use of org.alfresco.repo.rendition2.RenditionDefinition2.TIMEOUT in project hono by eclipse.
the class CoapTestBase method testUploadMessageFailsForUnauthorizedGateway.
/**
* Verifies that the CoAP adapter rejects messages from a gateway for a device that it is not authorized for with a
* 403.
*
* @param ctx The test context
*/
@Test
@Timeout(value = 10, timeUnit = TimeUnit.SECONDS)
public void testUploadMessageFailsForUnauthorizedGateway(final VertxTestContext ctx) {
// GIVEN a device that is connected via gateway "not-the-created-gateway"
final Tenant tenant = new Tenant();
final String gatewayId = helper.getRandomDeviceId(tenantId);
final Device deviceData = new Device();
deviceData.setVia(Collections.singletonList("not-the-created-gateway"));
helper.registry.addPskDeviceForTenant(tenantId, tenant, gatewayId, SECRET).compose(ok -> helper.registry.registerDevice(tenantId, deviceId, deviceData)).compose(ok -> {
// WHEN another gateway tries to upload a message for the device
final Promise<OptionSet> result = Promise.promise();
final CoapClient client = getCoapsClient(gatewayId, tenantId, SECRET);
// THEN a FORBIDDEN response code is returned
client.advanced(getHandler(result, ResponseCode.FORBIDDEN), createCoapsRequest(Code.PUT, getPutResource(tenantId, deviceId), 0));
return result.future();
}).onComplete(ctx.succeedingThenComplete());
}
use of org.alfresco.repo.rendition2.RenditionDefinition2.TIMEOUT in project hono by eclipse.
the class CoapTestBase method testUploadMessageFailsForDisabledDevice.
/**
* Verifies that the CoAP adapter rejects messages from a disabled device.
*
* @param ctx The test context
*/
@Test
@Timeout(value = 10, timeUnit = TimeUnit.SECONDS)
public void testUploadMessageFailsForDisabledDevice(final VertxTestContext ctx) {
// GIVEN a disabled device
final Tenant tenant = new Tenant();
final Device deviceData = new Device();
deviceData.setEnabled(false);
helper.registry.addPskDeviceForTenant(tenantId, tenant, deviceId, deviceData, SECRET).compose(ok -> {
// WHEN the device tries to upload a message
final CoapClient client = getCoapsClient(deviceId, tenantId, SECRET);
final Promise<OptionSet> result = Promise.promise();
// THEN a NOT_FOUND response code is returned
client.advanced(getHandler(result, ResponseCode.NOT_FOUND), createCoapsRequest(Code.POST, getPostResource(), 0));
return result.future();
}).onComplete(ctx.succeedingThenComplete());
}
use of org.alfresco.repo.rendition2.RenditionDefinition2.TIMEOUT in project hono by eclipse.
the class CoapTestBase method testUploadMessagesWithTtdThatReplyWithOneWayCommand.
/**
* Verifies that the CoAP adapter delivers a one-way command to a device.
*
* @param endpointConfig The endpoints to use for sending/receiving commands.
* @param ctx The test context
* @throws InterruptedException if the test fails.
*/
@ParameterizedTest(name = IntegrationTestSupport.PARAMETERIZED_TEST_NAME_PATTERN)
@MethodSource("commandAndControlVariants")
@Timeout(value = 10, timeUnit = TimeUnit.SECONDS)
public void testUploadMessagesWithTtdThatReplyWithOneWayCommand(final CoapCommandEndpointConfiguration endpointConfig, final VertxTestContext ctx) throws InterruptedException {
final Tenant tenant = new Tenant();
final String expectedCommand = String.format("%s=%s", Constants.HEADER_COMMAND, COMMAND_TO_SEND);
final VertxTestContext setup = new VertxTestContext();
if (endpointConfig.isSubscribeAsUnauthenticatedDevice()) {
helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, SECRET).onComplete(setup.succeedingThenComplete());
} else {
helper.registry.addPskDeviceForTenant(tenantId, tenant, deviceId, SECRET).onComplete(setup.succeedingThenComplete());
}
ctx.verify(() -> assertThat(setup.awaitCompletion(5, TimeUnit.SECONDS)).isTrue());
final CoapClient client = endpointConfig.isSubscribeAsUnauthenticatedDevice() ? getCoapClient() : getCoapsClient(deviceId, tenantId, SECRET);
final String commandTargetDeviceId = endpointConfig.isSubscribeAsGateway() ? helper.setupGatewayDeviceBlocking(tenantId, deviceId, 5) : deviceId;
final String subscribingDeviceId = endpointConfig.isSubscribeAsGatewayForSingleDevice() ? commandTargetDeviceId : deviceId;
testUploadMessages(ctx, tenantId, () -> warmUp(client, createCoapsRequest(Code.POST, getPostResource(), 0)), msg -> {
final Integer ttd = msg.getTimeTillDisconnect();
logger.debug("north-bound message received {}, ttd: {}", msg, ttd);
msg.getTimeUntilDisconnectNotification().ifPresent(notification -> {
ctx.verify(() -> {
assertThat(notification.getTenantId()).isEqualTo(tenantId);
assertThat(notification.getDeviceId()).isEqualTo(subscribingDeviceId);
});
logger.debug("send one-way-command");
final JsonObject inputData = new JsonObject().put(COMMAND_JSON_KEY, (int) (Math.random() * 100));
helper.sendOneWayCommand(tenantId, commandTargetDeviceId, COMMAND_TO_SEND, "application/json", inputData.toBuffer(), notification.getMillisecondsUntilExpiry() / 2);
});
}, count -> {
final Promise<OptionSet> result = Promise.promise();
final Request request = createCoapsOrCoapRequest(endpointConfig, commandTargetDeviceId, count);
request.getOptions().addUriQuery(String.format("%s=%d", Constants.HEADER_TIME_TILL_DISCONNECT, 4));
logger.debug("south-bound send {}", request);
client.advanced(getHandler(result, ResponseCode.CHANGED), request);
return result.future().map(responseOptions -> {
ctx.verify(() -> {
assertResponseContainsOneWayCommand(endpointConfig, responseOptions, expectedCommand, tenantId, commandTargetDeviceId);
});
return responseOptions;
});
});
}
use of org.alfresco.repo.rendition2.RenditionDefinition2.TIMEOUT in project hono by eclipse.
the class CoapTestBase method testUploadFailsForNonMatchingTrustAnchor.
/**
* Verifies that the adapter fails to authenticate a device if the device's client certificate's signature cannot be
* validated using the trust anchor that is registered for the tenant that the device belongs to.
*
* @param ctx The vert.x test context.
* @throws GeneralSecurityException if the tenant's trust anchor cannot be generated
*/
@Test
@Timeout(timeUnit = TimeUnit.SECONDS, value = 20)
public void testUploadFailsForNonMatchingTrustAnchor(final VertxTestContext ctx) throws GeneralSecurityException {
final var keyLoader = KeyLoader.fromFiles(vertx, PATH_DEVICE_KEY, PATH_DEVICE_CERT);
// GIVEN a tenant configured with a trust anchor
final KeyPair keyPair = helper.newEcKeyPair();
final var clientCert = (X509Certificate) keyLoader.getCertificateChain()[0];
final Tenant tenant = Tenants.createTenantForTrustAnchor(clientCert.getIssuerX500Principal().getName(X500Principal.RFC2253), keyPair.getPublic().getEncoded(), keyPair.getPublic().getAlgorithm());
helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, clientCert).compose(ok -> {
final CoapClient client = getCoapsClient(keyLoader);
final Promise<OptionSet> result = Promise.promise();
client.advanced(getHandler(result), createCoapsRequest(Code.POST, getPostResource(), 0));
return result.future();
}).onComplete(ctx.failing(t -> {
// THEN the request fails because the DTLS handshake cannot be completed
assertStatus(ctx, HttpURLConnection.HTTP_UNAVAILABLE, t);
ctx.completeNow();
}));
}
use of org.alfresco.repo.rendition2.RenditionDefinition2.TIMEOUT in project hono by eclipse.
the class HttpTestBase method testUploadFailsForNonMatchingTrustAnchor.
/**
* Verifies that the adapter fails to authenticate a device if the device's client certificate's signature cannot be
* validated using the trust anchor that is registered for the tenant that the device belongs to.
*
* @param ctx The vert.x test context.
* @throws GeneralSecurityException if the tenant's trust anchor cannot be generated
*/
@Test
@Timeout(timeUnit = TimeUnit.SECONDS, value = 20)
public void testUploadFailsForNonMatchingTrustAnchor(final VertxTestContext ctx) throws GeneralSecurityException {
final KeyPair keyPair = helper.newEcKeyPair();
// GIVEN a tenant configured with a trust anchor
helper.getCertificate(deviceCert.certificatePath()).compose(cert -> {
final Tenant tenant = Tenants.createTenantForTrustAnchor(cert.getIssuerX500Principal().getName(X500Principal.RFC2253), keyPair.getPublic().getEncoded(), keyPair.getPublic().getAlgorithm());
return helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, cert);
}).compose(ok -> {
final MultiMap requestHeaders = MultiMap.caseInsensitiveMultiMap().add(HttpHeaders.CONTENT_TYPE, "text/plain").add(HttpHeaders.ORIGIN, ORIGIN_URI);
return httpClientWithClientCert.create(getEndpointUri(), Buffer.buffer("hello"), requestHeaders, ResponsePredicate.status(HttpURLConnection.HTTP_UNAUTHORIZED));
}).onComplete(ctx.succeedingThenComplete());
}
Aggregations