Search in sources :

Example 31 with Parameters

use of org.junit.runners.Parameterized.Parameters in project eclipse-pmd by acanda.

the class PMDIntegrationTest method getTestData.

@Parameters
public static Collection<Object[]> getTestData() {
    final Builder<Object[]> testData = ImmutableList.builder();
    for (final String tests : TEST_DATA_XML) {
        try (final InputStream stream = QuickFixTestData.class.getResourceAsStream(tests)) {
            assertNotNull("Test data file " + tests + " not found.", stream);
            final Collection<TestParameters> data = QuickFixTestData.createTestData(stream);
            for (final TestParameters params : data) {
                testData.add(new Object[] { tests, params });
            }
        } catch (final IOException e) {
            fail(e.getMessage());
        }
    }
    return testData.build();
}
Also used : TestParameters(ch.acanda.eclipse.pmd.java.resolution.QuickFixTestData.TestParameters) InputStream(java.io.InputStream) IOException(java.io.IOException) Parameters(org.junit.runners.Parameterized.Parameters) TestParameters(ch.acanda.eclipse.pmd.java.resolution.QuickFixTestData.TestParameters)

Example 32 with Parameters

use of org.junit.runners.Parameterized.Parameters in project cas by apereo.

the class CRLDistributionPointRevocationCheckerTests method getTestParameters.

/**
 * Gets the unit test parameters.
 *
 * @return Test parameter data.
 */
@Parameters
public static Collection<Object[]> getTestParameters() {
    CacheManager.getInstance().removeAllCaches();
    final Collection<Object[]> params = new ArrayList<>();
    Cache cache;
    final ThresholdExpiredCRLRevocationPolicy defaultPolicy = new ThresholdExpiredCRLRevocationPolicy(0);
    final ThresholdExpiredCRLRevocationPolicy zeroThresholdPolicy = new ThresholdExpiredCRLRevocationPolicy(0);
    // Test case #0
    // Valid certificate on valid CRL data with encoded url
    cache = new Cache("crlCache-0", 100, false, false, 20, 10);
    CacheManager.getInstance().addCache(cache);
    params.add(new Object[] { new CRLDistributionPointRevocationChecker(cache, defaultPolicy, null), new String[] { "uservalid-encoded-crl.crt" }, "test ca.crl", null });
    // Test case #1
    // Valid certificate on valid CRL data
    cache = new Cache("crlCache-1", 100, false, false, 20, 10);
    CacheManager.getInstance().addCache(cache);
    params.add(new Object[] { new CRLDistributionPointRevocationChecker(cache, defaultPolicy, null, true), new String[] { "user-valid-distcrl.crt" }, "userCA-valid.crl", null });
    // Test case #2
    // Revoked certificate on valid CRL data
    cache = new Cache("crlCache-2", 100, false, false, 20, 10);
    CacheManager.getInstance().addCache(cache);
    params.add(new Object[] { new CRLDistributionPointRevocationChecker(cache, defaultPolicy, null), new String[] { "user-revoked-distcrl.crt" }, "userCA-valid.crl", new RevokedCertificateException(ZonedDateTime.now(ZoneOffset.UTC), new BigInteger("1")) });
    // Test case #3
    // Valid certificate on expired CRL data
    cache = new Cache("crlCache-3", 100, false, false, 20, 10);
    CacheManager.getInstance().addCache(cache);
    params.add(new Object[] { new CRLDistributionPointRevocationChecker(cache, zeroThresholdPolicy, null), new String[] { "user-valid-distcrl.crt" }, "userCA-expired.crl", new ExpiredCRLException("test", ZonedDateTime.now(ZoneOffset.UTC)) });
    // Test case #4
    // Valid certificate on expired CRL data with custom expiration
    // policy to always allow expired CRL data
    cache = new Cache("crlCache-4", 100, false, false, 20, 10);
    CacheManager.getInstance().addCache(cache);
    params.add(new Object[] { new CRLDistributionPointRevocationChecker(cache, crl -> {
    }, null), new String[] { "user-valid-distcrl.crt" }, "userCA-expired.crl", null });
    // Test case #5
    // Valid certificate with no CRL distribution points defined but with
    // "AllowRevocationPolicy" set to allow unavailable CRL data
    cache = new Cache("crlCache-5", 100, false, false, 20, 10);
    CacheManager.getInstance().addCache(cache);
    final CRLDistributionPointRevocationChecker checker5 = new CRLDistributionPointRevocationChecker(cache, defaultPolicy, new AllowRevocationPolicy());
    params.add(new Object[] { checker5, new String[] { "user-valid.crt" }, "userCA-expired.crl", null });
    // Test case #6
    // EJBCA test case
    // Revoked certificate with CRL distribution point URI that is technically
    // not a valid URI since the issuer DN in the query string is not encoded per
    // the escaping of reserved characters in RFC 2396.
    // Make sure we can convert given URI to valid URI and confirm it's revoked
    cache = new Cache("crlCache-6", 100, false, false, 20, 10);
    CacheManager.getInstance().addCache(cache);
    params.add(new Object[] { new CRLDistributionPointRevocationChecker(cache, defaultPolicy, null), new String[] { "user-revoked-distcrl2.crt" }, "userCA-valid.crl", new RevokedCertificateException(ZonedDateTime.now(ZoneOffset.UTC), new BigInteger("1")) });
    return params;
}
Also used : ZonedDateTime(java.time.ZonedDateTime) CacheManager(net.sf.ehcache.CacheManager) ExpiredCRLException(org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException) RunWith(org.junit.runner.RunWith) Parameters(org.junit.runners.Parameterized.Parameters) ClassPathResource(org.springframework.core.io.ClassPathResource) RevokedCertificateException(org.apereo.cas.adaptors.x509.authentication.revocation.RevokedCertificateException) ArrayList(java.util.ArrayList) GeneralSecurityException(java.security.GeneralSecurityException) RevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.RevocationChecker) After(org.junit.After) BigInteger(java.math.BigInteger) ZoneOffset(java.time.ZoneOffset) Parameterized(org.junit.runners.Parameterized) Before(org.junit.Before) OutputStream(java.io.OutputStream) AfterClass(org.junit.AfterClass) Collection(java.util.Collection) FileSystemResource(org.springframework.core.io.FileSystemResource) FileOutputStream(java.io.FileOutputStream) File(java.io.File) CRLDistributionPointRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.CRLDistributionPointRevocationChecker) IOUtils(org.apache.commons.io.IOUtils) Slf4j(lombok.extern.slf4j.Slf4j) MockWebServer(org.apereo.cas.util.MockWebServer) ThresholdExpiredCRLRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy) AllowRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.AllowRevocationPolicy) Cache(net.sf.ehcache.Cache) ExpiredCRLException(org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException) CRLDistributionPointRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.CRLDistributionPointRevocationChecker) RevokedCertificateException(org.apereo.cas.adaptors.x509.authentication.revocation.RevokedCertificateException) AllowRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.AllowRevocationPolicy) ArrayList(java.util.ArrayList) BigInteger(java.math.BigInteger) ThresholdExpiredCRLRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy) Cache(net.sf.ehcache.Cache) Parameters(org.junit.runners.Parameterized.Parameters)

Example 33 with Parameters

use of org.junit.runners.Parameterized.Parameters in project cas by apereo.

the class ResourceCRLRevocationCheckerTests method getTestParameters.

/**
 * Gets the unit test parameters.
 *
 * @return Test parameter data.
 */
@Parameters
public static Collection<Object[]> getTestParameters() {
    final Collection<Object[]> params = new ArrayList<>();
    final ThresholdExpiredCRLRevocationPolicy zeroThresholdPolicy = new ThresholdExpiredCRLRevocationPolicy(0);
    // Test case #1
    // Valid certificate on valid CRL data
    params.add(new Object[] { new ResourceCRLRevocationChecker(new ClassPathResource[] { new ClassPathResource("userCA-valid.crl") }, zeroThresholdPolicy), new String[] { "user-valid.crt" }, null });
    // Test case #2
    // Revoked certificate on valid CRL data
    params.add(new Object[] { new ResourceCRLRevocationChecker(new ClassPathResource[] { new ClassPathResource("userCA-valid.crl"), new ClassPathResource("intermediateCA-valid.crl"), new ClassPathResource("rootCA-valid.crl") }, zeroThresholdPolicy), new String[] { "user-revoked.crt", "userCA.crt", "intermediateCA.crt", "rootCA.crt" }, new RevokedCertificateException(ZonedDateTime.now(ZoneOffset.UTC), new BigInteger("1")) });
    // Test case #3
    // Valid certificate on expired CRL data for head cert
    params.add(new Object[] { new ResourceCRLRevocationChecker(new ClassPathResource[] { new ClassPathResource("userCA-expired.crl"), new ClassPathResource("intermediateCA-valid.crl"), new ClassPathResource("rootCA-valid.crl") }, zeroThresholdPolicy), new String[] { "user-valid.crt", "userCA.crt", "intermediateCA.crt", "rootCA.crt" }, new ExpiredCRLException("test", ZonedDateTime.now(ZoneOffset.UTC)) });
    // Test case #4
    // Valid certificate on expired CRL data for intermediate cert
    params.add(new Object[] { new ResourceCRLRevocationChecker(new ClassPathResource[] { new ClassPathResource("userCA-valid.crl"), new ClassPathResource("intermediateCA-expired.crl"), new ClassPathResource("rootCA-valid.crl") }, zeroThresholdPolicy), new String[] { "user-valid.crt", "userCA.crt", "intermediateCA.crt", "rootCA.crt" }, new ExpiredCRLException("test", ZonedDateTime.now(ZoneOffset.UTC)) });
    // Test case #5
    // Valid certificate on expired CRL data with custom expiration
    // policy to always allow expired CRL data
    params.add(new Object[] { new ResourceCRLRevocationChecker(new ClassPathResource[] { new ClassPathResource("userCA-expired.crl") }, crl -> {
    }), new String[] { "user-valid.crt" }, null });
    return params;
}
Also used : ZonedDateTime(java.time.ZonedDateTime) Collection(java.util.Collection) ExpiredCRLException(org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException) RunWith(org.junit.runner.RunWith) Parameters(org.junit.runners.Parameterized.Parameters) ClassPathResource(org.springframework.core.io.ClassPathResource) RevokedCertificateException(org.apereo.cas.adaptors.x509.authentication.revocation.RevokedCertificateException) ResourceCRLRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker) ArrayList(java.util.ArrayList) Slf4j(lombok.extern.slf4j.Slf4j) GeneralSecurityException(java.security.GeneralSecurityException) RevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.RevocationChecker) ThresholdExpiredCRLRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy) BigInteger(java.math.BigInteger) ZoneOffset(java.time.ZoneOffset) Parameterized(org.junit.runners.Parameterized) ExpiredCRLException(org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException) RevokedCertificateException(org.apereo.cas.adaptors.x509.authentication.revocation.RevokedCertificateException) ResourceCRLRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker) ArrayList(java.util.ArrayList) BigInteger(java.math.BigInteger) ThresholdExpiredCRLRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy) ClassPathResource(org.springframework.core.io.ClassPathResource) Parameters(org.junit.runners.Parameterized.Parameters)

Example 34 with Parameters

use of org.junit.runners.Parameterized.Parameters in project cas by apereo.

the class ThresholdExpiredCRLRevocationPolicyTests method getTestParameters.

/**
 * Gets the unit test parameters.
 *
 * @return  Test parameter data.
 */
@Parameters
public static Collection<Object[]> getTestParameters() {
    final Collection<Object[]> params = new ArrayList<>();
    final ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
    final ZonedDateTime twoHoursAgo = now.minusHours(2);
    final ZonedDateTime oneHourAgo = now.minusHours(1);
    final ZonedDateTime halfHourAgo = now.minusMinutes(30);
    final X500Principal issuer = new X500Principal("CN=CAS");
    // Test case #1
    // Expect expired for zero leniency on CRL expiring 1ms ago
    final ThresholdExpiredCRLRevocationPolicy zeroThreshold = new ThresholdExpiredCRLRevocationPolicy(0);
    params.add(new Object[] { zeroThreshold, new MockX509CRL(issuer, DateTimeUtils.dateOf(oneHourAgo), DateTimeUtils.dateOf(now.minusSeconds(1))), new ExpiredCRLException("CN=CAS", ZonedDateTime.now(ZoneOffset.UTC)) });
    // Test case #2
    // Expect expired for 1h leniency on CRL expired 1 hour 1ms ago
    final ThresholdExpiredCRLRevocationPolicy oneHourThreshold = new ThresholdExpiredCRLRevocationPolicy(3600);
    params.add(new Object[] { oneHourThreshold, new MockX509CRL(issuer, DateTimeUtils.dateOf(twoHoursAgo), DateTimeUtils.dateOf(oneHourAgo.minusSeconds(1))), new ExpiredCRLException("CN=CAS", ZonedDateTime.now(ZoneOffset.UTC)) });
    // Test case #3
    // Expect valid for 1h leniency on CRL expired 30m ago
    params.add(new Object[] { oneHourThreshold, new MockX509CRL(issuer, DateTimeUtils.dateOf(twoHoursAgo), DateTimeUtils.dateOf(halfHourAgo)), null });
    return params;
}
Also used : ExpiredCRLException(org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException) ZonedDateTime(java.time.ZonedDateTime) MockX509CRL(org.apereo.cas.adaptors.x509.util.MockX509CRL) ArrayList(java.util.ArrayList) X500Principal(javax.security.auth.x500.X500Principal) ThresholdExpiredCRLRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy) Parameters(org.junit.runners.Parameterized.Parameters)

Example 35 with Parameters

use of org.junit.runners.Parameterized.Parameters in project cas by apereo.

the class X509CredentialsAuthenticationHandlerTests method getTestParameters.

/**
 * Gets the unit test parameters.
 *
 * @return Test parameter data.
 */
@Parameters
public static Collection<Object[]> getTestParameters() {
    final Collection<Object[]> params = new ArrayList<>();
    X509CredentialsAuthenticationHandler handler;
    X509CertificateCredential credential;
    // Test case #1: Unsupported credential type
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"));
    params.add(new Object[] { handler, new UsernamePasswordCredential(), false, null });
    // Test case #2:Valid certificate
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"));
    credential = new X509CertificateCredential(createCertificates(USER_VALID_CRT));
    params.add(new Object[] { handler, credential, true, new DefaultAuthenticationHandlerExecutionResult(handler, credential, new DefaultPrincipalFactory().createPrincipal(credential.getId())) });
    // Test case #3: Expired certificate
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"));
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates("user-expired.crt")), true, new CertificateExpiredException() });
    // Test case #4: Untrusted issuer
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern("CN=\\w+,OU=CAS,O=Jasig,L=Westminster,ST=Colorado,C=US"), true, false, false);
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates("snake-oil.crt")), true, new FailedLoginException() });
    // Test case #5: Disallowed subject
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), true, RegexUtils.createPattern("CN=\\w+,OU=CAS,O=Jasig,L=Westminster,ST=Colorado,C=US"));
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates("snake-oil.crt")), true, new FailedLoginException() });
    // Test case #6: Check key usage on a cert without keyUsage extension
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), false, true, false);
    credential = new X509CertificateCredential(createCertificates(USER_VALID_CRT));
    params.add(new Object[] { handler, credential, true, new DefaultAuthenticationHandlerExecutionResult(handler, credential, new DefaultPrincipalFactory().createPrincipal(credential.getId())) });
    // Test case #7: Require key usage on a cert without keyUsage extension
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), false, true, true);
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates(USER_VALID_CRT)), true, new FailedLoginException() });
    // Test case #8: Require key usage on a cert with acceptable keyUsage extension values
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), false, true, true);
    credential = new X509CertificateCredential(createCertificates("user-valid-keyUsage.crt"));
    params.add(new Object[] { handler, credential, true, new DefaultAuthenticationHandlerExecutionResult(handler, credential, new DefaultPrincipalFactory().createPrincipal(credential.getId())) });
    // Test case #9: Require key usage on a cert with unacceptable keyUsage extension values
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), false, true, true);
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates("user-invalid-keyUsage.crt")), true, new FailedLoginException() });
    // ===================================
    // Revocation tests
    // ===================================
    ResourceCRLRevocationChecker checker;
    // Test case #10: Valid certificate with CRL checking
    checker = new ResourceCRLRevocationChecker(new ClassPathResource("userCA-valid.crl"));
    checker.init();
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), checker);
    credential = new X509CertificateCredential(createCertificates(USER_VALID_CRT));
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates(USER_VALID_CRT)), true, new DefaultAuthenticationHandlerExecutionResult(handler, credential, new DefaultPrincipalFactory().createPrincipal(credential.getId())) });
    // Test case #11: Revoked end user certificate
    checker = new ResourceCRLRevocationChecker(new ClassPathResource("userCA-valid.crl"));
    checker.init();
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), checker);
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates("user-revoked.crt")), true, new RevokedCertificateException(ZonedDateTime.now(ZoneOffset.UTC), null) });
    // Test case #12: Valid certificate on expired CRL data
    final ThresholdExpiredCRLRevocationPolicy zeroThresholdPolicy = new ThresholdExpiredCRLRevocationPolicy(0);
    checker = new ResourceCRLRevocationChecker(new ClassPathResource("userCA-expired.crl"), null, zeroThresholdPolicy);
    checker.init();
    handler = new X509CredentialsAuthenticationHandler(RegexUtils.createPattern(".*"), checker);
    params.add(new Object[] { handler, new X509CertificateCredential(createCertificates(USER_VALID_CRT)), true, new ExpiredCRLException(null, ZonedDateTime.now(ZoneOffset.UTC)) });
    return params;
}
Also used : RevokedCertificateException(org.apereo.cas.adaptors.x509.authentication.revocation.RevokedCertificateException) CertificateExpiredException(java.security.cert.CertificateExpiredException) ArrayList(java.util.ArrayList) DefaultPrincipalFactory(org.apereo.cas.authentication.principal.DefaultPrincipalFactory) DefaultAuthenticationHandlerExecutionResult(org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult) ClassPathResource(org.springframework.core.io.ClassPathResource) ThresholdExpiredCRLRevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy) ExpiredCRLException(org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException) FailedLoginException(javax.security.auth.login.FailedLoginException) X509CertificateCredential(org.apereo.cas.adaptors.x509.authentication.principal.X509CertificateCredential) ResourceCRLRevocationChecker(org.apereo.cas.adaptors.x509.authentication.revocation.checker.ResourceCRLRevocationChecker) UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential) Parameters(org.junit.runners.Parameterized.Parameters)

Aggregations

Parameters (org.junit.runners.Parameterized.Parameters)77 ArrayList (java.util.ArrayList)43 File (java.io.File)24 TestCaseContext (org.apache.asterix.testframework.context.TestCaseContext)6 Date (java.util.Date)5 SslContext (io.netty.handler.ssl.SslContext)4 IOException (java.io.IOException)4 ExpiredCRLException (org.apereo.cas.adaptors.x509.authentication.ExpiredCRLException)4 ThresholdExpiredCRLRevocationPolicy (org.apereo.cas.adaptors.x509.authentication.revocation.policy.ThresholdExpiredCRLRevocationPolicy)4 RunWith (org.junit.runner.RunWith)4 ClassPathResource (org.springframework.core.io.ClassPathResource)4 ZonedDateTime (java.time.ZonedDateTime)3 Configuration (org.apache.hadoop.conf.Configuration)3 YarnConfiguration (org.apache.hadoop.yarn.conf.YarnConfiguration)3 RevokedCertificateException (org.apereo.cas.adaptors.x509.authentication.revocation.RevokedCertificateException)3 Parameterized (org.junit.runners.Parameterized)3 CollectionAgentDTO (org.opennms.netmgt.collection.dto.CollectionAgentDTO)3 FileFilter (java.io.FileFilter)2 InputStream (java.io.InputStream)2 Field (java.lang.reflect.Field)2