summaryrefslogtreecommitdiffstats
path: root/athenz-identity-provider-service/src/test
diff options
context:
space:
mode:
authorBjørn Christian Seime <bjorncs@verizonmedia.com>2019-08-28 21:40:05 +0200
committerBjørn Christian Seime <bjorncs@verizonmedia.com>2019-08-28 21:40:05 +0200
commit8b37b6ed1eafc8d8967e4732ea978ed1806eca71 (patch)
tree3c401b108b9095f8cae4c580737a85f9077042c8 /athenz-identity-provider-service/src/test
parentec8efebdb70dd4c07288b0b9c6398af6635dced4 (diff)
Revert "Include instance hostname in Athenz node certificates"
This reverts commit aca45ba95c5fb0b7d9c1fe89ee3a866ff65c76ac.
Diffstat (limited to 'athenz-identity-provider-service/src/test')
-rw-r--r--athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java46
1 files changed, 6 insertions, 40 deletions
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java
index 89ca24f3e93..d5787516254 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java
@@ -1,6 +1,7 @@
// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.vespa.hosted.athenz.instanceproviderservice.instanceconfirmation;
+import com.google.common.collect.ImmutableList;
import com.yahoo.component.Version;
import com.yahoo.config.model.api.ApplicationInfo;
import com.yahoo.config.model.api.HostInfo;
@@ -122,7 +123,7 @@ public class InstanceValidatorTest {
nodeList = allocateNode(nodeList, node, applicationId);
when(nodeRepository.getNodes()).thenReturn(nodeList);
String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node"));
- InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, node.hostname(), List.of(nodeIp));
+ InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, ImmutableList.of(nodeIp));
assertTrue(instanceValidator.isValidRefresh(instanceConfirmation));
}
@@ -139,41 +140,7 @@ public class InstanceValidatorTest {
String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node"));
// Add invalid ip to list of ip addresses
- InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, node.hostname(), List.of(nodeIp, "::ff"));
-
- assertFalse(instanceValidator.isValidRefresh(instanceConfirmation));
- }
-
- @Test
- public void rejects_invalid_hostname() {
- NodeRepository nodeRepository = mock(NodeRepository.class);
- InstanceValidator instanceValidator = new InstanceValidator(null, null, nodeRepository);
-
- List<Node> nodeList = createNodes(10);
- Node node = nodeList.get(0);
- nodeList = allocateNode(nodeList, node, applicationId);
- when(nodeRepository.getNodes()).thenReturn(nodeList);
- String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node"));
-
- // Add invalid ip to list of ip addresses
- InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, "invalidhostname", List.of(nodeIp));
-
- assertFalse(instanceValidator.isValidRefresh(instanceConfirmation));
- }
-
- @Test
- public void rejects_hostname_for_tenant_certificates() {
- NodeRepository nodeRepository = mock(NodeRepository.class);
- InstanceValidator instanceValidator = new InstanceValidator(null, null, nodeRepository);
-
- List<Node> nodeList = createNodes(10);
- Node node = nodeList.get(0);
- nodeList = allocateNode(nodeList, node, applicationId);
- when(nodeRepository.getNodes()).thenReturn(nodeList);
- String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node"));
-
- // Add invalid ip to list of ip addresses
- InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.TENANT, node.hostname(), List.of(nodeIp));
+ InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, ImmutableList.of(nodeIp, "::ff"));
assertFalse(instanceValidator.isValidRefresh(instanceConfirmation));
}
@@ -185,7 +152,7 @@ public class InstanceValidatorTest {
List<Node> nodeList = createNodes(10);
when(nodeRepository.getNodes()).thenReturn(nodeList);
- InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, nodeList.get(0).hostname(), List.of("::11"));
+ InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, ImmutableList.of("::11"));
assertFalse(instanceValidator.isValidRefresh(instanceConfirmation));
@@ -206,11 +173,10 @@ public class InstanceValidatorTest {
return createInstanceConfirmation(vespaUniqueInstanceId, domain, service, signedIdentityDocument);
}
- private InstanceConfirmation createRefreshInstanceConfirmation(ApplicationId applicationId, String domain, String service, IdentityType identityType, String hostname, List<String> ips) {
- VespaUniqueInstanceId vespaUniqueInstanceId = new VespaUniqueInstanceId(0, "default", applicationId.instance().value(), applicationId.application().value(), applicationId.tenant().value(), "us-north-1", "dev", identityType);
+ private InstanceConfirmation createRefreshInstanceConfirmation(ApplicationId applicationId, String domain, String service, List<String> ips) {
+ VespaUniqueInstanceId vespaUniqueInstanceId = new VespaUniqueInstanceId(0, "default", applicationId.instance().value(), applicationId.application().value(), applicationId.tenant().value(), "us-north-1", "dev", IdentityType.NODE);
InstanceConfirmation instanceConfirmation = createInstanceConfirmation(vespaUniqueInstanceId, domain, service, null);
instanceConfirmation.set("sanIP", String.join(",", ips));
- instanceConfirmation.set(InstanceConfirmation.HOSTNAME_ATTRIBUTE, hostname);
return instanceConfirmation;
}