Example 1 with HttpResponse
use of org.carapaceproxy.utils.RawHttpClient.HttpResponse in project carapaceproxy by diennea.
the class CertificatesTest method testUploadTypedCertificatesWithDaysBeforeRenewal.
@Test
@Parameters({ "acme", "manual" })
public void testUploadTypedCertificatesWithDaysBeforeRenewal(String type) throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
DynamicCertificatesManager dynCertsMan = server.getDynamicCertificatesManager();
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] chain = generateSampleChain(endUserKeyPair, false);
byte[] chainData = createKeystore(chain, endUserKeyPair.getPrivate());
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
// Create
HttpResponse resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(10, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost-negative", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost-default", "type=" + type, chainData, client, credentials);
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost-default");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// Update
uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=45", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(45, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost2", "type=" + type, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// changing the type (acme <-> manual)
String other = type.equals("manual") ? "acme" : "manual";
uploadCertificate("localhost2", "type=" + other, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
SSLCertificateConfiguration config = server.getCurrentConfiguration().getCertificates().get("localhost2");
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, config.getDaysBeforeRenewal());
// checking for "certificate.X.daysbeforerenewal" property delete
ConfigurationStore store = server.getDynamicConfigurationStore();
assertEquals(other.equals("acme"), store.anyPropertyMatches((k, v) -> {
if (k.matches("certificate\\.[0-9]+\\.hostname") && v.equals("localhost2")) {
return store.getProperty(k.replace("hostname", "daysbeforerenewal"), null) != null;
}
return false;
}));
}
}
Also used :
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
X509Certificate(java.security.cert.X509Certificate)
KeyPair(java.security.KeyPair)
Arrays(java.util.Arrays)
OcspStaplingManager(org.carapaceproxy.server.certificates.ocsp.OcspStaplingManager)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
Date(java.util.Date)
ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore)
CertificatesUtils.createKeystore(org.carapaceproxy.utils.CertificatesUtils.createKeystore)
Order(org.shredzone.acme4j.Order)
UseAdminServer(org.carapaceproxy.api.UseAdminServer)
JUnitParamsRunner(junitparams.JUnitParamsRunner)
WireMock.aResponse(com.github.tomakehurst.wiremock.client.WireMock.aResponse)
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
BasicOCSPRespBuilder(org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder)
List(java.util.List)
Base64(java.util.Base64)
Certificate(java.security.cert.Certificate)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
Assert.assertFalse(org.junit.Assert.assertFalse)
OCSPRespBuilder(org.bouncycastle.cert.ocsp.OCSPRespBuilder)
Login(org.shredzone.acme4j.Login)
ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession)
Mockito.mock(org.mockito.Mockito.mock)
Parameters(junitparams.Parameters)
KeyPairUtils(org.shredzone.acme4j.util.KeyPairUtils)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
Whitebox(org.powermock.reflect.Whitebox)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
CertificatesUtils(org.carapaceproxy.utils.CertificatesUtils)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
RunWith(org.junit.runner.RunWith)
BcDigestCalculatorProvider(org.bouncycastle.operator.bc.BcDigestCalculatorProvider)
WireMockRule(com.github.tomakehurst.wiremock.junit.WireMockRule)
CertificateID(org.bouncycastle.cert.ocsp.CertificateID)
DEFAULT_KEYPAIRS_SIZE(org.carapaceproxy.server.certificates.DynamicCertificatesManager.DEFAULT_KEYPAIRS_SIZE)
CertificateData(org.carapaceproxy.configstore.CertificateData)
CertificatesTestUtils.generateSampleChain(org.carapaceproxy.utils.CertificatesTestUtils.generateSampleChain)
HttpTestUtils(org.carapaceproxy.utils.HttpTestUtils)
SSLCertificateConfiguration(org.carapaceproxy.server.config.SSLCertificateConfiguration)
WireMock.get(com.github.tomakehurst.wiremock.client.WireMock.get)
Properties(java.util.Properties)
CertificateStatus(org.bouncycastle.cert.ocsp.CertificateStatus)
TestUtils(org.carapaceproxy.utils.TestUtils)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
VALID(org.shredzone.acme4j.Status.VALID)
OCSPResp(org.bouncycastle.cert.ocsp.OCSPResp)
Assert.assertTrue(org.junit.Assert.assertTrue)
DEFAULT_ADMIN_PORT(org.carapaceproxy.api.UseAdminServer.DEFAULT_ADMIN_PORT)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
CertificateException(java.security.cert.CertificateException)
BasicOCSPResp(org.bouncycastle.cert.ocsp.BasicOCSPResp)
Rule(org.junit.Rule)
DigestCalculatorProvider(org.bouncycastle.operator.DigestCalculatorProvider)
WireMock.stubFor(com.github.tomakehurst.wiremock.client.WireMock.stubFor)
WireMock.urlEqualTo(com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo)
DEFAULT_DAYS_BEFORE_RENEWAL(org.carapaceproxy.server.certificates.DynamicCertificatesManager.DEFAULT_DAYS_BEFORE_RENEWAL)
Assert.assertEquals(org.junit.Assert.assertEquals)
KeyPair(java.security.KeyPair)
ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
SSLCertificateConfiguration(org.carapaceproxy.server.config.SSLCertificateConfiguration)
CertificateData(org.carapaceproxy.configstore.CertificateData)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
Parameters(junitparams.Parameters)
Test(org.junit.Test)
Example 2 with HttpResponse
use of org.carapaceproxy.utils.RawHttpClient.HttpResponse in project carapaceproxy by diennea.
the class CertificatesTest method testCertificatesRenew.
@Test
public void testCertificatesRenew() throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
DynamicCertificatesManager dcMan = server.getDynamicCertificatesManager();
dcMan.setPeriod(0);
// Uploading ACME certificate with data
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] chain1 = generateSampleChain(endUserKeyPair, false);
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
byte[] chainData = createKeystore(chain1, endUserKeyPair.getPrivate());
HttpResponse resp = uploadCertificate("localhost", "type=acme&daysbeforerenewal=45", chainData, client, credentials);
assertTrue(resp.getBodyString().contains("SUCCESS"));
CertificateData data = dcMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertEquals(DynamicCertificateState.AVAILABLE, data.getState());
assertEquals(45, data.getDaysBeforeRenewal());
assertFalse(data.isManual());
// check uploaded certificate
try (RawHttpClient c = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse r = c.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", r.getBodyString());
Certificate[] obtainedChain = c.getServerCertificate();
assertNotNull(obtainedChain);
assertTrue(chain1[0].equals(obtainedChain[0]));
}
}
// Renew
KeyPair keyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
ConfigurationStore store = dcMan.getConfigurationStore();
store.saveKeyPairForDomain(keyPair, "localhost", false);
CertificateData cert = dcMan.getCertificateDataForDomain("localhost");
cert.setState(DynamicCertificateState.ORDERING);
cert.setPendingOrderLocation("https://localhost/orderlocation");
cert = dcMan.getCertificateDataForDomain("localhost");
assertNotNull(cert);
assertEquals(DynamicCertificateState.ORDERING, cert.getState());
// ACME mocking
ACMEClient ac = mock(ACMEClient.class);
Order o = mock(Order.class);
when(ac.getLogin()).thenReturn(mock(Login.class));
when(ac.checkResponseForOrder(any())).thenReturn(VALID);
org.shredzone.acme4j.Certificate _cert = mock(org.shredzone.acme4j.Certificate.class);
X509Certificate renewed = (X509Certificate) generateSampleChain(keyPair, false)[0];
when(_cert.getCertificateChain()).thenReturn(Arrays.asList(renewed));
when(ac.fetchCertificateForOrder(any())).thenReturn(_cert);
Whitebox.setInternalState(dcMan, ac);
// Renew
dcMan.run();
CertificateData updated = dcMan.getCertificateDataForDomain("localhost");
assertNotNull(updated);
assertEquals(DynamicCertificateState.AVAILABLE, updated.getState());
assertEquals(45, updated.getDaysBeforeRenewal());
assertFalse(updated.isManual());
// Check renewed certificate
try (RawHttpClient cl = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse r = cl.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", r.getBodyString());
Certificate[] obtainedChain = cl.getServerCertificate();
assertNotNull(obtainedChain);
assertTrue(renewed.equals(obtainedChain[0]));
}
}
Also used :
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
Order(org.shredzone.acme4j.Order)
KeyPair(java.security.KeyPair)
ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
Login(org.shredzone.acme4j.Login)
X509Certificate(java.security.cert.X509Certificate)
CertificateData(org.carapaceproxy.configstore.CertificateData)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
Test(org.junit.Test)
Example 3 with HttpResponse
use of org.carapaceproxy.utils.RawHttpClient.HttpResponse in project carapaceproxy by diennea.
the class CertificatesTest method test.
/**
* Test case: - Start server with a default certificate - Make request expected default certificate
*
* - Add a manual certificate to config (without upload) - Make request expected default certificate
*
* - Upload the certificate - Make request expected uploaded certificate
*
* - Update the certificate - Make request expected updated certificate
*/
@Test
public void test() throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
// Request #0: expected default certificate
Certificate[] chain0;
try (RawHttpClient client = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse resp = client.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", resp.getBodyString());
chain0 = client.getServerCertificate();
assertNotNull(chain0);
}
// Update settings adding manual certificate (but without upload it)
config.put("certificate.2.hostname", "localhost");
config.put("certificate.2.mode", "manual");
changeDynamicConfiguration(config);
DynamicCertificatesManager dynCertMan = server.getDynamicCertificatesManager();
CertificateData data = dynCertMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertTrue(data.isManual());
// Request #1: still expected default certificate
Certificate[] chain1;
try (RawHttpClient client = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse resp = client.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", resp.getBodyString());
chain1 = client.getServerCertificate();
assertNotNull(chain1);
assertTrue(chain0[0].equals(chain1[0]));
}
// Upload manual certificate
Certificate[] uploadedChain;
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
uploadedChain = generateSampleChain(endUserKeyPair, false);
byte[] chainData = createKeystore(uploadedChain, endUserKeyPair.getPrivate());
HttpResponse resp = uploadCertificate("localhost", null, chainData, client, credentials);
assertTrue(resp.getBodyString().contains("SUCCESS"));
data = dynCertMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertTrue(data.isManual());
assertTrue(data.getState() == DynamicCertificateState.AVAILABLE);
}
// Request #2: expected uploaded certificate
Certificate[] chain2;
try (RawHttpClient client = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse resp = client.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", resp.getBodyString());
chain2 = client.getServerCertificate();
assertNotNull(chain2);
assertTrue(uploadedChain[0].equals(chain2[0]));
}
// Update manual certificate
Certificate[] uploadedChain2;
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
uploadedChain2 = generateSampleChain(endUserKeyPair, false);
assertFalse(uploadedChain[0].equals(uploadedChain2[0]));
byte[] chainData = createKeystore(uploadedChain2, endUserKeyPair.getPrivate());
HttpResponse resp = uploadCertificate("localhost", null, chainData, client, credentials);
assertTrue(resp.getBodyString().contains("SUCCESS"));
data = dynCertMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertTrue(data.isManual());
assertTrue(data.getState() == DynamicCertificateState.AVAILABLE);
}
// Request #3: expected last uploaded certificate
Certificate[] chain3;
try (RawHttpClient client = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse resp = client.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", resp.getBodyString());
chain3 = client.getServerCertificate();
assertNotNull(chain3);
assertTrue(uploadedChain2[0].equals(chain3[0]));
}
// this calls "reloadFromDB" > "manual" flag has to be retained even if not stored in db.
dynCertMan.setStateOfCertificate("localhost", DynamicCertificateState.WAITING);
data = dynCertMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertTrue(data.isManual());
}
Also used :
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
KeyPair(java.security.KeyPair)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
CertificateData(org.carapaceproxy.configstore.CertificateData)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
Test(org.junit.Test)
Example 4 with HttpResponse
use of org.carapaceproxy.utils.RawHttpClient.HttpResponse in project carapaceproxy by diennea.
the class CertificatesTest method testUploadTypedCertificate.
@Test
@Parameters({ "acme", "manual" })
public void testUploadTypedCertificate(String type) throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
DynamicCertificatesManager dynCertsMan = server.getDynamicCertificatesManager();
// - for type="manual" is forbidden
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
HttpResponse resp = uploadCertificate("localhost", "type=" + type, new byte[0], client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: certificate data required"));
} else {
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertFalse(data.isManual());
// no certificate-data uploaded
assertEquals(DynamicCertificateState.WAITING, dynCertsMan.getStateOfCertificate("localhost"));
}
}
// Uploading certificate with data
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] chain = generateSampleChain(endUserKeyPair, false);
byte[] chainData = createKeystore(chain, endUserKeyPair.getPrivate());
HttpResponse resp = uploadCertificate("localhost", "type=" + type, chainData, client, credentials);
assertTrue(resp.getBodyString().contains("SUCCESS"));
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertEquals(type.equals("manual"), data.isManual());
assertEquals(DynamicCertificateState.AVAILABLE, dynCertsMan.getStateOfCertificate("localhost"));
// check uploaded certificate
try (RawHttpClient c = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse r = c.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", r.getBodyString());
Certificate[] obtainedChain = c.getServerCertificate();
assertNotNull(obtainedChain);
assertTrue(chain[0].equals(obtainedChain[0]));
}
}
// Uploading trush: bad "type"
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
HttpResponse resp = uploadCertificate("localhost", "type=undefined", new byte[0], client, credentials);
assertTrue(resp.getBodyString().contains("ERROR: illegal type"));
}
// Uploading same certificate but with different type (will be update)
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
String otherType = type.equals("manual") ? "acme" : "manual";
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] chain = generateSampleChain(endUserKeyPair, false);
byte[] chainData = createKeystore(chain, endUserKeyPair.getPrivate());
HttpResponse resp = uploadCertificate("localhost", "type=" + otherType, chainData, client, credentials);
assertTrue(resp.getBodyString().contains("SUCCESS"));
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertEquals(otherType.equals("manual"), data.isManual());
assertEquals(DynamicCertificateState.AVAILABLE, dynCertsMan.getStateOfCertificate("localhost"));
// check uploaded certificate
try (RawHttpClient c = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse r = c.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", r.getBodyString());
Certificate[] obtainedChain = c.getServerCertificate();
assertNotNull(obtainedChain);
assertTrue(chain[0].equals(obtainedChain[0]));
}
resp = uploadCertificate("localhost", "type=" + type, new byte[0], client, credentials);
if (type.equals("acme")) {
assertTrue(resp.getBodyString().contains("SUCCESS"));
data = dynCertsMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertFalse(data.isManual());
// no certificate-data uploaded
assertEquals(DynamicCertificateState.WAITING, dynCertsMan.getStateOfCertificate("localhost"));
}
}
}
Also used :
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
KeyPair(java.security.KeyPair)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
CertificateData(org.carapaceproxy.configstore.CertificateData)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
Parameters(junitparams.Parameters)
Test(org.junit.Test)
Example 5 with HttpResponse
use of org.carapaceproxy.utils.RawHttpClient.HttpResponse in project carapaceproxy by diennea.
the class AuthenticationAPIServerTest method testUnauthorizedRequests.
@Test
public void testUnauthorizedRequests() throws Exception {
Properties prop = new Properties(HTTP_ADMIN_SERVER_CONFIG);
prop.put("userrealm.class", "org.carapaceproxy.utils.TestUserRealm");
prop.put("user.test1", "pass1");
prop.put("user.test2", "pass2");
startServer(prop);
try (RawHttpClient client = new RawHttpClient("localhost", 8761)) {
// valid credentials
BasicAuthCredentials credentials = new BasicAuthCredentials("test1", "pass1");
HttpResponse resp = client.get("/api/up", credentials);
assertHeaderNotContains(resp, "WWW-Authenticate");
}
try (RawHttpClient client = new RawHttpClient("localhost", 8761)) {
// not valid credentials
BasicAuthCredentials credentials = new BasicAuthCredentials("wrongtest1", "wrongtest1");
HttpResponse resp = client.get("/api/up", credentials);
assertHeaderContains(resp, "WWW-Authenticate");
assertThat(resp.getBodyString(), containsString(HttpServletResponse.SC_UNAUTHORIZED + ""));
}
}
Also used :
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
BasicAuthCredentials(org.carapaceproxy.utils.RawHttpClient.BasicAuthCredentials)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
Properties(java.util.Properties)
Test(org.junit.Test)
Aggregations
KeyPair (java.security.KeyPair)4
Certificate (java.security.cert.Certificate)4
X509Certificate (java.security.cert.X509Certificate)4
CertificateData (org.carapaceproxy.configstore.CertificateData)4
CertificatesTestUtils.uploadCertificate (org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)4
RawHttpClient (org.carapaceproxy.utils.RawHttpClient)4
HttpResponse (org.carapaceproxy.utils.RawHttpClient.HttpResponse)4
Test (org.junit.Test)4
Properties (java.util.Properties)2
Parameters (junitparams.Parameters)2
ConfigurationStore (org.carapaceproxy.configstore.ConfigurationStore)2
WireMock.aResponse (com.github.tomakehurst.wiremock.client.WireMock.aResponse)1
WireMock.get (com.github.tomakehurst.wiremock.client.WireMock.get)1
WireMock.stubFor (com.github.tomakehurst.wiremock.client.WireMock.stubFor)1
WireMock.urlEqualTo (com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo)1
WireMockRule (com.github.tomakehurst.wiremock.junit.WireMockRule)1
CertificateException (java.security.cert.CertificateException)1
Arrays (java.util.Arrays)1
Base64 (java.util.Base64)1
Date (java.util.Date)1
