From ab53bb75dc2d56f75ba10a6a1dc127b7d0fa0ba6 Mon Sep 17 00:00:00 2001
From: Morten Tokle <mortent@oath.com>
Date: Thu, 4 Oct 2018 14:32:09 +0200
Subject: Add OU field to csr

---
 .../client/InstanceCsrGeneratorTest.java           | 37 ++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/InstanceCsrGeneratorTest.java

(limited to 'vespa-athenz/src/test')

diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/InstanceCsrGeneratorTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/InstanceCsrGeneratorTest.java
new file mode 100644
index 00000000000..d401696015e
--- /dev/null
+++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/InstanceCsrGeneratorTest.java
@@ -0,0 +1,37 @@
+// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.vespa.athenz.identityprovider.client;
+
+import com.yahoo.security.KeyAlgorithm;
+import com.yahoo.security.KeyUtils;
+import com.yahoo.vespa.athenz.api.AthenzService;
+import com.yahoo.vespa.athenz.identityprovider.api.VespaUniqueInstanceId;
+import com.yahoo.vespa.athenz.tls.Pkcs10Csr;
+import org.junit.Test;
+
+import javax.security.auth.x500.X500Principal;
+import java.security.KeyPair;
+import java.util.Collections;
+
+import static org.junit.Assert.assertEquals;
+
+/**
+ * @author mortent
+ */
+public class InstanceCsrGeneratorTest {
+
+    private static final String DNS_SUFFIX = "prod-us-north-1.vespa.yahoo.cloud";
+    private static final String PROVIDER_SERVICE = "vespa.vespa.provider_prod_us-north-1";
+    private static final String ATHENZ_SERVICE = "foo.bar";
+
+    @Test
+    public void it_generates_csr_with_correct_subject() {
+        InstanceCsrGenerator instanceCsrGenerator = new InstanceCsrGenerator(DNS_SUFFIX, PROVIDER_SERVICE);
+
+        AthenzService service = new AthenzService(ATHENZ_SERVICE);
+        VespaUniqueInstanceId vespaUniqueInstanceId = VespaUniqueInstanceId.fromDottedString("0.default.default.foo-app.vespa.us-north-1.prod.node");
+        KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.RSA);
+
+        Pkcs10Csr csr = instanceCsrGenerator.generateCsr(service, vespaUniqueInstanceId, Collections.emptySet(), keyPair);
+        assertEquals(new X500Principal(String.format("OU=%s, CN=%s", PROVIDER_SERVICE, ATHENZ_SERVICE)), csr.getSubject());
+    }
+}
-- 
cgit v1.2.3