Example 76 with JSONArray
use of com.unboundid.util.json.JSONArray in project ldapsdk by pingidentity.
the class JSONAccessLogReaderTestCase method testClientCertificateLogMessage.
/**
* Tests the ability to read a client certificate log message.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testClientCertificateLogMessage() throws Exception {
final JSONObject minimalMessageObject = createMinimalMessageObject(CLIENT_CERTIFICATE, null);
final Date peerNotBefore = new Date(DEFAULT_TIMESTAMP_DATE.getTime() - 86_400_000L);
final Date peerNotAfter = new Date(DEFAULT_TIMESTAMP_DATE.getTime() + 8_600_400_000L);
final Date caNotBefore = new Date(DEFAULT_TIMESTAMP_DATE.getTime() - 864_000_000L);
final Date caNotAfter = new Date(DEFAULT_TIMESTAMP_DATE.getTime() + 864_000_000_000L);
final JSONObject populatedMessageObject = createPopulatedMessageObject(CLIENT_CERTIFICATE, null, createField(PEER_CERTIFICATE_CHAIN, new JSONArray(new JSONObject(createField(PEER_CERTIFICATE_CHAIN_CERTIFICATE_TYPE, "X.509"), createField(PEER_CERTIFICATE_CHAIN_SUBJECT_DN, "CN=server.example.com,O=Example Corp,C=US"), createField(PEER_CERTIFICATE_CHAIN_ISSUER_SUBJECT_DN, "CN=Intermediate CA,O=Example Corp,C=US"), createField(PEER_CERTIFICATE_CHAIN_NOT_BEFORE, StaticUtils.encodeRFC3339Time(peerNotBefore)), createField(PEER_CERTIFICATE_CHAIN_NOT_AFTER, StaticUtils.encodeRFC3339Time(peerNotAfter)), createField(PEER_CERTIFICATE_CHAIN_SERIAL_NUMBER, "peer-serial-number"), createField(PEER_CERTIFICATE_CHAIN_SIGNATURE_ALGORITHM, "peer-signature-algorithm")), new JSONObject(createField(PEER_CERTIFICATE_CHAIN_CERTIFICATE_TYPE, "X.509"), createField(PEER_CERTIFICATE_CHAIN_SUBJECT_DN, "CN=Intermediate CA,O=Example Corp,C=US"), createField(PEER_CERTIFICATE_CHAIN_ISSUER_SUBJECT_DN, "CN=Root CA,O=Example Corp,C=US"), createField(PEER_CERTIFICATE_CHAIN_NOT_BEFORE, StaticUtils.encodeRFC3339Time(caNotBefore)), createField(PEER_CERTIFICATE_CHAIN_NOT_AFTER, StaticUtils.encodeRFC3339Time(caNotAfter)), createField(PEER_CERTIFICATE_CHAIN_SERIAL_NUMBER, "intermediate-ca-serial-number"), createField(PEER_CERTIFICATE_CHAIN_SIGNATURE_ALGORITHM, "intermediate-ca-signature-algorithm")), new JSONObject(createField(PEER_CERTIFICATE_CHAIN_SUBJECT_DN, "CN=Root CA,O=Example Corp,C=US"), createField(PEER_CERTIFICATE_CHAIN_ISSUER_SUBJECT_DN, "CN=Root CA,O=Example Corp,C=US"), createField(PEER_CERTIFICATE_CHAIN_NOT_BEFORE, "malformed-not-before")))), createField(AUTO_AUTHENTICATED_AS, "cn=Auto,cn=Authenticated"));
final File logFile = createTempFile(minimalMessageObject.toSingleLineString(), populatedMessageObject.toSingleLineString());
try (JSONAccessLogReader reader = new JSONAccessLogReader(logFile)) {
assertNotNull(reader);
// Read the minimal log message.
final JSONClientCertificateAccessLogMessage minimalLogMessage = (JSONClientCertificateAccessLogMessage) reader.readMessage();
assertNotNull(minimalLogMessage);
// Common fields.
assertEquals(minimalLogMessage.getTimestamp(), DEFAULT_TIMESTAMP_DATE);
assertEquals(minimalLogMessage.getLogType(), ACCESS_LOG_TYPE);
assertEquals(minimalLogMessage.getMessageType(), CLIENT_CERTIFICATE);
assertNull(minimalLogMessage.getProductName());
assertNull(minimalLogMessage.getInstanceName());
assertNull(minimalLogMessage.getStartupID());
assertNull(minimalLogMessage.getThreadID());
assertNull(minimalLogMessage.getConnectionID());
// Message-specific fields.
assertEquals(minimalLogMessage.getPeerCertificateChain(), Collections.emptyList());
assertNull(minimalLogMessage.getPeerSubjectDN());
assertEquals(minimalLogMessage.getIssuerSubjectDNs(), Collections.emptyList());
assertNull(minimalLogMessage.getAutoAuthenticatedAsDN());
// Read the fully-populated log message.
final JSONClientCertificateAccessLogMessage populatedLogMessage = (JSONClientCertificateAccessLogMessage) reader.readMessage();
assertNotNull(populatedLogMessage);
// Common fields.
assertEquals(populatedLogMessage.getTimestamp(), DEFAULT_TIMESTAMP_DATE);
assertEquals(populatedLogMessage.getLogType(), ACCESS_LOG_TYPE);
assertEquals(populatedLogMessage.getMessageType(), CLIENT_CERTIFICATE);
// Message-specific fields.
assertEquals(populatedLogMessage.getPeerCertificateChain().size(), 3);
assertEquals(populatedLogMessage.getPeerSubjectDN(), "CN=server.example.com,O=Example Corp,C=US");
assertEquals(populatedLogMessage.getIssuerSubjectDNs(), Arrays.asList("CN=Intermediate CA,O=Example Corp,C=US", "CN=Root CA,O=Example Corp,C=US"));
assertEquals(populatedLogMessage.getAutoAuthenticatedAsDN(), "cn=Auto,cn=Authenticated");
// The peer certificate.
final JSONCertificate peerCert = populatedLogMessage.getPeerCertificateChain().get(0);
assertNotNull(peerCert.getCertificateObject());
assertEquals(peerCert.getSubjectDN(), "CN=server.example.com,O=Example Corp,C=US");
assertEquals(peerCert.getIssuerSubjectDN(), "CN=Intermediate CA,O=Example Corp,C=US");
assertEquals(peerCert.getCertificateType(), "X.509");
assertEquals(peerCert.getNotBeforeTime(), peerNotBefore);
assertEquals(peerCert.getNotAfterTime(), peerNotAfter);
assertEquals(peerCert.getSerialNumber(), "peer-serial-number");
assertEquals(peerCert.getSignatureAlgorithm(), "peer-signature-algorithm");
assertNotNull(peerCert.toString());
// The intermediate CA certificate.
final JSONCertificate intermediateCACert = populatedLogMessage.getPeerCertificateChain().get(1);
assertNotNull(intermediateCACert.getCertificateObject());
assertEquals(intermediateCACert.getSubjectDN(), "CN=Intermediate CA,O=Example Corp,C=US");
assertEquals(intermediateCACert.getIssuerSubjectDN(), "CN=Root CA,O=Example Corp,C=US");
assertEquals(intermediateCACert.getCertificateType(), "X.509");
assertEquals(intermediateCACert.getNotBeforeTime(), caNotBefore);
assertEquals(intermediateCACert.getNotAfterTime(), caNotAfter);
assertEquals(intermediateCACert.getSerialNumber(), "intermediate-ca-serial-number");
assertEquals(intermediateCACert.getSignatureAlgorithm(), "intermediate-ca-signature-algorithm");
assertNotNull(intermediateCACert.toString());
// The root CA certificate.
final JSONCertificate rootCACert = populatedLogMessage.getPeerCertificateChain().get(2);
assertNotNull(rootCACert.getCertificateObject());
assertEquals(rootCACert.getSubjectDN(), "CN=Root CA,O=Example Corp,C=US");
assertEquals(rootCACert.getIssuerSubjectDN(), "CN=Root CA,O=Example Corp,C=US");
assertNull(rootCACert.getCertificateType());
assertNull(rootCACert.getNotBeforeTime());
assertNull(rootCACert.getNotAfterTime());
assertNull(rootCACert.getSerialNumber());
assertNull(rootCACert.getSignatureAlgorithm());
assertNotNull(rootCACert.toString());
// Make sure there are no more messages to read.
assertNull(reader.readMessage());
}
}
Also used :
JSONObject(com.unboundid.util.json.JSONObject)
JSONArray(com.unboundid.util.json.JSONArray)
File(java.io.File)
Date(java.util.Date)
Test(org.testng.annotations.Test)
Example 77 with JSONArray
use of com.unboundid.util.json.JSONArray in project ldapsdk by pingidentity.
the class JSONAccessLogReaderTestCase method testSecurityNegotiationLogMessage.
/**
* Tests the ability to read a security negotiation log message.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testSecurityNegotiationLogMessage() throws Exception {
final JSONObject minimalMessageObject = createMinimalMessageObject(SECURITY_NEGOTIATION, null);
final JSONObject populatedMessageObject = createPopulatedMessageObject(SECURITY_NEGOTIATION, null, createField(PROTOCOL, "TLSv1.3"), createField(CIPHER, "TSL_AES_256_GCM_SHA384"), createField(SECURITY_NEGOTIATION_PROPERTIES, new JSONArray(new JSONObject(createField(SECURITY_NEGOTIATION_PROPERTIES_NAME, "prop1"), createField(SECURITY_NEGOTIATION_PROPERTIES_VALUE, "val1")), new JSONObject(createField(SECURITY_NEGOTIATION_PROPERTIES_NAME, "prop2"), createField(SECURITY_NEGOTIATION_PROPERTIES_VALUE, "val2")))));
final File logFile = createTempFile(minimalMessageObject.toSingleLineString(), populatedMessageObject.toSingleLineString());
try (JSONAccessLogReader reader = new JSONAccessLogReader(logFile)) {
assertNotNull(reader);
// Read the minimal log message.
final JSONSecurityNegotiationAccessLogMessage minimalLogMessage = (JSONSecurityNegotiationAccessLogMessage) reader.readMessage();
assertNotNull(minimalLogMessage);
// Common fields.
assertEquals(minimalLogMessage.getTimestamp(), DEFAULT_TIMESTAMP_DATE);
assertEquals(minimalLogMessage.getLogType(), ACCESS_LOG_TYPE);
assertEquals(minimalLogMessage.getMessageType(), SECURITY_NEGOTIATION);
assertNull(minimalLogMessage.getProductName());
assertNull(minimalLogMessage.getInstanceName());
assertNull(minimalLogMessage.getStartupID());
assertNull(minimalLogMessage.getThreadID());
assertNull(minimalLogMessage.getConnectionID());
// Message-specific fields.
assertNull(minimalLogMessage.getProtocol());
assertNull(minimalLogMessage.getCipher());
assertEquals(minimalLogMessage.getNegotiationProperties(), Collections.emptyMap());
// Read the fully-populated log message.
final JSONSecurityNegotiationAccessLogMessage populatedLogMessage = (JSONSecurityNegotiationAccessLogMessage) reader.readMessage();
assertNotNull(populatedLogMessage);
// Common fields.
assertEquals(populatedLogMessage.getTimestamp(), DEFAULT_TIMESTAMP_DATE);
assertEquals(populatedLogMessage.getLogType(), ACCESS_LOG_TYPE);
assertEquals(populatedLogMessage.getMessageType(), SECURITY_NEGOTIATION);
assertEquals(populatedLogMessage.getProductName(), DEFAULT_PRODUCT_NAME);
assertEquals(populatedLogMessage.getInstanceName(), DEFAULT_INSTANCE_NAME);
assertEquals(populatedLogMessage.getStartupID(), DEFAULT_STARTUP_ID);
assertEquals(populatedLogMessage.getThreadID().longValue(), DEFAULT_THREAD_ID);
assertEquals(populatedLogMessage.getConnectionID().longValue(), DEFAULT_CONNECTION_ID);
// Message-specific fields.
assertEquals(populatedLogMessage.getProtocol(), "TLSv1.3");
assertEquals(populatedLogMessage.getCipher(), "TSL_AES_256_GCM_SHA384");
assertEquals(populatedLogMessage.getNegotiationProperties(), StaticUtils.mapOf("prop1", "val1", "prop2", "val2"));
// Make sure there are no more messages to read.
assertNull(reader.readMessage());
}
}
Also used :
JSONObject(com.unboundid.util.json.JSONObject)
JSONArray(com.unboundid.util.json.JSONArray)
File(java.io.File)
Test(org.testng.annotations.Test)
Example 78 with JSONArray
use of com.unboundid.util.json.JSONArray in project ldapsdk by pingidentity.
the class PasswordPolicyStateJSONTestCase method testGraceLogins.
/**
* Tests the behavior for the properties related to grace logins.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testGraceLogins() throws Exception {
PasswordPolicyStateJSON state = createState(StaticUtils.mapOf(MAXIMUM_GRACE_LOGIN_COUNT, 5, USED_GRACE_LOGIN_COUNT, 0, REMAINING_GRACE_LOGIN_COUNT, 5, GRACE_LOGIN_USE_TIMES, Collections.emptyList()));
assertNotNull(state.getMaximumGraceLoginCount());
assertEquals(state.getMaximumGraceLoginCount().intValue(), 5);
assertNotNull(state.getUsedGraceLoginCount());
assertEquals(state.getUsedGraceLoginCount().intValue(), 0);
assertNotNull(state.getRemainingGraceLoginCount());
assertEquals(state.getRemainingGraceLoginCount().intValue(), 5);
assertNotNull(state.getGraceLoginUseTimes());
assertTrue(state.getGraceLoginUseTimes().isEmpty());
final Date currentDate = new Date();
final Date threeMinutesAgo = new Date(currentDate.getTime() - 3_000L);
final Date twoMinutesAgo = new Date(currentDate.getTime() - 2_000L);
final Date oneMinuteAgo = new Date(currentDate.getTime() - 1_000L);
final List<Date> graceLoginUseTimes = Arrays.asList(threeMinutesAgo, twoMinutesAgo, oneMinuteAgo);
state = createState(StaticUtils.mapOf(MAXIMUM_GRACE_LOGIN_COUNT, 5, USED_GRACE_LOGIN_COUNT, 3, REMAINING_GRACE_LOGIN_COUNT, 2, GRACE_LOGIN_USE_TIMES, graceLoginUseTimes));
assertNotNull(state.getMaximumGraceLoginCount());
assertEquals(state.getMaximumGraceLoginCount().intValue(), 5);
assertNotNull(state.getUsedGraceLoginCount());
assertEquals(state.getUsedGraceLoginCount().intValue(), 3);
assertNotNull(state.getRemainingGraceLoginCount());
assertEquals(state.getRemainingGraceLoginCount().intValue(), 2);
assertNotNull(state.getGraceLoginUseTimes());
assertFalse(state.getGraceLoginUseTimes().isEmpty());
assertEquals(state.getGraceLoginUseTimes(), graceLoginUseTimes);
final JSONObject o = new JSONObject(new JSONField(GRACE_LOGIN_USE_TIMES.getFieldName(), new JSONArray(new JSONString("malformed-timestamp"))));
final Entry entry = new Entry("dn: uid=test.user,ou=People,dc=example,dc=com", "objectClass: top", "objectClass: person", "objectClass: organizationalPerson", "objectClass: inetOrgPerson", "uid: test.user", "givenName: Test", "sn: User", "cn: Test User");
entry.addAttribute("ds-pwp-state-json", o.toSingleLineString());
state = PasswordPolicyStateJSON.get(entry);
assertNotNull(state);
assertNotNull(state.getGraceLoginUseTimes());
assertTrue(state.getGraceLoginUseTimes().isEmpty());
}
Also used :
Entry(com.unboundid.ldap.sdk.Entry)
JSONObject(com.unboundid.util.json.JSONObject)
JSONArray(com.unboundid.util.json.JSONArray)
PasswordPolicyStateJSONField(com.unboundid.ldap.sdk.unboundidds.PasswordPolicyStateJSONField)
JSONField(com.unboundid.util.json.JSONField)
Date(java.util.Date)
JSONString(com.unboundid.util.json.JSONString)
Test(org.testng.annotations.Test)
Example 79 with JSONArray
use of com.unboundid.util.json.JSONArray in project ldapsdk by pingidentity.
the class PasswordPolicyStateJSONTestCase method testGetPasswordQualityRequirementsPropertyMissingValue.
/**
* Tests the behavior when trying to retrieve password quality requirements
* when the properties array has an object without a value.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testGetPasswordQualityRequirementsPropertyMissingValue() throws Exception {
final PasswordPolicyStateJSON state = createState(StaticUtils.mapOf(PASSWORD_QUALITY_REQUIREMENTS, new JSONArray(new JSONObject(new JSONField("description", "description"), new JSONField("client-side-validation-type", "type"), new JSONField("client-side-validation-properties", new JSONArray(new JSONObject(new JSONField("name", "foo")))), new JSONField("applies-to-add", true)))));
assertNotNull(state.getAddPasswordQualityRequirements());
assertFalse(state.getAddPasswordQualityRequirements().isEmpty());
assertEquals(state.getAddPasswordQualityRequirements().size(), 1);
final PasswordQualityRequirement r = state.getAddPasswordQualityRequirements().get(0);
assertEquals(r.getDescription(), "description");
assertEquals(r.getClientSideValidationType(), "type");
assertNotNull(r.getClientSideValidationProperties());
assertTrue(r.getClientSideValidationProperties().isEmpty());
}
Also used :
PasswordQualityRequirement(com.unboundid.ldap.sdk.unboundidds.extensions.PasswordQualityRequirement)
JSONObject(com.unboundid.util.json.JSONObject)
JSONArray(com.unboundid.util.json.JSONArray)
PasswordPolicyStateJSONField(com.unboundid.ldap.sdk.unboundidds.PasswordPolicyStateJSONField)
JSONField(com.unboundid.util.json.JSONField)
Test(org.testng.annotations.Test)
Example 80 with JSONArray
use of com.unboundid.util.json.JSONArray in project ldapsdk by pingidentity.
the class PasswordPolicyStateJSONTestCase method testMalformedRecentLoginHistory.
/**
* Tests the behavior when trying to retrieve a malformed recent login
* history.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { LDAPException.class })
public void testMalformedRecentLoginHistory() throws Exception {
final PasswordPolicyStateJSON state = createState(StaticUtils.mapOf(RECENT_LOGIN_HISTORY, new JSONObject(new JSONField("successful-attempts", new JSONArray(new JSONObject(new JSONField("malformed", true))))), MAXIMUM_RECENT_LOGIN_HISTORY_SUCCESSFUL_AUTHENTICATION_COUNT, 50, MAXIMUM_RECENT_LOGIN_HISTORY_SUCCESSFUL_AUTHENTICATION_DURATION_SECONDS, (int) TimeUnit.DAYS.toSeconds(30L), MAXIMUM_RECENT_LOGIN_HISTORY_FAILED_AUTHENTICATION_COUNT, 20, MAXIMUM_RECENT_LOGIN_HISTORY_FAILED_AUTHENTICATION_DURATION_SECONDS, (int) TimeUnit.DAYS.toSeconds(10L)));
state.getRecentLoginHistory();
}
Also used :
JSONObject(com.unboundid.util.json.JSONObject)
JSONArray(com.unboundid.util.json.JSONArray)
PasswordPolicyStateJSONField(com.unboundid.ldap.sdk.unboundidds.PasswordPolicyStateJSONField)
JSONField(com.unboundid.util.json.JSONField)
Test(org.testng.annotations.Test)
Aggregations
JSONArray (com.unboundid.util.json.JSONArray)98
JSONObject (com.unboundid.util.json.JSONObject)89
JSONString (com.unboundid.util.json.JSONString)77
Test (org.testng.annotations.Test)72
JSONField (com.unboundid.util.json.JSONField)68
JSONValue (com.unboundid.util.json.JSONValue)27
JSONNumber (com.unboundid.util.json.JSONNumber)22
NotNull (com.unboundid.util.NotNull)20
ArrayList (java.util.ArrayList)19
LinkedHashMap (java.util.LinkedHashMap)18
PasswordPolicyStateJSONField (com.unboundid.ldap.sdk.unboundidds.PasswordPolicyStateJSONField)11
PasswordQualityRequirement (com.unboundid.ldap.sdk.unboundidds.extensions.PasswordQualityRequirement)7
Entry (com.unboundid.ldap.sdk.Entry)6
Map (java.util.Map)6
LDAPSDKUsageException (com.unboundid.util.LDAPSDKUsageException)5
JSONBoolean (com.unboundid.util.json.JSONBoolean)5
JSONException (com.unboundid.util.json.JSONException)5
Date (java.util.Date)4
List (java.util.List)4
LogField (com.unboundid.ldap.sdk.unboundidds.logs.v2.LogField)3
