From 3a6cb611e4f1ec8a86f3699c8ddb742e7eac0bdb Mon Sep 17 00:00:00 2001
From: Harald Musum <musum@oath.com>
Date: Mon, 9 Jul 2018 18:03:06 +0200
Subject: Revert "Move NTokenValidator to vespa-athenz + load pub keys from
 file"

---
 .../athenz/utils/ntoken/NTokenValidatorTest.java   | 87 ----------------------
 1 file changed, 87 deletions(-)
 delete mode 100644 vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/ntoken/NTokenValidatorTest.java

(limited to 'vespa-athenz/src/test')

diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/ntoken/NTokenValidatorTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/ntoken/NTokenValidatorTest.java
deleted file mode 100644
index 0e70993792f..00000000000
--- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/ntoken/NTokenValidatorTest.java
+++ /dev/null
@@ -1,87 +0,0 @@
-// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.vespa.athenz.utils.ntoken;
-
-import com.yahoo.athenz.auth.token.PrincipalToken;
-import com.yahoo.vespa.athenz.api.AthenzIdentity;
-import com.yahoo.vespa.athenz.api.AthenzPrincipal;
-import com.yahoo.vespa.athenz.api.AthenzUser;
-import com.yahoo.vespa.athenz.api.NToken;
-import com.yahoo.vespa.athenz.tls.KeyAlgorithm;
-import com.yahoo.vespa.athenz.tls.KeyUtils;
-import com.yahoo.vespa.athenz.utils.ntoken.NTokenValidator.InvalidTokenException;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.ExpectedException;
-
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.time.Instant;
-import java.util.Optional;
-
-import static org.junit.Assert.assertEquals;
-
-/**
- * @author bjorncs
- */
-public class NTokenValidatorTest {
-
-    private static final KeyPair TRUSTED_KEY = KeyUtils.generateKeypair(KeyAlgorithm.RSA);
-    private static final KeyPair UNKNOWN_KEY = KeyUtils.generateKeypair(KeyAlgorithm.RSA);
-    private static final AthenzIdentity IDENTITY = AthenzUser.fromUserId("myuser");
-
-    @Rule
-    public ExpectedException exceptionRule = ExpectedException.none();
-
-    @Test
-    public void valid_token_is_accepted() throws InvalidTokenException {
-        NTokenValidator validator = new NTokenValidator(createTruststore());
-        NToken token = createNToken(IDENTITY, Instant.now(), TRUSTED_KEY.getPrivate(), "0");
-        AthenzPrincipal principal = validator.validate(token);
-        assertEquals("user.myuser", principal.getIdentity().getFullName());
-    }
-
-    @Test
-    public void invalid_signature_is_not_accepted() throws InvalidTokenException {
-        NTokenValidator validator = new NTokenValidator(createTruststore());
-        NToken token = createNToken(IDENTITY, Instant.now(), UNKNOWN_KEY.getPrivate(), "0");
-        exceptionRule.expect(InvalidTokenException.class);
-        exceptionRule.expectMessage("NToken is expired or has invalid signature");
-        validator.validate(token);
-    }
-
-    @Test
-    public void expired_token_is_not_accepted() throws InvalidTokenException {
-        NTokenValidator validator = new NTokenValidator(createTruststore());
-        NToken token = createNToken(IDENTITY, Instant.ofEpochMilli(1234) /*long time ago*/, TRUSTED_KEY.getPrivate(), "0");
-        exceptionRule.expect(InvalidTokenException.class);
-        exceptionRule.expectMessage("NToken is expired or has invalid signature");
-        validator.validate(token);
-    }
-
-    @Test
-    public void unknown_keyId_is_not_accepted() throws InvalidTokenException {
-        NTokenValidator validator = new NTokenValidator(createTruststore());
-        NToken token = createNToken(IDENTITY, Instant.now(), TRUSTED_KEY.getPrivate(), "unknown-key-id");
-        exceptionRule.expect(InvalidTokenException.class);
-        exceptionRule.expectMessage("NToken has an unknown keyId");
-        validator.validate(token);
-    }
-
-    private static AthenzTruststore createTruststore() {
-        return keyId -> keyId.equals("0") ? Optional.of(TRUSTED_KEY.getPublic()) : Optional.empty();
-    }
-
-    private static NToken createNToken(AthenzIdentity identity, Instant issueTime, PrivateKey privateKey, String keyId) {
-        PrincipalToken token = new PrincipalToken.Builder("U1", identity.getDomain().getName(), identity.getName())
-                .keyId(keyId)
-                .salt("1234")
-                .host("host")
-                .ip("1.2.3.4")
-                .issueTime(issueTime.getEpochSecond())
-                .expirationWindow(1000)
-                .build();
-        token.sign(privateKey);
-        return new NToken(token.getSignedToken());
-    }
-
-}
-- 
cgit v1.2.3