AuthenticationTest.java

/*
 * Copyright 2013 Robert von Burg <eitch@eitchnet.ch>
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *     http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package li.strolch.rest.inspector.test;

import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;

import java.util.Locale;

import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation.Builder;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;

import org.junit.Ignore;
import org.junit.Test;

import li.strolch.rest.model.Login;
import li.strolch.rest.model.LoginResult;
import li.strolch.rest.model.LogoutResult;

/**
 * @author Robert von Burg <eitch@eitchnet.ch>
 */
@Ignore
@SuppressWarnings("nls")
public class AuthenticationTest extends AbstractRestfulTest {

	private static final String ROOT_PATH = "strolch/authentication";

	@Test
	public void shouldAuthenticate() {

		// login
		Login login = new Login();
		login.setUsername("jill");
		login.setPassword("jill".getBytes());
		Entity<Login> loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON);
		Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(loginEntity);
		assertEquals(Status.OK.getStatusCode(), result.getStatus());
		LoginResult loginResult = result.readEntity(LoginResult.class);
		assertNotNull(loginResult);
		assertEquals("jill", loginResult.getUsername());
		assertEquals(64, loginResult.getAuthToken().length());
		assertNull(loginResult.getMsg());

		// logout
		result = target().path(ROOT_PATH + "/" + loginResult.getAuthToken()).request(MediaType.APPLICATION_JSON)
				.delete();
		assertEquals(Status.OK.getStatusCode(), result.getStatus());
		assertNotNull(loginResult);
		LogoutResult logoutResult = result.readEntity(LogoutResult.class);
		assertNotNull(logoutResult);
		assertNull(logoutResult.getMsg());
	}

	@Test
	public void shouldUseRequestedLanguage() {

		// login
		Login login = new Login();
		login.setUsername("jill");
		login.setPassword("jill".getBytes());
		Entity<Login> loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON);
		Builder builder = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON);
		builder = builder.acceptLanguage(Locale.ITALY);
		Response result = builder.post(loginEntity);
		assertEquals(Status.OK.getStatusCode(), result.getStatus());
		LoginResult loginResult = result.readEntity(LoginResult.class);
		assertNotNull(loginResult);
		assertEquals("jill", loginResult.getUsername());
		assertEquals(64, loginResult.getAuthToken().length());
		assertEquals(Locale.ITALY.toString(), loginResult.getLocale());
		assertNull(loginResult.getMsg());

		// logout
		result = target().path(ROOT_PATH + "/" + loginResult.getAuthToken()).request(MediaType.APPLICATION_JSON)
				.delete();
		assertEquals(Status.OK.getStatusCode(), result.getStatus());
		assertNotNull(loginResult);
		LogoutResult logoutResult = result.readEntity(LogoutResult.class);
		assertNotNull(logoutResult);
		assertNull(logoutResult.getMsg());
	}

	@Test
	public void shouldNotAuthenticate() {

		// login
		Login login = new Login();
		login.setUsername("admin");
		login.setPassword("blalba".getBytes());
		Entity<Login> loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON);
		Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(loginEntity);
		assertEquals(Status.FORBIDDEN.getStatusCode(), result.getStatus());
		LogoutResult logoutResult = result.readEntity(LogoutResult.class);
		assertNotNull(logoutResult);
		assertEquals("Could not log in due to: Authentication credentials are invalid", logoutResult.getMsg());
	}

	@Test
	public void shouldFailLogoutIllegalSession() {

		// login
		Login login = new Login();
		login.setUsername("jill");
		login.setPassword("jill".getBytes());
		Entity<Login> loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON);
		Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(loginEntity);
		assertEquals(Status.OK.getStatusCode(), result.getStatus());
		LoginResult loginResult = result.readEntity(LoginResult.class);
		assertNotNull(loginResult);
		assertEquals("jill", loginResult.getUsername());
		assertEquals(64, loginResult.getAuthToken().length());
		assertNull(loginResult.getMsg());

		// logout
		result = target().path(ROOT_PATH + "/blabla").request(MediaType.APPLICATION_JSON).delete();
		assertEquals(Status.FORBIDDEN.getStatusCode(), result.getStatus());
		LogoutResult logoutResult = result.readEntity(LogoutResult.class);
		assertNotNull(logoutResult);
		assertThat(logoutResult.getMsg(), containsString("No certificate exists for sessionId blabla"));
	}
}