1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
/*
* Copyright (c) 2014, 2015 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
package org.opendaylight.aaa.basic;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import com.sun.jersey.core.util.Base64;
import java.io.UnsupportedEncodingException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.junit.Before;
import org.junit.Test;
import org.opendaylight.aaa.ClaimBuilder;
import org.opendaylight.aaa.PasswordCredentialBuilder;
import org.opendaylight.aaa.api.AuthenticationException;
import org.opendaylight.aaa.api.Claim;
import org.opendaylight.aaa.api.CredentialAuth;
public class HttpBasicAuthTest {
private static final String USERNAME = "admin";
private static final String PASSWORD = "admin";
private static final String DOMAIN = "sdn";
private HttpBasicAuth auth;
@SuppressWarnings("unchecked")
@Before
public void setup() {
auth = new HttpBasicAuth();
auth.credentialAuth = mock(CredentialAuth.class);
when(
auth.credentialAuth.authenticate(new PasswordCredentialBuilder()
.setUserName(USERNAME).setPassword(PASSWORD).setDomain(DOMAIN).build()))
.thenReturn(
new ClaimBuilder().setUser("admin").addRole("admin").setUserId("123")
.build());
when(
auth.credentialAuth.authenticate(new PasswordCredentialBuilder()
.setUserName(USERNAME).setPassword("bozo").setDomain(DOMAIN).build()))
.thenThrow(new AuthenticationException("barf"));
}
@Test
public void testValidateOk() throws UnsupportedEncodingException {
String data = USERNAME + ":" + PASSWORD + ":" + DOMAIN;
Map<String, List<String>> headers = new HashMap<>();
headers.put("Authorization",
Arrays.asList("Basic " + new String(Base64.encode(data.getBytes("utf-8")))));
Claim claim = auth.validate(headers);
assertNotNull(claim);
assertEquals(USERNAME, claim.user());
assertEquals("admin", claim.roles().iterator().next());
}
@Test(expected = AuthenticationException.class)
public void testValidateBadPassword() throws UnsupportedEncodingException {
String data = USERNAME + ":bozo:" + DOMAIN;
Map<String, List<String>> headers = new HashMap<>();
headers.put("Authorization",
Arrays.asList("Basic " + new String(Base64.encode(data.getBytes("utf-8")))));
auth.validate(headers);
}
@Test(expected = AuthenticationException.class)
public void testValidateBadPasswordNoDOMAIN() throws UnsupportedEncodingException {
String data = USERNAME + ":bozo";
Map<String, List<String>> headers = new HashMap<>();
headers.put("Authorization",
Arrays.asList("Basic " + new String(Base64.encode(data.getBytes("utf-8")))));
auth.validate(headers);
}
@Test(expected = AuthenticationException.class)
public void testBadHeaderFormatNoPassword() throws UnsupportedEncodingException {
// just provide the username
String data = USERNAME;
Map<String, List<String>> headers = new HashMap<>();
headers.put("Authorization",
Arrays.asList("Basic " + new String(Base64.encode(data.getBytes("utf-8")))));
auth.validate(headers);
}
@Test(expected = AuthenticationException.class)
public void testBadHeaderFormat() throws UnsupportedEncodingException {
// provide username:
String data = USERNAME + "$" + PASSWORD;
Map<String, List<String>> headers = new HashMap<>();
headers.put("Authorization",
Arrays.asList("Basic " + new String(Base64.encode(data.getBytes("utf-8")))));
auth.validate(headers);
}
}
|