in component-test/src/main/java/TestProvisioning.java [47:132]
public void testBoundaryInitializeCases() throws InterruptedException {
final IdentityManager testSubject = getTestSubject();
final ApplicationSignatureSet firstTenantSignatureSet;
final Signature firstTenantIdentityManagerSignature;
//Create tenant keyspaces.
final String tenant1 = TestEnvironment.getRandomTenantName();
final String tenant2 = TestEnvironment.getRandomTenantName();
cassandraInitializer.initializeTenant(tenant1);
cassandraInitializer.initializeTenant(tenant2);
TimeUnit.SECONDS.sleep(1);
// This gives cassandra a chance to complete saving the new keyspaces.
// Theoretically, the creation of keyspaces is synchronous, but I've
// found that the cassandra driver needs just a little bit longer
// To show up in the request for metadata for that keyspace.
try (final AutoTenantContext ignored = new AutoTenantContext(tenant1)) {
final String invalidSeshatToken = "notBearer";
try (final AutoSeshat ignored2 = new AutoSeshat(invalidSeshatToken)){
testSubject.initialize(TestEnvironment.encodePassword(ADMIN_PASSWORD));
Assert.fail("The key had the wrong format. This should've failed.");
}
catch (final InvalidTokenException ignored2)
{
}
final String wrongSystemToken = systemTokenFromWrongKey();
try (final AutoSeshat ignored2 = new AutoSeshat(wrongSystemToken)){
testSubject.initialize(TestEnvironment.encodePassword(ADMIN_PASSWORD));
Assert.fail("The key was signed by the wrong source. This should've failed.");
}
catch (final Exception e)
{
Assert.assertTrue("The exception should be 'invalid token'", (e instanceof InvalidTokenException));
}
try (final AutoUserContext ignored2 = tenantApplicationSecurityEnvironment.createAutoSeshatContext("goober")) {
testSubject.initialize(TestEnvironment.encodePassword(ADMIN_PASSWORD));
Assert.fail("The key was intended for a different tenant. This should've failed.");
}
catch (final Exception e)
{
Assert.assertTrue("The exception should be 'not found'", (e instanceof InvalidTokenException));
}
// The second otherwise valid call to initialize for the same tenant should
// not fail even though the tenant is now already initialized.
try (final AutoUserContext ignored2 = tenantApplicationSecurityEnvironment.createAutoSeshatContext()) {
firstTenantSignatureSet = testSubject.initialize(TestEnvironment.encodePassword(ADMIN_PASSWORD));
final Signature applicationSignature = tenantApplicationSecurityEnvironment.getAnubis().getApplicationSignature(firstTenantSignatureSet.getTimestamp());
firstTenantIdentityManagerSignature = tenantApplicationSecurityEnvironment.getAnubis().getSignatureSet(firstTenantSignatureSet.getTimestamp()).getIdentityManagerSignature();
Assert.assertEquals(applicationSignature, firstTenantIdentityManagerSignature);
testSubject.initialize("golden_osiris");
}
}
final ApplicationSignatureSet secondTenantSignatureSet;
try (final AutoTenantContext ignored = new AutoTenantContext(tenant2)) {
try (final AutoUserContext ignored2
= tenantApplicationSecurityEnvironment.createAutoSeshatContext()) {
secondTenantSignatureSet = testSubject.initialize(TestEnvironment.encodePassword(ADMIN_PASSWORD));
final Signature secondTenantIdentityManagerSignature = tenantApplicationSecurityEnvironment.getAnubis().getApplicationSignature(secondTenantSignatureSet.getTimestamp());
Assert.assertNotEquals(firstTenantIdentityManagerSignature, secondTenantIdentityManagerSignature);
}
}
catch (final Exception e)
{
Assert.fail("Call to initialize for a second tenant should succeed. "
+ "The exception was " + e
);
throw e;
}
TenantContextHolder.clear();
}