Adding test cases

revert-70aa11f8
megala21 7 years ago
parent 9766d392f5
commit d103a43a63

@ -18,7 +18,6 @@
package org.wso2.carbon.webapp.authenticator.framework.authenticator; package org.wso2.carbon.webapp.authenticator.framework.authenticator;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSVerifier; import com.nimbusds.jose.JWSVerifier;
import com.nimbusds.jose.crypto.RSASSAVerifier; import com.nimbusds.jose.crypto.RSASSAVerifier;
import com.nimbusds.jwt.SignedJWT; import com.nimbusds.jwt.SignedJWT;
@ -44,10 +43,7 @@ import java.security.KeyStore;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey; import java.security.interfaces.RSAPublicKey;
import java.text.ParseException; import java.text.ParseException;
import java.util.HashMap; import java.util.*;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
/** /**
* This authenticator authenticates HTTP requests using JWT header. * This authenticator authenticates HTTP requests using JWT header.
@ -164,8 +160,6 @@ public class JWTAuthenticator implements WebappAuthenticator {
log.error("Error occurred while obtaining the user.", e); log.error("Error occurred while obtaining the user.", e);
} catch (ParseException e) { } catch (ParseException e) {
log.error("Error occurred while parsing the JWT header.", e); log.error("Error occurred while parsing the JWT header.", e);
} catch (JOSEException e) {
log.error("Error occurred while verifying the JWT header.", e);
} catch (Exception e) { } catch (Exception e) {
log.error("Error occurred while verifying the JWT header.", e); log.error("Error occurred while verifying the JWT header.", e);
} finally { } finally {
@ -203,12 +197,12 @@ public class JWTAuthenticator implements WebappAuthenticator {
private String tenantDomain; private String tenantDomain;
private final String DEFAULT_ISSUER = "default"; private final String DEFAULT_ISSUER = "default";
public IssuerAlias(String tenantDomain) { IssuerAlias(String tenantDomain) {
this.issuer = DEFAULT_ISSUER; this.issuer = DEFAULT_ISSUER;
this.tenantDomain = tenantDomain; this.tenantDomain = tenantDomain;
} }
public IssuerAlias(String issuer, String tenantDomain) { IssuerAlias(String issuer, String tenantDomain) {
this.issuer = issuer; this.issuer = issuer;
this.tenantDomain = tenantDomain; this.tenantDomain = tenantDomain;
} }
@ -223,7 +217,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
@Override @Override
public boolean equals(Object obj) { public boolean equals(Object obj) {
return (obj instanceof IssuerAlias) && issuer.equals( return (obj instanceof IssuerAlias) && issuer.equals(
((IssuerAlias) obj).issuer) && tenantDomain == ((IssuerAlias) obj).tenantDomain; ((IssuerAlias) obj).issuer) && Objects.equals(tenantDomain, ((IssuerAlias) obj).tenantDomain);
} }
} }
} }

@ -68,11 +68,11 @@ public class LocalOAuthValidator implements OAuth2TokenValidator {
if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) { if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
tenantDomain = MultitenantUtils.getTenantDomain(userName); tenantDomain = MultitenantUtils.getTenantDomain(userName);
} }
return new OAuthValidationResponse(userName,tenantDomain,true);
} else { } else {
OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse(); OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
oAuthValidationResponse.setErrorMsg(tokenValidationResponse.getErrorMsg()); oAuthValidationResponse.setErrorMsg(tokenValidationResponse.getErrorMsg());
return oAuthValidationResponse; return oAuthValidationResponse;
} }
return new OAuthValidationResponse(userName,tenantDomain,isValid);
} }
} }

@ -55,42 +55,41 @@ public class RemoteOAuthValidator implements OAuth2TokenValidator {
try { try {
OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource); OAuth2TokenValidationRequestDTO validationRequest = createValidationRequest(accessToken, resource);
stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject(); stub = (OAuth2TokenValidationServiceStub) this.stubs.borrowObject();
validationResponse = validationResponse = stub.findOAuthConsumerIfTokenIsValid(validationRequest)
stub.findOAuthConsumerIfTokenIsValid(validationRequest).getAccessTokenValidationResponse(); .getAccessTokenValidationResponse();
} catch (RemoteException e) { } catch (RemoteException e) {
throw new OAuthTokenValidationException("Remote Exception occurred while invoking the Remote " + throw new OAuthTokenValidationException(
"IS server for OAuth2 token validation.", e); "Remote Exception occurred while invoking the Remote " + "IS server for OAuth2 token validation.",
e);
} catch (Exception e) { } catch (Exception e) {
throw new OAuthTokenValidationException("Error occurred while borrowing an oauth token validation " + throw new OAuthTokenValidationException(
"service stub from the pool", e); "Error occurred while borrowing an oauth token validation " + "service stub from the pool", e);
} finally { } finally {
try { try {
this.stubs.returnObject(stub); this.stubs.returnObject(stub);
} catch (Exception e) { } catch (Exception e) {
log.warn("Error occurred while returning the object back to the oauth token validation service " + log.warn("Error occurred while returning the object back to the oauth token validation service "
"stub pool", e); + "stub pool", e);
} }
} }
if (validationResponse == null) { if (validationResponse == null) {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Response returned by the OAuth token validation service is null"); log.debug("Response returned by the OAuth token validation service is null");
} }
return null; return null;
} }
boolean isValid = validationResponse.getValid(); boolean isValid = validationResponse.getValid();
String tenantDomain; String tenantDomain;
String username; String username;
if (isValid) { if (isValid) {
username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser()); username = MultitenantUtils.getTenantAwareUsername(validationResponse.getAuthorizedUser());
tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser()); tenantDomain = MultitenantUtils.getTenantDomain(validationResponse.getAuthorizedUser());
return new OAuthValidationResponse(username, tenantDomain, true);
} else { } else {
OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse(); OAuthValidationResponse oAuthValidationResponse = new OAuthValidationResponse();
oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg()); oAuthValidationResponse.setErrorMsg(validationResponse.getErrorMsg());
return oAuthValidationResponse; return oAuthValidationResponse;
} }
return new OAuthValidationResponse(username, tenantDomain, isValid);
} }
private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) { private OAuth2TokenValidationRequestDTO createValidationRequest(String accessToken, String resource) {

@ -20,22 +20,18 @@
package org.wso2.carbon.webapp.authenticator.framework.authenticator; package org.wso2.carbon.webapp.authenticator.framework.authenticator;
import org.apache.catalina.Context; import org.apache.catalina.Context;
import org.apache.catalina.connector.InputBuffer;
import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Request;
import org.apache.catalina.core.StandardContext; import org.apache.catalina.core.StandardContext;
import org.apache.commons.io.FileUtils; import org.apache.commons.io.FileUtils;
import org.apache.coyote.http11.filters.BufferedInputFilter;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes; import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.http.MimeHeaders; import org.apache.tomcat.util.http.MimeHeaders;
import org.testng.Assert; import org.testng.Assert;
import org.testng.annotations.BeforeTest; import org.testng.annotations.BeforeTest;
import org.testng.annotations.Test; import org.testng.annotations.Test;
import org.wso2.carbon.webapp.authenticator.framework.BaseWebAppAuthenticatorFrameworkTest; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator; import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
import org.wso2.carbon.webapp.authenticator.framework.util.TestInputBuffer; import org.wso2.carbon.webapp.authenticator.framework.util.TestInputBuffer;
import javax.validation.constraints.AssertFalse;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.lang.reflect.Field; import java.lang.reflect.Field;
@ -108,8 +104,8 @@ public class BSTAuthenticatorTest {
+ "parameters."); + "parameters.");
} }
@Test(description = "This test case tests the facanHandle method of the BSTAuthenticator") @Test(description = "This test case tests the canHandle method of the BSTAuthenticator under faulty conditions")
public void testCanHandle() throws IllegalAccessException, IOException { public void testCanHandleWithFalseConditions() throws IllegalAccessException {
Request request = new Request(); Request request = new Request();
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request(); org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
request.setCoyoteRequest(coyoteRequest); request.setCoyoteRequest(coyoteRequest);
@ -123,33 +119,82 @@ public class BSTAuthenticatorTest {
request.setCoyoteRequest(coyoteRequest); request.setCoyoteRequest(coyoteRequest);
Assert.assertFalse(bstAuthenticator.canHandle(request), Assert.assertFalse(bstAuthenticator.canHandle(request),
"BST Authenticator can handle a request with content type test"); "BST Authenticator can handle a request with content type test");
}
@Test(description = "This test case tests the canHandle method of the BSTAuthenticator under valid conditions")
public void testCanHandleWithValidRequest() throws IOException, IllegalAccessException {
Request request = createSoapRequest("CorrectBST.xml");
Assert.assertTrue(bstAuthenticator.canHandle(request), "BST Authenticator cannot handle a valid "
+ "authentication request");
}
@Test(description = "This test case tests the canHandle method of the BSTAuthenticator under missing soap headers")
public void testCanHandleWithMissingHeaders() throws IOException, IllegalAccessException {
Request request = createSoapRequest("WrongBST1.xml");
Assert.assertFalse(bstAuthenticator.canHandle(request),
"BST Authenticator can handle a request with missing headers ");
request = createSoapRequest("WrongBST2.xml");
Assert.assertFalse(bstAuthenticator.canHandle(request),
"BST Authenticator can handle a request with missing headers ");
}
@Test(description = "This method tests the authenticate method of BST Authenticator when only minimal information"
+ " is provided")
public void testAuthenticateWithMinimalConditions() throws NoSuchFieldException, IllegalAccessException {
Request request = new Request();
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
request.setCoyoteRequest(coyoteRequest);
AuthenticationInfo authenticationInfo = bstAuthenticator.authenticate(request, null);
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.CONTINUE,
"Authentication status of authentication info is wrong");
Field uriMB = org.apache.coyote.Request.class.getDeclaredField("uriMB");
// coyoteRequest = new org.apache.coyote.Request();
uriMB.setAccessible(true);
MessageBytes bytes = MessageBytes.newInstance();
bytes.setString("");
uriMB.set(coyoteRequest, bytes);
request.setCoyoteRequest(coyoteRequest);
authenticationInfo = bstAuthenticator.authenticate(request, null);
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.CONTINUE,
"Authentication status of authentication info is wrong");
}
/**
* To create a soap request by reading the request from given file.
*
* @param fileName Name of the file that has the soap request content.
* @return Request created with soap content.
* @throws IllegalAccessException Illegal Access Exception.
* @throws IOException IO Exception.
*/
private Request createSoapRequest(String fileName) throws IllegalAccessException, IOException {
Request request = new Request();
ClassLoader classLoader = getClass().getClassLoader(); ClassLoader classLoader = getClass().getClassLoader();
URL resourceUrl = classLoader.getResource("requests" + File.separator + "BST.xml"); URL resourceUrl = classLoader
File bst = new File(resourceUrl.getFile()); .getResource("requests" + File.separator + "BST" + File.separator + fileName);
String bytes1 = FileUtils.readFileToString(bst); String bstRequestContent = null;
coyoteRequest = new org.apache.coyote.Request(); if (resourceUrl != null) {
File bst = new File(resourceUrl.getFile());
// coyoteRequest.setInputBuffer(byte); bstRequestContent = FileUtils.readFileToString(bst);
mimeHeaders = new MimeHeaders(); }
bytes = mimeHeaders.addValue("content-type"); org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
MimeHeaders mimeHeaders = new MimeHeaders();
MessageBytes bytes = mimeHeaders.addValue("content-type");
bytes.setString("application/xml"); bytes.setString("application/xml");
bytes = mimeHeaders.addValue("custom"); bytes = mimeHeaders.addValue("custom");
bytes.setString(bytes1); bytes.setString(bstRequestContent);
headersField.set(coyoteRequest, mimeHeaders); headersField.set(coyoteRequest, mimeHeaders);
MessageBytes messageBytes = coyoteRequest.getMimeHeaders().getValue("custom");
bytes.toBytes();
ByteChunk byteChunk = bytes.getByteChunk();
TestInputBuffer inputBuffer = new TestInputBuffer(); TestInputBuffer inputBuffer = new TestInputBuffer();
coyoteRequest.setInputBuffer(inputBuffer); coyoteRequest.setInputBuffer(inputBuffer);
Context context = new StandardContext(); Context context = new StandardContext();
request.setContext(context); request.setContext(context);
request.setCoyoteRequest(coyoteRequest); request.setCoyoteRequest(coyoteRequest);
bstAuthenticator.canHandle(request); return request;
} }
} }

@ -1,6 +1,8 @@
package org.wso2.carbon.webapp.authenticator.framework.util; package org.wso2.carbon.webapp.authenticator.framework.util;
import org.apache.catalina.connector.InputBuffer; import org.apache.catalina.connector.InputBuffer;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.coyote.Request; import org.apache.coyote.Request;
import org.apache.tomcat.util.buf.ByteChunk; import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes; import org.apache.tomcat.util.buf.MessageBytes;
@ -9,7 +11,12 @@ import org.apache.tomcat.util.http.MimeHeaders;
import java.io.IOException; import java.io.IOException;
import java.lang.reflect.Field; import java.lang.reflect.Field;
/**
* This is a dummy implementation of {@link InputBuffer} for the test cases.
*/
public class TestInputBuffer implements org.apache.coyote.InputBuffer { public class TestInputBuffer implements org.apache.coyote.InputBuffer {
private Log log = LogFactory.getLog(TestInputBuffer.class);
@Override @Override
public int doRead(ByteChunk byteChunk, Request request) throws IOException { public int doRead(ByteChunk byteChunk, Request request) throws IOException {
String string = request.getHeader("custom"); String string = request.getHeader("custom");
@ -19,13 +26,15 @@ public class TestInputBuffer implements org.apache.coyote.InputBuffer {
byteC = MessageBytes.class.getDeclaredField("byteC"); byteC = MessageBytes.class.getDeclaredField("byteC");
byteC.setAccessible(true); byteC.setAccessible(true);
} catch (NoSuchFieldException e) { } catch (NoSuchFieldException e) {
e.printStackTrace(); log.error("Cannot get the byteC field", e);
} }
MessageBytes bytes = mimeHeaders.addValue("content-type"); MessageBytes bytes = mimeHeaders.addValue("content-type");
try { try {
byteC.set(bytes, byteChunk); if (byteC != null) {
byteC.set(bytes, byteChunk);
}
} catch (IllegalAccessException e) { } catch (IllegalAccessException e) {
e.printStackTrace(); log.error("Cannot set byteC field", e);
} }
bytes.setString(string); bytes.setString(string);
bytes.toBytes(); bytes.toBytes();

@ -1,11 +0,0 @@
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:w="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>
<soap:Header>
<w:Security>
<w:BinarySecurityToken>test</w:BinarySecurityToken>
</w:Security>
</soap:Header>
<soap:Body>
</soap:Body>
</soap:Envelope>

@ -0,0 +1,25 @@
<!--
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:w="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<soap:Header>
<w:Security>
<w:BinarySecurityToken>test</w:BinarySecurityToken>
</w:Security>
</soap:Header>
<soap:Body>
</soap:Body>
</soap:Envelope>

@ -0,0 +1,25 @@
<!--
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:w="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<soap:Header>
<w:Security>
</w:Security>
</soap:Header>
<soap:Body>
</soap:Body>
</soap:Envelope>

@ -0,0 +1,19 @@
<!--
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header/>
<soap:Body/>
</soap:Envelope>
Loading…
Cancel
Save