diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/test/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandlerTest.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/test/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandlerTest.java index ba76f81a43d..f68a9bd9733 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/test/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandlerTest.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/test/java/org/wso2/carbon/apimgt/handlers/AuthenticationHandlerTest.java @@ -25,7 +25,6 @@ import org.apache.axiom.soap.SOAPEnvelope; import org.apache.axis2.addressing.EndpointReference; import org.apache.axis2.context.ConfigurationContext; import org.apache.axis2.engine.AxisConfiguration; -import org.apache.commons.io.FileUtils; import org.apache.http.ProtocolVersion; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.entity.BasicHttpEntity; @@ -43,21 +42,16 @@ import org.wso2.carbon.apimgt.handlers.invoker.RESTInvoker; import org.wso2.carbon.apimgt.handlers.mock.MockClient; import org.wso2.carbon.apimgt.handlers.mock.MockHttpResponse; import org.wso2.carbon.apimgt.handlers.utils.AuthConstants; -import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; -import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator; -import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants; import java.io.BufferedReader; import java.io.ByteArrayInputStream; -import java.io.File; import java.io.FileReader; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.lang.reflect.Field; import java.nio.charset.StandardCharsets; -import java.security.cert.X509Certificate; import java.util.HashMap; -import java.util.List; +import javax.security.cert.X509Certificate; /** * This testcase will focus on covering the methods of {@link AuthenticationHandler} @@ -86,19 +80,17 @@ public class AuthenticationHandlerTest extends BaseAPIHandlerTest { dependsOnMethods = "testHandleRequestWithEmptyTransportHeader") public void testHandleRequestWithURISyntaxError() throws Exception { HashMap transportHeaders = new HashMap<>(); - List certificates = loadCertificates(); - transportHeaders.put(AuthConstants.MDM_SIGNATURE, new String(certificates.get(0).getSignature())); + transportHeaders.put(AuthConstants.MDM_SIGNATURE, "some cert"); boolean response = this.handler.handleRequest(createSynapseMessageContext("", this.synapseConfiguration, transportHeaders, "https://test.com/testservice")); Assert.assertFalse(response); } - @Test(description = "Handle request with device type URI", + @Test(description = "Handle request with device type URI with MDM ceritificate", dependsOnMethods = "testHandleRequestWithURISyntaxError") - public void testHandleRequestWithDeviceTypeURI() throws Exception { + public void testHandleSuccessfulRequestMDMCertificate() throws Exception { HashMap transportHeaders = new HashMap<>(); - List certificates = loadCertificates(); - transportHeaders.put(AuthConstants.MDM_SIGNATURE, new String(certificates.get(0).getSignature())); + transportHeaders.put(AuthConstants.MDM_SIGNATURE, "some cert"); setMockClient(); this.mockClient.setResponse(getDCRResponse()); this.mockClient.setResponse(getAccessTokenReponse()); @@ -109,6 +101,54 @@ public class AuthenticationHandlerTest extends BaseAPIHandlerTest { this.mockClient.reset(); } + @Test(description = "Handle request with device type URI with Proxy Mutual Auth Header", + dependsOnMethods = "testHandleSuccessfulRequestMDMCertificate") + public void testHandleSuccessRequestProxyMutualAuthHeader() throws Exception { + HashMap transportHeaders = new HashMap<>(); + transportHeaders.put(AuthConstants.PROXY_MUTUAL_AUTH_HEADER, "Test Header"); + setMockClient(); + this.mockClient.setResponse(getAccessTokenReponse()); + this.mockClient.setResponse(getValidationResponse()); + boolean response = this.handler.handleRequest(createSynapseMessageContext("", this.synapseConfiguration, + transportHeaders, "https://test.com/testservice/api/testdevice")); + Assert.assertTrue(response); + this.mockClient.reset(); + } + + @Test(description = "Handle request with device type URI with Mutual Auth Header", + dependsOnMethods = "testHandleSuccessRequestProxyMutualAuthHeader") + public void testHandleSuccessRequestMutualAuthHeader() throws Exception { + HashMap transportHeaders = new HashMap<>(); + transportHeaders.put(AuthConstants.MUTUAL_AUTH_HEADER, "Test Header"); + setMockClient(); + this.mockClient.setResponse(getAccessTokenReponse()); + this.mockClient.setResponse(getValidationResponse()); + MessageContext messageContext = createSynapseMessageContext("", this.synapseConfiguration, + transportHeaders, "https://test.com/testservice/api/testdevice"); + org.apache.axis2.context.MessageContext axisMC = ((Axis2MessageContext) messageContext).getAxis2MessageContext(); + String certStr = getContent(TestUtils.getAbsolutePathOfConfig("ra_cert.pem")); + X509Certificate cert = X509Certificate.getInstance(new ByteArrayInputStream(certStr. + getBytes(StandardCharsets.UTF_8.name()))); + axisMC.setProperty(AuthConstants.CLIENT_CERTIFICATE, new X509Certificate[]{cert}); + boolean response = this.handler.handleRequest(messageContext); + Assert.assertTrue(response); + this.mockClient.reset(); + } + + @Test(description = "Handle request with device type URI with Encoded Pem", + dependsOnMethods = "testHandleSuccessRequestMutualAuthHeader") + public void testHandleSuccessRequestEncodedPem() throws Exception { + HashMap transportHeaders = new HashMap<>(); + transportHeaders.put(AuthConstants.ENCODED_PEM, "encoded pem"); + setMockClient(); + this.mockClient.setResponse(getAccessTokenReponse()); + this.mockClient.setResponse(getValidationResponse()); + MessageContext messageContext = createSynapseMessageContext("", this.synapseConfiguration, + transportHeaders, "https://test.com/testservice/api/testdevice"); + boolean response = this.handler.handleRequest(messageContext); + Assert.assertTrue(response); + this.mockClient.reset(); + } private static MessageContext createSynapseMessageContext( String payload, SynapseConfiguration config, HashMap transportHeaders, @@ -137,18 +177,6 @@ public class AuthenticationHandlerTest extends BaseAPIHandlerTest { return synMc; } - private List loadCertificates() throws IOException, KeystoreException { - File caPemFile = new File(TestUtils.getAbsolutePathOfConfig("ca_cert.pem")); - File raPemFile = new File(TestUtils.getAbsolutePathOfConfig("ra_cert.pem")); - byte[] ca = FileUtils.readFileToByteArray(caPemFile); - byte[] ra = FileUtils.readFileToByteArray(raPemFile); - List rootCertificates = new CertificateGenerator().getRootCertificates(ca, ra); - Assert.assertNotNull("Root certificates retrieved", rootCertificates); - Assert.assertEquals(rootCertificates.get(0).getType(), CertificateManagementConstants.X_509); - Assert.assertEquals(rootCertificates.get(1).getType(), CertificateManagementConstants.X_509); - return rootCertificates; - } - private void setMockClient() throws NoSuchFieldException, IllegalAccessException { Field restInvokerField = this.handler.getClass().getDeclaredField("restInvoker"); restInvokerField.setAccessible(true); @@ -200,7 +228,6 @@ public class AuthenticationHandlerTest extends BaseAPIHandlerTest { return mockDCRResponse; } - private String getContent(String filePath) throws IOException { FileReader fileReader = new FileReader(filePath); BufferedReader bufferedReader = new BufferedReader(fileReader); diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/test/resources/ca_cert.pem b/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/test/resources/ca_cert.pem deleted file mode 100644 index 417394bb96b..00000000000 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.handlers/src/test/resources/ca_cert.pem +++ /dev/null @@ -1,34 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIF+zCCA+OgAwIBAgIJAJE458QXNuiLMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD -VQQGEwJVUzENMAsGA1UECBMEVGVzdDENMAsGA1UEBxMEVGVzdDERMA8GA1UEChMI -VGVzdCBPcmcxFjAUBgNVBAsTDVRlc3Qgb3JnIHVuaXQxFTATBgNVBAMTDFdTTzIg -Um9vdCBDQTEcMBoGCSqGSIb3DQEJARYNcm9vdEB3c28yLmNvbTAeFw0xNTAxMjcx -MjUxMjRaFw0xNzEwMjMxMjUxMjRaMIGLMQswCQYDVQQGEwJVUzENMAsGA1UECBME -VGVzdDENMAsGA1UEBxMEVGVzdDERMA8GA1UEChMIVGVzdCBPcmcxFjAUBgNVBAsT -DVRlc3Qgb3JnIHVuaXQxFTATBgNVBAMTDFdTTzIgUm9vdCBDQTEcMBoGCSqGSIb3 -DQEJARYNcm9vdEB3c28yLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC -ggIBANJ756zjlkNKJf9O80qwFWxlwr4vOa80oaGXaO8Luj8ZNb7zyGATppTmZi2b -rRVfNPGHhN/0REb5+Gcf0xvk1b5Wp4E+JoDKfZMwOVQsMVmKYHqopgiiE28L/YoN -d0XmZA0J03nfQ4rzYggwQX7oRsW/AptkdURV4i8xD3SsqDGDZyYxQVDkj55nrweE -d5FWOnYvvpdbFJ4WanJmGe1WRtLMJ0jFi7tw9Wc7W/5+fvIA9bvHDHoG1VlfyjQU -SvTLlAN7Ui0ztXTcOZuN3HI0putMQRyaAD7Ljl7E1ROiqMhN/z80Bck8Yi7ELOmq -+cJOir/4CAamj8SugZ0iXo922slrSemWL9tjNT7MFmjFXmgIfVmaJF7OxKyxHhO8 -gJKTlU2KSJJH2CzMwnGdRFrDlsAotVjGLYFWHUN4HW2uA2crEEmk+UduwnVMazqU -wBFxv+INf0U55bsXTv7C3L06IUaTBvxhxKQmzj9BeQGwWAC2Co4s5riT2ttivSRl -XijPIEDTfmvE/fjj4KfQQOTY3+EejacMe6gb/qVsCZ1g9Tbk7WLgjYHBuOQSAz3l -wPPqPY+6CakeL29wWyPg7pGzR6lMcYItUdHJuNsTijs0x6Xi1O5iIuL2o0vl8FRH -+tZFm3ujtCIHprjUgcn6aOR9Ms/NkUJCziKKAb4KoohNFgr/AgMBAAGjYDBeMB0G -A1UdDgQWBBSDhLDYVCYhJsxvK1ZNV05qGGVajjAfBgNVHSMEGDAWgBSDhLDYVCYh -JsxvK1ZNV05qGGVajjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjANBgkq -hkiG9w0BAQUFAAOCAgEAykqOsxHV43Bx24+7DfxLNYyafBayHacQ4uwtldwexyQB -fIyJKjhzZUSvl37zhFPhJRJHogFIds+FoqaQsF8PvI/YSKs3UYRhje2mJan79lEA -rCd+3zDGmzQhmutVo7C1bCQuujV8YLIJGvvcnMcHnMLpc5CfjzmI2C6qMZ5XgpHx -/Mhindllqr0ZVvqRive0A2svW1k47XWB7BIfx/aoZ1viPHDNYVuYZ6j/NAFv8/Fu -3n/TfYOJ5rz0NPGHYXnmFcgGxtYTu5u6Q9YVdDLZv9lqYbMRSdiQ8SVDzwxft9N5 -g6/VoXLoMpCS7/6jR3J0GbG2r/vr024QMOHDZHQDjkAVUBni6/bRHqj389RnOXhQ -+TSlx/hGgtdTpZRv63PjAqTCdDAhazWAgG/W+dxUhAywiOYHeXincuuDER0ypkfG -caUvbN9/mWtGJvtW+L9OlTj3LQlXD2ORehz5itS3eV0DVkscCOLzzkVLtIJeew1o -RmiADNOUe5A6V0cW5HIFi9F7Recqv9lGphwQeq+2cmvUKkSPcx+Z/SHTT/nIOioq -xxafJhci5dAEsPgtzxnA6QqPQtxOj46aZxQh5+hzZ/1CQq3UThDdQreJL51c+NOS -ZFQh6YVpJH6ZdSldBJnHjbS7RL/bv2kl1Pmv808T+iG+GpDw2XljwsI6TL8ACok= ------END CERTIFICATE----- diff --git a/pom.xml b/pom.xml index 7b7c80d0ca8..cdd22b51cf9 100644 --- a/pom.xml +++ b/pom.xml @@ -1163,7 +1163,12 @@ commons-codec ${version.commons.codec} - + + org.apache.httpcomponents + httpcore + ${apache.http.compnents.core} + test + commons-lang.wso2 commons-lang