Search in sources :

Example 11 with IApiConnection

use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.

the class BasicAuthTest method shouldFailWithBadCredentials.

/**
 * Should fail because the credentials provided are not valid/
 */
@Test
public void shouldFailWithBadCredentials() {
    endpointProperties.put(BasicAuthOptions.BASIC_USERNAME, "user");
    endpointProperties.put(BasicAuthOptions.BASIC_PASSWORD, "bad-password");
    endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "false");
    api.setEndpointProperties(endpointProperties);
    api.setEndpoint("http://localhost:8008/echo");
    HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            Assert.assertTrue("Expected a successful connection response.", result.isSuccess());
            IApiConnectionResponse scr = result.getResult();
            Assert.assertEquals("Expected a 401 response from the echo server (invalid creds).", 401, scr.getHead().getCode());
        }
    });
    if (connection.isConnected()) {
        connection.end();
    }
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 12 with IApiConnection

use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.

the class AliasedCertTest method shouldFallbackWhenMultipleAliasesAvailable.

/**
 * Scenario:
 *   - First alias invalid, second valid.
 *   - Mutual trust exists between gateway and API.
 *   - We must fall back to the valid alias.
 * @throws CertificateException the certificate exception
 * @throws IOException the IO exception
 */
@Test
public void shouldFallbackWhenMultipleAliasesAvailable() throws CertificateException, IOException {
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/aliased_keys/gateway_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/aliased_keys/gateway_ks.jks"));
    config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "true");
    // Only gateway2 is valid. `unrelated` is real but not trusted by API. others don't exist.
    config.put(TLSOptions.TLS_KEYALIASES, "unrelated, owt, or, nowt, gateway, sonorous, unrelated");
    X509Certificate expectedCert;
    try (InputStream inStream = new FileInputStream(getResourcePath("2waytest/aliased_keys/gateway.cer"))) {
        expectedCert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inStream);
    }
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
        if (result.isError())
            throw new RuntimeException(result.getError());
        Assert.assertTrue(result.isSuccess());
        // Assert that the expected certificate (associated with the private key by virtue)
        // was the one used.
        Assert.assertEquals(expectedCert.getSerialNumber(), clientSerial);
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IAsyncResult(io.apiman.gateway.engine.async.IAsyncResult) IApiConnector(io.apiman.gateway.engine.IApiConnector) X509Certificate(java.security.cert.X509Certificate) FileInputStream(java.io.FileInputStream) Test(org.junit.Test)

Example 13 with IApiConnection

use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.

the class AliasedCertTest method shouldSucceedWhenValidKeyAlias.

/**
 * Scenario:
 *   - Select client key alias `gateway2`.
 *   - Mutual trust exists between gateway and API
 *   - We must use the `gateway2` cert NOT `gateway`.
 * @throws CertificateException the certificate exception
 * @throws IOException the IO exception
 */
@Test
public void shouldSucceedWhenValidKeyAlias() throws CertificateException, IOException {
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/aliased_keys/gateway_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/aliased_keys/gateway_ks.jks"));
    config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "true");
    config.put(TLSOptions.TLS_KEYALIASES, "gatewayalias");
    X509Certificate expectedCert;
    try (InputStream inStream = new FileInputStream(getResourcePath("2waytest/aliased_keys/gatewayalias.cer"))) {
        expectedCert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inStream);
    }
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
        if (result.isError())
            throw new RuntimeException(result.getError());
        Assert.assertTrue(result.isSuccess());
        // Assert that the expected certificate (associated with the private key by virtue)
        // was the one used.
        Assert.assertEquals(expectedCert.getSerialNumber(), clientSerial);
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IAsyncResult(io.apiman.gateway.engine.async.IAsyncResult) IApiConnector(io.apiman.gateway.engine.IApiConnector) X509Certificate(java.security.cert.X509Certificate) FileInputStream(java.io.FileInputStream) Test(org.junit.Test)

Example 14 with IApiConnection

use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.

the class BasicAuthTest method shouldFailWithNoCredentials.

/**
 * Should fail because no credentials were provided.
 */
@Test
public void shouldFailWithNoCredentials() {
    endpointProperties.remove(BasicAuthOptions.BASIC_USERNAME);
    endpointProperties.remove(BasicAuthOptions.BASIC_PASSWORD);
    endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "false");
    api.setEndpointProperties(endpointProperties);
    api.setEndpoint("http://localhost:8008/echo");
    HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            Assert.assertTrue("Expected a successful connection response.", result.isSuccess());
            IApiConnectionResponse scr = result.getResult();
            Assert.assertEquals("Expected a 401 response from the echo server (invalid creds).", 401, scr.getHead().getCode());
        }
    });
    if (connection.isConnected()) {
        connection.end();
    }
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 15 with IApiConnection

use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.

the class BasicAuthTest method shouldFailWithNoSSL.

/**
 * Scenario successful connection to the back end API via basic auth.
 */
@Test
public void shouldFailWithNoSSL() {
    endpointProperties.put(BasicAuthOptions.BASIC_USERNAME, "user");
    endpointProperties.put(BasicAuthOptions.BASIC_PASSWORD, "user123!");
    endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "true");
    api.setEndpointProperties(endpointProperties);
    api.setEndpoint("http://localhost:8008/echo");
    HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            Assert.assertTrue("Expected an error due to not using SSL.", result.isError());
            Assert.assertTrue("Expected a ConnectorException due to not using SSL.", result.getError() instanceof ConnectorException);
            Assert.assertEquals("Endpoint security requested (BASIC auth) but endpoint is not secure (SSL).", result.getError().getMessage());
        }
    });
    if (connection.isConnected()) {
        connection.end();
    }
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Aggregations

IApiConnection (io.apiman.gateway.engine.IApiConnection)26 IApiConnector (io.apiman.gateway.engine.IApiConnector)26 ConnectorConfigImpl (io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl)26 HttpConnectorFactory (io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory)26 Test (org.junit.Test)25 IApiConnectionResponse (io.apiman.gateway.engine.IApiConnectionResponse)18 IAsyncResult (io.apiman.gateway.engine.async.IAsyncResult)8 ConnectorException (io.apiman.gateway.engine.beans.exceptions.ConnectorException)6 FileInputStream (java.io.FileInputStream)2 InputStream (java.io.InputStream)2 X509Certificate (java.security.cert.X509Certificate)2 CountDownLatch (java.util.concurrent.CountDownLatch)1