use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.
the class BasicAuthTest method shouldFailWithBadCredentials.
/**
* Should fail because the credentials provided are not valid/
*/
@Test
public void shouldFailWithBadCredentials() {
endpointProperties.put(BasicAuthOptions.BASIC_USERNAME, "user");
endpointProperties.put(BasicAuthOptions.BASIC_PASSWORD, "bad-password");
endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "false");
api.setEndpointProperties(endpointProperties);
api.setEndpoint("http://localhost:8008/echo");
HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {
@Override
public void handle(IAsyncResult<IApiConnectionResponse> result) {
Assert.assertTrue("Expected a successful connection response.", result.isSuccess());
IApiConnectionResponse scr = result.getResult();
Assert.assertEquals("Expected a 401 response from the echo server (invalid creds).", 401, scr.getHead().getCode());
}
});
if (connection.isConnected()) {
connection.end();
}
}
use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.
the class AliasedCertTest method shouldFallbackWhenMultipleAliasesAvailable.
/**
* Scenario:
* - First alias invalid, second valid.
* - Mutual trust exists between gateway and API.
* - We must fall back to the valid alias.
* @throws CertificateException the certificate exception
* @throws IOException the IO exception
*/
@Test
public void shouldFallbackWhenMultipleAliasesAvailable() throws CertificateException, IOException {
config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/aliased_keys/gateway_ts.jks"));
config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/aliased_keys/gateway_ks.jks"));
config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "true");
// Only gateway2 is valid. `unrelated` is real but not trusted by API. others don't exist.
config.put(TLSOptions.TLS_KEYALIASES, "unrelated, owt, or, nowt, gateway, sonorous, unrelated");
X509Certificate expectedCert;
try (InputStream inStream = new FileInputStream(getResourcePath("2waytest/aliased_keys/gateway.cer"))) {
expectedCert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inStream);
}
HttpConnectorFactory factory = new HttpConnectorFactory(config);
IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
if (result.isError())
throw new RuntimeException(result.getError());
Assert.assertTrue(result.isSuccess());
// Assert that the expected certificate (associated with the private key by virtue)
// was the one used.
Assert.assertEquals(expectedCert.getSerialNumber(), clientSerial);
});
connection.end();
}
use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.
the class AliasedCertTest method shouldSucceedWhenValidKeyAlias.
/**
* Scenario:
* - Select client key alias `gateway2`.
* - Mutual trust exists between gateway and API
* - We must use the `gateway2` cert NOT `gateway`.
* @throws CertificateException the certificate exception
* @throws IOException the IO exception
*/
@Test
public void shouldSucceedWhenValidKeyAlias() throws CertificateException, IOException {
config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/aliased_keys/gateway_ts.jks"));
config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/aliased_keys/gateway_ks.jks"));
config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "true");
config.put(TLSOptions.TLS_KEYALIASES, "gatewayalias");
X509Certificate expectedCert;
try (InputStream inStream = new FileInputStream(getResourcePath("2waytest/aliased_keys/gatewayalias.cer"))) {
expectedCert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inStream);
}
HttpConnectorFactory factory = new HttpConnectorFactory(config);
IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
if (result.isError())
throw new RuntimeException(result.getError());
Assert.assertTrue(result.isSuccess());
// Assert that the expected certificate (associated with the private key by virtue)
// was the one used.
Assert.assertEquals(expectedCert.getSerialNumber(), clientSerial);
});
connection.end();
}
use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.
the class BasicAuthTest method shouldFailWithNoCredentials.
/**
* Should fail because no credentials were provided.
*/
@Test
public void shouldFailWithNoCredentials() {
endpointProperties.remove(BasicAuthOptions.BASIC_USERNAME);
endpointProperties.remove(BasicAuthOptions.BASIC_PASSWORD);
endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "false");
api.setEndpointProperties(endpointProperties);
api.setEndpoint("http://localhost:8008/echo");
HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {
@Override
public void handle(IAsyncResult<IApiConnectionResponse> result) {
Assert.assertTrue("Expected a successful connection response.", result.isSuccess());
IApiConnectionResponse scr = result.getResult();
Assert.assertEquals("Expected a 401 response from the echo server (invalid creds).", 401, scr.getHead().getCode());
}
});
if (connection.isConnected()) {
connection.end();
}
}
use of io.apiman.gateway.engine.IApiConnection in project apiman by apiman.
the class BasicAuthTest method shouldFailWithNoSSL.
/**
* Scenario successful connection to the back end API via basic auth.
*/
@Test
public void shouldFailWithNoSSL() {
endpointProperties.put(BasicAuthOptions.BASIC_USERNAME, "user");
endpointProperties.put(BasicAuthOptions.BASIC_PASSWORD, "user123!");
endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "true");
api.setEndpointProperties(endpointProperties);
api.setEndpoint("http://localhost:8008/echo");
HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {
@Override
public void handle(IAsyncResult<IApiConnectionResponse> result) {
Assert.assertTrue("Expected an error due to not using SSL.", result.isError());
Assert.assertTrue("Expected a ConnectorException due to not using SSL.", result.getError() instanceof ConnectorException);
Assert.assertEquals("Endpoint security requested (BASIC auth) but endpoint is not secure (SSL).", result.getError().getMessage());
}
});
if (connection.isConnected()) {
connection.end();
}
}
Aggregations