurRole1_0 aafLur = new AAFLurRole1_0(
+// ta,
+//// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=UAT/routeOffer=BAU_SE",
+// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=DEV/routeOffer=D1",
+// "m12345", "m12345pass", 50000, // dme Time
+// // 5*60000); // 5 minutes User Expiration
+// 50000, // 5 seconds after Expiration
+// 200); // High Count of items.. These do not take much memory
+//
+// Principal pri = new ConfigPrincipal("xy1234","whatever);
+// for (int i = 0; i < 10; ++i) {
+//// print(aafLur, pri, new LocalPermission("*|*|*|com.att.authz"));
+// print(aafLur, pri, new LocalPermission("service|myInstance|write"),false);
+// print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),false);
+// print(aafLur, pri, new LocalPermission("com.att.cadi"),true);
+// print(aafLur, pri, new LocalPermission("global"),true);
+// print(aafLur, pri, new LocalPermission("kumquat"),false);
+// }
+//
+// print(aafLur, pri, new LocalPermission("bogus"),false);
+//
+// for (int i = 0; i < 10; ++i)
+// print(aafLur, pri, new LocalPermission("supergroup"),false);
+//
+// System.out.println("All Done");
+// }
+
+
+ private void print(Lur aafLur, Principal pri, Permission perm, boolean shouldBe)
+ throws CadiException {
+ long start = System.nanoTime();
+
+ // The Call
+ boolean ok = aafLur.fish(pri, perm);
+
+ assertEquals(shouldBe,ok);
+ float ms = (System.nanoTime() - start) / 1000000f;
+ if (ok) {
+ System.out.println("Yes, part of " + perm.getKey() + " (" + ms
+ + "ms)");
+ } else {
+ System.out.println("No, not part of " + perm.getKey() + " (" + ms
+ + "ms)");
+ }
+ }
+
+ @SuppressWarnings("rawtypes")
+ public class Req implements HttpServletRequest {
+ private String[] headers;
+
+ public Req(String ... headers) {
+ this.headers = headers;
+ }
+
+ public Object getAttribute(String name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Enumeration getAttributeNames() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getCharacterEncoding() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public void setCharacterEncoding(String env)
+ throws UnsupportedEncodingException {
+ // TODO Auto-generated method stub
+
+ }
+
+ public int getContentLength() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ public String getContentType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public ServletInputStream getInputStream() throws IOException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getParameter(String name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Enumeration getParameterNames() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String[] getParameterValues(String name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Map getParameterMap() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getProtocol() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getScheme() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getServerName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public int getServerPort() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ public BufferedReader getReader() throws IOException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getRemoteAddr() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getRemoteHost() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public void setAttribute(String name, Object o) {
+ // TODO Auto-generated method stub
+
+ }
+
+ public void removeAttribute(String name) {
+ // TODO Auto-generated method stub
+
+ }
+
+ public Locale getLocale() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Enumeration getLocales() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public boolean isSecure() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public RequestDispatcher getRequestDispatcher(String path) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getRealPath(String path) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public int getRemotePort() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ public String getLocalName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getLocalAddr() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public int getLocalPort() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ public String getAuthType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public Cookie[] getCookies() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public long getDateHeader(String name) {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ public String getHeader(String name) {
+ for(int i=1;i<headers.length;i=i+2) {
+ if(headers[i-1].equals(name)) return headers[i];
+ }
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Enumeration getHeaders(String name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ public Enumeration getHeaderNames() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public int getIntHeader(String name) {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ public String getMethod() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getPathInfo() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getPathTranslated() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getContextPath() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getQueryString() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getRemoteUser() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public boolean isUserInRole(String role) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public Principal getUserPrincipal() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getRequestedSessionId() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getRequestURI() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public StringBuffer getRequestURL() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getServletPath() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public HttpSession getSession(boolean create) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public HttpSession getSession() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public boolean isRequestedSessionIdValid() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromCookie() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromURL() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public boolean isRequestedSessionIdFromUrl() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public ServletContext getServletContext() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public AsyncContext startAsync() throws IllegalStateException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public AsyncContext startAsync(ServletRequest servletRequest,
+ ServletResponse servletResponse) throws IllegalStateException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean isAsyncStarted() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean isAsyncSupported() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public AsyncContext getAsyncContext() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public DispatcherType getDispatcherType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean authenticate(HttpServletResponse response)
+ throws IOException, ServletException {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public void login(String username, String password)
+ throws ServletException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void logout() throws ServletException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public Collection<Part> getParts() throws IOException, ServletException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Part getPart(String name) throws IOException, ServletException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ }
+}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java new file mode 100644 index 0000000..d60eedb --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java @@ -0,0 +1,107 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cadi.lur.aaf.test;
+
+import static org.junit.Assert.*;
+
+import org.junit.AfterClass;
+import org.junit.Test;
+import org.onap.aaf.cadi.aaf.PermEval;
+
+public class JU_PermEval {
+
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ }
+
+ @Test
+ public void test() {
+ assertTrue(PermEval.evalInstance(":com.att.temp:role:write",":!com.att.*:role:write"));
+
+ // TRUE
+ assertTrue(PermEval.evalAction("fred","fred"));
+ assertTrue(PermEval.evalAction("fred,wilma","fred"));
+ assertTrue(PermEval.evalAction("barney,betty,fred,wilma","fred"));
+ assertTrue(PermEval.evalAction("*","fred"));
+
+ assertTrue(PermEval.evalInstance("fred","fred"));
+ assertTrue(PermEval.evalInstance("fred,wilma","fred"));
+ assertTrue(PermEval.evalInstance("barney,betty,fred,wilma","fred"));
+ assertTrue(PermEval.evalInstance("*","fred"));
+
+ assertTrue(PermEval.evalInstance(":fred:fred",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:fred,wilma",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:barney,betty,fred,wilma",":fred:fred"));
+ assertTrue(PermEval.evalInstance("*","fred"));
+ assertTrue(PermEval.evalInstance(":*:fred",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:*",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:fred",":!f.*:fred"));
+ assertTrue(PermEval.evalInstance(":fred:fred",":fred:!f.*"));
+
+ /// FALSE
+ assertFalse(PermEval.evalInstance("fred","wilma"));
+ assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":fred:wilma"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":wilma:fred"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":wilma:!f.*"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":!f.*:wilma"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":!w.*:!f.*"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":!f.*:!w.*"));
+
+ assertFalse(PermEval.evalInstance(":fred:fred",":fred:!x.*"));
+
+ // MSO Tests 12/3/2015
+ assertFalse(PermEval.evalInstance("/v1/services/features/*","/v1/services/features"));
+ assertFalse(PermEval.evalInstance(":v1:services:features:*",":v1:services:features"));
+ assertTrue(PermEval.evalInstance("/v1/services/features/*","/v1/services/features/api1"));
+ assertTrue(PermEval.evalInstance(":v1:services:features:*",":v1:services:features:api2"));
+ // MSO - Xue Gao
+ assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service"));
+
+
+
+ // Same tests, with Slashes
+ assertTrue(PermEval.evalInstance("/fred/fred","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/fred,wilma","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/barney,betty,fred,wilma","/fred/fred"));
+ assertTrue(PermEval.evalInstance("*","fred"));
+ assertTrue(PermEval.evalInstance("/*/fred","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/*","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/fred","/!f.*/fred"));
+ assertTrue(PermEval.evalInstance("/fred/fred","/fred/!f.*"));
+
+ /// FALSE
+ assertFalse(PermEval.evalInstance("fred","wilma"));
+ assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/fred/wilma"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/wilma/fred"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/wilma/!f.*"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/!f.*/wilma"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/!w.*/!f.*"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/!f.*/!w.*"));
+
+ assertFalse(PermEval.evalInstance("/fred/fred","/fred/!x.*"));
+
+ }
+
+}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/MultiThreadPermHit.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/MultiThreadPermHit.java new file mode 100644 index 0000000..ef9dc36 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/MultiThreadPermHit.java @@ -0,0 +1,145 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cadi.lur.aaf.test;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.locator.PropertyLocator;
+
+public class MultiThreadPermHit {
+ public static void main(String args[]) {
+ // Link or reuse to your Logging mechanism
+ PropAccess myAccess = new PropAccess(); //
+
+ //
+ try {
+ AAFConHttp con = new AAFConHttp(myAccess,new PropertyLocator("https://mithrilcsp.sbc.com:8100"));
+
+ // AAFLur has pool of DME clients as needed, and Caches Client lookups
+ final AAFLurPerm aafLur = con.newLur();
+ aafLur.setDebug("m12345@aaf.att.com");
+
+ // Note: If you need both Authn and Authz construct the following:
+ AAFAuthn<?> aafAuthn = con.newAuthn(aafLur);
+
+ // Do not set Mech ID until after you construct AAFAuthn,
+ // because we initiate "401" info to determine the Realm of
+ // of the service we're after.
+ final String id = myAccess.getProperty(Config.AAF_MECHID,null);
+ final String pass = myAccess.decrypt(myAccess.getProperty(Config.AAF_MECHPASS,null),false);
+ if(id!=null && pass!=null) {
+ try {
+
+ // Normally, you obtain Principal from Authentication System.
+ // // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
+ // // If you use CADI as Authenticator, it will get you these Principals from
+ // // CSP or BasicAuth mechanisms.
+ // String id = "cluster_admin@gridcore.att.com";
+ //
+ // // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
+ String ok;
+ ok = aafAuthn.validate(id, pass);
+ if(ok!=null) {
+ System.out.println(ok);
+ }
+
+ List<Permission> pond = new ArrayList<Permission>();
+ for(int i=0;i<20;++i) {
+ pond.clear();
+ aafLur.fishAll(i+id, pond);
+ if(ok!=null && i%1000==0) {
+ System.out.println(i + " " + ok);
+ }
+ }
+
+ for(int i=0;i<1000000;++i) {
+ ok = aafAuthn.validate( i+ id, "wrongPass");
+ if(ok!=null && i%1000==0) {
+ System.out.println(i + " " + ok);
+ }
+ }
+
+ final AAFPermission perm = new AAFPermission("com.att.aaf.access","*","*");
+
+ // Now you can ask the LUR (Local Representative of the User Repository about Authorization
+ // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object
+ // instead of creating your own LUR
+ for(int i=0;i<4;++i) {
+ if(aafLur.fish(id, perm)) {
+ System.out.println("Yes, " + id + " has permission for " + perm.getKey());
+ } else {
+ System.out.println("No, " + id + " does not have permission for " + perm.getKey());
+ }
+ }
+
+
+ // Or you can all for all the Permissions available
+ List<Permission> perms = new ArrayList<Permission>();
+
+
+ aafLur.fishAll(id,perms);
+ System.out.println("Perms for " + id);
+ for(Permission prm : perms) {
+ System.out.println(prm.getKey());
+ }
+
+ System.out.println("Press any key to continue");
+ System.in.read();
+
+ for(int j=0;j<5;++j) {
+ new Thread(new Runnable() {
+ @Override
+ public void run() {
+ for(int i=0;i<20;++i) {
+ if(aafLur.fish(id, perm)) {
+ System.out.println("Yes, " + id + " has permission for " + perm.getKey());
+ } else {
+ System.out.println("No, " + id + " does not have permission for " + perm.getKey());
+ }
+ }
+ }
+ }).start();
+ }
+
+
+ } finally {
+ aafLur.destroy();
+ }
+ } else { // checked on IDs
+ System.err.println(Config.AAF_MECHID + " and/or " + Config.AAF_MECHPASS + " are not set.");
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/TestAccess.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/TestAccess.java new file mode 100644 index 0000000..2af452d --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/TestAccess.java @@ -0,0 +1,122 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cadi.lur.aaf.test;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.PrintStream;
+
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.Symm;
+import org.onap.aaf.cadi.config.Config;
+
+public class TestAccess implements Access {
+ private Symm symm;
+ private PrintStream out;
+
+ public TestAccess(PrintStream out) {
+ this.out = out;
+ InputStream is = ClassLoader.getSystemResourceAsStream("cadi.properties");
+ try {
+ System.getProperties().load(is);
+ } catch (IOException e) {
+ e.printStackTrace(out);
+ } finally {
+ try {
+ is.close();
+ } catch (IOException e) {
+ e.printStackTrace(out);
+ }
+ }
+
+ String keyfile = System.getProperty(Config.CADI_KEYFILE);
+ if(keyfile==null) {
+ System.err.println("No " + Config.CADI_KEYFILE + " in Classpath");
+ } else {
+ try {
+ is = new FileInputStream(keyfile);
+ try {
+ symm = Symm.obtain(is);
+ } finally {
+ is.close();
+ }
+ } catch (IOException e) {
+ e.printStackTrace(out);
+ }
+ }
+
+
+
+ }
+
+ public void log(Level level, Object... elements) {
+ boolean first = true;
+ for(int i=0;i<elements.length;++i) {
+ if(first)first = false;
+ else out.print(' ');
+ out.print(elements[i].toString());
+ }
+ out.println();
+ }
+
+ public void log(Exception e, Object... elements) {
+ e.printStackTrace(out);
+ log(Level.ERROR,elements);
+ }
+
+ public void setLogLevel(Level level) {
+
+ }
+
+ @Override
+ public boolean willLog(Level level) {
+ return true;
+ }
+
+ public ClassLoader classLoader() {
+ return ClassLoader.getSystemClassLoader();
+ }
+
+ public String getProperty(String string, String def) {
+ String rv = System.getProperty(string);
+ return rv==null?def:rv;
+ }
+
+ public void load(InputStream is) throws IOException {
+
+ }
+
+ public String decrypt(String encrypted, boolean anytext) throws IOException {
+ return (encrypted!=null && (anytext==true || encrypted.startsWith(Symm.ENC)))
+ ? symm.depass(encrypted)
+ : encrypted;
+ }
+
+ @Override
+ public void printf(Level level, String fmt, Object... elements) {
+ // TODO Auto-generated method stub
+
+ }
+
+}
diff --git a/aaf/src/test/java/org/onap/aaf/content/JU_Content.java b/aaf/src/test/java/org/onap/aaf/content/JU_Content.java new file mode 100644 index 0000000..6691f84 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/content/JU_Content.java @@ -0,0 +1,83 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.content;
+
+import java.io.StringReader;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import aaf.v2_0.Error;
+
+import org.onap.aaf.rosetta.env.RosettaDF;
+import org.onap.aaf.rosetta.env.RosettaData;
+import org.onap.aaf.rosetta.env.RosettaEnv;
+
+public class JU_Content {
+
+ @BeforeClass
+ public static void setUpBeforeClass() throws Exception {
+ }
+
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ }
+
+
+ @Test
+ public void parseErrorJSON() throws Exception {
+ final String msg = "{\"messageId\":\"SVC2000\",\"text\":\"Select which cred to delete (or 0 to delete all):" +
+ "1) %1" +
+ "2) %2" +
+ "3) %3" +
+ "4) %4" +
+ "Run same command again with chosen entry as last parameter\"," +
+ "\"variables\":[" +
+ "\"m55555@jr583u.cred.test.com 1 Wed Oct 08 11:48:08 CDT 2014\"," +
+ "\"m55555@jr583u.cred.test.com 1 Thu Oct 09 12:54:46 CDT 2014\"," +
+ "\"m55555@jr583u.cred.test.com 1 Tue Jan 06 05:00:00 CST 2015\"," +
+ "\"m55555@jr583u.cred.test.com 1 Wed Jan 07 05:00:00 CST 2015\"]}";
+
+ Error err = new Error();
+ err.setText("Hello");
+ err.getVariables().add("I'm a teapot");
+ err.setMessageId("12");
+
+
+// System.out.println(msg);
+ RosettaEnv env = new RosettaEnv();
+ RosettaDF<aaf.v2_0.Error> errDF = env.newDataFactory(aaf.v2_0.Error.class);
+ errDF.in(RosettaData.TYPE.JSON);
+ errDF.out(RosettaData.TYPE.JSON);
+ RosettaData<Error> data = errDF.newData();
+ data.load(err);
+ System.out.println(data.asString());
+
+ data.load(new StringReader(msg));
+ err = data.asObject();
+ System.out.println(err.getText());
+ }
+
+
+}
diff --git a/aaf/src/test/java/org/onap/aaf/example/CadiTest.java b/aaf/src/test/java/org/onap/aaf/example/CadiTest.java new file mode 100644 index 0000000..34ed858 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/CadiTest.java @@ -0,0 +1,58 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.example;
+
+import java.net.HttpURLConnection;
+import java.net.URI;
+
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.config.SecurityInfoC;
+import org.onap.aaf.cadi.http.HClient;
+import org.onap.aaf.cadi.http.HX509SS;
+
+public class CadiTest {
+ public static void main(String args[]) {
+ Access access = new PropAccess();
+ try {
+ SecurityInfoC<HttpURLConnection> si = new SecurityInfoC<HttpURLConnection>(access);
+ HClient hclient = new HClient(
+ new HX509SS(si),
+ new URI("https://mithrilcsp.sbc.com:8085"),3000);
+ hclient.setMethod("OPTIONS");
+ hclient.setPathInfo("/gui/cadi/log/toggle/INFO");
+ hclient.send();
+ Future<String> future = hclient.futureReadString();
+ if(future.get(5000)) {
+ System.out.println(future.value);
+ } else {
+ System.out.printf("Error: %d-%s", future.code(),future.body());
+ }
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ }
+}
diff --git a/aaf/src/test/java/org/onap/aaf/example/ExampleAuthCheck.java b/aaf/src/test/java/org/onap/aaf/example/ExampleAuthCheck.java new file mode 100644 index 0000000..65972cd --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/ExampleAuthCheck.java @@ -0,0 +1,57 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.example;
+
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
+import org.onap.aaf.cadi.locator.DNSLocator;
+
+public class ExampleAuthCheck {
+ public static void main(String args[]) {
+ // Link or reuse to your Logging mechanism
+ PropAccess myAccess = new PropAccess(); //
+
+ try {
+ AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator(
+ myAccess,"https","localhost","8100"));
+ AAFAuthn<?> authn = acon.newAuthn();
+ long start;
+ for (int i=0;i<10;++i) {
+ start = System.nanoTime();
+ String err = authn.validate("", "gritty");
+ if(err!=null) System.err.println(err);
+ else System.out.println("I'm ok");
+
+ err = authn.validate("bogus", "gritty");
+ if(err!=null) System.err.println(err + " (correct error)");
+ else System.out.println("I'm ok");
+
+ System.out.println((System.nanoTime()-start)/1000000f + " ms");
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ }
+}
diff --git a/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java new file mode 100644 index 0000000..f83b15b --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java @@ -0,0 +1,113 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.example;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConDME2;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+
+public class ExamplePerm2_0 {
+ public static void main(String args[]) {
+
+ // Link or reuse to your Logging mechanism
+ PropAccess myAccess = new PropAccess();
+
+ //
+ try {
+ AAFCon<?> acon = new AAFConDME2(myAccess);
+
+ // AAFLur has pool of DME clients as needed, and Caches Client lookups
+ AAFLurPerm aafLur = acon.newLur();
+
+ // Note: If you need both Authn and Authz construct the following:
+ AAFAuthn<?> aafAuthn = acon.newAuthn(aafLur);
+
+ // Do not set Mech ID until after you construct AAFAuthn,
+ // because we initiate "401" info to determine the Realm of
+ // of the service we're after.
+ acon.basicAuth("mc0897@aaf.att.com", "XXXXXX");
+
+ try {
+
+ // Normally, you obtain Principal from Authentication System.
+ // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
+ // If you use CADI as Authenticator, it will get you these Principals from
+ // CSP or BasicAuth mechanisms.
+ String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com";
+
+ // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
+ String ok = aafAuthn.validate(id, "XXXXXX");
+ if(ok!=null)System.out.println(ok);
+
+ ok = aafAuthn.validate(id, "wrongPass");
+ if(ok!=null)System.out.println(ok);
+
+
+ // AAF Style permissions are in the form
+ // Type, Instance, Action
+ AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE");
+
+ // Now you can ask the LUR (Local Representative of the User Repository about Authorization
+ // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object
+ // instead of creating your own LUR
+ System.out.println("Does " + id + " have " + perm);
+ if(aafLur.fish(id, perm)) {
+ System.out.println("Yes, you have permission");
+ } else {
+ System.out.println("No, you don't have permission");
+ }
+
+ System.out.println("Does Bogus have " + perm);
+ if(aafLur.fish("Bogus", perm)) {
+ System.out.println("Yes, you have permission");
+ } else {
+ System.out.println("No, you don't have permission");
+ }
+
+ // Or you can all for all the Permissions available
+ List<Permission> perms = new ArrayList<Permission>();
+
+ aafLur.fishAll(id,perms);
+ for(Permission prm : perms) {
+ System.out.println(prm.getKey());
+ }
+
+ // It might be helpful in some cases to clear the User's identity from the Cache
+ aafLur.remove(id);
+ } finally {
+ aafLur.destroy();
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ }
+}
diff --git a/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0_DME2.java b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0_DME2.java new file mode 100644 index 0000000..f6024a5 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0_DME2.java @@ -0,0 +1,113 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.example;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+import org.onap.aaf.cadi.locator.DNSLocator;
+
+public class ExamplePerm2_0_DME2 {
+ public static void main(String args[]) {
+ // Link or reuse to your Logging mechanism
+ PropAccess myAccess = new PropAccess();
+
+ //
+ try {
+ AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator(
+ myAccess,"https","localhost","8100"));
+
+ // AAFLur has pool of DME clients as needed, and Caches Client lookups
+ AAFLurPerm aafLur = acon.newLur();
+
+ // Note: If you need both Authn and Authz construct the following:
+ AAFAuthn<?> aafAuthn = acon.newAuthn(aafLur);
+
+ // Do not set Mech ID until after you construct AAFAuthn,
+ // because we initiate "401" info to determine the Realm of
+ // of the service we're after.
+ acon.basicAuth("mc0897@aaf.att.com", "XXXXXX");
+
+ try {
+
+ // Normally, you obtain Principal from Authentication System.
+ // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
+ // If you use CADI as Authenticator, it will get you these Principals from
+ // CSP or BasicAuth mechanisms.
+ String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com";
+
+ // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
+ String ok = aafAuthn.validate(id, "XXXXXX");
+ if(ok!=null)System.out.println(ok);
+
+ ok = aafAuthn.validate(id, "wrongPass");
+ if(ok!=null)System.out.println(ok);
+
+
+ // AAF Style permissions are in the form
+ // Type, Instance, Action
+ AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE");
+
+ // Now you can ask the LUR (Local Representative of the User Repository about Authorization
+ // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object
+ // instead of creating your own LUR
+ System.out.println("Does " + id + " have " + perm);
+ if(aafLur.fish(id, perm)) {
+ System.out.println("Yes, you have permission");
+ } else {
+ System.out.println("No, you don't have permission");
+ }
+
+ System.out.println("Does Bogus have " + perm);
+ if(aafLur.fish("Bogus", perm)) {
+ System.out.println("Yes, you have permission");
+ } else {
+ System.out.println("No, you don't have permission");
+ }
+
+ // Or you can all for all the Permissions available
+ List<Permission> perms = new ArrayList<Permission>();
+
+ aafLur.fishAll(id,perms);
+ for(Permission prm : perms) {
+ System.out.println(prm.getKey());
+ }
+
+ // It might be helpful in some cases to clear the User's identity from the Cache
+ aafLur.remove(id);
+ } finally {
+ aafLur.destroy();
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ }
+}
diff --git a/aaf/src/test/java/org/onap/aaf/example/X509Test.java b/aaf/src/test/java/org/onap/aaf/example/X509Test.java new file mode 100644 index 0000000..ad5d4b2 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/X509Test.java @@ -0,0 +1,89 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.example;
+
+import java.security.Principal;
+
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.locator.DNSLocator;
+import org.onap.aaf.cadi.lur.LocalPermission;
+
+public class X509Test {
+ public static void main(String args[]) {
+ // Link or reuse to your Logging mechanism
+
+ PropAccess myAccess = new PropAccess();
+
+ //
+ try {
+ AAFConHttp con = new AAFConHttp(myAccess,
+ new DNSLocator(myAccess,"https","mithrilcsp.sbc.com","8100"));
+
+ // AAFLur has pool of DME clients as needed, and Caches Client lookups
+ AAFLurPerm aafLur = con.newLur();
+
+ // Note: If you need both Authn and Authz construct the following:
+// AAFAuthn<?> aafAuthn = con.newAuthn(aafLur);
+
+ // con.x509Alias("aaf.att"); // alias in keystore
+
+ try {
+
+ // Normally, you obtain Principal from Authentication System.
+// // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
+// // If you use CADI as Authenticator, it will get you these Principals from
+// // CSP or BasicAuth mechanisms.
+// String id = "cluster_admin@gridcore.att.com";
+//
+// // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
+ Future<String> fs =
+ con.client("2.0").read("/authz/perms/com.att.aaf.ca","application/Perms+json");
+ if(fs.get(3000)) {
+ System.out.println(fs.value);
+ } else {
+ System.out.println("Error: " + fs.code() + ':' + fs.body());
+ }
+
+ // Check on Perms with LUR
+ if(aafLur.fish(new Principal() {
+ @Override
+ public String getName() {
+ return "m12345@aaf.att.com";
+ }
+ }, new LocalPermission("com.att.aaf.ca|aaf|request"))) {
+ System.out.println("Has Perm");
+ } else {
+ System.out.println("Does NOT Have Perm");
+ }
+ } finally {
+ aafLur.destroy();
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ }
+}
|