From 538dc09c0210c9458565b4480af009a3fbb99f6d Mon Sep 17 00:00:00 2001 From: sg481n Date: Mon, 2 Oct 2017 13:40:28 +0000 Subject: Improve code coverage for aaf cadi modules. Issie-ID: AAF-79 Change-Id: I57c757a12997a81137a71c2ce131fb3ef934ec1f Signed-off-by: sg481n --- .../com/onap/aaf/cadi/aaf/AAFPermissionTest.java | 211 --------------------- .../com/onap/aaf/cadi/aaf/AAFTransmutateTest.java | 118 ------------ .../onap/aaf/cadi/aaf/JU_AAFPermissionTest.java | 211 +++++++++++++++++++++ .../onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java | 118 ++++++++++++ .../aaf/cadi/aaf/marshal/CertsMarshalTest.java | 54 ------ .../aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java | 54 ++++++ .../org/onap/aaf/cadi/aaf/v2_0/AAFAuthnTest.java | 155 --------------- .../onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java | 155 +++++++++++++++ .../cadi/lur/aaf/test/JU_MultiThreadPermHit.java | 145 ++++++++++++++ .../onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java | 122 ++++++++++++ .../aaf/cadi/lur/aaf/test/MultiThreadPermHit.java | 145 -------------- .../org/onap/aaf/cadi/lur/aaf/test/TestAccess.java | 122 ------------ .../test/java/org/onap/aaf/example/CadiTest.java | 58 ------ .../org/onap/aaf/example/ExampleAuthCheck.java | 57 ------ .../java/org/onap/aaf/example/ExamplePerm2_0.java | 113 ----------- .../org/onap/aaf/example/ExamplePerm2_0_DME2.java | 113 ----------- .../java/org/onap/aaf/example/JU_CadiTest.java | 58 ++++++ .../org/onap/aaf/example/JU_ExampleAuthCheck.java | 57 ++++++ .../org/onap/aaf/example/JU_ExamplePerm2_0.java | 113 +++++++++++ .../onap/aaf/example/JU_ExamplePerm2_0_DME2.java | 113 +++++++++++ .../java/org/onap/aaf/example/JU_X509Test.java | 89 +++++++++ .../test/java/org/onap/aaf/example/X509Test.java | 89 --------- 22 files changed, 1235 insertions(+), 1235 deletions(-) delete mode 100644 aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFPermissionTest.java delete mode 100644 aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFTransmutateTest.java create mode 100644 aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java create mode 100644 aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshalTest.java create mode 100644 aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthnTest.java create mode 100644 aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java create mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java create mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/MultiThreadPermHit.java delete mode 100644 aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/TestAccess.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/CadiTest.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/ExampleAuthCheck.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0_DME2.java create mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java create mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java create mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java create mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java create mode 100644 aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java delete mode 100644 aaf/src/test/java/org/onap/aaf/example/X509Test.java (limited to 'aaf') diff --git a/aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFPermissionTest.java b/aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFPermissionTest.java deleted file mode 100644 index f4ca955..0000000 --- a/aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFPermissionTest.java +++ /dev/null @@ -1,211 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package com.onap.aaf.cadi.aaf; -import static org.junit.Assert.*; - -import org.junit.Test; - - - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.*; -import static org.mockito.Mockito.when; - -import org.junit.Before; -import org.junit.Test; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.lur.LocalPermission; - -public class AAFPermissionTest { - - private static final String INSTANCE = "*"; - private static final String ACTION = "*"; - private static final String TYPE = "Auth"; - private static final String KEY =TYPE + '|' + INSTANCE + '|' + ACTION; - - private String STRINGVALUE = - "AAFPermission:\n\tType: " + TYPE + - "\n\tInstance: " + INSTANCE + - "\n\tAction: " + ACTION + - "\n\tKey: " + KEY; - - @Mock - private LocalPermission localPermission; - - @Mock - private LocalPermission localPermission2; - - @Before - public void setup() { - MockitoAnnotations.initMocks(this); - when(localPermission.getKey()).thenReturn(TYPE); - when(localPermission2.getKey()).thenReturn(TYPE+" Default"); - } - - @Test - public void test() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } - - @Test - public void test4() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } - - @Test - public void test1() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } - - @Test - public void test2() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } - - - @Test - public void test3() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } - - @Test - public void test5() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } - - @Test - public void test6() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } - - @Test - public void test7() { - AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); - - assertTrue("This should Match",permission.match(permission)); - - assertTrue("This should Match", permission.match(localPermission)); - - assertFalse("This should Not Match", permission.match(localPermission2)); - - assertThat(permission.getKey(), is(KEY)); - - assertThat(permission.permType(), is("AAF")); - - assertThat(permission.toString(), is(STRINGVALUE)); - - } -} diff --git a/aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFTransmutateTest.java b/aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFTransmutateTest.java deleted file mode 100644 index c143d2e..0000000 --- a/aaf/src/test/java/com/onap/aaf/cadi/aaf/AAFTransmutateTest.java +++ /dev/null @@ -1,118 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package com.onap.aaf.cadi.aaf; - -import static org.junit.Assert.*; - -import org.junit.Test; - -import static org.junit.Assert.*; -import static org.mockito.Mockito.when; - -import java.io.IOException; -import java.security.Principal; - -import org.junit.Before; -import org.junit.Test; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.onap.aaf.cadi.aaf.AAFTransmutate; -import org.onap.aaf.cadi.lur.ConfigPrincipal; -import org.onap.aaf.cadi.principal.BasicPrincipal; - -public class AAFTransmutateTest { - - @Mock - Principal principal ; - - @Before - public void setup() { - MockitoAnnotations.initMocks(this); - when(principal.getName()).thenReturn("Value"); - } - - @Test - public void testMutate() throws IOException { - BasicPrincipal p = new BasicPrincipal("content", "domain"); - AAFTransmutate transmutate = new AAFTransmutate(); -// assertNotNull(transmutate.mutate(p)); - - ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); -// assertNotNull(transmutate.mutate(cp)); - - assertNull(transmutate.mutate(principal)); - } - - - @Test - public void testMutate4() throws IOException { - BasicPrincipal p = new BasicPrincipal("content", "domain"); - AAFTransmutate transmutate = new AAFTransmutate(); -// assertNotNull(transmutate.mutate(p)); - - ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); -// assertNotNull(transmutate.mutate(cp)); - - assertNull(transmutate.mutate(principal)); - } - - - @Test - public void testMutate1() throws IOException { - BasicPrincipal p = new BasicPrincipal("content", "domain"); - AAFTransmutate transmutate = new AAFTransmutate(); -// assertNotNull(transmutate.mutate(p)); - - ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); -// assertNotNull(transmutate.mutate(cp)); - - assertNull(transmutate.mutate(principal)); - } - - - @Test - public void testMutate2() throws IOException { - BasicPrincipal p = new BasicPrincipal("content", "domain"); - AAFTransmutate transmutate = new AAFTransmutate(); -// assertNotNull(transmutate.mutate(p)); - - ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); -// assertNotNull(transmutate.mutate(cp)); - - assertNull(transmutate.mutate(principal)); - } - - - @Test - public void testMutate3() throws IOException { - BasicPrincipal p = new BasicPrincipal("content", "domain"); - AAFTransmutate transmutate = new AAFTransmutate(); -// assertNotNull(transmutate.mutate(p)); - - ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); -// assertNotNull(transmutate.mutate(cp)); - - assertNull(transmutate.mutate(principal)); - } - -} diff --git a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java b/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java new file mode 100644 index 0000000..a809a0d --- /dev/null +++ b/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFPermissionTest.java @@ -0,0 +1,211 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package com.onap.aaf.cadi.aaf; +import static org.junit.Assert.*; + +import org.junit.Test; + + + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.*; +import static org.mockito.Mockito.when; + +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.aaf.cadi.lur.LocalPermission; + +public class JU_AAFPermissionTest { + + private static final String INSTANCE = "*"; + private static final String ACTION = "*"; + private static final String TYPE = "Auth"; + private static final String KEY =TYPE + '|' + INSTANCE + '|' + ACTION; + + private String STRINGVALUE = + "AAFPermission:\n\tType: " + TYPE + + "\n\tInstance: " + INSTANCE + + "\n\tAction: " + ACTION + + "\n\tKey: " + KEY; + + @Mock + private LocalPermission localPermission; + + @Mock + private LocalPermission localPermission2; + + @Before + public void setup() { + MockitoAnnotations.initMocks(this); + when(localPermission.getKey()).thenReturn(TYPE); + when(localPermission2.getKey()).thenReturn(TYPE+" Default"); + } + + @Test + public void test() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } + + @Test + public void test4() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } + + @Test + public void test1() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } + + @Test + public void test2() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } + + + @Test + public void test3() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } + + @Test + public void test5() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } + + @Test + public void test6() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } + + @Test + public void test7() { + AAFPermission permission = new AAFPermission(TYPE, INSTANCE, ACTION); + + assertTrue("This should Match",permission.match(permission)); + + assertTrue("This should Match", permission.match(localPermission)); + + assertFalse("This should Not Match", permission.match(localPermission2)); + + assertThat(permission.getKey(), is(KEY)); + + assertThat(permission.permType(), is("AAF")); + + assertThat(permission.toString(), is(STRINGVALUE)); + + } +} diff --git a/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java b/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java new file mode 100644 index 0000000..5b0df09 --- /dev/null +++ b/aaf/src/test/java/com/onap/aaf/cadi/aaf/JU_AAFTransmutateTest.java @@ -0,0 +1,118 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package com.onap.aaf.cadi.aaf; + +import static org.junit.Assert.*; + +import org.junit.Test; + +import static org.junit.Assert.*; +import static org.mockito.Mockito.when; + +import java.io.IOException; +import java.security.Principal; + +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.onap.aaf.cadi.aaf.AAFTransmutate; +import org.onap.aaf.cadi.lur.ConfigPrincipal; +import org.onap.aaf.cadi.principal.BasicPrincipal; + +public class JU_AAFTransmutateTest { + + @Mock + Principal principal ; + + @Before + public void setup() { + MockitoAnnotations.initMocks(this); + when(principal.getName()).thenReturn("Value"); + } + + @Test + public void testMutate() throws IOException { + BasicPrincipal p = new BasicPrincipal("content", "domain"); + AAFTransmutate transmutate = new AAFTransmutate(); +// assertNotNull(transmutate.mutate(p)); + + ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); +// assertNotNull(transmutate.mutate(cp)); + + assertNull(transmutate.mutate(principal)); + } + + + @Test + public void testMutate4() throws IOException { + BasicPrincipal p = new BasicPrincipal("content", "domain"); + AAFTransmutate transmutate = new AAFTransmutate(); +// assertNotNull(transmutate.mutate(p)); + + ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); +// assertNotNull(transmutate.mutate(cp)); + + assertNull(transmutate.mutate(principal)); + } + + + @Test + public void testMutate1() throws IOException { + BasicPrincipal p = new BasicPrincipal("content", "domain"); + AAFTransmutate transmutate = new AAFTransmutate(); +// assertNotNull(transmutate.mutate(p)); + + ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); +// assertNotNull(transmutate.mutate(cp)); + + assertNull(transmutate.mutate(principal)); + } + + + @Test + public void testMutate2() throws IOException { + BasicPrincipal p = new BasicPrincipal("content", "domain"); + AAFTransmutate transmutate = new AAFTransmutate(); +// assertNotNull(transmutate.mutate(p)); + + ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); +// assertNotNull(transmutate.mutate(cp)); + + assertNull(transmutate.mutate(principal)); + } + + + @Test + public void testMutate3() throws IOException { + BasicPrincipal p = new BasicPrincipal("content", "domain"); + AAFTransmutate transmutate = new AAFTransmutate(); +// assertNotNull(transmutate.mutate(p)); + + ConfigPrincipal cp = new ConfigPrincipal("content", "cred"); +// assertNotNull(transmutate.mutate(cp)); + + assertNull(transmutate.mutate(principal)); + } + +} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshalTest.java b/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshalTest.java deleted file mode 100644 index 53067ad..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshalTest.java +++ /dev/null @@ -1,54 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.aaf.marshal; -import static org.junit.Assert.*; - -import org.junit.Test; - - - -import static org.junit.Assert.*; - -import org.junit.Test; -import org.onap.aaf.rosetta.ParseException; - -public class CertsMarshalTest { - - @Test - public void test() throws ParseException { - CertsMarshal marshal = new CertsMarshal(); - assertNotNull(marshal); - } - - @Test - public void test2() throws ParseException { - CertsMarshal marshal = new CertsMarshal(); - assertNotNull(marshal); - } - - @Test - public void test3() throws ParseException { - CertsMarshal marshal = new CertsMarshal(); - assertNotNull(marshal); - } -} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java b/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java new file mode 100644 index 0000000..a3c12d3 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/JU_CertsMarshalTest.java @@ -0,0 +1,54 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.cadi.aaf.marshal; +import static org.junit.Assert.*; + +import org.junit.Test; + + + +import static org.junit.Assert.*; + +import org.junit.Test; +import org.onap.aaf.rosetta.ParseException; + +public class JU_CertsMarshalTest { + + @Test + public void test() throws ParseException { + CertsMarshal marshal = new CertsMarshal(); + assertNotNull(marshal); + } + + @Test + public void test2() throws ParseException { + CertsMarshal marshal = new CertsMarshal(); + assertNotNull(marshal); + } + + @Test + public void test3() throws ParseException { + CertsMarshal marshal = new CertsMarshal(); + assertNotNull(marshal); + } +} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthnTest.java b/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthnTest.java deleted file mode 100644 index 961418c..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthnTest.java +++ /dev/null @@ -1,155 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.aaf.v2_0; -import static org.junit.Assert.*; - -import org.junit.Test; - - - -import static org.junit.Assert.*; -import static org.mockito.Matchers.anyInt; -import static org.mockito.Mockito.when; - - -import org.junit.Before; -import org.junit.Test; -import org.mockito.Answers; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.onap.aaf.cadi.AbsUserCache; -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.client.Future; -import org.onap.aaf.inno.env.APIException; - -import com.att.aft.dme2.internal.jersey.api.client.Client; - -public class AAFAuthnTest { - - @Mock(answer = Answers.RETURNS_DEEP_STUBS) - private AAFCon con; - - @Mock(answer = Answers.RETURNS_DEEP_STUBS) - private Future fp; - - @Mock(answer = Answers.RETURNS_DEEP_STUBS) - private AbsUserCache cache; - - - @Before - public void setup() throws APIException, CadiException { - MockitoAnnotations.initMocks(this); - when(con.client(AAFCon.AAF_LATEST_VERSION).read("/authn/basicAuth", "text/plain")).thenReturn(fp); - } - - @Test - public void testAAFAuthnAAFConOfCLIENT() throws Exception { - when(fp.get(anyInt())).thenReturn(false); - when(fp.code()).thenReturn(401); - when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); - AAFAuthn auth = new AAFAuthn(con); - - assertNotNull(auth.validate("NewUser", "New Password"));; - } - - @Test - public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission() throws Exception { - AAFAuthn auth = new AAFAuthn(con,cache); - } - - @Test - public void testAAFAuthnAAFConOfCLIENT1() throws Exception { - when(fp.get(anyInt())).thenReturn(false); - when(fp.code()).thenReturn(401); - when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); - AAFAuthn auth = new AAFAuthn(con); - - assertNotNull(auth.validate("NewUser1", "New Password1"));; - } - - @Test - public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission1() throws Exception { - AAFAuthn auth = new AAFAuthn(con,cache); - } - - @Test - public void testAAFAuthnAAFConOfCLIENT2() throws Exception { - when(fp.get(anyInt())).thenReturn(false); - when(fp.code()).thenReturn(401); - when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); - AAFAuthn auth = new AAFAuthn(con); - - assertNotNull(auth.validate("NewUser2", "New Password2"));; - } - - @Test - public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission2() throws Exception { - AAFAuthn auth = new AAFAuthn(con,cache); - } - - @Test - public void testAAFAuthnAAFConOfCLIENT3() throws Exception { - when(fp.get(anyInt())).thenReturn(false); - when(fp.code()).thenReturn(401); - when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); - AAFAuthn auth = new AAFAuthn(con); - - assertNotNull(auth.validate("NewUser3", "New Password3"));; - } - - @Test - public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission3() throws Exception { - AAFAuthn auth = new AAFAuthn(con,cache); - } - - @Test - public void testAAFAuthnAAFConOfCLIENT4() throws Exception { - when(fp.get(anyInt())).thenReturn(false); - when(fp.code()).thenReturn(401); - when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); - AAFAuthn auth = new AAFAuthn(con); - - assertNotNull(auth.validate("NewUser4", "New Password4"));; - } - - @Test - public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission4() throws Exception { - AAFAuthn auth = new AAFAuthn(con,cache); - } - - @Test - public void testAAFAuthnAAFConOfCLIENT5() throws Exception { - when(fp.get(anyInt())).thenReturn(false); - when(fp.code()).thenReturn(401); - when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); - AAFAuthn auth = new AAFAuthn(con); - - assertNotNull(auth.validate("NewUser5", "New Password5"));; - } - - @Test - public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission5() throws Exception { - AAFAuthn auth = new AAFAuthn(con,cache); - } -} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java b/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java new file mode 100644 index 0000000..9d95a6e --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/JU_AAFAuthnTest.java @@ -0,0 +1,155 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.cadi.aaf.v2_0; +import static org.junit.Assert.*; + +import org.junit.Test; + + + +import static org.junit.Assert.*; +import static org.mockito.Matchers.anyInt; +import static org.mockito.Mockito.when; + + +import org.junit.Before; +import org.junit.Test; +import org.mockito.Answers; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.onap.aaf.cadi.AbsUserCache; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.inno.env.APIException; + +import com.att.aft.dme2.internal.jersey.api.client.Client; + +public class JU_AAFAuthnTest { + + @Mock(answer = Answers.RETURNS_DEEP_STUBS) + private AAFCon con; + + @Mock(answer = Answers.RETURNS_DEEP_STUBS) + private Future fp; + + @Mock(answer = Answers.RETURNS_DEEP_STUBS) + private AbsUserCache cache; + + + @Before + public void setup() throws APIException, CadiException { + MockitoAnnotations.initMocks(this); + when(con.client(AAFCon.AAF_LATEST_VERSION).read("/authn/basicAuth", "text/plain")).thenReturn(fp); + } + + @Test + public void testAAFAuthnAAFConOfCLIENT() throws Exception { + when(fp.get(anyInt())).thenReturn(false); + when(fp.code()).thenReturn(401); + when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); + AAFAuthn auth = new AAFAuthn(con); + + assertNotNull(auth.validate("NewUser", "New Password"));; + } + + @Test + public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission() throws Exception { + AAFAuthn auth = new AAFAuthn(con,cache); + } + + @Test + public void testAAFAuthnAAFConOfCLIENT1() throws Exception { + when(fp.get(anyInt())).thenReturn(false); + when(fp.code()).thenReturn(401); + when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); + AAFAuthn auth = new AAFAuthn(con); + + assertNotNull(auth.validate("NewUser1", "New Password1"));; + } + + @Test + public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission1() throws Exception { + AAFAuthn auth = new AAFAuthn(con,cache); + } + + @Test + public void testAAFAuthnAAFConOfCLIENT2() throws Exception { + when(fp.get(anyInt())).thenReturn(false); + when(fp.code()).thenReturn(401); + when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); + AAFAuthn auth = new AAFAuthn(con); + + assertNotNull(auth.validate("NewUser2", "New Password2"));; + } + + @Test + public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission2() throws Exception { + AAFAuthn auth = new AAFAuthn(con,cache); + } + + @Test + public void testAAFAuthnAAFConOfCLIENT3() throws Exception { + when(fp.get(anyInt())).thenReturn(false); + when(fp.code()).thenReturn(401); + when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); + AAFAuthn auth = new AAFAuthn(con); + + assertNotNull(auth.validate("NewUser3", "New Password3"));; + } + + @Test + public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission3() throws Exception { + AAFAuthn auth = new AAFAuthn(con,cache); + } + + @Test + public void testAAFAuthnAAFConOfCLIENT4() throws Exception { + when(fp.get(anyInt())).thenReturn(false); + when(fp.code()).thenReturn(401); + when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); + AAFAuthn auth = new AAFAuthn(con); + + assertNotNull(auth.validate("NewUser4", "New Password4"));; + } + + @Test + public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission4() throws Exception { + AAFAuthn auth = new AAFAuthn(con,cache); + } + + @Test + public void testAAFAuthnAAFConOfCLIENT5() throws Exception { + when(fp.get(anyInt())).thenReturn(false); + when(fp.code()).thenReturn(401); + when(fp.header("WWW-Authenticate")).thenReturn("Basic realm=\"Value\""); + AAFAuthn auth = new AAFAuthn(con); + + assertNotNull(auth.validate("NewUser5", "New Password5"));; + } + + @Test + public void testAAFAuthnAAFConOfCLIENTAbsUserCacheOfAAFPermission5() throws Exception { + AAFAuthn auth = new AAFAuthn(con,cache); + } +} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java new file mode 100644 index 0000000..3779b4f --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_MultiThreadPermHit.java @@ -0,0 +1,145 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.cadi.lur.aaf.test; + +import java.security.Principal; +import java.util.ArrayList; +import java.util.List; + +import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.Permission; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; +import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; +import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.locator.PropertyLocator; + +public class JU_MultiThreadPermHit { + public static void main(String args[]) { + // Link or reuse to your Logging mechanism + PropAccess myAccess = new PropAccess(); // + + // + try { + AAFConHttp con = new AAFConHttp(myAccess,new PropertyLocator("https://mithrilcsp.sbc.com:8100")); + + // AAFLur has pool of DME clients as needed, and Caches Client lookups + final AAFLurPerm aafLur = con.newLur(); + aafLur.setDebug("m12345@aaf.att.com"); + + // Note: If you need both Authn and Authz construct the following: + AAFAuthn aafAuthn = con.newAuthn(aafLur); + + // Do not set Mech ID until after you construct AAFAuthn, + // because we initiate "401" info to determine the Realm of + // of the service we're after. + final String id = myAccess.getProperty(Config.AAF_MECHID,null); + final String pass = myAccess.decrypt(myAccess.getProperty(Config.AAF_MECHPASS,null),false); + if(id!=null && pass!=null) { + try { + + // Normally, you obtain Principal from Authentication System. + // // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() + // // If you use CADI as Authenticator, it will get you these Principals from + // // CSP or BasicAuth mechanisms. + // String id = "cluster_admin@gridcore.att.com"; + // + // // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. + String ok; + ok = aafAuthn.validate(id, pass); + if(ok!=null) { + System.out.println(ok); + } + + List pond = new ArrayList(); + for(int i=0;i<20;++i) { + pond.clear(); + aafLur.fishAll(i+id, pond); + if(ok!=null && i%1000==0) { + System.out.println(i + " " + ok); + } + } + + for(int i=0;i<1000000;++i) { + ok = aafAuthn.validate( i+ id, "wrongPass"); + if(ok!=null && i%1000==0) { + System.out.println(i + " " + ok); + } + } + + final AAFPermission perm = new AAFPermission("com.att.aaf.access","*","*"); + + // Now you can ask the LUR (Local Representative of the User Repository about Authorization + // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object + // instead of creating your own LUR + for(int i=0;i<4;++i) { + if(aafLur.fish(id, perm)) { + System.out.println("Yes, " + id + " has permission for " + perm.getKey()); + } else { + System.out.println("No, " + id + " does not have permission for " + perm.getKey()); + } + } + + + // Or you can all for all the Permissions available + List perms = new ArrayList(); + + + aafLur.fishAll(id,perms); + System.out.println("Perms for " + id); + for(Permission prm : perms) { + System.out.println(prm.getKey()); + } + + System.out.println("Press any key to continue"); + System.in.read(); + + for(int j=0;j<5;++j) { + new Thread(new Runnable() { + @Override + public void run() { + for(int i=0;i<20;++i) { + if(aafLur.fish(id, perm)) { + System.out.println("Yes, " + id + " has permission for " + perm.getKey()); + } else { + System.out.println("No, " + id + " does not have permission for " + perm.getKey()); + } + } + } + }).start(); + } + + + } finally { + aafLur.destroy(); + } + } else { // checked on IDs + System.err.println(Config.AAF_MECHID + " and/or " + Config.AAF_MECHPASS + " are not set."); + } + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java new file mode 100644 index 0000000..f3d66a6 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/JU_TestAccess.java @@ -0,0 +1,122 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.cadi.lur.aaf.test; + +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.PrintStream; + +import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.Symm; +import org.onap.aaf.cadi.config.Config; + +public class JU_TestAccess implements Access { + private Symm symm; + private PrintStream out; + + public JU_TestAccess(PrintStream out) { + this.out = out; + InputStream is = ClassLoader.getSystemResourceAsStream("cadi.properties"); + try { + System.getProperties().load(is); + } catch (IOException e) { + e.printStackTrace(out); + } finally { + try { + is.close(); + } catch (IOException e) { + e.printStackTrace(out); + } + } + + String keyfile = System.getProperty(Config.CADI_KEYFILE); + if(keyfile==null) { + System.err.println("No " + Config.CADI_KEYFILE + " in Classpath"); + } else { + try { + is = new FileInputStream(keyfile); + try { + symm = Symm.obtain(is); + } finally { + is.close(); + } + } catch (IOException e) { + e.printStackTrace(out); + } + } + + + + } + + public void log(Level level, Object... elements) { + boolean first = true; + for(int i=0;i aafAuthn = con.newAuthn(aafLur); - - // Do not set Mech ID until after you construct AAFAuthn, - // because we initiate "401" info to determine the Realm of - // of the service we're after. - final String id = myAccess.getProperty(Config.AAF_MECHID,null); - final String pass = myAccess.decrypt(myAccess.getProperty(Config.AAF_MECHPASS,null),false); - if(id!=null && pass!=null) { - try { - - // Normally, you obtain Principal from Authentication System. - // // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() - // // If you use CADI as Authenticator, it will get you these Principals from - // // CSP or BasicAuth mechanisms. - // String id = "cluster_admin@gridcore.att.com"; - // - // // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - String ok; - ok = aafAuthn.validate(id, pass); - if(ok!=null) { - System.out.println(ok); - } - - List pond = new ArrayList(); - for(int i=0;i<20;++i) { - pond.clear(); - aafLur.fishAll(i+id, pond); - if(ok!=null && i%1000==0) { - System.out.println(i + " " + ok); - } - } - - for(int i=0;i<1000000;++i) { - ok = aafAuthn.validate( i+ id, "wrongPass"); - if(ok!=null && i%1000==0) { - System.out.println(i + " " + ok); - } - } - - final AAFPermission perm = new AAFPermission("com.att.aaf.access","*","*"); - - // Now you can ask the LUR (Local Representative of the User Repository about Authorization - // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object - // instead of creating your own LUR - for(int i=0;i<4;++i) { - if(aafLur.fish(id, perm)) { - System.out.println("Yes, " + id + " has permission for " + perm.getKey()); - } else { - System.out.println("No, " + id + " does not have permission for " + perm.getKey()); - } - } - - - // Or you can all for all the Permissions available - List perms = new ArrayList(); - - - aafLur.fishAll(id,perms); - System.out.println("Perms for " + id); - for(Permission prm : perms) { - System.out.println(prm.getKey()); - } - - System.out.println("Press any key to continue"); - System.in.read(); - - for(int j=0;j<5;++j) { - new Thread(new Runnable() { - @Override - public void run() { - for(int i=0;i<20;++i) { - if(aafLur.fish(id, perm)) { - System.out.println("Yes, " + id + " has permission for " + perm.getKey()); - } else { - System.out.println("No, " + id + " does not have permission for " + perm.getKey()); - } - } - } - }).start(); - } - - - } finally { - aafLur.destroy(); - } - } else { // checked on IDs - System.err.println(Config.AAF_MECHID + " and/or " + Config.AAF_MECHPASS + " are not set."); - } - } catch (Exception e) { - e.printStackTrace(); - } - } -} diff --git a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/TestAccess.java b/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/TestAccess.java deleted file mode 100644 index 2af452d..0000000 --- a/aaf/src/test/java/org/onap/aaf/cadi/lur/aaf/test/TestAccess.java +++ /dev/null @@ -1,122 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.cadi.lur.aaf.test; - -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.PrintStream; - -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.Symm; -import org.onap.aaf.cadi.config.Config; - -public class TestAccess implements Access { - private Symm symm; - private PrintStream out; - - public TestAccess(PrintStream out) { - this.out = out; - InputStream is = ClassLoader.getSystemResourceAsStream("cadi.properties"); - try { - System.getProperties().load(is); - } catch (IOException e) { - e.printStackTrace(out); - } finally { - try { - is.close(); - } catch (IOException e) { - e.printStackTrace(out); - } - } - - String keyfile = System.getProperty(Config.CADI_KEYFILE); - if(keyfile==null) { - System.err.println("No " + Config.CADI_KEYFILE + " in Classpath"); - } else { - try { - is = new FileInputStream(keyfile); - try { - symm = Symm.obtain(is); - } finally { - is.close(); - } - } catch (IOException e) { - e.printStackTrace(out); - } - } - - - - } - - public void log(Level level, Object... elements) { - boolean first = true; - for(int i=0;i si = new SecurityInfoC(access); - HClient hclient = new HClient( - new HX509SS(si), - new URI("https://mithrilcsp.sbc.com:8085"),3000); - hclient.setMethod("OPTIONS"); - hclient.setPathInfo("/gui/cadi/log/toggle/INFO"); - hclient.send(); - Future future = hclient.futureReadString(); - if(future.get(5000)) { - System.out.println(future.value); - } else { - System.out.printf("Error: %d-%s", future.code(),future.body()); - } - - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/ExampleAuthCheck.java b/aaf/src/test/java/org/onap/aaf/example/ExampleAuthCheck.java deleted file mode 100644 index 65972cd..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/ExampleAuthCheck.java +++ /dev/null @@ -1,57 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.locator.DNSLocator; - -public class ExampleAuthCheck { - public static void main(String args[]) { - // Link or reuse to your Logging mechanism - PropAccess myAccess = new PropAccess(); // - - try { - AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator( - myAccess,"https","localhost","8100")); - AAFAuthn authn = acon.newAuthn(); - long start; - for (int i=0;i<10;++i) { - start = System.nanoTime(); - String err = authn.validate("", "gritty"); - if(err!=null) System.err.println(err); - else System.out.println("I'm ok"); - - err = authn.validate("bogus", "gritty"); - if(err!=null) System.err.println(err + " (correct error)"); - else System.out.println("I'm ok"); - - System.out.println((System.nanoTime()-start)/1000000f + " ms"); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java deleted file mode 100644 index f83b15b..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java +++ /dev/null @@ -1,113 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; - -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFCon; -import org.onap.aaf.cadi.aaf.v2_0.AAFConDME2; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; - -public class ExamplePerm2_0 { - public static void main(String args[]) { - - // Link or reuse to your Logging mechanism - PropAccess myAccess = new PropAccess(); - - // - try { - AAFCon acon = new AAFConDME2(myAccess); - - // AAFLur has pool of DME clients as needed, and Caches Client lookups - AAFLurPerm aafLur = acon.newLur(); - - // Note: If you need both Authn and Authz construct the following: - AAFAuthn aafAuthn = acon.newAuthn(aafLur); - - // Do not set Mech ID until after you construct AAFAuthn, - // because we initiate "401" info to determine the Realm of - // of the service we're after. - acon.basicAuth("mc0897@aaf.att.com", "XXXXXX"); - - try { - - // Normally, you obtain Principal from Authentication System. - // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() - // If you use CADI as Authenticator, it will get you these Principals from - // CSP or BasicAuth mechanisms. - String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com"; - - // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - String ok = aafAuthn.validate(id, "XXXXXX"); - if(ok!=null)System.out.println(ok); - - ok = aafAuthn.validate(id, "wrongPass"); - if(ok!=null)System.out.println(ok); - - - // AAF Style permissions are in the form - // Type, Instance, Action - AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE"); - - // Now you can ask the LUR (Local Representative of the User Repository about Authorization - // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object - // instead of creating your own LUR - System.out.println("Does " + id + " have " + perm); - if(aafLur.fish(id, perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - System.out.println("Does Bogus have " + perm); - if(aafLur.fish("Bogus", perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - // Or you can all for all the Permissions available - List perms = new ArrayList(); - - aafLur.fishAll(id,perms); - for(Permission prm : perms) { - System.out.println(prm.getKey()); - } - - // It might be helpful in some cases to clear the User's identity from the Cache - aafLur.remove(id); - } finally { - aafLur.destroy(); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0_DME2.java b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0_DME2.java deleted file mode 100644 index f6024a5..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0_DME2.java +++ /dev/null @@ -1,113 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; - -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; -import org.onap.aaf.cadi.locator.DNSLocator; - -public class ExamplePerm2_0_DME2 { - public static void main(String args[]) { - // Link or reuse to your Logging mechanism - PropAccess myAccess = new PropAccess(); - - // - try { - AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator( - myAccess,"https","localhost","8100")); - - // AAFLur has pool of DME clients as needed, and Caches Client lookups - AAFLurPerm aafLur = acon.newLur(); - - // Note: If you need both Authn and Authz construct the following: - AAFAuthn aafAuthn = acon.newAuthn(aafLur); - - // Do not set Mech ID until after you construct AAFAuthn, - // because we initiate "401" info to determine the Realm of - // of the service we're after. - acon.basicAuth("mc0897@aaf.att.com", "XXXXXX"); - - try { - - // Normally, you obtain Principal from Authentication System. - // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() - // If you use CADI as Authenticator, it will get you these Principals from - // CSP or BasicAuth mechanisms. - String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com"; - - // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - String ok = aafAuthn.validate(id, "XXXXXX"); - if(ok!=null)System.out.println(ok); - - ok = aafAuthn.validate(id, "wrongPass"); - if(ok!=null)System.out.println(ok); - - - // AAF Style permissions are in the form - // Type, Instance, Action - AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE"); - - // Now you can ask the LUR (Local Representative of the User Repository about Authorization - // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object - // instead of creating your own LUR - System.out.println("Does " + id + " have " + perm); - if(aafLur.fish(id, perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - System.out.println("Does Bogus have " + perm); - if(aafLur.fish("Bogus", perm)) { - System.out.println("Yes, you have permission"); - } else { - System.out.println("No, you don't have permission"); - } - - // Or you can all for all the Permissions available - List perms = new ArrayList(); - - aafLur.fishAll(id,perms); - for(Permission prm : perms) { - System.out.println(prm.getKey()); - } - - // It might be helpful in some cases to clear the User's identity from the Cache - aafLur.remove(id); - } finally { - aafLur.destroy(); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java b/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java new file mode 100644 index 0000000..17fd827 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/JU_CadiTest.java @@ -0,0 +1,58 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.example; + +import java.net.HttpURLConnection; +import java.net.URI; + +import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.config.SecurityInfoC; +import org.onap.aaf.cadi.http.HClient; +import org.onap.aaf.cadi.http.HX509SS; + +public class JU_CadiTest { + public static void main(String args[]) { + Access access = new PropAccess(); + try { + SecurityInfoC si = new SecurityInfoC(access); + HClient hclient = new HClient( + new HX509SS(si), + new URI("https://mithrilcsp.sbc.com:8085"),3000); + hclient.setMethod("OPTIONS"); + hclient.setPathInfo("/gui/cadi/log/toggle/INFO"); + hclient.send(); + Future future = hclient.futureReadString(); + if(future.get(5000)) { + System.out.println(future.value); + } else { + System.out.printf("Error: %d-%s", future.code(),future.body()); + } + + } catch (Exception e) { + e.printStackTrace(); + } + + } +} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java new file mode 100644 index 0000000..cb4e48f --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/JU_ExampleAuthCheck.java @@ -0,0 +1,57 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.example; + +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; +import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; +import org.onap.aaf.cadi.locator.DNSLocator; + +public class JU_ExampleAuthCheck { + public static void main(String args[]) { + // Link or reuse to your Logging mechanism + PropAccess myAccess = new PropAccess(); // + + try { + AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator( + myAccess,"https","localhost","8100")); + AAFAuthn authn = acon.newAuthn(); + long start; + for (int i=0;i<10;++i) { + start = System.nanoTime(); + String err = authn.validate("", "gritty"); + if(err!=null) System.err.println(err); + else System.out.println("I'm ok"); + + err = authn.validate("bogus", "gritty"); + if(err!=null) System.err.println(err + " (correct error)"); + else System.out.println("I'm ok"); + + System.out.println((System.nanoTime()-start)/1000000f + " ms"); + } + } catch (Exception e) { + e.printStackTrace(); + } + + } +} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java new file mode 100644 index 0000000..652cadb --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0.java @@ -0,0 +1,113 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.example; + +import java.security.Principal; +import java.util.ArrayList; +import java.util.List; + +import org.onap.aaf.cadi.Permission; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; +import org.onap.aaf.cadi.aaf.v2_0.AAFCon; +import org.onap.aaf.cadi.aaf.v2_0.AAFConDME2; +import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; + +public class JU_ExamplePerm2_0 { + public static void main(String args[]) { + + // Link or reuse to your Logging mechanism + PropAccess myAccess = new PropAccess(); + + // + try { + AAFCon acon = new AAFConDME2(myAccess); + + // AAFLur has pool of DME clients as needed, and Caches Client lookups + AAFLurPerm aafLur = acon.newLur(); + + // Note: If you need both Authn and Authz construct the following: + AAFAuthn aafAuthn = acon.newAuthn(aafLur); + + // Do not set Mech ID until after you construct AAFAuthn, + // because we initiate "401" info to determine the Realm of + // of the service we're after. + acon.basicAuth("mc0897@aaf.att.com", "XXXXXX"); + + try { + + // Normally, you obtain Principal from Authentication System. + // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() + // If you use CADI as Authenticator, it will get you these Principals from + // CSP or BasicAuth mechanisms. + String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com"; + + // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. + String ok = aafAuthn.validate(id, "XXXXXX"); + if(ok!=null)System.out.println(ok); + + ok = aafAuthn.validate(id, "wrongPass"); + if(ok!=null)System.out.println(ok); + + + // AAF Style permissions are in the form + // Type, Instance, Action + AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE"); + + // Now you can ask the LUR (Local Representative of the User Repository about Authorization + // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object + // instead of creating your own LUR + System.out.println("Does " + id + " have " + perm); + if(aafLur.fish(id, perm)) { + System.out.println("Yes, you have permission"); + } else { + System.out.println("No, you don't have permission"); + } + + System.out.println("Does Bogus have " + perm); + if(aafLur.fish("Bogus", perm)) { + System.out.println("Yes, you have permission"); + } else { + System.out.println("No, you don't have permission"); + } + + // Or you can all for all the Permissions available + List perms = new ArrayList(); + + aafLur.fishAll(id,perms); + for(Permission prm : perms) { + System.out.println(prm.getKey()); + } + + // It might be helpful in some cases to clear the User's identity from the Cache + aafLur.remove(id); + } finally { + aafLur.destroy(); + } + } catch (Exception e) { + e.printStackTrace(); + } + + } +} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java new file mode 100644 index 0000000..88e2936 --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/JU_ExamplePerm2_0_DME2.java @@ -0,0 +1,113 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.example; + +import java.security.Principal; +import java.util.ArrayList; +import java.util.List; + +import org.onap.aaf.cadi.Permission; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; +import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; +import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; +import org.onap.aaf.cadi.locator.DNSLocator; + +public class JU_ExamplePerm2_0_DME2 { + public static void main(String args[]) { + // Link or reuse to your Logging mechanism + PropAccess myAccess = new PropAccess(); + + // + try { + AAFConHttp acon = new AAFConHttp(myAccess, new DNSLocator( + myAccess,"https","localhost","8100")); + + // AAFLur has pool of DME clients as needed, and Caches Client lookups + AAFLurPerm aafLur = acon.newLur(); + + // Note: If you need both Authn and Authz construct the following: + AAFAuthn aafAuthn = acon.newAuthn(aafLur); + + // Do not set Mech ID until after you construct AAFAuthn, + // because we initiate "401" info to determine the Realm of + // of the service we're after. + acon.basicAuth("mc0897@aaf.att.com", "XXXXXX"); + + try { + + // Normally, you obtain Principal from Authentication System. + // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() + // If you use CADI as Authenticator, it will get you these Principals from + // CSP or BasicAuth mechanisms. + String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com"; + + // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. + String ok = aafAuthn.validate(id, "XXXXXX"); + if(ok!=null)System.out.println(ok); + + ok = aafAuthn.validate(id, "wrongPass"); + if(ok!=null)System.out.println(ok); + + + // AAF Style permissions are in the form + // Type, Instance, Action + AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE"); + + // Now you can ask the LUR (Local Representative of the User Repository about Authorization + // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object + // instead of creating your own LUR + System.out.println("Does " + id + " have " + perm); + if(aafLur.fish(id, perm)) { + System.out.println("Yes, you have permission"); + } else { + System.out.println("No, you don't have permission"); + } + + System.out.println("Does Bogus have " + perm); + if(aafLur.fish("Bogus", perm)) { + System.out.println("Yes, you have permission"); + } else { + System.out.println("No, you don't have permission"); + } + + // Or you can all for all the Permissions available + List perms = new ArrayList(); + + aafLur.fishAll(id,perms); + for(Permission prm : perms) { + System.out.println(prm.getKey()); + } + + // It might be helpful in some cases to clear the User's identity from the Cache + aafLur.remove(id); + } finally { + aafLur.destroy(); + } + } catch (Exception e) { + e.printStackTrace(); + } + + } +} diff --git a/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java b/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java new file mode 100644 index 0000000..e756f6d --- /dev/null +++ b/aaf/src/test/java/org/onap/aaf/example/JU_X509Test.java @@ -0,0 +1,89 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.example; + +import java.security.Principal; + +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; +import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.locator.DNSLocator; +import org.onap.aaf.cadi.lur.LocalPermission; + +public class JU_X509Test { + public static void main(String args[]) { + // Link or reuse to your Logging mechanism + + PropAccess myAccess = new PropAccess(); + + // + try { + AAFConHttp con = new AAFConHttp(myAccess, + new DNSLocator(myAccess,"https","mithrilcsp.sbc.com","8100")); + + // AAFLur has pool of DME clients as needed, and Caches Client lookups + AAFLurPerm aafLur = con.newLur(); + + // Note: If you need both Authn and Authz construct the following: +// AAFAuthn aafAuthn = con.newAuthn(aafLur); + + // con.x509Alias("aaf.att"); // alias in keystore + + try { + + // Normally, you obtain Principal from Authentication System. +// // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() +// // If you use CADI as Authenticator, it will get you these Principals from +// // CSP or BasicAuth mechanisms. +// String id = "cluster_admin@gridcore.att.com"; +// +// // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. + Future fs = + con.client("2.0").read("/authz/perms/com.att.aaf.ca","application/Perms+json"); + if(fs.get(3000)) { + System.out.println(fs.value); + } else { + System.out.println("Error: " + fs.code() + ':' + fs.body()); + } + + // Check on Perms with LUR + if(aafLur.fish(new Principal() { + @Override + public String getName() { + return "m12345@aaf.att.com"; + } + }, new LocalPermission("com.att.aaf.ca|aaf|request"))) { + System.out.println("Has Perm"); + } else { + System.out.println("Does NOT Have Perm"); + } + } finally { + aafLur.destroy(); + } + } catch (Exception e) { + e.printStackTrace(); + } + + } +} diff --git a/aaf/src/test/java/org/onap/aaf/example/X509Test.java b/aaf/src/test/java/org/onap/aaf/example/X509Test.java deleted file mode 100644 index ad5d4b2..0000000 --- a/aaf/src/test/java/org/onap/aaf/example/X509Test.java +++ /dev/null @@ -1,89 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package org.onap.aaf.example; - -import java.security.Principal; - -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp; -import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; -import org.onap.aaf.cadi.client.Future; -import org.onap.aaf.cadi.locator.DNSLocator; -import org.onap.aaf.cadi.lur.LocalPermission; - -public class X509Test { - public static void main(String args[]) { - // Link or reuse to your Logging mechanism - - PropAccess myAccess = new PropAccess(); - - // - try { - AAFConHttp con = new AAFConHttp(myAccess, - new DNSLocator(myAccess,"https","mithrilcsp.sbc.com","8100")); - - // AAFLur has pool of DME clients as needed, and Caches Client lookups - AAFLurPerm aafLur = con.newLur(); - - // Note: If you need both Authn and Authz construct the following: -// AAFAuthn aafAuthn = con.newAuthn(aafLur); - - // con.x509Alias("aaf.att"); // alias in keystore - - try { - - // Normally, you obtain Principal from Authentication System. -// // For J2EE, you can ask the HttpServletRequest for getUserPrincipal() -// // If you use CADI as Authenticator, it will get you these Principals from -// // CSP or BasicAuth mechanisms. -// String id = "cluster_admin@gridcore.att.com"; -// -// // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason. - Future fs = - con.client("2.0").read("/authz/perms/com.att.aaf.ca","application/Perms+json"); - if(fs.get(3000)) { - System.out.println(fs.value); - } else { - System.out.println("Error: " + fs.code() + ':' + fs.body()); - } - - // Check on Perms with LUR - if(aafLur.fish(new Principal() { - @Override - public String getName() { - return "m12345@aaf.att.com"; - } - }, new LocalPermission("com.att.aaf.ca|aaf|request"))) { - System.out.println("Has Perm"); - } else { - System.out.println("Does NOT Have Perm"); - } - } finally { - aafLur.destroy(); - } - } catch (Exception e) { - e.printStackTrace(); - } - - } -} -- cgit 1.2.3-korg