aboutsummaryrefslogtreecommitdiffstats
path: root/security-utils/src/test/java/com/yahoo
diff options
context:
space:
mode:
authorHarald Musum <musum@yahooinc.com>2024-04-11 23:13:46 +0200
committerGitHub <noreply@github.com>2024-04-11 23:13:46 +0200
commit7e7ebf7b527be1f163d497a41898e2252d878fe7 (patch)
tree879722e0afee0c88ad22344000c1567d79d741fa /security-utils/src/test/java/com/yahoo
parenta6fe59bf11e974b409caf73ac606ba750f45db8e (diff)
parent2d6bbe0b8bff09d105b77161c1d26a00ce43bf0c (diff)
Merge pull request #30891 from vespa-engine/balder/list-dot-of
Unify on List.of
Diffstat (limited to 'security-utils/src/test/java/com/yahoo')
-rw-r--r--security-utils/src/test/java/com/yahoo/security/tls/AuthorizedPeersTest.java11
-rw-r--r--security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java3
-rw-r--r--security-utils/src/test/java/com/yahoo/security/tls/PeerAuthorizerTest.java27
-rw-r--r--security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsJsonSerializerTest.java6
-rw-r--r--security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java10
5 files changed, 25 insertions, 32 deletions
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/AuthorizedPeersTest.java b/security-utils/src/test/java/com/yahoo/security/tls/AuthorizedPeersTest.java
index e6f3450332d..ee54a80f732 100644
--- a/security-utils/src/test/java/com/yahoo/security/tls/AuthorizedPeersTest.java
+++ b/security-utils/src/test/java/com/yahoo/security/tls/AuthorizedPeersTest.java
@@ -3,11 +3,10 @@ package com.yahoo.security.tls;
import org.junit.jupiter.api.Test;
-import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
import static com.yahoo.security.tls.RequiredPeerCredential.Field.CN;
-import static java.util.Arrays.asList;
-import static java.util.Collections.singletonList;
import static org.junit.jupiter.api.Assertions.assertThrows;
/**
@@ -18,9 +17,9 @@ public class AuthorizedPeersTest {
@Test
void throws_exception_on_peer_policies_with_duplicate_names() {
assertThrows(IllegalArgumentException.class, () -> {
- PeerPolicy peerPolicy1 = new PeerPolicy("duplicate-name", singletonList(RequiredPeerCredential.of(CN, "mycfgserver")));
- PeerPolicy peerPolicy2 = new PeerPolicy("duplicate-name", singletonList(RequiredPeerCredential.of(CN, "myclient")));
- new AuthorizedPeers(new HashSet<>(asList(peerPolicy1, peerPolicy2)));
+ PeerPolicy peerPolicy1 = new PeerPolicy("duplicate-name", List.of(RequiredPeerCredential.of(CN, "mycfgserver")));
+ PeerPolicy peerPolicy2 = new PeerPolicy("duplicate-name", List.of(RequiredPeerCredential.of(CN, "myclient")));
+ new AuthorizedPeers(Set.of(peerPolicy1, peerPolicy2));
});
}
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java b/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java
index ec7d5b8ca05..267e770050d 100644
--- a/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java
+++ b/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java
@@ -18,7 +18,6 @@ import static com.yahoo.security.X509CertificateBuilder.generateRandomSerialNumb
import static java.time.Instant.EPOCH;
import static java.time.temporal.ChronoUnit.DAYS;
import static java.util.Collections.singleton;
-import static java.util.Collections.singletonList;
import static org.assertj.core.api.Assertions.assertThat;
/**
@@ -38,7 +37,7 @@ public class DefaultTlsContextTest {
singleton(
new PeerPolicy(
"dummy-policy",
- singletonList(RequiredPeerCredential.of(RequiredPeerCredential.Field.CN, "dummy")))));
+ List.of(RequiredPeerCredential.of(RequiredPeerCredential.Field.CN, "dummy")))));
DefaultTlsContext tlsContext =
DefaultTlsContext.of(
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/PeerAuthorizerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/PeerAuthorizerTest.java
index 112cfa75102..91ce19574fe 100644
--- a/security-utils/src/test/java/com/yahoo/security/tls/PeerAuthorizerTest.java
+++ b/security-utils/src/test/java/com/yahoo/security/tls/PeerAuthorizerTest.java
@@ -23,9 +23,6 @@ import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA;
import static com.yahoo.security.tls.RequiredPeerCredential.Field.CN;
import static com.yahoo.security.tls.RequiredPeerCredential.Field.SAN_DNS;
import static com.yahoo.security.tls.RequiredPeerCredential.Field.SAN_URI;
-import static java.util.Arrays.asList;
-import static java.util.Collections.emptyList;
-import static java.util.Collections.singletonList;
import static java.util.stream.Collectors.toSet;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertFalse;
@@ -45,13 +42,13 @@ public class PeerAuthorizerTest {
RequiredPeerCredential sanRequirement = createRequiredCredential(SAN_DNS, "*.matching.san");
PeerAuthorizer authorizer = createPeerAuthorizer(createPolicy(POLICY_1, cnRequirement, sanRequirement));
- ConnectionAuthContext result = authorizer.authorizePeer(createCertificate("foo.matching.cn", asList("foo.matching.san", "foo.invalid.san"), emptyList()));
+ ConnectionAuthContext result = authorizer.authorizePeer(createCertificate("foo.matching.cn", List.of("foo.matching.san", "foo.invalid.san"), List.of()));
assertAuthorized(result);
assertThat(result.matchedPolicies()).containsOnly(POLICY_1);
- assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.invalid.cn", singletonList("foo.matching.san"), emptyList())));
- assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.invalid.cn", asList("foo.matching.san", "foo.invalid.san"), emptyList())));
- assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.matching.cn", singletonList("foo.invalid.san"), emptyList())));
+ assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.invalid.cn", List.of("foo.matching.san"), List.of())));
+ assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.invalid.cn", List.of("foo.matching.san", "foo.invalid.san"), List.of())));
+ assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.matching.cn", List.of("foo.invalid.san"), List.of())));
}
@Test
@@ -64,7 +61,7 @@ public class PeerAuthorizerTest {
createPolicy(POLICY_2, cnRequirement, sanRequirement));
ConnectionAuthContext result = peerAuthorizer
- .authorizePeer(createCertificate("foo.matching.cn", singletonList("foo.matching.san"), emptyList()));
+ .authorizePeer(createCertificate("foo.matching.cn", List.of("foo.matching.san"), List.of()));
assertAuthorized(result);
assertThat(result.matchedPolicies()).containsOnly(POLICY_1, POLICY_2);
}
@@ -75,7 +72,7 @@ public class PeerAuthorizerTest {
createPolicy(POLICY_1, createRequiredCredential(CN, "*.matching.cn")),
createPolicy(POLICY_2, createRequiredCredential(SAN_DNS, "*.matching.san")));
- ConnectionAuthContext result = peerAuthorizer.authorizePeer(createCertificate("foo.invalid.cn", singletonList("foo.matching.san"), emptyList()));
+ ConnectionAuthContext result = peerAuthorizer.authorizePeer(createCertificate("foo.invalid.cn", List.of("foo.matching.san"), List.of()));
assertAuthorized(result);
assertThat(result.matchedPolicies()).containsOnly(POLICY_2);
}
@@ -89,9 +86,9 @@ public class PeerAuthorizerTest {
PeerAuthorizer peerAuthorizer = createPeerAuthorizer(
createPolicy(POLICY_1, cnSuffixRequirement, cnPrefixRequirement, sanPrefixRequirement, sanSuffixRequirement));
- assertAuthorized(peerAuthorizer.authorizePeer(createCertificate("matching.prefix.matching.suffix.cn", singletonList("matching.prefix.matching.suffix.san"), emptyList())));
- assertUnauthorized(peerAuthorizer.authorizePeer(createCertificate("matching.prefix.matching.suffix.cn", singletonList("matching.prefix.invalid.suffix.san"), emptyList())));
- assertUnauthorized(peerAuthorizer.authorizePeer(createCertificate("invalid.prefix.matching.suffix.cn", singletonList("matching.prefix.matching.suffix.san"), emptyList())));
+ assertAuthorized(peerAuthorizer.authorizePeer(createCertificate("matching.prefix.matching.suffix.cn", List.of("matching.prefix.matching.suffix.san"), List.of())));
+ assertUnauthorized(peerAuthorizer.authorizePeer(createCertificate("matching.prefix.matching.suffix.cn", List.of("matching.prefix.invalid.suffix.san"), List.of())));
+ assertUnauthorized(peerAuthorizer.authorizePeer(createCertificate("invalid.prefix.matching.suffix.cn", List.of("matching.prefix.matching.suffix.san"), List.of())));
}
@Test
@@ -100,11 +97,11 @@ public class PeerAuthorizerTest {
RequiredPeerCredential sanUriRequirement = createRequiredCredential(SAN_URI, "myscheme://my/*/uri");
PeerAuthorizer authorizer = createPeerAuthorizer(createPolicy(POLICY_1, cnRequirement, sanUriRequirement));
- ConnectionAuthContext result = authorizer.authorizePeer(createCertificate("foo.matching.cn", singletonList("foo.irrelevant.san"), singletonList("myscheme://my/matching/uri")));
+ ConnectionAuthContext result = authorizer.authorizePeer(createCertificate("foo.matching.cn", List.of("foo.irrelevant.san"), List.of("myscheme://my/matching/uri")));
assertAuthorized(result);
assertThat(result.matchedPolicies()).containsOnly(POLICY_1);
- assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.matching.cn", emptyList(), singletonList("myscheme://my/nonmatching/url"))));
+ assertUnauthorized(authorizer.authorizePeer(createCertificate("foo.matching.cn", List.of(), List.of("myscheme://my/nonmatching/url"))));
}
@Test
@@ -145,7 +142,7 @@ public class PeerAuthorizerTest {
}
private static PeerPolicy createPolicy(String name, RequiredPeerCredential... requiredCredentials) {
- return new PeerPolicy(name, asList(requiredCredentials));
+ return new PeerPolicy(name, List.of(requiredCredentials));
}
private static PeerPolicy createPolicy(String name, List<Capability> caps, List<RequiredPeerCredential> creds) {
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsJsonSerializerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsJsonSerializerTest.java
index 1871bb43569..cde1a346fc9 100644
--- a/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsJsonSerializerTest.java
+++ b/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsJsonSerializerTest.java
@@ -15,8 +15,8 @@ import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Arrays;
-import java.util.Collections;
import java.util.LinkedHashSet;
+import java.util.List;
import java.util.Optional;
import static com.yahoo.security.tls.RequiredPeerCredential.Field.CN;
@@ -50,7 +50,7 @@ public class TransportSecurityOptionsJsonSerializerTest {
RequiredPeerCredential.of(SAN_URI, "myscheme://resource/path/"))),
new PeerPolicy("node", Optional.empty(),
CapabilitySet.of(Capability.SLOBROK__API),
- Collections.singletonList(RequiredPeerCredential.of(CN, "hostname")))))))
+ List.of(RequiredPeerCredential.of(CN, "hostname")))))))
.build();
ByteArrayOutputStream out = new ByteArrayOutputStream();
@@ -68,7 +68,7 @@ public class TransportSecurityOptionsJsonSerializerTest {
.withCertificates(Paths.get("certs.pem"), Paths.get("myhost.key"))
.withCaCertificates(Paths.get("my_cas.pem"))
.withAcceptedCiphers(Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_AES_256_GCM_SHA384"))
- .withAcceptedProtocols(Collections.singletonList("TLSv1.2"))
+ .withAcceptedProtocols(List.of("TLSv1.2"))
.withHostnameValidationDisabled(true)
.build();
File outputFile = File.createTempFile("junit", null, tempDirectory);
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java b/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java
index 08e573fed7e..188a6a1568a 100644
--- a/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java
+++ b/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java
@@ -4,12 +4,10 @@ package com.yahoo.security.tls;
import org.junit.jupiter.api.Test;
import java.io.IOException;
-import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
-import java.util.Arrays;
-import java.util.Collections;
+import java.util.List;
import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -22,8 +20,8 @@ public class TransportSecurityOptionsTest {
private static final TransportSecurityOptions OPTIONS = new TransportSecurityOptions.Builder()
.withCertificates(Paths.get("certs.pem"), Paths.get("myhost.key"))
.withCaCertificates(Paths.get("my_cas.pem"))
- .withAcceptedCiphers(Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_AES_256_GCM_SHA384"))
- .withAcceptedProtocols(Collections.singletonList("TLSv1.2"))
+ .withAcceptedCiphers(List.of("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_AES_256_GCM_SHA384"))
+ .withAcceptedProtocols(List.of("TLSv1.2"))
.withHostnameValidationDisabled(true)
.build();
@@ -35,7 +33,7 @@ public class TransportSecurityOptionsTest {
@Test
void can_read_options_from_json() throws IOException {
- String tlsJson = new String(Files.readAllBytes(TEST_CONFIG_FILE), StandardCharsets.UTF_8);
+ String tlsJson = Files.readString(TEST_CONFIG_FILE);
TransportSecurityOptions actualOptions = TransportSecurityOptions.fromJson(tlsJson);
assertEquals(OPTIONS, actualOptions);
}