HmacUtilsTest.java

package org.multibit.mbm.auth.hmac;

import com.sun.jersey.api.client.ClientRequest;
import com.sun.jersey.client.impl.ClientRequestImpl;
import com.sun.jersey.core.header.InBoundHeaders;
import com.sun.jersey.core.header.OutBoundHeaders;
import com.sun.jersey.core.impl.provider.entity.StringProvider;
import com.sun.jersey.spi.container.ContainerRequest;
import org.junit.Test;
import org.multibit.mbm.test.FixtureAsserts;

import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.ext.MessageBodyWriter;
import javax.ws.rs.ext.Providers;
import java.io.ByteArrayInputStream;
import java.lang.annotation.Annotation;
import java.net.URI;

import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;

public class HmacUtilsTest {

  private final String resourcePath = "/example/resource";
  private final String queryParameters = "?b=2&a=1";
  private final String baseUri = "http://example.org:8080";

  @Test
  public void testCanonicalRepresentation_Client_AllFields_Get() throws Exception {

    // Not required for GET but introduced for consistent style
    Providers providers = null;

    OutBoundHeaders headers = new OutBoundHeaders();
    headers.add(HttpHeaders.DATE, "Sat, 01 Jan 2000 12:34:56 GMT");
    headers.add(HttpHeaders.HOST, "www.example.org");
    headers.add(HttpHeaders.USER_AGENT, "curl/7.20.0 (x86_64-pc-linux-gnu) libcurl/7.20.0 OpenSSL/1.0.0a zlib/1.2.3");
    headers.add(HmacUtils.X_HMAC_DATE, "Sat, 01 Jan 2000 12:34:57 GMT");
    headers.add(HmacUtils.X_HMAC_NONCE, "Thohn2Mohd2zugo");

    URI uri = new URI(baseUri + resourcePath + queryParameters);

    ClientRequest clientRequest = new ClientRequestImpl(uri, "get", null, headers);

    String representation = HmacUtils.createCanonicalRepresentation(clientRequest, providers);

    FixtureAsserts.assertStringMatchesStringFixture("GET canonical representation", representation, "/fixtures/hmac/expected-canonical-get.txt");

  }

  @Test
  public void testCanonicalRepresentation_Client_AllFields_Post() throws Exception {

    MessageBodyWriter<String> messageBodyWriter = new StringProvider();

    // Mock Providers
    Providers providers = mock(Providers.class);
    when(providers.getMessageBodyWriter(String.class, String.class,
      new Annotation[0], MediaType.APPLICATION_JSON_TYPE)).thenReturn(messageBodyWriter);

    OutBoundHeaders headers = new OutBoundHeaders();
    headers.add(HttpHeaders.DATE, "Sat, 01 Jan 2000 12:34:56 GMT");
    headers.add(HttpHeaders.HOST, "www.example.org");
    headers.add(HttpHeaders.USER_AGENT, "curl/7.20.0 (x86_64-pc-linux-gnu) libcurl/7.20.0 OpenSSL/1.0.0a zlib/1.2.3");
    headers.add(HmacUtils.X_HMAC_DATE, "Sat, 01 Jan 2000 12:34:57 GMT");
    headers.add(HmacUtils.X_HMAC_NONCE, "Thohn2Mohd2zugo");

    URI uri = new URI(baseUri + resourcePath + queryParameters);

    String entity = "{\"_links\":{\"self\":{\"href\":\"http://example.org/user\"}}}";

    ClientRequest clientRequest = new ClientRequestImpl(uri, "post", entity, headers);

    String representation = HmacUtils.createCanonicalRepresentation(clientRequest, providers);

    FixtureAsserts.assertStringMatchesStringFixture("POST canonical representation", representation, "/fixtures/hmac/expected-canonical-post.txt");

  }

  @Test
  public void testCanonicalRepresentation_Server_AllFields_Get() throws Exception {

    // Mock headers
    InBoundHeaders headers = new InBoundHeaders();
    headers.add(HttpHeaders.DATE, "Sat, 01 Jan 2000 12:34:56 GMT");
    headers.add(HttpHeaders.HOST, "www.example.org");
    headers.add(HttpHeaders.USER_AGENT, "curl/7.20.0 (x86_64-pc-linux-gnu) libcurl/7.20.0 OpenSSL/1.0.0a zlib/1.2.3");
    headers.add(HmacUtils.X_HMAC_DATE, "Sat, 01 Jan 2000 12:34:57 GMT");
    headers.add(HmacUtils.X_HMAC_NONCE, "Thohn2Mohd2zugo");

    // Mock request
    ContainerRequest containerRequest = mock(ContainerRequest.class);
    when(containerRequest.getRequestHeaders()).thenReturn(headers);
    when(containerRequest.getMethod()).thenReturn("GET");
    when(containerRequest.getRequestUri()).thenReturn(URI.create(baseUri + resourcePath + queryParameters));

    String representation = HmacUtils.createCanonicalRepresentation(containerRequest);

    FixtureAsserts.assertStringMatchesStringFixture("GET all fields canonical representation", representation, "/fixtures/hmac/expected-canonical-get.txt");

  }

  @Test
  public void testCanonicalRepresentation_Server_AllFields_Post() throws Exception {

    // Mock headers
    InBoundHeaders headers = new InBoundHeaders();
    headers.add(HttpHeaders.DATE, "Sat, 01 Jan 2000 12:34:56 GMT");
    headers.add(HttpHeaders.HOST, "www.example.org");
    headers.add(HttpHeaders.USER_AGENT, "curl/7.20.0 (x86_64-pc-linux-gnu) libcurl/7.20.0 OpenSSL/1.0.0a zlib/1.2.3");
    headers.add(HmacUtils.X_HMAC_DATE, "Sat, 01 Jan 2000 12:34:57 GMT");
    headers.add(HmacUtils.X_HMAC_NONCE, "Thohn2Mohd2zugo");

    // Mock request
    ContainerRequest containerRequest = mock(ContainerRequest.class);
    when(containerRequest.getRequestHeaders()).thenReturn(headers);
    when(containerRequest.getMethod()).thenReturn("POST");
    when(containerRequest.getRequestUri()).thenReturn(URI.create(baseUri + resourcePath + queryParameters));

    // Simulate a user wrapped in HAL
    ByteArrayInputStream bais = new ByteArrayInputStream("{\"_links\":{\"self\":{\"href\":\"http://example.org/user\"}}}".getBytes());
    when(containerRequest.getEntityInputStream()).thenReturn(bais);

    String actualCanonicalRepresentation = HmacUtils.createCanonicalRepresentation(containerRequest);

    FixtureAsserts.assertStringMatchesStringFixture("POST all fields canonical representation", actualCanonicalRepresentation, "/fixtures/hmac/expected-canonical-post.txt");

  }


}