forked from community/device-mgt-core
megala21
7 years ago
parent
351f8d5d6e
commit
f7b9d042b6
@ -0,0 +1,109 @@
|
||||
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
|
||||
|
||||
import org.apache.catalina.connector.Request;
|
||||
import org.apache.tomcat.util.buf.MessageBytes;
|
||||
import org.apache.tomcat.util.http.MimeHeaders;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
|
||||
import org.wso2.carbon.identity.jwt.client.extension.util.JWTClientUtil;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.util.TestTenantIndexingLoader;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.util.TestTenantRegistryLoader;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URL;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
|
||||
public class JWTAuthenticatorTest {
|
||||
private JWTAuthenticator jwtAuthenticator;
|
||||
private Field headersField;
|
||||
private final String JWT_HEADER = "X-JWT-Assertion";
|
||||
private String jwtToken;
|
||||
private static final String SIGNED_JWT_AUTH_USERNAME = "http://wso2.org/claims/enduser";
|
||||
private static final String SIGNED_JWT_AUTH_TENANT_ID = "http://wso2.org/claims/enduserTenantId";
|
||||
private Properties properties;
|
||||
private final String ISSUER = "wso2.org/products/iot";
|
||||
private final String ALIAS = "wso2carbon";
|
||||
|
||||
@BeforeClass
|
||||
public void setup() throws NoSuchFieldException, IOException, JWTClientException {
|
||||
jwtAuthenticator = new JWTAuthenticator();
|
||||
properties = new Properties();
|
||||
properties.setProperty(ISSUER, ALIAS);
|
||||
jwtAuthenticator.setProperties(properties);
|
||||
headersField = org.apache.coyote.Request.class.getDeclaredField("headers");
|
||||
headersField.setAccessible(true);
|
||||
ClassLoader classLoader = getClass().getClassLoader();
|
||||
URL resourceUrl = classLoader.getResource("jwt.properties");
|
||||
File jwtPropertyFile;
|
||||
JWTConfig jwtConfig = null;
|
||||
|
||||
if (resourceUrl != null) {
|
||||
jwtPropertyFile = new File(resourceUrl.getFile());
|
||||
Properties jwtConfigProperties = new Properties();
|
||||
jwtConfigProperties.load(new FileInputStream(jwtPropertyFile));
|
||||
jwtConfig = new JWTConfig(jwtConfigProperties);
|
||||
}
|
||||
|
||||
Map<String, String> customClaims = new HashMap<>();
|
||||
customClaims.put(SIGNED_JWT_AUTH_USERNAME, "admin");
|
||||
customClaims.put(SIGNED_JWT_AUTH_TENANT_ID, String.valueOf(MultitenantConstants.SUPER_TENANT_ID));
|
||||
jwtToken = JWTClientUtil.generateSignedJWTAssertion("admin", jwtConfig, false, customClaims);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the get methods in the JWTAuthenticator")
|
||||
public void testGetMethods() {
|
||||
Assert.assertEquals(jwtAuthenticator.getName(), "JWT", "GetName method returns wrong value");
|
||||
Assert.assertNotNull(jwtAuthenticator.getProperties(), "Properties are not properly added to JWT "
|
||||
+ "Authenticator");
|
||||
Assert.assertEquals(jwtAuthenticator.getProperties().size(), properties.size(),
|
||||
"Added properties do not match with retrieved properties");
|
||||
Assert.assertNull(jwtAuthenticator.getProperty("test"), "Retrieved a propety that was never added");
|
||||
Assert.assertNotNull(jwtAuthenticator.getProperty(ISSUER), ALIAS);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the canHandle method under different conditions of request")
|
||||
public void testHandle() throws IllegalAccessException, NoSuchFieldException {
|
||||
Request request = new Request();
|
||||
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
Assert.assertFalse(jwtAuthenticator.canHandle(request));
|
||||
MimeHeaders mimeHeaders = new MimeHeaders();
|
||||
MessageBytes bytes = mimeHeaders.addValue(JWT_HEADER);
|
||||
bytes.setString("test");
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
Assert.assertTrue(jwtAuthenticator.canHandle(request));
|
||||
}
|
||||
|
||||
@Test(description = "This method tests authenticate method under the successful condition")
|
||||
public void testAuthenticate() throws IllegalAccessException, NoSuchFieldException {
|
||||
Request request = new Request();
|
||||
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
|
||||
MimeHeaders mimeHeaders = new MimeHeaders();
|
||||
MessageBytes bytes = mimeHeaders.addValue(JWT_HEADER);
|
||||
bytes.setString(jwtToken);
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
Field uriMB = org.apache.coyote.Request.class.getDeclaredField("uriMB");
|
||||
uriMB.setAccessible(true);
|
||||
bytes = MessageBytes.newInstance();
|
||||
bytes.setString("test");
|
||||
uriMB.set(coyoteRequest, bytes);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
|
||||
AuthenticationInfo authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||
Assert.assertNotNull(authenticationInfo.getUsername(), "Proper authentication request is not properly "
|
||||
+ "authenticated by the JWTAuthenticator");
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,9 @@
|
||||
package org.wso2.carbon.webapp.authenticator.framework.util;
|
||||
|
||||
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
|
||||
|
||||
public class TestTenantIndexingLoader implements TenantIndexingLoader {
|
||||
@Override public void loadTenantIndex(int i) {
|
||||
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,11 @@
|
||||
package org.wso2.carbon.webapp.authenticator.framework.util;
|
||||
|
||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
||||
|
||||
public class TestTenantRegistryLoader implements TenantRegistryLoader {
|
||||
@Override
|
||||
public void loadTenantRegistry(int i) throws RegistryException {
|
||||
|
||||
}
|
||||
}
|
||||
Binary file not shown.
Binary file not shown.
@ -0,0 +1,57 @@
|
||||
#
|
||||
# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
#
|
||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||
# Version 2.0 (the "License"); you may not use this file except
|
||||
# in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
#issuer of the JWT
|
||||
iss=wso2.org/products/iot
|
||||
|
||||
TokenEndpoint=https://${iot.gateway.host}:${iot.gateway.https.port}/token?tenantDomain=carbon.super
|
||||
|
||||
#audience of JWT claim
|
||||
#comma seperated values
|
||||
aud=devicemgt
|
||||
|
||||
#expiration time of JWT (number of minutes from the current time)
|
||||
exp=1000
|
||||
|
||||
#issued at time of JWT (number of minutes from the current time)
|
||||
iat=0
|
||||
|
||||
#nbf time of JWT (number of minutes from current time)
|
||||
nbf=0
|
||||
|
||||
#skew between IDP and issuer(seconds)
|
||||
skew=0
|
||||
|
||||
# JWT Id
|
||||
#jti=token123
|
||||
|
||||
#KeyStore to cryptographic credentials
|
||||
KeyStore=target/test-classes/carbon-home/repository/resources/security/wso2carbon.jks
|
||||
|
||||
#Password of the KeyStore
|
||||
KeyStorePassword=wso2carbon
|
||||
|
||||
#Alias of the SP's private key
|
||||
PrivateKeyAlias=wso2carbon
|
||||
|
||||
#Private key password to retrieve the private key used to sign
|
||||
#AuthnRequest and LogoutRequest messages
|
||||
PrivateKeyPassword=wso2carbon
|
||||
|
||||
#this will be used as the default IDP config if there isn't any config available for tenants.
|
||||
default-jwt-client=false
|
||||
Loading…
Reference in new issue