diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java
index 3339ad8ceb1..a078503e69c 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java
@@ -18,7 +18,6 @@
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
-import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSVerifier;
import com.nimbusds.jose.crypto.RSASSAVerifier;
import com.nimbusds.jwt.SignedJWT;
@@ -44,10 +43,7 @@ import java.security.KeyStore;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-import java.util.StringTokenizer;
+import java.util.*;
/**
* This authenticator authenticates HTTP requests using JWT header.
@@ -164,8 +160,6 @@ public class JWTAuthenticator implements WebappAuthenticator {
log.error("Error occurred while obtaining the user.", e);
} catch (ParseException e) {
log.error("Error occurred while parsing the JWT header.", e);
- } catch (JOSEException e) {
- log.error("Error occurred while verifying the JWT header.", e);
} catch (Exception e) {
log.error("Error occurred while verifying the JWT header.", e);
} finally {
@@ -203,12 +197,12 @@ public class JWTAuthenticator implements WebappAuthenticator {
private String tenantDomain;
private final String DEFAULT_ISSUER = "default";
- public IssuerAlias(String tenantDomain) {
+ IssuerAlias(String tenantDomain) {
this.issuer = DEFAULT_ISSUER;
this.tenantDomain = tenantDomain;
}
- public IssuerAlias(String issuer, String tenantDomain) {
+ IssuerAlias(String issuer, String tenantDomain) {
this.issuer = issuer;
this.tenantDomain = tenantDomain;
}
@@ -223,7 +217,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
@Override
public boolean equals(Object obj) {
return (obj instanceof IssuerAlias) && issuer.equals(
- ((IssuerAlias) obj).issuer) && tenantDomain == ((IssuerAlias) obj).tenantDomain;
+ ((IssuerAlias) obj).issuer) && Objects.equals(tenantDomain, ((IssuerAlias) obj).tenantDomain);
}
}
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/LocalOAuthValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/LocalOAuthValidator.java
index 6a0422903b7..07d9aac89a0 100755
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/LocalOAuthValidator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/LocalOAuthValidator.java
@@ -68,11 +68,11 @@ public class LocalOAuthValidator implements OAuth2TokenValidator {
if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
tenantDomain = MultitenantUtils.getTenantDomain(userName);
}
+ return new OAuthValidationResponse(userName,tenantDomain,true);
} else {
OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
oAuthValidationResponse.setErrorMsg(tokenValidationResponse.getErrorMsg());
return oAuthValidationResponse;
}
- return new OAuthValidationResponse(userName,tenantDomain,isValid);
}
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java
index 77009413828..44488fd3f88 100755
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/oauth/impl/RemoteOAuthValidator.java
@@ -55,42 +55,41 @@ public class RemoteOAuthValidator implements OAuth2TokenValidator {
try {
OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource);
stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject();
- validationResponse =
- stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse();
+ validationResponse = stub.findOAuthConsumerIfTokenIsValid(validationRequest)
+ .getAccessTokenValidationResponse();
} catch (RemoteException e) {
- throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " +
- "IS server for OAuth2 token validation.", e);
+ throw new OAuthTokenValidationException(
+ "Remote Exception occurred while invoking the Remote " + "IS server for OAuth2 token validation.",
+ e);
} catch (Exception e) {
- throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " +
- "service stub from the pool", e);
+ throw new OAuthTokenValidationException(
+ "Error occurred while borrowing an oauth token validation " + "service stub from the pool", e);
} finally {
try {
this.stubs.returnObject(stub);
} catch (Exception e) {
- log.warn("Error occurred while returning the object back to the oauth token validation service " +
- "stub pool", e);
+ log.warn("Error occurred while returning the object back to the oauth token validation service "
+ + "stub pool", e);
}
}
-
if (validationResponse == null) {
if (log.isDebugEnabled()) {
log.debug("Response returned by the OAuth token validation service is null");
}
return null;
}
-
boolean isValid = validationResponse.getValid();
String tenantDomain;
String username;
if (isValid) {
username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser());
tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser());
+ return new OAuthValidationResponse(username, tenantDomain, true);
} else {
OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg());
return oAuthValidationResponse;
}
- return new OAuthValidationResponse(username, tenantDomain, isValid);
}
private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) {
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticatorTest.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticatorTest.java
index fb4122f4371..d412705c210 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticatorTest.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticatorTest.java
@@ -20,22 +20,18 @@
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
import org.apache.catalina.Context;
-import org.apache.catalina.connector.InputBuffer;
import org.apache.catalina.connector.Request;
import org.apache.catalina.core.StandardContext;
import org.apache.commons.io.FileUtils;
-import org.apache.coyote.http11.filters.BufferedInputFilter;
-import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.http.MimeHeaders;
import org.testng.Assert;
import org.testng.annotations.BeforeTest;
import org.testng.annotations.Test;
-import org.wso2.carbon.webapp.authenticator.framework.BaseWebAppAuthenticatorFrameworkTest;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
import org.wso2.carbon.webapp.authenticator.framework.util.TestInputBuffer;
-import javax.validation.constraints.AssertFalse;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.Field;
@@ -108,8 +104,8 @@ public class BSTAuthenticatorTest {
+ "parameters.");
}
- @Test(description = "This test case tests the facanHandle method of the BSTAuthenticator")
- public void testCanHandle() throws IllegalAccessException, IOException {
+ @Test(description = "This test case tests the canHandle method of the BSTAuthenticator under faulty conditions")
+ public void testCanHandleWithFalseConditions() throws IllegalAccessException {
Request request = new Request();
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
request.setCoyoteRequest(coyoteRequest);
@@ -123,33 +119,82 @@ public class BSTAuthenticatorTest {
request.setCoyoteRequest(coyoteRequest);
Assert.assertFalse(bstAuthenticator.canHandle(request),
"BST Authenticator can handle a request with content type test");
+ }
+
+
+ @Test(description = "This test case tests the canHandle method of the BSTAuthenticator under valid conditions")
+ public void testCanHandleWithValidRequest() throws IOException, IllegalAccessException {
+ Request request = createSoapRequest("CorrectBST.xml");
+ Assert.assertTrue(bstAuthenticator.canHandle(request), "BST Authenticator cannot handle a valid "
+ + "authentication request");
+ }
+
+ @Test(description = "This test case tests the canHandle method of the BSTAuthenticator under missing soap headers")
+ public void testCanHandleWithMissingHeaders() throws IOException, IllegalAccessException {
+ Request request = createSoapRequest("WrongBST1.xml");
+ Assert.assertFalse(bstAuthenticator.canHandle(request),
+ "BST Authenticator can handle a request with missing headers ");
+ request = createSoapRequest("WrongBST2.xml");
+ Assert.assertFalse(bstAuthenticator.canHandle(request),
+ "BST Authenticator can handle a request with missing headers ");
+ }
+
+ @Test(description = "This method tests the authenticate method of BST Authenticator when only minimal information"
+ + " is provided")
+ public void testAuthenticateWithMinimalConditions() throws NoSuchFieldException, IllegalAccessException {
+ Request request = new Request();
+ org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
+ request.setCoyoteRequest(coyoteRequest);
+ AuthenticationInfo authenticationInfo = bstAuthenticator.authenticate(request, null);
+ Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.CONTINUE,
+ "Authentication status of authentication info is wrong");
+ Field uriMB = org.apache.coyote.Request.class.getDeclaredField("uriMB");
+
+// coyoteRequest = new org.apache.coyote.Request();
+ uriMB.setAccessible(true);
+ MessageBytes bytes = MessageBytes.newInstance();
+ bytes.setString("");
+ uriMB.set(coyoteRequest, bytes);
+
+ request.setCoyoteRequest(coyoteRequest);
+ authenticationInfo = bstAuthenticator.authenticate(request, null);
+ Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.CONTINUE,
+ "Authentication status of authentication info is wrong");
+
+
+ }
+ /**
+ * To create a soap request by reading the request from given file.
+ *
+ * @param fileName Name of the file that has the soap request content.
+ * @return Request created with soap content.
+ * @throws IllegalAccessException Illegal Access Exception.
+ * @throws IOException IO Exception.
+ */
+ private Request createSoapRequest(String fileName) throws IllegalAccessException, IOException {
+ Request request = new Request();
ClassLoader classLoader = getClass().getClassLoader();
- URL resourceUrl = classLoader.getResource("requests" + File.separator + "BST.xml");
- File bst = new File(resourceUrl.getFile());
- String bytes1 = FileUtils.readFileToString(bst);
- coyoteRequest = new org.apache.coyote.Request();
-
-// coyoteRequest.setInputBuffer(byte);
- mimeHeaders = new MimeHeaders();
- bytes = mimeHeaders.addValue("content-type");
+ URL resourceUrl = classLoader
+ .getResource("requests" + File.separator + "BST" + File.separator + fileName);
+ String bstRequestContent = null;
+ if (resourceUrl != null) {
+ File bst = new File(resourceUrl.getFile());
+ bstRequestContent = FileUtils.readFileToString(bst);
+ }
+ org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
+ MimeHeaders mimeHeaders = new MimeHeaders();
+ MessageBytes bytes = mimeHeaders.addValue("content-type");
bytes.setString("application/xml");
bytes = mimeHeaders.addValue("custom");
- bytes.setString(bytes1);
+ bytes.setString(bstRequestContent);
headersField.set(coyoteRequest, mimeHeaders);
- MessageBytes messageBytes = coyoteRequest.getMimeHeaders().getValue("custom");
- bytes.toBytes();
- ByteChunk byteChunk = bytes.getByteChunk();
-
TestInputBuffer inputBuffer = new TestInputBuffer();
-
coyoteRequest.setInputBuffer(inputBuffer);
Context context = new StandardContext();
request.setContext(context);
request.setCoyoteRequest(coyoteRequest);
- bstAuthenticator.canHandle(request);
-
-
-
+ return request;
}
+
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestInputBuffer.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestInputBuffer.java
index 44d05b5391a..d02d299b941 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestInputBuffer.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestInputBuffer.java
@@ -1,6 +1,8 @@
package org.wso2.carbon.webapp.authenticator.framework.util;
import org.apache.catalina.connector.InputBuffer;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.apache.coyote.Request;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes;
@@ -9,7 +11,12 @@ import org.apache.tomcat.util.http.MimeHeaders;
import java.io.IOException;
import java.lang.reflect.Field;
+/**
+ * This is a dummy implementation of {@link InputBuffer} for the test cases.
+ */
public class TestInputBuffer implements org.apache.coyote.InputBuffer {
+ private Log log = LogFactory.getLog(TestInputBuffer.class);
+
@Override
public int doRead(ByteChunk byteChunk, Request request) throws IOException {
String string = request.getHeader("custom");
@@ -19,13 +26,15 @@ public class TestInputBuffer implements org.apache.coyote.InputBuffer {
byteC = MessageBytes.class.getDeclaredField("byteC");
byteC.setAccessible(true);
} catch (NoSuchFieldException e) {
- e.printStackTrace();
+ log.error("Cannot get the byteC field", e);
}
MessageBytes bytes = mimeHeaders.addValue("content-type");
try {
- byteC.set(bytes, byteChunk);
+ if (byteC != null) {
+ byteC.set(bytes, byteChunk);
+ }
} catch (IllegalAccessException e) {
- e.printStackTrace();
+ log.error("Cannot set byteC field", e);
}
bytes.setString(string);
bytes.toBytes();
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST.xml
deleted file mode 100644
index 66d70f5975c..00000000000
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-
-
-
- test
-
-
-
-
-
\ No newline at end of file
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/CorrectBST.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/CorrectBST.xml
new file mode 100644
index 00000000000..9be7210ec6e
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/CorrectBST.xml
@@ -0,0 +1,25 @@
+
+
+
+
+ test
+
+
+
+
+
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/WrongBST1.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/WrongBST1.xml
new file mode 100644
index 00000000000..b83635c6d15
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/WrongBST1.xml
@@ -0,0 +1,25 @@
+
+
+
+
+
+
+
+
+
+
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/WrongBST2.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/WrongBST2.xml
new file mode 100644
index 00000000000..671d1e770ea
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/requests/BST/WrongBST2.xml
@@ -0,0 +1,19 @@
+
+
+
+
+