summaryrefslogtreecommitdiffstats
path: root/src/test
diff options
context:
space:
mode:
authormark.j.leonard <mark.j.leonard@gmail.com>2019-03-11 17:50:07 +0000
committermark.j.leonard <mark.j.leonard@gmail.com>2019-03-11 17:50:07 +0000
commit13494d99a913817342da23ffc58029bdc4203814 (patch)
tree2e122991625666bc756d3abb981e34701a2d0ca3 /src/test
parentbe689ed12e6f35dd98606cb5561433c1275d44a8 (diff)
Refactor auth classes and add tests
Add new tests to give better coverage of the authorization classes. Refactor the core class for readability. Change-Id: I2be467d8f4492249a0c29be8b108bb2bce2818dd Issue-ID: AAI-2229 Signed-off-by: mark.j.leonard <mark.j.leonard@gmail.com>
Diffstat (limited to 'src/test')
-rw-r--r--src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java111
-rw-r--r--src/test/resources/appconfig/auth/auth_policy.json12
2 files changed, 118 insertions, 5 deletions
diff --git a/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java b/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java
index b9a8ff9..ef9504b 100644
--- a/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java
+++ b/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java
@@ -27,9 +27,11 @@ import static org.junit.Assert.assertThat;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
+import java.util.concurrent.TimeUnit;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
+import org.junit.Before;
import org.junit.Test;
import org.onap.aai.auth.AAIAuthException;
import org.onap.aai.auth.AAIMicroServiceAuth;
@@ -46,11 +48,26 @@ public class MicroServiceAuthTest {
private static final String VALID_ADMIN_USER = "cn=common-name, ou=org-unit, o=org, l=location, st=state, c=us";
private static final String authPolicyFile = "auth_policy.json";
- static {
+ @Before
+ public void setup() {
System.setProperty("CONFIG_HOME", "src/test/resources");
}
/**
+ * Test authorization of a request when authentication is disabled.
+ *
+ * @throws AAIAuthException
+ * if the test creates invalid Auth Policy roles
+ */
+ @Test
+ public void testAuthenticationDisabled() throws AAIAuthException {
+ BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
+ babelAuthConfig.setAuthenticationDisable(true);
+ AAIMicroServiceAuth auth = new AAIMicroServiceAuth(babelAuthConfig);
+ assertThat(auth.validateRequest(null, new MockHttpServletRequest(), null, "any/uri"), is(true));
+ }
+
+ /**
* Temporarily invalidate the default policy file and then try to initialize the authorization class using the name
* of a policy file that does not exist.
*
@@ -71,6 +88,26 @@ public class MicroServiceAuthTest {
}
/**
+ * Temporarily invalidate the default policy file and then try to initialize the authorization class using a null
+ * policy file name.
+ *
+ * @throws AAIAuthException
+ * if the Auth policy file cannot be loaded
+ */
+ @Test(expected = AAIAuthException.class)
+ public void testNullPolicyFile() throws AAIAuthException {
+ String defaultFile = AAIMicroServiceAuthCore.getDefaultAuthFileName();
+ try {
+ AAIMicroServiceAuthCore.setDefaultAuthFileName("invalid.default.file");
+ BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig();
+ babelServiceAuthConfig.setAuthPolicyFile(null);
+ new AAIMicroServiceAuth(babelServiceAuthConfig);
+ } finally {
+ AAIMicroServiceAuthCore.setDefaultAuthFileName(defaultFile);
+ }
+ }
+
+ /**
* Test loading of a temporary file created with the specified roles.
*
* @throws AAIAuthException
@@ -89,6 +126,40 @@ public class MicroServiceAuthTest {
}
/**
+ * Test re-loading of users by changing the contents of a temporary file.
+ *
+ * @throws JSONException
+ * if this test creates an invalid JSON object
+ * @throws AAIAuthException
+ * if the test creates invalid Auth Policy roles
+ * @throws IOException
+ * for I/O failures
+ * @throws InterruptedException
+ * if interrupted while sleeping
+ */
+ @Test
+ public void createLocalAuthFileOnChange()
+ throws JSONException, AAIAuthException, IOException, InterruptedException {
+ JSONObject roles = createRoleObject("role", createUserObject("user"), createFunctionObject("func"));
+ File file = createTempPolicyFile(roles);
+
+ BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
+ babelAuthConfig.setAuthPolicyFile(file.getAbsolutePath());
+ new AAIMicroServiceAuth(babelAuthConfig);
+
+ // Make changes to the temp file
+ FileWriter fileWriter = new FileWriter(file);
+ fileWriter.write("");
+ fileWriter.flush();
+ fileWriter.close();
+
+ // Wait for the file to be reloaded
+ TimeUnit.SECONDS.sleep(3);
+
+ AAIMicroServiceAuthCore.cleanup();
+ }
+
+ /**
* Test that the default policy file is loaded when a non-existent file is passed to the authorisation class.
*
* @throws AAIAuthException
@@ -104,6 +175,23 @@ public class MicroServiceAuthTest {
}
/**
+ * Test that the default policy file is loaded when a non-existent file is passed to the authorisation class and
+ * CONFIG_HOME is not set.
+ *
+ * @throws AAIAuthException
+ * if the Auth Policy cannot be loaded
+ */
+ @Test
+ public void createAuthFromDefaultFileAppHome() throws AAIAuthException {
+ System.clearProperty("CONFIG_HOME");
+ System.setProperty("APP_HOME", "src/test/resources");
+ BabelAuthConfig babelServiceAuthConfig = new BabelAuthConfig();
+ babelServiceAuthConfig.setAuthPolicyFile("non-existent-file");
+ new AAIMicroServiceAuth(babelServiceAuthConfig);
+ // The default policy will have been loaded from APP_HOME/appconfig
+ }
+
+ /**
* Test loading of the policy file relative to CONFIG_HOME.
*
* @throws AAIAuthException
@@ -146,16 +234,29 @@ public class MicroServiceAuthTest {
* if the auth policy file cannot be loaded
*/
private AAIMicroServiceAuth createAuthService(JSONObject roles) throws AAIAuthException, IOException {
+ File file = createTempPolicyFile(roles);
+ BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
+ babelAuthConfig.setAuthPolicyFile(file.getAbsolutePath());
+ return new AAIMicroServiceAuth(babelAuthConfig);
+ }
+
+ /**
+ * Create a temporary JSON file using the supplied roles.
+ *
+ * @param roles
+ * the roles to use to populate the new file
+ * @return the new temporary file
+ * @throws IOException
+ * for I/O errors
+ */
+ private File createTempPolicyFile(JSONObject roles) throws IOException {
File file = File.createTempFile("auth-policy", "json");
file.deleteOnExit();
FileWriter fileWriter = new FileWriter(file);
fileWriter.write(roles.toString());
fileWriter.flush();
fileWriter.close();
-
- BabelAuthConfig babelAuthConfig = new BabelAuthConfig();
- babelAuthConfig.setAuthPolicyFile(file.getAbsolutePath());
- return new AAIMicroServiceAuth(babelAuthConfig);
+ return file;
}
/**
diff --git a/src/test/resources/appconfig/auth/auth_policy.json b/src/test/resources/appconfig/auth/auth_policy.json
new file mode 100644
index 0000000..dc966e0
--- /dev/null
+++ b/src/test/resources/appconfig/auth/auth_policy.json
@@ -0,0 +1,12 @@
+{"roles": [
+ {
+ "name": "nofuncauth",
+ "functions": [{
+ "name": "nofuncutil"
+ }],
+ "users": [{
+ "user": "aai",
+ "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30"
+ }]
+ }
+]}