Search in sources :

Example 16 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class BasicAuthTest method shouldFailWithNoSSL.

/**
 * Scenario successful connection to the back end API via basic auth.
 */
@Test
public void shouldFailWithNoSSL() {
    endpointProperties.put(BasicAuthOptions.BASIC_USERNAME, "user");
    endpointProperties.put(BasicAuthOptions.BASIC_PASSWORD, "user123!");
    endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "true");
    api.setEndpointProperties(endpointProperties);
    api.setEndpoint("http://localhost:8008/echo");
    HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            Assert.assertTrue("Expected an error due to not using SSL.", result.isError());
            Assert.assertTrue("Expected a ConnectorException due to not using SSL.", result.getError() instanceof ConnectorException);
            Assert.assertEquals("Endpoint security requested (BASIC auth) but endpoint is not secure (SSL).", result.getError().getMessage());
        }
    });
    if (connection.isConnected()) {
        connection.end();
    }
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 17 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class BasicAuthTest method shouldSucceedWithBasicAuthAndSSL.

/**
 * Scenario successful connection to the back end API via basic auth.
 */
@Test
public void shouldSucceedWithBasicAuthAndSSL() {
    endpointProperties.put(BasicAuthOptions.BASIC_USERNAME, "user");
    endpointProperties.put(BasicAuthOptions.BASIC_PASSWORD, "user123!");
    endpointProperties.put(BasicAuthOptions.BASIC_REQUIRE_SSL, "true");
    api.setEndpointProperties(endpointProperties);
    api.setEndpoint("https://localhost:8009/echo");
    HttpConnectorFactory factory = new HttpConnectorFactory(globalConfig);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.BASIC, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            Assert.assertTrue("Expected a successful connection response.", result.isSuccess());
            IApiConnectionResponse scr = result.getResult();
            Assert.assertEquals("Expected a 200 response from the echo server (valid creds).", 200, scr.getHead().getCode());
        }
    });
    if (connection.isConnected()) {
        connection.end();
    }
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 18 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class BasicMutualAuthTest method shouldSucceedWhenAllowedSelfSigned.

/**
 * Scenario:
 *   - no CA inherited trust
 *   - gateway does not explicitly trust the API, but automatically validates against self-signed
 *   - API trusts gateway certificate
 */
@Test
public void shouldSucceedWhenAllowedSelfSigned() {
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/basic_mutual_auth/gateway_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/basic_mutual_auth/gateway_ks.jks"));
    config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "true");
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
        Assert.assertTrue(result.isSuccess());
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IAsyncResult(io.apiman.gateway.engine.async.IAsyncResult) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 19 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class BasicMutualAuthTest method shouldFailWhenApiDoesNotTrustGateway.

/**
 * Scenario:
 *   - no CA inherited trust
 *   - gateway does trust the API
 *   - API does <em>not</em> trust gateway
 */
@Test
public void shouldFailWhenApiDoesNotTrustGateway() {
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/service_not_trust_gw/gateway_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/service_not_trust_gw/gateway_ks.jks"));
    config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "false");
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, (IAsyncResult<IApiConnectionResponse> result) -> {
        Assert.assertTrue(result.isError());
        System.out.println(result.getError());
        Assert.assertTrue(result.getError() instanceof ConnectorException);
    // Would like to assert on SSL error, but is sun specific info
    // TODO improve connector to handle this situation better
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorException(io.apiman.gateway.engine.beans.exceptions.ConnectorException) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IAsyncResult(io.apiman.gateway.engine.async.IAsyncResult) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Example 20 with IApiConnector

use of io.apiman.gateway.engine.IApiConnector in project apiman by apiman.

the class CAMutualAuthTest method shouldSucceedWithValidMTLS.

/**
 * Scenario:
 *   - CA inherited trust
 *   - gateway trusts API via CA
 *   - API trusts gateway via CA
 */
@Test
public void shouldSucceedWithValidMTLS() {
    config.put(TLSOptions.TLS_TRUSTSTORE, getResourcePath("2waytest/mutual_trust_via_ca/common_ts.jks"));
    config.put(TLSOptions.TLS_TRUSTSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYSTORE, getResourcePath("2waytest/mutual_trust_via_ca/gateway_ks.jks"));
    config.put(TLSOptions.TLS_KEYSTOREPASSWORD, "changeme");
    config.put(TLSOptions.TLS_KEYPASSWORD, "changeme");
    config.put(TLSOptions.TLS_ALLOWANYHOST, "true");
    config.put(TLSOptions.TLS_ALLOWSELFSIGNED, "false");
    HttpConnectorFactory factory = new HttpConnectorFactory(config);
    IApiConnector connector = factory.createConnector(request, api, RequiredAuthType.MTLS, false, new ConnectorConfigImpl());
    IApiConnection connection = connector.connect(request, new IAsyncResultHandler<IApiConnectionResponse>() {

        @Override
        public void handle(IAsyncResult<IApiConnectionResponse> result) {
            if (result.isError())
                throw new RuntimeException(result.getError());
            Assert.assertTrue(result.isSuccess());
        }
    });
    connection.end();
}
Also used : IApiConnection(io.apiman.gateway.engine.IApiConnection) HttpConnectorFactory(io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory) ConnectorConfigImpl(io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl) IApiConnectionResponse(io.apiman.gateway.engine.IApiConnectionResponse) IApiConnector(io.apiman.gateway.engine.IApiConnector) Test(org.junit.Test)

Aggregations

IApiConnector (io.apiman.gateway.engine.IApiConnector)29 IApiConnection (io.apiman.gateway.engine.IApiConnection)26 ConnectorConfigImpl (io.apiman.gateway.platforms.servlet.connectors.ConnectorConfigImpl)26 HttpConnectorFactory (io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory)26 Test (org.junit.Test)26 IApiConnectionResponse (io.apiman.gateway.engine.IApiConnectionResponse)19 IAsyncResult (io.apiman.gateway.engine.async.IAsyncResult)9 ConnectorException (io.apiman.gateway.engine.beans.exceptions.ConnectorException)6 IConnectorConfig (io.apiman.gateway.engine.IConnectorConfig)2 IEngineResult (io.apiman.gateway.engine.IEngineResult)2 IAsyncResultHandler (io.apiman.gateway.engine.async.IAsyncResultHandler)2 ApiRequest (io.apiman.gateway.engine.beans.ApiRequest)2 IApimanBuffer (io.apiman.gateway.engine.io.IApimanBuffer)2 ISignalWriteStream (io.apiman.gateway.engine.io.ISignalWriteStream)2 IConnectorInterceptor (io.apiman.gateway.engine.policy.IConnectorInterceptor)2 FileInputStream (java.io.FileInputStream)2 InputStream (java.io.InputStream)2 X509Certificate (java.security.cert.X509Certificate)2 IApiRequestExecutor (io.apiman.gateway.engine.IApiRequestExecutor)1 IConnectorFactory (io.apiman.gateway.engine.IConnectorFactory)1