Search in sources :

Example 1 with JDKCertificateToMockServerX509Certificate

use of org.mockserver.mappers.JDKCertificateToMockServerX509Certificate in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldValidateCertificateWithPeerCertificatesMatchingFirst.

@Test
public void shouldValidateCertificateWithPeerCertificatesMatchingFirst() {
    // given
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem").toArray(new X509Certificate[0]));
    List<X509Certificate> clientCertificates = new ArrayList<>();
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem"));
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/leaf-cert.pem"));
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem"));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), clientCertificates.toArray(new X509Certificate[0]));
    // when
    assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) ArrayList(java.util.ArrayList) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 2 with JDKCertificateToMockServerX509Certificate

use of org.mockserver.mappers.JDKCertificateToMockServerX509Certificate in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldValidateCertificateWithMultipleCAsMatchingFirst.

@Test
public void shouldValidateCertificateWithMultipleCAsMatchingFirst() {
    // given
    List<X509Certificate> controlPlaneTLSMutualAuthenticationCAChain = new ArrayList<>();
    controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem"));
    controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem"));
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, controlPlaneTLSMutualAuthenticationCAChain.toArray(new X509Certificate[0]));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem").toArray(new X509Certificate[0]));
    // when
    assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) ArrayList(java.util.ArrayList) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 3 with JDKCertificateToMockServerX509Certificate

use of org.mockserver.mappers.JDKCertificateToMockServerX509Certificate in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldNotValidateEmptyCACertificates.

@Test
public void shouldNotValidateEmptyCACertificates() {
    // given
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, new X509Certificate[0]);
    List<X509Certificate> clientCertificates = new ArrayList<>();
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem"));
    clientCertificates.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem"));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), clientCertificates.toArray(new X509Certificate[0]));
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("control plane request failed authentication no control plane CA specified"));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) ArrayList(java.util.ArrayList) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 4 with JDKCertificateToMockServerX509Certificate

use of org.mockserver.mappers.JDKCertificateToMockServerX509Certificate in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldNotValidateEmptyClientCertifcates.

@Test
public void shouldNotValidateEmptyClientCertifcates() {
    // given
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem").toArray(new X509Certificate[0]));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), new X509Certificate[0]);
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("control plane request failed authentication no client certificates found"));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Example 5 with JDKCertificateToMockServerX509Certificate

use of org.mockserver.mappers.JDKCertificateToMockServerX509Certificate in project mockserver by mock-server.

the class MTLSAuthenticationHandlerTest method shouldValidateCertificateWithMultipleCAsMatchingSecond.

@Test
public void shouldValidateCertificateWithMultipleCAsMatchingSecond() {
    // given
    List<X509Certificate> controlPlaneTLSMutualAuthenticationCAChain = new ArrayList<>();
    controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/separateca/ca.pem"));
    controlPlaneTLSMutualAuthenticationCAChain.addAll(PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/ca.pem"));
    AuthenticationHandler authenticationHandler = new MTLSAuthenticationHandler(mockServerLogger, controlPlaneTLSMutualAuthenticationCAChain.toArray(new X509Certificate[0]));
    HttpRequest request = new JDKCertificateToMockServerX509Certificate(mockServerLogger).setClientCertificates(request(), PEMToFile.x509ChainFromPEMFile("org/mockserver/authentication/mtls/leaf-cert.pem").toArray(new X509Certificate[0]));
    // when
    assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Also used : HttpRequest(org.mockserver.model.HttpRequest) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) ArrayList(java.util.ArrayList) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) X509Certificate(java.security.cert.X509Certificate) JDKCertificateToMockServerX509Certificate(org.mockserver.mappers.JDKCertificateToMockServerX509Certificate) Test(org.junit.Test)

Aggregations

X509Certificate (java.security.cert.X509Certificate)14 Test (org.junit.Test)14 JDKCertificateToMockServerX509Certificate (org.mockserver.mappers.JDKCertificateToMockServerX509Certificate)14 HttpRequest (org.mockserver.model.HttpRequest)14 AuthenticationHandler (org.mockserver.authentication.AuthenticationHandler)9 ArrayList (java.util.ArrayList)6 MTLSAuthenticationHandler (org.mockserver.authentication.mtls.MTLSAuthenticationHandler)5 AsymmetricKeyPair (org.mockserver.keys.AsymmetricKeyPair)5 AuthenticationException (org.mockserver.authentication.AuthenticationException)4