diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-16 15:14:18 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-24 14:48:09 +0100 |
commit | a4a2092b9eebec9f24b9818fe51113ea6341640d (patch) | |
tree | c7fe8458a28a98b8f383df7d0ab1b2ee7092221c /jdisc-security-filters | |
parent | 2d8e7e65a9ea6e80cee667ec7bcff3d488df8a2c (diff) |
Add checkAccessAllowed method that consumes access token + certificate
Diffstat (limited to 'jdisc-security-filters')
-rw-r--r-- | jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilterTest.java | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilterTest.java b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilterTest.java index 197ba89f3e3..ecf746179a3 100644 --- a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilterTest.java +++ b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilterTest.java @@ -4,6 +4,7 @@ package com.yahoo.jdisc.http.filter.security.athenz; import com.yahoo.container.jdisc.RequestHandlerTestDriver; import com.yahoo.jdisc.Response; import com.yahoo.jdisc.http.filter.DiscFilterRequest; +import com.yahoo.vespa.athenz.api.AthenzAccessToken; import com.yahoo.vespa.athenz.api.AthenzResourceName; import com.yahoo.vespa.athenz.api.AthenzRole; import com.yahoo.vespa.athenz.api.ZToken; @@ -89,6 +90,11 @@ public class AthenzAuthorizationFilterTest { public AuthorizationResult checkAccessAllowed(X509Certificate roleCertificate, AthenzResourceName resourceName, String action) { return new AuthorizationResult(Type.ALLOW, new AthenzRole(resourceName.getDomain(), "rolename")); } + + @Override + public AuthorizationResult checkAccessAllowed(AthenzAccessToken accessToken, X509Certificate identityCertificate, AthenzResourceName resourceName, String action) { + return new AuthorizationResult(Type.ALLOW, new AthenzRole(resourceName.getDomain(), "rolename")); + } } static class DenyingZpe implements Zpe { @@ -101,6 +107,11 @@ public class AthenzAuthorizationFilterTest { public AuthorizationResult checkAccessAllowed(X509Certificate roleCertificate, AthenzResourceName resourceName, String action) { return new AuthorizationResult(Type.DENY); } + + @Override + public AuthorizationResult checkAccessAllowed(AthenzAccessToken accessToken, X509Certificate identityCertificate, AthenzResourceName resourceName, String action) { + return new AuthorizationResult(Type.DENY); + } } } |