/******************************************************************************
* Copyright (c) 2014-2015 VMware, Inc. All Rights Reserved.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*****************************************************************************/
package com.vmware.bdd.usermgmt;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.util.Map;
import org.apache.commons.configuration.PropertiesConfiguration;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.testng.AbstractTestNGSpringContextTests;
import org.springframework.util.FileCopyUtils;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import com.vmware.aurora.global.Configuration;
import com.vmware.bdd.apitypes.UserMgmtServer;
import com.vmware.bdd.exception.ValidationException;
import com.vmware.bdd.security.tls.PspConfiguration;
import com.vmware.bdd.security.tls.UntrustedCertificateException;
import com.vmware.bdd.usermgmt.mocks.LdapsTrustStoreConfigMock;
import com.vmware.bdd.validation.ValidationError;
import mockit.Mock;
import mockit.MockUp;
/**
* Created By xiaoliangl on 12/1/14.
*/
@ContextConfiguration(locations = "classpath:/com/vmware/bdd/usermgmt/userMgmtServerValidService-test-context.xml")
public class TestUserMgmtServerValidService_Ldaps extends AbstractTestNGSpringContextTests {
@Autowired
private UserMgmtServerValidService validService;
@BeforeClass
public void setup() throws IOException {
TestSssdConfigurationGenerator.setupSssdTemplates();
new MockUp<Configuration>() {
@Mock
private PropertiesConfiguration init() {
return null;
}
@Mock
public String[] getStringArray(String key, String[] defautValue) {
if(key.equals("serengeti.tlsclient.protocols")) {
return new String[] {"TLSv1", "TLSv1.1", "TLSv1.2" };
} else if(key.equals("serengeti.tlsclient.ciphersuites")) {
return PspConfiguration.WEAK_CIPHER_SUITES;
} else {
throw new IllegalArgumentException(key);
}
}
};
}
@AfterClass
public void teardown() {
TestSssdConfigurationGenerator.teardownSssdTemplates();
}
@BeforeMethod
public void beforeMethod() throws IOException {
InputStream is = TestUserMgmtServerValidService_Ldaps.class.getResourceAsStream("/com/vmware/bdd/usermgmt/keystore.jks");
FileOutputStream fos = new FileOutputStream(LdapsTrustStoreConfigMock.KEY_STORE_PATH);
try {
byte[] temp = new byte[512];
int count = is.read(temp);
while (count != -1) {
fos.write(temp, 0, count);
count = is.read(temp);
}
} finally {
try {
is.close();
} finally {
fos.close();
}
}
}
@AfterMethod
public void afterMethod() {
new File(LdapsTrustStoreConfigMock.KEY_STORE_PATH).delete();
}
@Test
public void testValidateCertificate_forceTrust() throws IOException {
UserMgmtServer userMgmtServer = TestUserMgmtServerValidService_Ldap.loadTestData("ldaps-server.json");
//expect no exception
validService.validateServerInfo(userMgmtServer, true);
}
@Test(expectedExceptions = UntrustedCertificateException.class)
public void testValidateCertificate_untrustedCert() throws IOException {
UserMgmtServer userMgmtServer = TestUserMgmtServerValidService_Ldap.loadTestData("ldaps-server.json");
//expect untrusted cert exception
validService.validateServerInfo(userMgmtServer, false);
}
@Test(expectedExceptions = {ValidationException.class})
public void testValidateCertificate_BadUrl() throws IOException {
UserMgmtServer userMgmtServer = TestUserMgmtServerValidService_Ldap.loadTestData("ldaps-server-badurl.json");
try {
validService.validateServerInfo(userMgmtServer, true);
} catch (ValidationException ve) {
Assert.assertFalse(ve.getErrors().isEmpty());
Map<String, ValidationError> errorMap = ve.getErrors();
Assert.assertEquals(errorMap.size(), 1);
ValidationError validationError = errorMap.get("PrimaryUrl");
Assert.assertNotNull(validationError);
Assert.assertEquals(validationError.getPrimaryCode(), "PrimaryUrl.CannotConnect");
throw ve;
}
}
}