Search in sources :

Example 16 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testExpiresDays.

@Test
public void testExpiresDays() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/expires-day"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 17 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testManualWithHeader.

@Test
public void testManualWithHeader() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/header"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertNotNull(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    Assert.assertEquals("hello world", output);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 18 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testTimestamp.

@Test
public void testTimestamp() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    verification.setStaleCheck(true);
    verification.setStaleSeconds(100);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/stamped"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    try {
        String output = response.readEntity(String.class);
    } catch (Exception e) {
        throw e;
    }
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) ProcessingException(jakarta.ws.rs.ProcessingException) SignatureException(java.security.SignatureException) ResponseProcessingException(jakarta.ws.rs.client.ResponseProcessingException) UnauthorizedSignatureException(org.jboss.resteasy.security.doseta.UnauthorizedSignatureException) Test(org.junit.Test)

Example 19 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testStaleTimestamp.

/**
 * @tpTestDetails Stale timestamp test
 * @tpSince RESTEasy 3.0.16
 */
@Test
public void testStaleTimestamp() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    verification.setStaleCheck(true);
    verification.setStaleSeconds(1);
    WebTarget target = client.target(generateURL("/signed/stamped"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    logger.info(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(HttpResponseCodes.SC_OK, response.getStatus());
    Thread.sleep(1500);
    try {
        response.readEntity(String.class);
        Assert.fail("Validation error excepted.");
    } catch (ProcessingException pe) {
        UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
        MatcherAssert.assertThat("Unexcepted error", e.getMessage(), containsString("Failed to verify signatures:\r\n"));
        MatcherAssert.assertThat("Unexcepted error", e.getMessage(), containsString("Signature is stale"));
    }
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) UnauthorizedSignatureException(org.jboss.resteasy.security.doseta.UnauthorizedSignatureException) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) WebTarget(jakarta.ws.rs.client.WebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) ResponseProcessingException(jakarta.ws.rs.client.ResponseProcessingException) ProcessingException(jakarta.ws.rs.ProcessingException) Test(org.junit.Test)

Example 20 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testExpiresYears.

/**
 * @tpTestDetails Year expiration test (expires attribute in Signed annotation in REST end-point is used).
 * @tpSince RESTEasy 3.0.16
 */
@Test
public void testExpiresYears() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    WebTarget target = client.target(generateURL("/signed/expires-year"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    logger.info(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(HttpResponseCodes.SC_OK, response.getStatus());
    response.readEntity(String.class);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) WebTarget(jakarta.ws.rs.client.WebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Aggregations

Invocation (jakarta.ws.rs.client.Invocation)22 WebTarget (jakarta.ws.rs.client.WebTarget)22 Response (jakarta.ws.rs.core.Response)22 ResteasyWebTarget (org.jboss.resteasy.client.jaxrs.ResteasyWebTarget)22 Verification (org.jboss.resteasy.security.doseta.Verification)22 Verifier (org.jboss.resteasy.security.doseta.Verifier)22 Test (org.junit.Test)22 ProcessingException (jakarta.ws.rs.ProcessingException)8 ResponseProcessingException (jakarta.ws.rs.client.ResponseProcessingException)8 UnauthorizedSignatureException (org.jboss.resteasy.security.doseta.UnauthorizedSignatureException)8 SignatureException (java.security.SignatureException)6 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2