Examples with EchoResponse io.apiman.test.common.mock.EchoResponse used on opensource projects

Example 16 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class LogHeadersPolicyTest method testLogHeadersHappyFlow.

/**
 * A simple happy flow test to verify the policy does not blow up in our face.
 */
@Test
@Configuration("{ \"direction\" : \"both\", \"logStatusCode\" : true }")
public void testLogHeadersHappyFlow() throws PolicyFailureError, Throwable {
    PrintStream out = System.out;
    ByteArrayOutputStream testOutput = new ByteArrayOutputStream();
    System.setOut(new PrintStream(testOutput));
    try {
        PolicyTestResponse response = send(PolicyTestRequest.build(PolicyTestRequestType.GET, "/some/resource").header("X-Test-Name", "testGet"));
        Assert.assertEquals(200, response.code());
        EchoResponse entity = response.entity(EchoResponse.class);
        Assert.assertEquals("testGet", entity.getHeaders().get("X-Test-Name"));
        String output = testOutput.toString("UTF-8");
        output = redactDates(output);
        output = normalize(output);
        String expected = "INFO: Logging 1 HTTP Request headers for io.apiman.test.policies.EchoBackEndApi\n" + "Key : X-Test-Name, Value : testGet\n" + "INFO: Status code 200 for io.apiman.test.policies.EchoBackEndApi\n" + "INFO: Logging 4 HTTP Response headers for io.apiman.test.policies.EchoBackEndApi\n" + "Key : Content-Length, Value : 199\n" + "Key : Content-Type, Value : application/json\n" + "Key : Date, Value : XXX\n" + "Key : Server, Value : apiman.policy-test\n" + "";
        Assert.assertEquals(expected, output);
    } finally {
        System.setOut(out);
    }
}

Example 17 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class JWTPolicyTest method unsignedValidTokenQueryParam.

@Test
@Configuration("{\n" + "  \"requireJWT\": true,\n" + "  \"requireSigned\": false,\n" + "  \"requireTransportSecurity\": true,\n" + "  \"stripTokens\": true,\n" + "  \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + "  \"allowedClockSkew\": 0,\n" + "  \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }]\n" + "}")
public void unsignedValidTokenQueryParam() throws Throwable {
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").query("access_token", unsignedToken());
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
}

Example 18 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class JWTPolicyTest method signedValidToken.

@Test
@Configuration("{\n" + "  \"requireJWT\": true,\n" + "  \"requireSigned\": true,\n" + "  \"requireTransportSecurity\": true,\n" + "  \"stripTokens\": false,\n" + "  \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + "  \"allowedClockSkew\": 0,\n" + "  \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }]\n" + "}")
public void signedValidToken() throws Throwable {
    String authVal = "Bearer " + signedToken(PRIVATE_KEY_PEM);
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, authVal);
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
    // Ensure we didn't remove the header and it has remained unchanged
    Assert.assertEquals(authVal, echo.getHeaders().get(AUTHORIZATION));
}

Example 19 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class JWTPolicyTest method signedValidTokenWithJwksAndExpireCache.

@Test
@Configuration("{\n" + "  \"requireJWT\": true,\n" + "  \"requireSigned\": true,\n" + "  \"requireTransportSecurity\": true,\n" + "  \"stripTokens\": false,\n" + "  \"signingKeyString\": \"http://127.0.0.1:1080/jwks.json\", \n" + "  \"kid\": \"null\", \n" + "  \"allowedClockSkew\": 0,\n" + "  \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }]\n" + "}")
public void signedValidTokenWithJwksAndExpireCache() throws Throwable {
    // First request with first jwk(s)
    String authVal = "Bearer " + signedToken(PRIVATE_KEY_PEM);
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, authVal);
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
    // Ensure we didn't remove the header and it has remained unchanged
    Assert.assertEquals(authVal, echo.getHeaders().get(AUTHORIZATION));
    // Second request will fail because jwk(s) has changed and we have to invalidate the cache
    authVal = "Bearer " + signedToken(PRIVATE_KEY_PEM_2);
    request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, authVal);
    try {
        send(request);
        // we should never get a valid response
        Assert.fail("Valid response instead of exception");
    } catch (Exception e) {
        assert true;
    }
    // Update jwk(s) on mockserver
    mockServerClient.reset();
    RSAPublicKey rsa = getPublicRsaKey(PUBLIC_KEY_PEM_2);
    mockServerClient.when(request().withMethod("GET").withPath("/jwks.json")).respond(response().withStatusCode(200).withBody("{\"keys\": [\n" + "    {\n" + "      \"kid\": null,\n" + "      \"e\": \"" + Base64.getUrlEncoder().encodeToString(rsa.getPublicExponent().toByteArray()) + "\",\n" + "      \"n\": \"" + Base64.getUrlEncoder().encodeToString(rsa.getModulus().toByteArray()) + "\",\n" + "      \"kty\":\"RSA\",\n" + "      \"alg\": \"RS256\"\n" + "    }\n" + "  ]\n" + "}"));
    // Send request again and it will pass
    authVal = "Bearer " + signedToken(PRIVATE_KEY_PEM_2);
    request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, authVal);
    response = send(request);
    echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
    // Ensure we didn't remove the header and it has remained unchanged
    Assert.assertEquals(authVal, echo.getHeaders().get(AUTHORIZATION));
}

Example 20 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class JWTPolicyTest method shouldForwardClaimsAsHeaders.

@Test
@Configuration("{\n" + "  \"requireJWT\": true,\n" + "  \"requireSigned\": false,\n" + "  \"requireTransportSecurity\": true,\n" + "  \"stripTokens\": true,\n" + "  \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + "  \"allowedClockSkew\": 0,\n" + "  \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"aride\" }],\n" + "  \"forwardAuthInfo\": [{ \"header\": \"X-Foo\", \"field\": \"sub\" }]\n" + "}")
public void shouldForwardClaimsAsHeaders() throws Throwable {
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, "Bearer " + Jwts.builder().setSubject("aride").compact());
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
    Assert.assertEquals("aride", echo.getHeaders().get("X-Foo"));
}