SSLAwareTokenResolverTest.java example

Explorer
cougar-master
/*
 * Copyright 2014, The Sporting Exchange Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.betfair.cougar.core.impl.security;

import com.betfair.cougar.api.security.IdentityToken;
import org.junit.Test;

import javax.naming.NamingException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.regex.PatternSyntaxException;

import static org.junit.Assert.*;

public class SSLAwareTokenResolverTest {

    X509Certificate[] createCert(final boolean hasPrincipal, final String subject) {
        return new X509Certificate[]{new sun.security.x509.X509CertImpl() {
            @Override
            public Principal getSubjectDN() {
                if (hasPrincipal) {
                    return new Principal() {
                        @Override
                        public String getName() {
                            return subject;
                        }
                    };
                }
                return null;
            }
        }};
    }

    @Test(expected = IllegalArgumentException.class)
    public void nullResolver() {
        new SSLAwareTokenResolver<Object,Object,Object>(null) {
            public List<IdentityToken> resolve(Object input, Object transportAuthTokens) { return null; }
            public void rewrite(List<IdentityToken> credentials, Object output) {}
            public boolean isRewriteSupported() { return false; }
        };
    }

    @Test
    public void noCredentials() throws NamingException {
        SSLAwareTokenResolver tr = new SSLAwareTokenResolver<Object,Object,Object>(new CommonNameCertInfoExtractor()) {
            public List<IdentityToken> resolve(Object input, Object transportAuthTokens) { return null; }
            public void rewrite(List<IdentityToken> credentials, Object output) {}
            public boolean isRewriteSupported() { return false; }
        };
        assertNull(tr.findCertInfo(null));
    }

    @Test
    public void emptyCredentials() throws NamingException {
        SSLAwareTokenResolver tr = new SSLAwareTokenResolver<Object,Object,Object>(new CommonNameCertInfoExtractor()) {
            public List<IdentityToken> resolve(Object input, Object transportAuthTokens) { return null; }
            public void rewrite(List<IdentityToken> credentials, Object output) {}
            public boolean isRewriteSupported() { return false; }
        };
        assertNull(tr.findCertInfo(new X509Certificate[]{}));
    }

    @Test
    public void certWithNoSubject() throws NamingException {
        SSLAwareTokenResolver tr = new SSLAwareTokenResolver<Object,Object,Object>(new CommonNameCertInfoExtractor()) {
            public List<IdentityToken> resolve(Object input, Object transportAuthTokens) { return null; }
            public void rewrite(List<IdentityToken> credentials, Object output) {}
            public boolean isRewriteSupported() { return false; }
        };
        assertNull(tr.findCertInfo(createCert(false, null)));
    }

    @Test
    public void certWithNoSubjectName() throws NamingException {
        SSLAwareTokenResolver tr = new SSLAwareTokenResolver<Object,Object,Object>(new CommonNameCertInfoExtractor()) {
            public List<IdentityToken> resolve(Object input, Object transportAuthTokens) { return null; }
            public void rewrite(List<IdentityToken> credentials, Object output) {}
            public boolean isRewriteSupported() { return false; }
        };
        assertNull(tr.findCertInfo(createCert(true, null)));
    }

    @Test
    public void certWithBadSubjectName() throws NamingException {
        SSLAwareTokenResolver tr = new SSLAwareTokenResolver<Object,Object,Object>(new CommonNameCertInfoExtractor()) {
            public List<IdentityToken> resolve(Object input, Object transportAuthTokens) { return null; }
            public void rewrite(List<IdentityToken> credentials, Object output) {}
            public boolean isRewriteSupported() { return false; }
        };
        assertNull(tr.findCertInfo(createCert(true, "BISCUITS")));
    }

    @Test
    public void certsWithSubjectMatch() throws NamingException {
        SSLAwareTokenResolver tr = new SSLAwareTokenResolver<Object,Object,Object>(new CommonNameCertInfoExtractor()) {
            public List<IdentityToken> resolve(Object input, Object transportAuthTokens) { return null; }
            public void rewrite(List<IdentityToken> credentials, Object output) {}
            public boolean isRewriteSupported() { return false; }
        };
        assertEquals("ClientName", tr.findCertInfo(createCert(true, "CN=ClientName, OU=Betfair, O=Betfair, ST=London, C=UK")));
        assertEquals("ClientName", tr.findCertInfo(createCert(true, "C=BE, ST=Brussel, L=Brussel, O=Vereniging van VlaamseBalies, OU=Vereniging van Vlaamse Balies,CN=ClientName")));
        assertEquals("ClientName", tr.findCertInfo(createCert(true, "C=BE, fCN=foo, CN=ClientName, O=Vereniging")));
        assertEquals("ClientName", tr.findCertInfo(createCert(true, "C=BE,CN=ClientName")));
        assertEquals("ClientName", tr.findCertInfo(createCert(true, "C=BE,cn=ClientName,fo=bat")));
        assertEquals("ClientName", tr.findCertInfo(createCert(true, "CN=ClientName")));
    }
}