use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.
the class MTLSAuthenticationHandlerTest method shouldValidateCertificateWithPeerCertificatesMatchingFirst.
@Test
public void shouldValidateCertificateWithPeerCertificatesMatchingFirst() {
// given
AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem").toArray(new X509Certificate[0]));
List<X509Certificate> clientCertificates = new ArrayList<>();
clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem"));
clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/leaf-cert.pem"));
clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem"));
HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), clientCertificates.toArray(new X509Certificate[0]));
// when
assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.
the class MTLSAuthenticationHandlerTest method shouldNotValidateNoClientCertifcates.
@Test
public void shouldNotValidateNoClientCertifcates() {
// given
AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem").toArray(new X509Certificate[0]));
HttpRequest request = request();
// when
AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
assertThat(authenticationException.getMessage(), equalTo("control plane request failed authentication no client certificates found"));
}
use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.
the class MTLSAuthenticationHandlerTest method shouldValidateCertificateWithMultipleCAsMatchingFirst.
@Test
public void shouldValidateCertificateWithMultipleCAsMatchingFirst() {
// given
List<X509Certificate> controlPlaneTLSMutualAuthenticationCAChain = new ArrayList<>();
controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem"));
controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem"));
AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, controlPlaneTLSMutualAuthenticationCAChain.toArray(new X509Certificate[0]));
HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem").toArray(new X509Certificate[0]));
// when
assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.
the class MTLSAuthenticationHandlerTest method shouldNotValidateEmptyCACertificates.
@Test
public void shouldNotValidateEmptyCACertificates() {
// given
AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, new X509Certificate[0]);
List<X509Certificate> clientCertificates = new ArrayList<>();
clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem"));
clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem"));
HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), clientCertificates.toArray(new X509Certificate[0]));
// when
AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
assertThat(authenticationException.getMessage(), equalTo("control plane request failed authentication no control plane CA specified"));
}
use of org.mockserver.authentication.AuthenticationHandler in project mockserver by mock-server.
the class JWTAuthenticationHandlerTest method shouldNotValidateNoAuthorizationHeader.
@Test
public void shouldNotValidateNoAuthorizationHeader() {
// given
AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
HttpRequest request = request();
// when
AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
assertThat(authenticationException.getMessage(), equalTo("no authorization header found"));
}
Aggregations