use of org.jboss.resteasy.security.doseta.UnauthorizedSignatureException in project resteasy by resteasy.
the class SigningTest method testBadSignatureProxy.
@Test
public void testBadSignatureProxy() throws Exception {
// ResteasyClientImpl client = new ResteasyClientImpl();
ResteasyWebTarget target = client.target(generateBaseUrl());
target.property(KeyRepository.class.getName(), repository);
SigningProxy proxy = target.proxy(SigningProxy.class);
try {
String output = proxy.bad();
throw new Exception("UNREACHABLE");
} catch (ResponseProcessingException e) {
LOG.error(e.getMessage(), e);
// Assert.assertTrue(e.getCause() instanceof UnauthorizedSignatureException);
}
}
use of org.jboss.resteasy.security.doseta.UnauthorizedSignatureException in project resteasy by resteasy.
the class SigningTest method testStaleTimestamp.
@Test
public void testStaleTimestamp() throws Exception {
Verifier verifier = new Verifier();
Verification verification = verifier.addNew();
verification.setRepository(repository);
verification.setStaleCheck(true);
verification.setStaleSeconds(1);
// ResteasyClientImpl client = new ResteasyClientImpl();
WebTarget target = client.target(TestPortProvider.generateURL("/signed/stamped"));
Invocation.Builder request = target.request();
request.property(Verifier.class.getName(), verifier);
Response response = request.get();
// System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
Assert.assertEquals(200, response.getStatus());
Thread.sleep(1500);
try {
String output = response.readEntity(String.class);
Assert.fail();
} catch (ProcessingException pe) {
UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
// System.out.println("here");
// Assert.assertEquals("Failed to verify signatures:\r\n Signature is stale", e.getMessage());
Assert.assertTrue(e.getMessage().indexOf("Failed to verify signatures:\r\n") >= 0);
Assert.assertTrue(e.getMessage().indexOf("Signature is stale") >= 0);
}
response.close();
}
use of org.jboss.resteasy.security.doseta.UnauthorizedSignatureException in project resteasy by resteasy.
the class SigningTest method testManualFail.
@Test
public void testManualFail() throws Exception {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(1024);
KeyPair keyPair = kpg.genKeyPair();
Verifier verifier = new Verifier();
Verification verification = verifier.addNew();
verification.setKey(keyPair.getPublic());
// ResteasyClientImpl client = new ResteasyClientImpl();
WebTarget target = client.target(TestPortProvider.generateURL("/signed/manual"));
Invocation.Builder request = target.request();
request.property(Verifier.class.getName(), verifier);
Response response = request.get();
// System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
Assert.assertNotNull(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
Assert.assertEquals(200, response.getStatus());
try {
String output = response.readEntity(String.class);
throw new Exception("unreachable!");
} catch (ProcessingException pe) {
UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
// System.out.println("*************" + e.getMessage());
// Assert.assertEquals("Failed to verify signatures:\r\n Failed to verify signature.", e.getMessage());
Assert.assertTrue(e.getMessage().indexOf("Failed to verify signatures:\r\n") >= 0);
Assert.assertTrue(e.getMessage().indexOf("Failed to verify signature.") >= 0);
}
response.close();
}
use of org.jboss.resteasy.security.doseta.UnauthorizedSignatureException in project resteasy by resteasy.
the class SigningTest method testExpiresFail.
@Test
public void testExpiresFail() throws Exception {
Verifier verifier = new Verifier();
Verification verification = verifier.addNew();
verification.setRepository(repository);
// ResteasyClientImpl client = new ResteasyClientImpl();
WebTarget target = client.target(TestPortProvider.generateURL("/signed/expires-short"));
Invocation.Builder request = target.request();
request.property(Verifier.class.getName(), verifier);
Response response = request.get();
// System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
Assert.assertEquals(200, response.getStatus());
Thread.sleep(1500);
try {
String output = response.readEntity(String.class);
throw new Exception("unreachable!");
} catch (ProcessingException pe) {
UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
// Assert.assertEquals("Failed to verify signatures:\r\n Signature expired", e.getMessage());
Assert.assertTrue(e.getMessage().indexOf("Failed to verify signatures:\r\n") >= 0);
Assert.assertTrue(e.getMessage().indexOf("Signature expired") >= 0);
}
response.close();
}
use of org.jboss.resteasy.security.doseta.UnauthorizedSignatureException in project resteasy by resteasy.
the class SigningTest method testExpiresFail.
/**
* @tpTestDetails Fail expiration test (expires attribute in Signed annotation in REST end-point is used).
* @tpSince RESTEasy 3.0.16
*/
@Test
public void testExpiresFail() throws Exception {
Verifier verifier = new Verifier();
Verification verification = verifier.addNew();
verification.setRepository(repository);
WebTarget target = client.target(generateURL("/signed/expires-short"));
Invocation.Builder request = target.request();
request.property(Verifier.class.getName(), verifier);
Response response = request.get();
logger.info(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
Assert.assertEquals(HttpResponseCodes.SC_OK, response.getStatus());
Thread.sleep(1500);
try {
response.readEntity(String.class);
throw new Exception("Signing error excepted");
} catch (ProcessingException pe) {
UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
MatcherAssert.assertThat("Unexcepted error", e.getMessage(), containsString("Failed to verify signatures:\r\n"));
MatcherAssert.assertThat("Unexcepted error", e.getMessage(), containsString("Signature expired"));
}
response.close();
}
Aggregations