Search in sources :

Example 1 with AuthenticationHandler

use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldValidateCertificateWithPeerCertificatesMatchingFirst.

@Test
public void shouldValidateCertificateWithPeerCertificatesMatchingFirst() {
    // given
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem").toArray(new X509Certificate[0]));
    List<X509Certificate> clientCertificates = new ArrayList<>();
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem"));
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/leaf-cert.pem"));
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem"));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), clientCertificates.toArray(new X509Certificate[0]));
    // when
    assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) ArrayList(java.util.ArrayList) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 2 with AuthenticationHandler

use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldNotValidateNoClientCertifcates.

@Test
public void shouldNotValidateNoClientCertifcates() {
    // given
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem").toArray(new X509Certificate[0]));
    HttpRequest request = request();
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("control plane request failed authentication no client certificates found"));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 3 with AuthenticationHandler

use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldValidateCertificateWithMultipleCAsMatchingFirst.

@Test
public void shouldValidateCertificateWithMultipleCAsMatchingFirst() {
    // given
    List<X509Certificate> controlPlaneTLSMutualAuthenticationCAChain = new ArrayList<>();
    controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem"));
    controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem"));
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, controlPlaneTLSMutualAuthenticationCAChain.toArray(new X509Certificate[0]));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem").toArray(new X509Certificate[0]));
    // when
    assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) ArrayList(java.util.ArrayList) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 4 with AuthenticationHandler

use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldNotValidateEmptyCACertificates.

@Test
public void shouldNotValidateEmptyCACertificates() {
    // given
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, new X509Certificate[0]);
    List<X509Certificate> clientCertificates = new ArrayList<>();
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem"));
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem"));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), clientCertificates.toArray(new X509Certificate[0]));
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("control plane request failed authentication no control plane CA specified"));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) ArrayList(java.util.ArrayList) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 5 with AuthenticationHandler

use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.

the class JWTAuthenticationHandlerTest method shouldNotValidateNoAuthorizationHeader.

@Test
public void shouldNotValidateNoAuthorizationHeader() {
    // given
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
    HttpRequest request = request();
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("no authorization header found"));
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)21 AuthenticationHandler (org.mockserver.authentication.AuthenticationHandler)21 HttpRequest (org.mockserver.model.HttpRequest)21 AuthenticationException (org.mockserver.authentication.AuthenticationException)13 AsymmetricKeyPair (org.mockserver.keys.AsymmetricKeyPair)11 X509Certificate (java.security.cert.X509Certificate)10 JDKCertificateToMockServerX509Certificate (org.mockserver.mappers.JDKCertificateToMockServerX509Certificate)10 ArrayList (java.util.ArrayList)6 HashSet (java.util.HashSet)2