From 6d469611d86642bc0b74ce51af72cc36d2af962d Mon Sep 17 00:00:00 2001 From: Instrumental Date: Mon, 26 Mar 2018 12:04:27 -0700 Subject: Remove Code from cadi, it is now in authz Issue-ID: AAF-193 Change-Id: Ib7abdb15ba8a7445a3875cf8c6bb48b7d563f424 Signed-off-by: Instrumental --- .../org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java | 144 ------ .../onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java | 574 --------------------- .../cadi/lur/aaf/test/JU_MultiThreadPermHit.java | 145 ------ .../onap/aaf/cadi/lur/aaf/test/JU_PermEval.java | 107 ---- .../onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java | 122 ----- 5 files changed, 1092 deletions(-) delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java (limited to 'aaf/src/test/java/org/onap/aaf/cadi/lur/aaf') diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java deleted file mode 100644 index 69c9688..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_JMeter.java +++ /dev/null @@ -1,144 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.lur.aaf.test; - -import java.io.BufferedReader; -import java.io.File; -import java.io.FileReader; -import java.io.PrintWriter; -import java.io.StringWriter; -import java.net.HttpURLConnection; -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; -import java.util.Properties; - -import org.junit.BeforeClass; -import org.junit.Test; -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; -import org.onap.aaf.cadi.aaf.v2_0.AAFTaf; -import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.locator.DNSLocator; -import org.onap.aaf.cadi.principal.CachedBasicPrincipal; - -import junit.framework.Assert; - -public class JU_JMeter { - private static AAFConHttp aaf; - private static AAFAuthn aafAuthn; - private static AAFLurPerm aafLur; - private static ArrayList perfIDs; - - private static AAFTaf aafTaf; - private static PropAccess access; - - @BeforeClass - public static void before() throws Exception { - if(aafLur==null) { - Properties props = System.getProperties(); - props.setProperty("AFT_LATITUDE", "32.780140"); - props.setProperty("AFT_LONGITUDE", "-96.800451"); - props.setProperty("DME2_EP_REGISTRY_CLASS","DME2FS"); - props.setProperty("AFT_DME2_EP_REGISTRY_FS_DIR","/Volumes/Data/src/authz/dme2reg"); - props.setProperty("AFT_ENVIRONMENT", "AFTUAT"); - props.setProperty("SCLD_PLATFORM", "NON-PROD"); - props.setProperty(Config.AAF_URL,"https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE"); - props.setProperty(Config.AAF_READ_TIMEOUT, "2000"); - int timeToLive = 3000; - props.setProperty(Config.AAF_CLEAN_INTERVAL, Integer.toString(timeToLive)); - props.setProperty(Config.AAF_HIGH_COUNT, "4"); - - String aafPerfIDs = props.getProperty("AAF_PERF_IDS"); - perfIDs = new ArrayList(); - File perfFile = null; - if(aafPerfIDs!=null) { - perfFile = new File(aafPerfIDs); - } - - access = new PropAccess(); - aaf = new AAFConHttp(access, new DNSLocator(access,"https","localhost","8100")); - aafTaf = new AAFTaf(aaf,false); - aafLur = aaf.newLur(aafTaf); - aafAuthn = aaf.newAuthn(aafTaf); - aaf.basicAuth("testid@aaf.att.com", "whatever"); - - if(perfFile==null||!perfFile.exists()) { - perfIDs.add(new CachedBasicPrincipal(aafTaf, - "Basic dGVzdGlkOndoYXRldmVy", - "aaf.att.com",timeToLive)); - perfIDs.add(new Princ("ab1234@aaf.att.com")); // Example of Local ID, which isn't looked up - } else { - BufferedReader ir = new BufferedReader(new FileReader(perfFile)); - try { - String line; - while((line = ir.readLine())!=null) { - if((line=line.trim()).length()>0) - perfIDs.add(new Princ(line)); - } - } finally { - ir.close(); - } - } - Assert.assertNotNull(aafLur); - } - } - - private static class Princ implements Principal { - private String name; - public Princ(String name) { - this.name = name; - } - public String getName() { - return name; - } - - }; - - private static int index = -1; - - private synchronized Principal getIndex() { - if(perfIDs.size()<=++index)index=0; - return perfIDs.get(index); - } - @Test - public void test() { - try { - aafAuthn.validate("testid@aaf.att.com", "whatever"); - List perms = new ArrayList(); - aafLur.fishAll(getIndex(), perms); -// Assert.assertFalse(perms.isEmpty()); -// for(Permission p : perms) { -// //access.log(Access.Level.AUDIT, p.permType()); -// } - } catch (Exception e) { - StringWriter sw = new StringWriter(); - e.printStackTrace(new PrintWriter(sw)); - Assert.assertFalse(sw.toString(),true); - } - } - -} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java deleted file mode 100644 index 1beef2c..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_Lur2_0Call.java +++ /dev/null @@ -1,574 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.lur.aaf.test; - -import static org.junit.Assert.assertEquals; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.net.HttpURLConnection; -import java.security.Principal; -import java.util.Collection; -import java.util.Enumeration; -import java.util.Locale; -import java.util.Map; - -import javax.servlet.AsyncContext; -import javax.servlet.DispatcherType; -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletInputStream; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import javax.servlet.http.Part; - -import org.junit.BeforeClass; -import org.junit.Test; -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.Lur; -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.Symm; -import org.onap.aaf.cadi.Taf.LifeForm; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; -import org.onap.aaf.cadi.aaf.v2_0.AAFTaf; -import org.onap.aaf.cadi.locator.DNSLocator; -import org.onap.aaf.cadi.lur.ConfigPrincipal; -import org.onap.aaf.cadi.lur.LocalPermission; -import org.onap.aaf.cadi.taf.TafResp; - -public class JU_Lur2_0Call { - private static AAFConHttp aaf; - private static PropAccess access; - - @BeforeClass - public static void setUpBeforeClass() throws Exception { - access = new PropAccess(); - aaf = new AAFConHttp(access,new DNSLocator(access,"https","localhost","8100")); - aaf.basicAuth("testid", "whatever"); - } - - @Test - public void test() throws Exception { - - AAFLurPerm aafLur = aaf.newLur(); - - Principal pri = new ConfigPrincipal("testid@aaf.att.com","whatever"); - for (int i = 0; i < 10; ++i) { - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|write"),false); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|read"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kumquat|read"),true); - - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","write"),true); - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","write"),false); - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","read"),true); - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","kumquat","read"),true); - - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum.*|read"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true); - - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum.*","read"),true); - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true); - - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum[Qq]uat|read"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my[iI]nstance|!wr*"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|!wr*"),true); - - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!kum[Qq]uat","read"),true); - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true); - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","!my[iI]nstance","!wr*"),true); - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service","myInstance","!wr*"),true); - - - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!my.nstance|!wr*"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false); - - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|my.nstance|!wr*"),false); - - //Maitrayee, aren't we going to have issues if we do RegExp with "."? - //Is it too expensive to only do Reg Ex in presence of special characters, []{}*, etc? Not sure this helps for GRID. - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|kum.quat|read"),true); - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|!kum..uat|read"),true); - - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance"),true); // ok if Stored Action is "*" - - // Key Evaluations - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:!my.*|write"),true); // ok if Stored Action is "*" - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*|write"),false); // not ok if key lengths don't match "*" - print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|:myCluster:*:myCF|write"),true); // ok if Stored Action is "*" - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:!my.*","write"),true); // ok if Stored Action is "*" - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*:myCF","write"),true); // ok if Stored Action is "*" - print(aafLur, pri, new AAFPermission("com.test.JU_Lur2_0Call.service",":myCluster:*","write"),false); // not ok if key lengths don't match - - } - - print(aafLur, pri, new LocalPermission("bogus"),false); - -// try { -// Thread.sleep(7000); -// } catch (InterruptedException e) { -// e.printStackTrace(); -// } - for (int i = 0; i < 10; ++i) - print(aafLur, pri, new LocalPermission("supergroup"),false); - - System.out.println("All Done"); - } - @Test - public void testTaf() throws Exception { - AAFTaf aaft = new AAFTaf(aaf,true); - - TafResp resp; - // No Header - resp = aaft.validate(LifeForm.CBLF, new Req(), null); - assertEquals(TafResp.RESP.TRY_AUTHENTICATING, resp.isAuthenticated()); - - String auth = "Basic " + Symm.base64.encode("testid:whatever"); - resp = aaft.validate(LifeForm.CBLF, new Req("Authorization",auth), null); - assertEquals(TafResp.RESP.IS_AUTHENTICATED, resp.isAuthenticated()); - - } -// @Test -// public void testRole() throws CadiException { -// TestAccess ta = new TestAccess(); -// AAFLurRole1_0 aafLur = new AAFLurRole1_0( -// ta, -//// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=UAT/routeOffer=BAU_SE", -// "http://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=1.0.0/envContext=DEV/routeOffer=D1", -// "m12345", "m12345pass", 50000, // dme Time -// // 5*60000); // 5 minutes User Expiration -// 50000, // 5 seconds after Expiration -// 200); // High Count of items.. These do not take much memory -// -// Principal pri = new ConfigPrincipal("xy1234","whatever"); -// for (int i = 0; i < 10; ++i) { -//// print(aafLur, pri, new LocalPermission("*|*|*|com.att.authz")); -// print(aafLur, pri, new LocalPermission("service|myInstance|write"),false); -// print(aafLur, pri, new LocalPermission("com.test.JU_Lur2_0Call.service|myInstance|write"),false); -// print(aafLur, pri, new LocalPermission("com.att.cadi"),true); -// print(aafLur, pri, new LocalPermission("global"),true); -// print(aafLur, pri, new LocalPermission("kumquat"),false); -// } -// -// print(aafLur, pri, new LocalPermission("bogus"),false); -// -// for (int i = 0; i < 10; ++i) -// print(aafLur, pri, new LocalPermission("supergroup"),false); -// -// System.out.println("All Done"); -// } - - - private void print(Lur aafLur, Principal pri, Permission perm, boolean shouldBe) - throws CadiException { - long start = System.nanoTime(); - - // The Call - boolean ok = aafLur.fish(pri, perm); - - assertEquals(shouldBe,ok); - float ms = (System.nanoTime() - start) / 1000000f; - if (ok) { - System.out.println("Yes, part of " + perm.getKey() + " (" + ms - + "ms)"); - } else { - System.out.println("No, not part of " + perm.getKey() + " (" + ms - + "ms)"); - } - } - - @SuppressWarnings("rawtypes") - public class Req implements HttpServletRequest { - private String[] headers; - - public Req(String ... headers) { - this.headers = headers; - } - - public Object getAttribute(String name) { - // TODO Auto-generated method stub - return null; - } - - @SuppressWarnings("unchecked") - public Enumeration getAttributeNames() { - // TODO Auto-generated method stub - return null; - } - - public String getCharacterEncoding() { - // TODO Auto-generated method stub - return null; - } - - public void setCharacterEncoding(String env) - throws UnsupportedEncodingException { - // TODO Auto-generated method stub - - } - - public int getContentLength() { - // TODO Auto-generated method stub - return 0; - } - - public String getContentType() { - // TODO Auto-generated method stub - return null; - } - - public ServletInputStream getInputStream() throws IOException { - // TODO Auto-generated method stub - return null; - } - - public String getParameter(String name) { - // TODO Auto-generated method stub - return null; - } - - @SuppressWarnings("unchecked") - public Enumeration getParameterNames() { - // TODO Auto-generated method stub - return null; - } - - public String[] getParameterValues(String name) { - // TODO Auto-generated method stub - return null; - } - - @SuppressWarnings("unchecked") - public Map getParameterMap() { - // TODO Auto-generated method stub - return null; - } - - public String getProtocol() { - // TODO Auto-generated method stub - return null; - } - - public String getScheme() { - // TODO Auto-generated method stub - return null; - } - - public String getServerName() { - // TODO Auto-generated method stub - return null; - } - - public int getServerPort() { - // TODO Auto-generated method stub - return 0; - } - - public BufferedReader getReader() throws IOException { - // TODO Auto-generated method stub - return null; - } - - public String getRemoteAddr() { - // TODO Auto-generated method stub - return null; - } - - public String getRemoteHost() { - // TODO Auto-generated method stub - return null; - } - - public void setAttribute(String name, Object o) { - // TODO Auto-generated method stub - - } - - public void removeAttribute(String name) { - // TODO Auto-generated method stub - - } - - public Locale getLocale() { - // TODO Auto-generated method stub - return null; - } - - @SuppressWarnings("unchecked") - public Enumeration getLocales() { - // TODO Auto-generated method stub - return null; - } - - public boolean isSecure() { - // TODO Auto-generated method stub - return false; - } - - public RequestDispatcher getRequestDispatcher(String path) { - // TODO Auto-generated method stub - return null; - } - - public String getRealPath(String path) { - // TODO Auto-generated method stub - return null; - } - - public int getRemotePort() { - // TODO Auto-generated method stub - return 0; - } - - public String getLocalName() { - // TODO Auto-generated method stub - return null; - } - - public String getLocalAddr() { - // TODO Auto-generated method stub - return null; - } - - public int getLocalPort() { - // TODO Auto-generated method stub - return 0; - } - - public String getAuthType() { - // TODO Auto-generated method stub - return null; - } - - public Cookie[] getCookies() { - // TODO Auto-generated method stub - return null; - } - - public long getDateHeader(String name) { - // TODO Auto-generated method stub - return 0; - } - - public String getHeader(String name) { - for(int i=1;i getParts() throws IOException, ServletException { - // TODO Auto-generated method stub - return null; - } - - @Override - public Part getPart(String name) throws IOException, ServletException { - // TODO Auto-generated method stub - return null; - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java deleted file mode 100644 index 3779b4f..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java +++ /dev/null @@ -1,145 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.lur.aaf.test; - -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; - -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; -import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.locator.PropertyLocator; - -public class JU_MultiThreadPermHit { - public static void main(String args[]) { - // Link or reuse to your Logging mechanism - PropAccess myAccess = new PropAccess(); // - - // - try { - AAFConHttp con = new AAFConHttp(myAccess,new PropertyLocator("https://mithrilcsp.sbc.com:8100")); - - // AAFLur has pool of DME clients as needed, and Caches Client lookups - final AAFLurPerm aafLur = con.newLur(); - aafLur.setDebug("m12345@aaf.att.com"); - - // Note: If you need both Authn and Authz construct the following: - AAFAuthn aafAuthn = con.newAuthn(aafLur); - - // Do not set Mech ID until after you construct AAFAuthn, - // because we initiate "401" info to determine the Realm of - // of the service we're after. - final String id = myAccess.getProperty(Config.AAF_MECHID,null); - final String pass = myAccess.decrypt(myAccess.getProperty(Config.AAF_MECHPASS,null),false); - if(id!=null && pass!=null) { - try { - - // Normally, you obtain Principal from Authentication System. - // // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() - // // If you use CADI as Authenticator, it will get you these Principals from - // // CSP or BasicAuth mechanisms. - // String id = "cluster_admin@gridcore.att.com"; - // - // // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - String ok; - ok = aafAuthn.validate(id, pass); - if(ok!=null) { - System.out.println(ok); - } - - List pond = new ArrayList(); - for(int i=0;i<20;++i) { - pond.clear(); - aafLur.fishAll(i+id, pond); - if(ok!=null && i%1000==0) { - System.out.println(i + " " + ok); - } - } - - for(int i=0;i<1000000;++i) { - ok = aafAuthn.validate( i+ id, "wrongPass"); - if(ok!=null && i%1000==0) { - System.out.println(i + " " + ok); - } - } - - final AAFPermission perm = new AAFPermission("com.att.aaf.access","*","*"); - - // Now you can ask the LUR (Local Representative of the User Repository about Authorization - // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object - // instead of creating your own LUR - for(int i=0;i<4;++i) { - if(aafLur.fish(id, perm)) { - System.out.println("Yes, " + id + " has permission for " + perm.getKey()); - } else { - System.out.println("No, " + id + " does not have permission for " + perm.getKey()); - } - } - - - // Or you can all for all the Permissions available - List perms = new ArrayList(); - - - aafLur.fishAll(id,perms); - System.out.println("Perms for " + id); - for(Permission prm : perms) { - System.out.println(prm.getKey()); - } - - System.out.println("Press any key to continue"); - System.in.read(); - - for(int j=0;j<5;++j) { - new Thread(new Runnable() { - @Override - public void run() { - for(int i=0;i<20;++i) { - if(aafLur.fish(id, perm)) { - System.out.println("Yes, " + id + " has permission for " + perm.getKey()); - } else { - System.out.println("No, " + id + " does not have permission for " + perm.getKey()); - } - } - } - }).start(); - } - - - } finally { - aafLur.destroy(); - } - } else { // checked on IDs - System.err.println(Config.AAF_MECHID + " and/or " + Config.AAF_MECHPASS + " are not set."); - } - } catch (Exception e) { - e.printStackTrace(); - } - } -} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java deleted file mode 100644 index d60eedb..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_PermEval.java +++ /dev/null @@ -1,107 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.lur.aaf.test; - -import static org.junit.Assert.*; - -import org.junit.AfterClass; -import org.junit.Test; -import org.onap.aaf.cadi.aaf.PermEval; - -public class JU_PermEval { - - @AfterClass - public static void tearDownAfterClass() throws Exception { - } - - @Test - public void test() { - assertTrue(PermEval.evalInstance(":com.att.temp:role:write",":!com.att.*:role:write")); - - // TRUE - assertTrue(PermEval.evalAction("fred","fred")); - assertTrue(PermEval.evalAction("fred,wilma","fred")); - assertTrue(PermEval.evalAction("barney,betty,fred,wilma","fred")); - assertTrue(PermEval.evalAction("*","fred")); - - assertTrue(PermEval.evalInstance("fred","fred")); - assertTrue(PermEval.evalInstance("fred,wilma","fred")); - assertTrue(PermEval.evalInstance("barney,betty,fred,wilma","fred")); - assertTrue(PermEval.evalInstance("*","fred")); - - assertTrue(PermEval.evalInstance(":fred:fred",":fred:fred")); - assertTrue(PermEval.evalInstance(":fred:fred,wilma",":fred:fred")); - assertTrue(PermEval.evalInstance(":fred:barney,betty,fred,wilma",":fred:fred")); - assertTrue(PermEval.evalInstance("*","fred")); - assertTrue(PermEval.evalInstance(":*:fred",":fred:fred")); - assertTrue(PermEval.evalInstance(":fred:*",":fred:fred")); - assertTrue(PermEval.evalInstance(":fred:fred",":!f.*:fred")); - assertTrue(PermEval.evalInstance(":fred:fred",":fred:!f.*")); - - /// FALSE - assertFalse(PermEval.evalInstance("fred","wilma")); - assertFalse(PermEval.evalInstance("fred,barney,betty","wilma")); - assertFalse(PermEval.evalInstance(":fred:fred",":fred:wilma")); - assertFalse(PermEval.evalInstance(":fred:fred",":wilma:fred")); - assertFalse(PermEval.evalInstance(":fred:fred",":wilma:!f.*")); - assertFalse(PermEval.evalInstance(":fred:fred",":!f.*:wilma")); - assertFalse(PermEval.evalInstance(":fred:fred",":!w.*:!f.*")); - assertFalse(PermEval.evalInstance(":fred:fred",":!f.*:!w.*")); - - assertFalse(PermEval.evalInstance(":fred:fred",":fred:!x.*")); - - // MSO Tests 12/3/2015 - assertFalse(PermEval.evalInstance("/v1/services/features/*","/v1/services/features")); - assertFalse(PermEval.evalInstance(":v1:services:features:*",":v1:services:features")); - assertTrue(PermEval.evalInstance("/v1/services/features/*","/v1/services/features/api1")); - assertTrue(PermEval.evalInstance(":v1:services:features:*",":v1:services:features:api2")); - // MSO - Xue Gao - assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service")); - - - - // Same tests, with Slashes - assertTrue(PermEval.evalInstance("/fred/fred","/fred/fred")); - assertTrue(PermEval.evalInstance("/fred/fred,wilma","/fred/fred")); - assertTrue(PermEval.evalInstance("/fred/barney,betty,fred,wilma","/fred/fred")); - assertTrue(PermEval.evalInstance("*","fred")); - assertTrue(PermEval.evalInstance("/*/fred","/fred/fred")); - assertTrue(PermEval.evalInstance("/fred/*","/fred/fred")); - assertTrue(PermEval.evalInstance("/fred/fred","/!f.*/fred")); - assertTrue(PermEval.evalInstance("/fred/fred","/fred/!f.*")); - - /// FALSE - assertFalse(PermEval.evalInstance("fred","wilma")); - assertFalse(PermEval.evalInstance("fred,barney,betty","wilma")); - assertFalse(PermEval.evalInstance("/fred/fred","/fred/wilma")); - assertFalse(PermEval.evalInstance("/fred/fred","/wilma/fred")); - assertFalse(PermEval.evalInstance("/fred/fred","/wilma/!f.*")); - assertFalse(PermEval.evalInstance("/fred/fred","/!f.*/wilma")); - assertFalse(PermEval.evalInstance("/fred/fred","/!w.*/!f.*")); - assertFalse(PermEval.evalInstance("/fred/fred","/!f.*/!w.*")); - - assertFalse(PermEval.evalInstance("/fred/fred","/fred/!x.*")); - - } - -} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java deleted file mode 100644 index f3d66a6..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java +++ /dev/null @@ -1,122 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.lur.aaf.test; - -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.PrintStream; - -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.Symm; -import org.onap.aaf.cadi.config.Config; - -public class JU_TestAccess implements Access { - private Symm symm; - private PrintStream out; - - public JU_TestAccess(PrintStream out) { - this.out = out; - InputStream is = ClassLoader.getSystemResourceAsStream("cadi.properties"); - try { - System.getProperties().load(is); - } catch (IOException e) { - e.printStackTrace(out); - } finally { - try { - is.close(); - } catch (IOException e) { - e.printStackTrace(out); - } - } - - String keyfile = System.getProperty(Config.CADI_KEYFILE); - if(keyfile==null) { - System.err.println("No " + Config.CADI_KEYFILE + " in Classpath"); - } else { - try { - is = new FileInputStream(keyfile); - try { - symm = Symm.obtain(is); - } finally { - is.close(); - } - } catch (IOException e) { - e.printStackTrace(out); - } - } - - - - } - - public void log(Level level, Object... elements) { - boolean first = true; - for(int i=0;i