Code Review / aai / rest-client.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
remove ability to disable cert chain validation
[aai/rest-client.git] / src / test / java / org / onap / aai / restclient / rest / RestClientBuilderTest.java
1 /**\r
2  * ============LICENSE_START=======================================================\r
3  * org.onap.aai\r
4  * ================================================================================\r
5  * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
6  * Copyright © 2017 Amdocs\r
7  * ================================================================================\r
8  * Licensed under the Apache License, Version 2.0 (the "License");\r
9  * you may not use this file except in compliance with the License.\r
10  * You may obtain a copy of the License at\r
11  *\r
12  *       http://www.apache.org/licenses/LICENSE-2.0\r
13  *\r
14  * Unless required by applicable law or agreed to in writing, software\r
15  * distributed under the License is distributed on an "AS IS" BASIS,\r
16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
17  * See the License for the specific language governing permissions and\r
18  * limitations under the License.\r
19  * ============LICENSE_END=========================================================\r
20  *\r
21  * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
22  */\r
23 package org.onap.aai.restclient.rest;\r
24 \r
25 import static org.junit.Assert.assertEquals;\r
26 import static org.junit.Assert.assertNotNull;\r
27 import static org.junit.Assert.assertNull;\r
28 import static org.junit.Assert.assertTrue;\r
29 import static org.junit.Assert.fail;\r
30 \r
31 import org.junit.Before;\r
32 import org.junit.Test;\r
33 import org.onap.aai.restclient.enums.RestAuthenticationMode;\r
34 import org.onap.aai.restclient.rest.RestClientBuilder;\r
35 \r
36 import com.sun.jersey.api.client.Client;\r
37 import com.sun.jersey.client.urlconnection.HTTPSProperties;\r
38 \r
39 /**\r
40  * This suite of tests is intended to exercise the functionality of the generice REST client\r
41  * builder.\r
42  */\r
43 public class RestClientBuilderTest {\r
44 \r
45   /**\r
46    * Test case initialization\r
47    * \r
48    * @throws Exception the exception\r
49    */\r
50   @Before\r
51   public void init() throws Exception {\r
52   }\r
53   \r
54   private String generateAuthorizationHeaderValue(String username, String password) {\r
55     String usernameAndPassword = username + ":" + password;\r
56     return "Basic " + java.util.Base64.getEncoder().encodeToString(usernameAndPassword.getBytes());\r
57   }\r
58   \r
59   @Test\r
60   public void validateAccesors() {\r
61     \r
62     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
63     \r
64     // test defaults\r
65     assertEquals(restClientBuilder.isValidateServerHostname(), RestClientBuilder.DEFAULT_VALIDATE_SERVER_HOST);\r
66     assertEquals(restClientBuilder.isValidateServerCertChain(), RestClientBuilder.DEFAULT_VALIDATE_CERT_CHAIN);\r
67     assertEquals(restClientBuilder.getClientCertFileName(), RestClientBuilder.DEFAULT_CLIENT_CERT_FILENAME);\r
68     assertEquals(restClientBuilder.getClientCertPassword(), RestClientBuilder.DEFAULT_CERT_PASSWORD);\r
69     assertEquals(restClientBuilder.getTruststoreFilename(), RestClientBuilder.DEFAULT_TRUST_STORE_FILENAME);\r
70     assertEquals(restClientBuilder.getConnectTimeoutInMs(), RestClientBuilder.DEFAULT_CONNECT_TIMEOUT_MS);\r
71     assertEquals(restClientBuilder.getReadTimeoutInMs(), RestClientBuilder.DEFAULT_READ_TIMEOUT_MS);\r
72     assertEquals(restClientBuilder.getAuthenticationMode(), RestClientBuilder.DEFAULT_AUTH_MODE);\r
73     assertEquals(restClientBuilder.getBasicAuthUsername(), RestClientBuilder.DEFAULT_BASIC_AUTH_USERNAME);\r
74     assertEquals(restClientBuilder.getBasicAuthPassword(), RestClientBuilder.DEFAULT_BASIC_AUTH_PASSWORD);\r
75     \r
76     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.UNKNOWN_MODE);\r
77     restClientBuilder.setBasicAuthPassword("password");\r
78     restClientBuilder.setBasicAuthUsername("username");\r
79     restClientBuilder.setClientCertFileName("filename");\r
80     restClientBuilder.setClientCertPassword("password");\r
81     restClientBuilder.setConnectTimeoutInMs(12345);\r
82     restClientBuilder.setReadTimeoutInMs(54321);\r
83     restClientBuilder.setTruststoreFilename("truststore");\r
84     restClientBuilder.setValidateServerCertChain(true);\r
85     restClientBuilder.setValidateServerHostname(true);\r
86     \r
87     assertEquals(restClientBuilder.isValidateServerHostname(), true);\r
88     assertEquals(restClientBuilder.isValidateServerCertChain(), true);\r
89     assertEquals(restClientBuilder.getClientCertFileName(), "filename");\r
90     assertEquals(restClientBuilder.getClientCertPassword(), "password");\r
91     assertEquals(restClientBuilder.getTruststoreFilename(), "truststore");\r
92     assertEquals(restClientBuilder.getConnectTimeoutInMs(), 12345);\r
93     assertEquals(restClientBuilder.getReadTimeoutInMs(), 54321);\r
94     assertEquals(restClientBuilder.getAuthenticationMode(), RestAuthenticationMode.UNKNOWN_MODE);\r
95     assertEquals(restClientBuilder.getBasicAuthUsername(), "username");\r
96     assertEquals(restClientBuilder.getBasicAuthPassword(), "password");\r
97     \r
98     assertEquals(restClientBuilder.getBasicAuthenticationCredentials(),\r
99         generateAuthorizationHeaderValue("username", "password"));\r
100 \r
101     assertTrue(restClientBuilder.toString().contains("RestClientBuilder"));\r
102 \r
103   }\r
104   \r
105   @Test\r
106   public void validateNoAuthClientCreation() throws Exception {\r
107     \r
108     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
109     \r
110     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.HTTP_NOAUTH);\r
111     restClientBuilder.setConnectTimeoutInMs(12345);\r
112     restClientBuilder.setReadTimeoutInMs(54321);\r
113     \r
114     Client client = restClientBuilder.getClient();\r
115     assertNotNull(client);\r
116     assertNull(client.getProperties().get(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES));\r
117   }\r
118   \r
119   \r
120   @Test\r
121   public void validateUnknownModeCreateNoAuthClient() throws Exception {\r
122     \r
123     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
124     \r
125     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.UNKNOWN_MODE);\r
126     restClientBuilder.setConnectTimeoutInMs(12345);\r
127     restClientBuilder.setReadTimeoutInMs(54321);\r
128     \r
129     Client client = restClientBuilder.getClient();\r
130     assertNotNull(client);\r
131     assertNull(client.getProperties().get(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES));\r
132   }\r
133 \r
134   @Test\r
135   public void validateBasicAuthSslClient() throws Exception {\r
136     \r
137     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
138     \r
139     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.SSL_BASIC);\r
140     restClientBuilder.setConnectTimeoutInMs(12345);\r
141     restClientBuilder.setReadTimeoutInMs(54321);\r
142     restClientBuilder.setBasicAuthUsername("username");\r
143     restClientBuilder.setBasicAuthPassword("password");\r
144     restClientBuilder.setTruststoreFilename("truststore");\r
145     \r
146     Client client = restClientBuilder.getClient();\r
147    \r
148     Object sslPropertiesObj = client.getProperties().get(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES);\r
149     HTTPSProperties sslProps = null;\r
150     if ( sslPropertiesObj instanceof HTTPSProperties ) {\r
151       sslProps = (HTTPSProperties)sslPropertiesObj;\r
152       assertNotNull(sslProps.getHostnameVerifier());\r
153     } else {\r
154       fail("Unexpected value for https properties object");\r
155     }\r
156     \r
157   }\r
158 \r
159   @Test (expected=IllegalArgumentException.class)\r
160   public void validateSslCertClient_noHostOrCertChainValidation() throws Exception {\r
161     \r
162     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
163     \r
164     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.SSL_CERT);\r
165     restClientBuilder.setConnectTimeoutInMs(12345);\r
166     restClientBuilder.setReadTimeoutInMs(54321);\r
167     restClientBuilder.setValidateServerCertChain(false);\r
168     restClientBuilder.setValidateServerHostname(false);\r
169     \r
170     Client client = restClientBuilder.getClient(); \r
171   }\r
172   \r
173   @Test (expected=IllegalArgumentException.class)\r
174   public void validateSslCertClient_hostOnlyValidation() throws Exception {\r
175     \r
176     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
177     \r
178     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.SSL_CERT);\r
179     restClientBuilder.setConnectTimeoutInMs(12345);\r
180     restClientBuilder.setReadTimeoutInMs(54321);\r
181     restClientBuilder.setValidateServerCertChain(false);\r
182     restClientBuilder.setValidateServerHostname(true);\r
183     \r
184     Client client = restClientBuilder.getClient();\r
185    \r
186   }\r
187   \r
188   @Test\r
189   public void validateSslCertClient_certChainOnlyValidation() throws Exception {\r
190     \r
191     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
192     \r
193     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.SSL_CERT);\r
194     restClientBuilder.setConnectTimeoutInMs(12345);\r
195     restClientBuilder.setReadTimeoutInMs(54321);\r
196     restClientBuilder.setValidateServerCertChain(true);\r
197     restClientBuilder.setValidateServerHostname(false);\r
198     restClientBuilder.setTruststoreFilename("truststore");\r
199     restClientBuilder.setClientCertPassword(null);\r
200     \r
201     Client client = restClientBuilder.getClient();\r
202    \r
203     Object sslPropertiesObj = client.getProperties().get(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES);\r
204     HTTPSProperties sslProps = null;\r
205     if ( sslPropertiesObj instanceof HTTPSProperties ) {\r
206       sslProps = (HTTPSProperties)sslPropertiesObj;\r
207       assertNotNull(sslProps.getHostnameVerifier());\r
208     } else {\r
209       fail("Unexpected value for https properties object");\r
210     }\r
211   }\r
212   \r
213   @Test\r
214   public void validateSslCertClient_withHostAndCertChainValidation() throws Exception {\r
215     \r
216     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
217     \r
218     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.SSL_CERT);\r
219     restClientBuilder.setConnectTimeoutInMs(12345);\r
220     restClientBuilder.setReadTimeoutInMs(54321);\r
221     restClientBuilder.setValidateServerCertChain(true);\r
222     restClientBuilder.setValidateServerHostname(true);\r
223     restClientBuilder.setClientCertPassword("password");\r
224     restClientBuilder.setTruststoreFilename("truststore");\r
225     \r
226     Client client = restClientBuilder.getClient();\r
227    \r
228     Object sslPropertiesObj = client.getProperties().get(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES);\r
229     HTTPSProperties sslProps = null;\r
230     if ( sslPropertiesObj instanceof HTTPSProperties ) {\r
231       sslProps = (HTTPSProperties)sslPropertiesObj;\r
232       assertNull(sslProps.getHostnameVerifier());\r
233     } else {\r
234       fail("Unexpected value for https properties object");\r
235     }  }\r
236   \r
237   @Test (expected=IllegalArgumentException.class)\r
238   public void validateSslCertClient_illegalArgumentExceptionWhenTruststoreIsNull() throws Exception {\r
239     \r
240     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
241     \r
242     restClientBuilder.setAuthenticationMode(RestAuthenticationMode.SSL_CERT);\r
243     restClientBuilder.setConnectTimeoutInMs(12345);\r
244     restClientBuilder.setReadTimeoutInMs(54321);\r
245     restClientBuilder.setValidateServerCertChain(true);\r
246     restClientBuilder.setValidateServerHostname(true);\r
247     restClientBuilder.setTruststoreFilename(null);\r
248     \r
249     /*\r
250      * Creating the client in this scenario will cause an IllegalArgumentException caused by the\r
251      * truststore being null\r
252      */\r
253     Client client = restClientBuilder.getClient();\r
254    \r
255   }\r
256   \r
257   @Test\r
258   public void validateSslProtocolConfiguration() throws Exception {\r
259     \r
260     RestClientBuilder restClientBuilder = new RestClientBuilder();\r
261     assertEquals(RestClientBuilder.DEFAULT_SSL_PROTOCOL, restClientBuilder.getSslProtocol());\r
262     \r
263     restClientBuilder.setSslProtocol("TLSv1.2");\r
264     assertEquals("TLSv1.2", restClientBuilder.getSslProtocol());\r
265     \r
266   }\r
267     \r
268 }\r
Library for making REST calls