blob: 7f88845511b3dc130c8c6f9215835ffa6e8e822d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
/*
* Copyright (c) 2014, 2015 Hewlett-Packard Development Company, L.P. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
package org.opendaylight.aaa.sts;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.Matchers.anyMap;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.UniformInterfaceException;
import com.sun.jersey.test.framework.JerseyTest;
import com.sun.jersey.test.framework.WebAppDescriptor;
import org.junit.BeforeClass;
import org.junit.Test;
import org.opendaylight.aaa.AuthenticationBuilder;
import org.opendaylight.aaa.ClaimBuilder;
import org.opendaylight.aaa.api.Authentication;
import org.opendaylight.aaa.api.AuthenticationService;
import org.opendaylight.aaa.api.TokenAuth;
import org.opendaylight.aaa.api.TokenStore;
import org.opendaylight.aaa.sts.TokenAuthFilter.UnauthorizedException;
public class TokenAuthTest extends JerseyTest {
private static final String RS_PACKAGES = "org.opendaylight.aaa.sts";
private static final String JERSEY_FILTERS = "com.sun.jersey.spi.container.ContainerRequestFilters";
private static final String AUTH_FILTERS = TokenAuthFilter.class.getName();
private static Authentication auth = new AuthenticationBuilder(new ClaimBuilder().setUserId(
"1234").setUser("Bob").addRole("admin").addRole("user").setDomain("tenantX").build()).setExpiration(
System.currentTimeMillis() + 1000).build();
private static final String GOOD_TOKEN = "9b01b7cf-8a49-346d-8c47-6a61193e2b60";
private static final String BAD_TOKEN = "9b01b7cf-8a49-346d-8c47-6a611badbeef";
public TokenAuthTest() throws Exception {
super(new WebAppDescriptor.Builder(RS_PACKAGES).initParam(JERSEY_FILTERS, AUTH_FILTERS)
.build());
}
@BeforeClass
public static void init() {
ServiceLocator.getInstance().setAuthenticationService(mock(AuthenticationService.class));
ServiceLocator.getInstance().setTokenStore(mock(TokenStore.class));
when(ServiceLocator.getInstance().getTokenStore().get(GOOD_TOKEN)).thenReturn(auth);
when(ServiceLocator.getInstance().getTokenStore().get(BAD_TOKEN)).thenReturn(null);
when(ServiceLocator.getInstance().getAuthenticationService().isAuthEnabled()).thenReturn(
Boolean.TRUE);
}
@Test()
public void testGetUnauthorized() {
try {
resource().path("test").get(String.class);
fail("Shoulda failed with 401!");
} catch (UniformInterfaceException e) {
ClientResponse resp = e.getResponse();
assertEquals(401, resp.getStatus());
assertTrue(resp.getHeaders().get(UnauthorizedException.WWW_AUTHENTICATE)
.contains(UnauthorizedException.OPENDAYLIGHT));
}
}
@Test
public void testGet() {
String resp = resource().path("test").header("Authorization", "Bearer " + GOOD_TOKEN)
.get(String.class);
assertEquals("ok", resp);
}
@SuppressWarnings("unchecked")
@Test
public void testGetWithValidator() {
try {
// Mock a laxed tokenauth...
TokenAuth ta = mock(TokenAuth.class);
when(ta.validate(anyMap())).thenReturn(auth);
ServiceLocator.getInstance().getTokenAuthCollection().add(ta);
testGet();
} finally {
ServiceLocator.getInstance().getTokenAuthCollection().clear();
}
}
}
|
