Skip to content

Commit

Permalink
Merge pull request #70 from time4tea/issue/69-gettings-facts-from-aut…
Browse files Browse the repository at this point in the history 
…horizer

show that facts can be retrieved from authorizer
  • Loading branch information
@KannarFr
KannarFr authored Aug 7, 2023
2 parents a4790a1 + 4eb11f4 commit 5d0016d
Show file tree
Hide file tree
Showing 3 changed files with 148 additions and 43 deletions.
74 changes: 48 additions & 26 deletions src/main/java/com/clevercloud/biscuit/token/builder/Term.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import com.clevercloud.biscuit.datalog.SymbolTable;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Objects;

Expand All @@ -13,11 +14,7 @@ static public Term convert_from(com.clevercloud.biscuit.datalog.Term id, SymbolT
}

public static class Str extends Term {
String value;

public String getValue() {
return value;
}
final String value;

public Str(String value) {
this.value = value;
Expand All @@ -28,7 +25,11 @@ public com.clevercloud.biscuit.datalog.Term convert(SymbolTable symbols) {
return new com.clevercloud.biscuit.datalog.Term.Str(symbols.insert(this.value));
}

@Override
public String getValue() {
return value;
}

@Override
public String toString() {
return "\""+value+"\"";
}
Expand All @@ -43,12 +44,12 @@ public boolean equals(Object o) {

@Override
public int hashCode() {
return Objects.hash(value);
return value.hashCode();
}
}

public static class Variable extends Term {
String value;
final String value;

public Variable(String value) {
this.value = value;
Expand All @@ -59,6 +60,10 @@ public com.clevercloud.biscuit.datalog.Term convert(SymbolTable symbols) {
return new com.clevercloud.biscuit.datalog.Term.Variable(symbols.insert(this.value));
}

public String getValue() {
return value;
}

@Override
public String toString() {
return "$"+value;
Expand All @@ -81,20 +86,24 @@ public int hashCode() {
}

public static class Integer extends Term {
long value;
final long value;

public Integer(long value) {
this.value = value;
}

public long getValue() {
return value;
}

@Override
public com.clevercloud.biscuit.datalog.Term convert(SymbolTable symbols) {
return new com.clevercloud.biscuit.datalog.Term.Integer(this.value);
}

@Override
public String toString() {
return ""+value;
return String.valueOf(value);
}

@Override
Expand All @@ -109,13 +118,12 @@ public boolean equals(Object o) {

@Override
public int hashCode() {
return (int) (value ^ (value >>> 32));
return Long.hashCode(value);
}
}


public static class Bytes extends Term {
byte[] value;
final byte[] value;

public Bytes(byte[] value) {
this.value = value;
Expand All @@ -126,9 +134,13 @@ public com.clevercloud.biscuit.datalog.Term convert(SymbolTable symbols) {
return new com.clevercloud.biscuit.datalog.Term.Bytes(this.value);
}

public byte[] getValue() {
return Arrays.copyOf(value, value.length);
}

@Override
public String toString() {
return "\""+value+"\"";
return "\""+ value +"\"";
}

@Override
Expand All @@ -148,7 +160,7 @@ public int hashCode() {
}

public static class Date extends Term {
long value;
final long value;

public Date(long value) {
this.value = value;
Expand All @@ -159,9 +171,13 @@ public com.clevercloud.biscuit.datalog.Term convert(SymbolTable symbols) {
return new com.clevercloud.biscuit.datalog.Term.Date(this.value);
}

public long getValue() {
return value;
}

@Override
public String toString() {
return ""+value;
return String.valueOf(value);
}

@Override
Expand All @@ -176,12 +192,12 @@ public boolean equals(Object o) {

@Override
public int hashCode() {
return (int) (value ^ (value >>> 32));
return Long.hashCode(value);
}
}

public static class Bool extends Term {
boolean value;
final boolean value;

public Bool(boolean value) {
this.value = value;
Expand All @@ -192,9 +208,13 @@ public com.clevercloud.biscuit.datalog.Term convert(SymbolTable symbols) {
return new com.clevercloud.biscuit.datalog.Term.Bool(this.value);
}

public boolean getValue() {
return value;
}

@Override
public String toString() {
return ""+value;
return String.valueOf(value);
}

@Override
Expand All @@ -209,14 +229,14 @@ public boolean equals(Object o) {

@Override
public int hashCode() {
return (value ? 1 : 0);
return Boolean.hashCode(value);
}
}

public static class Set extends Term {
HashSet<Term> value;
final java.util.Set<Term> value;

public Set(HashSet<Term> value) {
public Set(java.util.Set<Term> value) {
this.value = value;
}

Expand All @@ -231,11 +251,13 @@ public com.clevercloud.biscuit.datalog.Term convert(SymbolTable symbols) {
return new com.clevercloud.biscuit.datalog.Term.Set(s);
}

public java.util.Set<Term> getValue() {
return Collections.unmodifiableSet(value);
}

@Override
public String toString() {
return "[" +
value +
']';
return "[" + value + ']';
}

@Override
Expand All @@ -245,7 +267,7 @@ public boolean equals(Object o) {

Set set = (Set) o;

return value != null ? value.equals(set.value) : set.value == null;
return Objects.equals(value, set.value);
}

@Override
Expand Down
44 changes: 43 additions & 1 deletion src/test/java/com/clevercloud/biscuit/builder/BuilderTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,17 @@
import com.clevercloud.biscuit.token.builder.Expression;
import com.clevercloud.biscuit.token.builder.Term;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertNotNull;

import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.time.Instant;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;

import static com.clevercloud.biscuit.token.builder.Utils.*;
import static org.junit.jupiter.api.Assertions.*;

public class BuilderTest {

Expand Down Expand Up @@ -61,4 +63,44 @@ public void testBuild() throws Error.Language, Error.SymbolTableOverlap, Error.F

assertNotNull(rootBiscuit);
}

@Test
public void testStringValueOfAStringTerm() {
assertEquals( "\"hello\"", new Term.Str("hello").toString() );
}

@Test
public void testStringValueOfAnIntegerTerm() {
assertEquals( "123", new Term.Integer(123).toString() );
}

@Test
public void testStringValueOfAVariableTerm() {
assertEquals( "$hello", new Term.Variable("hello").toString() );
}

@Test
public void testStringValueOfASetTerm() {
String actual = new Term.Set(Set.of(new Term.Str("a"), new Term.Str("b"), new Term.Integer((3)))).toString();
assertTrue(actual.startsWith("[["), "starts with [[");
assertTrue(actual.endsWith("]]"), "ends with ]]");
assertTrue(actual.contains("\"a\""), "contains a");
assertTrue(actual.contains("\"b\""), "contains b");
assertTrue(actual.contains("3"), "contains 3");
}

@Test
public void testStringValueOfAByteArrayTermIsJustTheArrayReferenceNotTheContents() {
String string = new Term.Bytes("Hello".getBytes(StandardCharsets.UTF_8)).toString();
assertTrue(string.startsWith("\"[B@"), "starts with quote, and array reference");
assertTrue(string.endsWith("\""), "ends with quote");
}

@Test
public void testArrayValueIsCopy() {
byte[] someBytes = "Hello".getBytes(StandardCharsets.UTF_8);
Term.Bytes term = new Term.Bytes(someBytes);
assertTrue(Arrays.equals(someBytes, term.getValue()), "same content");
assertNotEquals(System.identityHashCode(someBytes), System.identityHashCode(term.getValue()), "different objects");
}
}
73 changes: 57 additions & 16 deletions src/test/java/com/clevercloud/biscuit/token/AuthorizerTest.java
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,21 @@
package com.clevercloud.biscuit.token;

import static org.junit.jupiter.api.Assertions.assertEquals;
import com.clevercloud.biscuit.crypto.KeyPair;
import com.clevercloud.biscuit.error.Error.Parser;
import com.clevercloud.biscuit.token.builder.Expression;
import com.clevercloud.biscuit.token.builder.Term;
import org.junit.jupiter.api.Test;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Set;

import org.junit.jupiter.api.Test;

import com.clevercloud.biscuit.error.Error.Parser;
import com.clevercloud.biscuit.token.builder.Expression;
import com.clevercloud.biscuit.token.builder.Term;
import static com.clevercloud.biscuit.token.builder.Utils.*;
import static com.clevercloud.biscuit.token.builder.Utils.constrained_rule;
import static org.junit.jupiter.api.Assertions.assertEquals;

public class AuthorizerTest {

@Test
public void testAuthorizerPolicy() throws Parser {
Authorizer authorizer = new Authorizer();
Expand All @@ -23,17 +24,57 @@ public void testAuthorizerPolicy() throws Parser {
assertEquals(1, policies.size());

authorizer.add_policy(new Policy(
Arrays.asList(
constrained_rule(
"deny",
new ArrayList<>(),
new ArrayList<>(),
Arrays.asList(new Expression.Value(new Term.Bool(true)))
)
), Policy.Kind.Deny));
Arrays.asList(
constrained_rule(
"deny",
new ArrayList<>(),
new ArrayList<>(),
Arrays.asList(new Expression.Value(new Term.Bool(true)))
)
), Policy.Kind.Deny));
assertEquals(2, policies.size());

authorizer.add_policy("deny if true");
assertEquals(3, policies.size());
}


@Test
public void testPuttingSomeFactsInABiscuitAndGettingThemBackOutAgain() throws Exception {

KeyPair keypair = new KeyPair();

Biscuit token = Biscuit.builder(keypair)
.add_authority_fact("email(\"[email protected]\")")
.add_authority_fact("id(123)")
.add_authority_fact("enabled(true)")
.add_authority_fact("perms([1,2,3])")
.build();

Authorizer authorizer = Biscuit.from_b64url(token.serialize_b64url(), keypair.public_key())
.verify(keypair.public_key())
.authorizer();

Term emailTerm = queryFirstResult(authorizer, "emailfact($name) <- email($name)");
assertEquals("[email protected]", ((Term.Str) emailTerm).getValue());

Term idTerm = queryFirstResult(authorizer, "idfact($name) <- id($name)");
assertEquals(123, ((Term.Integer) idTerm).getValue());

Term enabledTerm = queryFirstResult(authorizer, "enabledfact($name) <- enabled($name)");
assertEquals(true, ((Term.Bool) enabledTerm).getValue());

Term permsTerm = queryFirstResult(authorizer, "permsfact($name) <- perms($name)");
assertEquals(
Set.of(new Term.Integer(1), new Term.Integer(2), new Term.Integer(3)),
((Term.Set) permsTerm).getValue()
);
}

private static Term queryFirstResult(Authorizer authorizer, String query) throws com.clevercloud.biscuit.error.Error {
return authorizer.query(query)
.iterator()
.next()
.terms().get(0);
}
}

0 comments on commit 5d0016d

Please sign in to comment.