From bbdd4a88bdf1afc9108ec4db490d1ccfd048d78f Mon Sep 17 00:00:00 2001 From: megala21 Date: Fri, 13 Oct 2017 15:15:33 +0530 Subject: [PATCH] Refactoring --- .../pom.xml | 6 ---- .../authenticator/JWTAuthenticator.java | 6 +++- .../CertificateAuthenticatorTest.java | 23 +++++++++++--- .../authenticator/JWTAuthenticatorTest.java | 14 +++------ .../util/TestCertificateGenerator.java | 31 +++++++++++-------- .../util/TestTenantIndexingLoader.java | 27 ++++++++++++++-- .../util/TestTenantRegistryLoader.java | 25 +++++++++++++-- .../src/test/resources/jwt.properties | 2 +- 8 files changed, 93 insertions(+), 41 deletions(-) diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index 2516a1c37e..506e94d8bf 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -188,12 +188,6 @@ org.wso2.carbon.identity.inbound.auth.oauth2 org.wso2.carbon.identity.oauth - org.wso2.carbon diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java index 48831a4d54..87ef877351 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java @@ -43,7 +43,11 @@ import java.security.KeyStore; import java.security.PublicKey; import java.security.interfaces.RSAPublicKey; import java.text.ParseException; -import java.util.*; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; +import java.util.Properties; +import java.util.StringTokenizer; /** * This authenticator authenticates HTTP requests using JWT header. diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticatorTest.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticatorTest.java index 511fe7be4d..05d8bf1eb0 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticatorTest.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticatorTest.java @@ -229,6 +229,12 @@ public class CertificateAuthenticatorTest { return request; } + /** + * To create certificate management database. + * + * @return Datasource. + * @throws SQLException SQL Exception. + */ private DataSource createDatabase() throws SQLException { URL resourceURL = ClassLoader.getSystemResource("sql-scripts" + File.separator + "h2.sql"); JdbcDataSource dataSource = new JdbcDataSource(); @@ -246,9 +252,7 @@ public class CertificateAuthenticatorTest { if (conn != null) { try { conn.close(); - } catch (SQLException e) { - - } + } catch (SQLException e) {} } if (statement != null) { statement.close(); @@ -257,8 +261,17 @@ public class CertificateAuthenticatorTest { return dataSource; } - private String createEncodedSignature(X509Certificate x509Certificate) - throws CertificateEncodingException, CMSException, IOException { + /** + * To create a encoded signature from certificate. + * + * @param x509Certificate Certificate that need to be encoded. + * @return Encoded signature. + * @throws CertificateEncodingException Certificate Encoding Exception. + * @throws CMSException CMS Exception. + * @throws IOException IO Exception. + */ + private String createEncodedSignature(X509Certificate x509Certificate) throws CertificateEncodingException, + CMSException, IOException { CMSSignedDataGenerator generator = new CMSSignedDataGenerator(); List list = new ArrayList<>(); list.add(x509Certificate); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticatorTest.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticatorTest.java index a163afafde..3a82156b6b 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticatorTest.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticatorTest.java @@ -39,6 +39,9 @@ import java.util.HashMap; import java.util.Map; import java.util.Properties; +/** + * This is a test class for {@link JWTAuthenticator}. + */ public class JWTAuthenticatorTest { private JWTAuthenticator jwtAuthenticator; private Field headersField; @@ -61,14 +64,12 @@ public class JWTAuthenticatorTest { URL resourceUrl = classLoader.getResource("jwt.properties"); File jwtPropertyFile; JWTConfig jwtConfig = null; - if (resourceUrl != null) { jwtPropertyFile = new File(resourceUrl.getFile()); Properties jwtConfigProperties = new Properties(); jwtConfigProperties.load(new FileInputStream(jwtPropertyFile)); jwtConfig = new JWTConfig(jwtConfigProperties); } - Map customClaims = new HashMap<>(); customClaims.put(SIGNED_JWT_AUTH_USERNAME, "admin"); customClaims.put(SIGNED_JWT_AUTH_TENANT_ID, String.valueOf(MultitenantConstants.SUPER_TENANT_ID)); @@ -83,7 +84,8 @@ public class JWTAuthenticatorTest { jwtTokenWithWrongUser = JWTClientUtil.generateSignedJWTAssertion("notexisting", jwtConfig, false, customClaims); } - @Test(description = "This method tests the get methods in the JWTAuthenticator", dependsOnMethods = "testAuthenticate") + @Test(description = "This method tests the get methods in the JWTAuthenticator", + dependsOnMethods = "testAuthenticate") public void testGetMethods() { Assert.assertEquals(jwtAuthenticator.getName(), "JWT", "GetName method returns wrong value"); Assert.assertNotNull(jwtAuthenticator.getProperties(), "Properties are not properly added to JWT " @@ -123,12 +125,10 @@ public class JWTAuthenticatorTest { AuthenticationInfo authenticationInfo = jwtAuthenticator.authenticate(request, null); Assert.assertNotNull(authenticationInfo, "Returned authentication info was null"); Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username"); - request = createJWTRequest(jwtToken, ""); authenticationInfo = jwtAuthenticator.authenticate(request, null); Assert.assertNotNull(authenticationInfo, "Returned authentication info was null"); Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username"); - properties = new Properties(); properties.setProperty(ISSUER, "test"); jwtAuthenticator.setProperties(properties); @@ -137,17 +137,14 @@ public class JWTAuthenticatorTest { Assert.assertNotNull(authenticationInfo, "Returned authentication info was null"); Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE, "Un authenticated request does not contain status as failure"); - properties = new Properties(); properties.setProperty(ISSUER, ALIAS); jwtAuthenticator.setProperties(properties); - request = createJWTRequest(wrongJwtToken, ""); authenticationInfo = jwtAuthenticator.authenticate(request, null); Assert.assertNotNull(authenticationInfo, "Returned authentication info was null"); Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE, "Un authenticated request does not contain status as failure"); - request = createJWTRequest(jwtTokenWithWrongUser, ""); authenticationInfo = jwtAuthenticator.authenticate(request, null); Assert.assertNotNull(authenticationInfo, "Returned authentication info was null"); @@ -175,7 +172,6 @@ public class JWTAuthenticatorTest { bytes.setString(requestUri); uriMB.set(coyoteRequest, bytes); request.setCoyoteRequest(coyoteRequest); - return request; } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestCertificateGenerator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestCertificateGenerator.java index b532f5699c..5f8f96923d 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestCertificateGenerator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestCertificateGenerator.java @@ -35,7 +35,14 @@ import org.wso2.carbon.context.PrivilegedCarbonContext; import javax.security.auth.x500.X500Principal; import java.math.BigInteger; -import java.security.*; +import java.security.InvalidKeyException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.SecureRandom; +import java.security.Security; +import java.security.SignatureException; import java.security.cert.CertificateException; import java.security.cert.CertificateExpiredException; import java.security.cert.CertificateNotYetValidException; @@ -44,34 +51,33 @@ import java.util.ArrayList; import java.util.Date; import java.util.List; +/** + * This is a mock implementation of {@link CertificateGenerator}. + */ public class TestCertificateGenerator extends CertificateGenerator { private int count = 0; public X509Certificate generateX509Certificate() throws KeystoreException { BigInteger serialNumber = CommonUtil.generateSerialNumber(); String defaultPrinciple = "CN=" + serialNumber + ",O=WSO2,OU=Mobile,C=LK"; - CommonUtil commonUtil = new CommonUtil(); Date validityBeginDate = commonUtil.getValidityStartDate(); Date validityEndDate = commonUtil.getValidityEndDate(); - Security.addProvider(new BouncyCastleProvider()); try { - KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance( - CertificateManagementConstants.RSA, CertificateManagementConstants.PROVIDER); + KeyPairGenerator keyPairGenerator = KeyPairGenerator + .getInstance(CertificateManagementConstants.RSA, CertificateManagementConstants.PROVIDER); keyPairGenerator.initialize(CertificateManagementConstants.RSA_KEY_LENGTH, new SecureRandom()); KeyPair pair = keyPairGenerator.generateKeyPair(); X500Principal principal = new X500Principal(defaultPrinciple); - X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder( - principal, serialNumber, validityBeginDate, validityEndDate, - principal, pair.getPublic()); + X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(principal, serialNumber, + validityBeginDate, validityEndDate, principal, pair.getPublic()); ContentSigner contentSigner = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA) - .setProvider(CertificateManagementConstants.PROVIDER).build( - pair.getPrivate()); + .setProvider(CertificateManagementConstants.PROVIDER).build(pair.getPrivate()); X509Certificate certificate = new JcaX509CertificateConverter() - .setProvider(CertificateManagementConstants.PROVIDER).getCertificate( - certificateBuilder.build(contentSigner)); + .setProvider(CertificateManagementConstants.PROVIDER) + .getCertificate(certificateBuilder.build(contentSigner)); certificate.verify(certificate.getPublicKey()); List certificates = new ArrayList<>(); org.wso2.carbon.certificate.mgt.core.bean.Certificate certificateToStore = @@ -116,5 +122,4 @@ public class TestCertificateGenerator extends CertificateGenerator { return null; } } - } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantIndexingLoader.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantIndexingLoader.java index 12203c35d8..3f8b84dacf 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantIndexingLoader.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantIndexingLoader.java @@ -1,9 +1,30 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + package org.wso2.carbon.webapp.authenticator.framework.util; import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader; +/** + * This is a mock implementation of {@link TenantIndexingLoader} + */ public class TestTenantIndexingLoader implements TenantIndexingLoader { - @Override public void loadTenantIndex(int i) { - - } + @Override + public void loadTenantIndex(int i) { } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantRegistryLoader.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantRegistryLoader.java index 1656e91bc0..42d6f04f76 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantRegistryLoader.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/java/org/wso2/carbon/webapp/authenticator/framework/util/TestTenantRegistryLoader.java @@ -1,11 +1,30 @@ +/* + * Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ package org.wso2.carbon.webapp.authenticator.framework.util; import org.wso2.carbon.registry.core.exceptions.RegistryException; import org.wso2.carbon.registry.core.service.TenantRegistryLoader; +/** + * This is a mock implementation of {@link TenantRegistryLoader} for the test cases. + */ public class TestTenantRegistryLoader implements TenantRegistryLoader { @Override - public void loadTenantRegistry(int i) throws RegistryException { - - } + public void loadTenantRegistry(int i) throws RegistryException { } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/jwt.properties b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/jwt.properties index b7be2e296a..839769e4c3 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/jwt.properties +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/test/resources/jwt.properties @@ -1,5 +1,5 @@ # -# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # WSO2 Inc. licenses this file to you under the Apache License, # Version 2.0 (the "License"); you may not use this file except