diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-21 17:08:44 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-21 17:08:44 +0200 |
commit | 936301838e68ffb8d5d12de2f53c4b6a3b3f8d68 (patch) | |
tree | c35646a7cdab894963d77ce2f35dd32591993e9e /security-utils | |
parent | 6463cfc76701d8fba705b8850075c0ee6b98dcbb (diff) |
Force caller to handle failed capability verification check
Diffstat (limited to 'security-utils')
3 files changed, 35 insertions, 18 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java index 5292b70a43f..f231e8429ce 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java @@ -7,7 +7,6 @@ import java.security.cert.X509Certificate; import java.util.List; import java.util.Optional; import java.util.Set; -import java.util.function.Supplier; import java.util.logging.Logger; import static com.yahoo.security.SubjectAlternativeName.Type.DNS; @@ -36,27 +35,29 @@ public record ConnectionAuthContext(List<X509Certificate> peerCertificateChain, public boolean authorized() { return !capabilities.hasNone(); } - public boolean hasCapabilities(CapabilitySet requiredCapabilities) { - return hasCapabilities(requiredCapabilities, null, null, null); + /** Throws checked exception to force caller to handle verification failed. */ + public void verifyCapabilities(CapabilitySet requiredCapabilities) throws MissingCapabilitiesException { + verifyCapabilities(requiredCapabilities, null, null, null); } - /** Provided strings are used for improved logging only */ - public boolean hasCapabilities(CapabilitySet requiredCapabilities, String action, String resource, String peer) { - if (capabilityMode == DISABLE) return authorized(); + /** + * Throws checked exception to force caller to handle verification failed. + * Provided strings are used for improved logging only + * */ + public void verifyCapabilities(CapabilitySet requiredCapabilities, String action, String resource, String peer) + throws MissingCapabilitiesException { + if (capabilityMode == DISABLE) return; boolean hasCapabilities = capabilities.has(requiredCapabilities); if (!hasCapabilities) { - Supplier<String> errorMessageProvider = () -> - createPermissionDeniedErrorMessage(requiredCapabilities, action, resource, peer); + String msg = createPermissionDeniedErrorMessage(requiredCapabilities, action, resource, peer); if (capabilityMode == LOG_ONLY) { - log.info(errorMessageProvider); - return true; + log.info(msg); } else { - // Ideally log as warning but we have no mechanism for de-duplicating repeated log spamming. - log.fine(errorMessageProvider); - return false; + // Ideally log as warning, but we have no mechanism for de-duplicating repeated log spamming. + log.fine(msg); + throw new MissingCapabilitiesException(msg); } } - return true; } String createPermissionDeniedErrorMessage( diff --git a/security-utils/src/main/java/com/yahoo/security/tls/MissingCapabilitiesException.java b/security-utils/src/main/java/com/yahoo/security/tls/MissingCapabilitiesException.java new file mode 100644 index 00000000000..1c3ad9444e4 --- /dev/null +++ b/security-utils/src/main/java/com/yahoo/security/tls/MissingCapabilitiesException.java @@ -0,0 +1,13 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.security.tls; + +/** + * Intentionally checked to force caller to handle missing permissions at call site. + * + * @author bjorncs + */ +public class MissingCapabilitiesException extends Exception { + + public MissingCapabilitiesException(String message) { super(message); } + +} diff --git a/security-utils/src/test/java/com/yahoo/security/tls/ConnectionAuthContextTest.java b/security-utils/src/test/java/com/yahoo/security/tls/ConnectionAuthContextTest.java index 92caa2d7aaa..c30a812a30d 100644 --- a/security-utils/src/test/java/com/yahoo/security/tls/ConnectionAuthContextTest.java +++ b/security-utils/src/test/java/com/yahoo/security/tls/ConnectionAuthContextTest.java @@ -1,4 +1,5 @@ -package com.yahoo.security.tls;// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.security.tls; import com.yahoo.security.KeyAlgorithm; import com.yahoo.security.KeyUtils; @@ -16,16 +17,18 @@ import java.util.Set; import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA; import static org.assertj.core.api.AssertionsForInterfaceTypes.assertThat; -import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertThrows; /** * @author bjorncs */ class ConnectionAuthContextTest { + @Test void fails_on_missing_capabilities() { ConnectionAuthContext ctx = createConnectionAuthContext(); - assertFalse(ctx.hasCapabilities(CapabilitySet.from(Capability.CONTENT__STATUS_PAGES))); + assertThrows(MissingCapabilitiesException.class, + () -> ctx.verifyCapabilities(CapabilitySet.from(Capability.CONTENT__STATUS_PAGES))); } @Test @@ -56,4 +59,4 @@ class ConnectionAuthContextTest { } -}
\ No newline at end of file +} |