use of io.vertx.junit5.Timeout in project hono by eclipse.
the class HttpTestBase method testUploadFailsForNonMatchingTrustAnchor.
/**
* Verifies that the adapter fails to authenticate a device if the device's client certificate's signature cannot be
* validated using the trust anchor that is registered for the tenant that the device belongs to.
*
* @param ctx The vert.x test context.
* @throws GeneralSecurityException if the tenant's trust anchor cannot be generated
*/
@Test
@Timeout(timeUnit = TimeUnit.SECONDS, value = 20)
public void testUploadFailsForNonMatchingTrustAnchor(final VertxTestContext ctx) throws GeneralSecurityException {
final KeyPair keyPair = helper.newEcKeyPair();
// GIVEN a tenant configured with a trust anchor
helper.getCertificate(deviceCert.certificatePath()).compose(cert -> {
final Tenant tenant = Tenants.createTenantForTrustAnchor(cert.getIssuerX500Principal().getName(X500Principal.RFC2253), keyPair.getPublic().getEncoded(), keyPair.getPublic().getAlgorithm());
return helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, cert);
}).compose(ok -> {
final MultiMap requestHeaders = MultiMap.caseInsensitiveMultiMap().add(HttpHeaders.CONTENT_TYPE, "text/plain").add(HttpHeaders.ORIGIN, ORIGIN_URI);
return httpClientWithClientCert.create(getEndpointUri(), Buffer.buffer("hello"), requestHeaders, ResponsePredicate.status(HttpURLConnection.HTTP_UNAUTHORIZED));
}).onComplete(ctx.succeedingThenComplete());
}
use of io.vertx.junit5.Timeout in project hono by eclipse.
the class HttpTestBase method testUploadFailsForCredentialsWithNonExistingTenant.
/**
* Verifies that the adapter fails to authenticate a device that is providing
* credentials that contain a non-existing tenant.
*
* @param ctx The vert.x test context.
* @throws InterruptedException if the test fails.
*/
@Test
@Timeout(timeUnit = TimeUnit.SECONDS, value = 20)
public void testUploadFailsForCredentialsWithNonExistingTenant(final VertxTestContext ctx) throws InterruptedException {
final VertxTestContext setup = new VertxTestContext();
final Tenant tenant = new Tenant();
final MultiMap requestHeaders = MultiMap.caseInsensitiveMultiMap().add(HttpHeaders.CONTENT_TYPE, "text/plain").add(HttpHeaders.AUTHORIZATION, getBasicAuth("nonExistingTenant", deviceId, PWD)).add(HttpHeaders.ORIGIN, ORIGIN_URI);
// GIVEN a device
helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, PWD).onComplete(setup.succeedingThenComplete());
assertThat(setup.awaitCompletion(5, TimeUnit.SECONDS)).isTrue();
if (setup.failed()) {
ctx.failNow(setup.causeOfFailure());
return;
}
// WHEN a device tries to upload data and authenticate using wrong credentials
httpClient.create(getEndpointUri(), Buffer.buffer("hello"), requestHeaders, ResponsePredicate.status(HttpURLConnection.HTTP_UNAUTHORIZED)).onComplete(ctx.succeedingThenComplete());
}
use of io.vertx.junit5.Timeout in project hono by eclipse.
the class HttpTestBase method testUploadMessageFailsForDisabledTenant.
/**
* Verifies that the HTTP adapter rejects messages from a device that belongs to a tenant for which the HTTP adapter
* has been disabled with a 403.
*
* @param ctx The test context
*/
@Test
@Timeout(timeUnit = TimeUnit.SECONDS, value = 20)
public void testUploadMessageFailsForDisabledTenant(final VertxTestContext ctx) {
// GIVEN a tenant for which the HTTP adapter is disabled
final Tenant tenant = new Tenant();
tenant.addAdapterConfig(new Adapter(Constants.PROTOCOL_ADAPTER_TYPE_HTTP).setEnabled(false));
helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, PWD).compose(ok -> {
// WHEN a device that belongs to the tenant uploads a message
final MultiMap requestHeaders = MultiMap.caseInsensitiveMultiMap().add(HttpHeaders.CONTENT_TYPE, "text/plain").add(HttpHeaders.AUTHORIZATION, authorization);
return httpClient.create(getEndpointUri(), Buffer.buffer("hello"), requestHeaders, ResponsePredicate.status(HttpURLConnection.HTTP_FORBIDDEN));
}).onComplete(ctx.succeedingThenComplete());
}
use of io.vertx.junit5.Timeout in project hono by eclipse.
the class HttpTestBase method testUploadMessageFailsForUnauthorizedGateway.
/**
* Verifies that the HTTP adapter rejects messages from a gateway for an device that it is not authorized for with a
* 403.
*
* @param ctx The test context
*/
@Test
@Timeout(timeUnit = TimeUnit.SECONDS, value = 20)
public void testUploadMessageFailsForUnauthorizedGateway(final VertxTestContext ctx) {
// GIVEN a device that is connected via gateway "not-the-created-gateway"
final Tenant tenant = new Tenant();
final String gatewayId = helper.getRandomDeviceId(tenantId);
final Device deviceData = new Device();
deviceData.setVia(Collections.singletonList("not-the-created-gateway"));
helper.registry.addDeviceForTenant(tenantId, tenant, gatewayId, PWD).compose(ok -> helper.registry.registerDevice(tenantId, deviceId, deviceData)).compose(ok -> {
// WHEN another gateway tries to upload a message for the device
final MultiMap requestHeaders = MultiMap.caseInsensitiveMultiMap().add(HttpHeaders.CONTENT_TYPE, "text/plain").add(HttpHeaders.AUTHORIZATION, getBasicAuth(tenantId, gatewayId, PWD));
return httpClient.update(String.format("%s/%s/%s", getEndpointUri(), tenantId, deviceId), Buffer.buffer("hello"), requestHeaders, ResponsePredicate.status(HttpURLConnection.HTTP_FORBIDDEN));
}).onComplete(ctx.succeedingThenComplete());
}
use of io.vertx.junit5.Timeout in project hono by eclipse.
the class CoapTestBase method testUploadMessageFailsForUnauthorizedGateway.
/**
* Verifies that the CoAP adapter rejects messages from a gateway for a device that it is not authorized for with a
* 403.
*
* @param ctx The test context
*/
@Test
@Timeout(value = 10, timeUnit = TimeUnit.SECONDS)
public void testUploadMessageFailsForUnauthorizedGateway(final VertxTestContext ctx) {
// GIVEN a device that is connected via gateway "not-the-created-gateway"
final Tenant tenant = new Tenant();
final String gatewayId = helper.getRandomDeviceId(tenantId);
final Device deviceData = new Device();
deviceData.setVia(Collections.singletonList("not-the-created-gateway"));
helper.registry.addPskDeviceForTenant(tenantId, tenant, gatewayId, SECRET).compose(ok -> helper.registry.registerDevice(tenantId, deviceId, deviceData)).compose(ok -> {
// WHEN another gateway tries to upload a message for the device
final Promise<OptionSet> result = Promise.promise();
final CoapClient client = getCoapsClient(gatewayId, tenantId, SECRET);
// THEN a FORBIDDEN response code is returned
client.advanced(getHandler(result, ResponseCode.FORBIDDEN), createCoapsRequest(Code.PUT, getPutResource(tenantId, deviceId), 0));
return result.future();
}).onComplete(ctx.succeedingThenComplete());
}
Aggregations