use of cn.taketoday.framework.web.server.SslStoreProvider in project today-infrastructure by TAKETODAY.
the class AbstractServletWebServerFactoryTests method sslWithCustomSslStoreProvider.
@Test
void sslWithCustomSslStoreProvider() throws Exception {
AbstractServletWebServerFactory factory = getFactory();
addTestTxtFile(factory);
Ssl ssl = new Ssl();
ssl.setClientAuth(ClientAuth.NEED);
ssl.setKeyPassword("password");
factory.setSsl(ssl);
SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
factory.setSslStoreProvider(sslStoreProvider);
this.webServer = factory.getWebServer();
this.webServer.start();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
loadStore(keyStore, new FileSystemResource("src/test/resources/test.jks"));
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "password".toCharArray()).build());
HttpClient httpClient = this.httpClientBuilder.get().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
then(sslStoreProvider).should(atLeastOnce()).getKeyStore();
then(sslStoreProvider).should(atLeastOnce()).getTrustStore();
}
use of cn.taketoday.framework.web.server.SslStoreProvider in project today-infrastructure by TAKETODAY.
the class SslConnectorCustomizerTests method customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl.
@Test
void customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl(CapturedOutput output) throws Exception {
System.setProperty("javax.net.ssl.trustStorePassword", "trustStoreSecret");
Ssl ssl = new Ssl();
ssl.setKeyPassword("password");
ssl.setKeyStorePassword("secret");
SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
SslConnectorCustomizer customizer = new SslConnectorCustomizer(ssl, sslStoreProvider);
Connector connector = this.tomcat.getConnector();
customizer.customize(connector);
this.tomcat.start();
assertThat(connector.getState()).isEqualTo(LifecycleState.STARTED);
assertThat(output).doesNotContain("Password verification failed");
}
use of cn.taketoday.framework.web.server.SslStoreProvider in project today-framework by TAKETODAY.
the class SslConnectorCustomizerTests method customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl.
@Test
void customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl(CapturedOutput output) throws Exception {
System.setProperty("javax.net.ssl.trustStorePassword", "trustStoreSecret");
Ssl ssl = new Ssl();
ssl.setKeyPassword("password");
ssl.setKeyStorePassword("secret");
SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
SslConnectorCustomizer customizer = new SslConnectorCustomizer(ssl, sslStoreProvider);
Connector connector = this.tomcat.getConnector();
customizer.customize(connector);
this.tomcat.start();
assertThat(connector.getState()).isEqualTo(LifecycleState.STARTED);
assertThat(output).doesNotContain("Password verification failed");
}
use of cn.taketoday.framework.web.server.SslStoreProvider in project today-framework by TAKETODAY.
the class AbstractServletWebServerFactoryTests method sslWithCustomSslStoreProvider.
@Test
void sslWithCustomSslStoreProvider() throws Exception {
AbstractServletWebServerFactory factory = getFactory();
addTestTxtFile(factory);
Ssl ssl = new Ssl();
ssl.setClientAuth(ClientAuth.NEED);
ssl.setKeyPassword("password");
factory.setSsl(ssl);
SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
factory.setSslStoreProvider(sslStoreProvider);
this.webServer = factory.getWebServer();
this.webServer.start();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
loadStore(keyStore, new FileSystemResource("src/test/resources/test.jks"));
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "password".toCharArray()).build());
HttpClient httpClient = this.httpClientBuilder.get().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
then(sslStoreProvider).should(atLeastOnce()).getKeyStore();
then(sslStoreProvider).should(atLeastOnce()).getTrustStore();
}
use of cn.taketoday.framework.web.server.SslStoreProvider in project today-framework by TAKETODAY.
the class SslConnectorCustomizerTests method customizeWhenSslStoreProviderProvidesOnlyKeyStoreShouldUseDefaultTruststore.
@Test
void customizeWhenSslStoreProviderProvidesOnlyKeyStoreShouldUseDefaultTruststore() throws Exception {
Ssl ssl = new Ssl();
ssl.setKeyPassword("password");
ssl.setTrustStore("src/test/resources/test.jks");
SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
KeyStore keyStore = loadStore();
given(sslStoreProvider.getKeyStore()).willReturn(keyStore);
SslConnectorCustomizer customizer = new SslConnectorCustomizer(ssl, sslStoreProvider);
Connector connector = this.tomcat.getConnector();
customizer.customize(connector);
this.tomcat.start();
SSLHostConfig sslHostConfig = connector.getProtocolHandler().findSslHostConfigs()[0];
SSLHostConfig sslHostConfigWithDefaults = new SSLHostConfig();
assertThat(sslHostConfig.getTruststoreFile()).isEqualTo(sslHostConfigWithDefaults.getTruststoreFile());
Set<SSLHostConfigCertificate> certificates = sslHostConfig.getCertificates();
assertThat(certificates).hasSize(1);
assertThat(certificates.iterator().next().getCertificateKeystore()).isEqualTo(keyStore);
}
Aggregations