Search in sources :

Example 1 with JsonRiJaxrsProvider

use of org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider in project restful-pdp by authzforce.

the class XacmlRestProfileJaxRsTest method testInvalidPdpRequest.

@Test
public void testInvalidPdpRequest() throws IOException {
    // Request body (invalid according to JSON schema)
    final String reqLocation = "src/test/resources/server/IIA001/Request-missing-category-id.json";
    try (InputStream reqIn = new FileInputStream(reqLocation)) {
        final JSONObject jsonRequest = new LimitsCheckingJSONObject(new InputStreamReader(reqIn, StandardCharsets.UTF_8), MAX_JSON_STRING_LENGTH, MAX_JSON_CHILDREN_COUNT, MAX_JSON_DEPTH);
        if (!jsonRequest.has("Request")) {
            throw new IllegalArgumentException("Invalid XACML JSON Request file: " + reqLocation + ". Expected root key: \"Request\"");
        }
        /*
			 * No preliminary request schema validation this time, let the server reject it
			 */
        // send request
        final WebClient client = WebClient.create("http://localhost:" + port + "/services", Collections.singletonList(new JsonRiJaxrsProvider()));
        final Response actualResponse = client.path("pdp").type("application/xacml+json").accept("application/xacml+json").post(jsonRequest);
        // check response
        Assert.assertEquals(Status.BAD_REQUEST.getStatusCode(), actualResponse.getStatus());
    }
}
Also used : Response(javax.ws.rs.core.Response) JSONObject(org.json.JSONObject) LimitsCheckingJSONObject(org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject) InputStreamReader(java.io.InputStreamReader) JsonRiJaxrsProvider(org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) LimitsCheckingJSONObject(org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject) WebClient(org.apache.cxf.jaxrs.client.WebClient) FileInputStream(java.io.FileInputStream) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 2 with JsonRiJaxrsProvider

use of org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider in project restful-pdp by authzforce.

the class XacmlRestProfileJaxRsTest method testPdpRequest.

@Test
public void testPdpRequest() throws IOException {
    // Request body
    final String reqLocation = "src/test/resources/IIA001/Request.json";
    final JSONObject jsonRequest = new LimitsCheckingJSONObject(new FileReader(reqLocation, StandardCharsets.UTF_8), MAX_JSON_STRING_LENGTH, MAX_JSON_CHILDREN_COUNT, MAX_JSON_DEPTH);
    if (!jsonRequest.has("Request")) {
        throw new IllegalArgumentException("Invalid XACML JSON Request file: " + reqLocation + ". Expected root key: \"Request\"");
    }
    XacmlJsonUtils.REQUEST_SCHEMA.validate(jsonRequest);
    // expected response
    final String respLocation = "src/test/resources/IIA001/Response.json";
    final JSONObject expectedResponse = new LimitsCheckingJSONObject(new FileReader(respLocation, StandardCharsets.UTF_8), MAX_JSON_STRING_LENGTH, MAX_JSON_CHILDREN_COUNT, MAX_JSON_DEPTH);
    if (!expectedResponse.has("Response")) {
        throw new IllegalArgumentException("Invalid XACML JSON Response file: " + respLocation + ". Expected root key: \"Response\"");
    }
    XacmlJsonUtils.RESPONSE_SCHEMA.validate(expectedResponse);
    // send request
    final WebClient client = WebClient.create(ENDPOINT_ADDRESS, Collections.singletonList(new JsonRiJaxrsProvider()));
    final JSONObject actualResponse = client.path("pdp").type("application/xacml+json").accept("application/xacml+json").post(jsonRequest, JSONObject.class);
    // check response
    Assert.assertTrue(expectedResponse.similar(actualResponse), "JSON response does not match expected one.");
}
Also used : JSONObject(org.json.JSONObject) LimitsCheckingJSONObject(org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject) JsonRiJaxrsProvider(org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider) LimitsCheckingJSONObject(org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject) FileReader(java.io.FileReader) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 3 with JsonRiJaxrsProvider

use of org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider in project restful-pdp by authzforce.

the class XacmlRestProfileJaxRsTest method startServer.

private static void startServer(String pdpConfigLocation) throws Exception {
    final PdpEngineConfiguration pdpConf = PdpEngineConfiguration.getInstance(pdpConfigLocation, "src/test/resources/catalog.xml", "src/test/resources/pdp-ext.xsd");
    /*
		 * See also http://cxf.apache.org/docs/secure-jax-rs-services.html
		 */
    final JAXRSServerFactoryBean sf = new JAXRSServerFactoryBean();
    sf.setResourceClasses(XacmlPdpResource.class);
    sf.setResourceProvider(XacmlPdpResource.class, new SingletonResourceProvider(new XacmlPdpResource(pdpConf)));
    // add custom providers if any
    sf.setProviders(Collections.singletonList(new JsonRiJaxrsProvider()));
    final LoggingFeature loggingFeature = new LoggingFeature();
    loggingFeature.setPrettyLogging(true);
    loggingFeature.setVerbose(true);
    sf.setFeatures(Collections.singletonList(loggingFeature));
    sf.setAddress(ENDPOINT_ADDRESS);
    server = sf.create();
}
Also used : PdpEngineConfiguration(org.ow2.authzforce.core.pdp.impl.PdpEngineConfiguration) JsonRiJaxrsProvider(org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider) XacmlPdpResource(org.ow2.authzforce.rest.pdp.jaxrs.XacmlPdpResource) LoggingFeature(org.apache.cxf.ext.logging.LoggingFeature) JAXRSServerFactoryBean(org.apache.cxf.jaxrs.JAXRSServerFactoryBean) SingletonResourceProvider(org.apache.cxf.jaxrs.lifecycle.SingletonResourceProvider)

Example 4 with JsonRiJaxrsProvider

use of org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider in project restful-pdp by authzforce.

the class XacmlRestProfileJaxRsTest method testPdpRequest.

// @Autowired
// private TestRestTemplate restTemplate;
@Test
public void testPdpRequest() throws IOException {
    // Request body
    final String reqLocation = "src/test/resources/server/IIA001/Request.json";
    try (InputStream reqIn = new FileInputStream(reqLocation)) {
        final JSONObject jsonRequest = new LimitsCheckingJSONObject(new InputStreamReader(reqIn, StandardCharsets.UTF_8), MAX_JSON_STRING_LENGTH, MAX_JSON_CHILDREN_COUNT, MAX_JSON_DEPTH);
        if (!jsonRequest.has("Request")) {
            throw new IllegalArgumentException("Invalid XACML JSON Request file: " + reqLocation + ". Expected root key: \"Request\"");
        }
        XacmlJsonUtils.REQUEST_SCHEMA.validate(jsonRequest);
        // expected response
        final String respLocation = "src/test/resources/server/IIA001/Response.json";
        try (final InputStream respIn = new FileInputStream(respLocation)) {
            final JSONObject expectedResponse = new LimitsCheckingJSONObject(new InputStreamReader(respIn, StandardCharsets.UTF_8), MAX_JSON_STRING_LENGTH, MAX_JSON_CHILDREN_COUNT, MAX_JSON_DEPTH);
            if (!expectedResponse.has("Response")) {
                throw new IllegalArgumentException("Invalid XACML JSON Response file: " + respLocation + ". Expected root key: \"Response\"");
            }
            XacmlJsonUtils.RESPONSE_SCHEMA.validate(expectedResponse);
            // send request
            final WebClient client = WebClient.create("http://localhost:" + port + "/services", Collections.singletonList(new JsonRiJaxrsProvider()));
            final JSONObject actualResponse = client.path("pdp").type("application/xacml+json").accept("application/xacml+json").post(jsonRequest, JSONObject.class);
            // check response
            Assert.assertTrue(expectedResponse.similar(actualResponse));
        }
    }
}
Also used : JSONObject(org.json.JSONObject) LimitsCheckingJSONObject(org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject) InputStreamReader(java.io.InputStreamReader) JsonRiJaxrsProvider(org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) LimitsCheckingJSONObject(org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject) WebClient(org.apache.cxf.jaxrs.client.WebClient) FileInputStream(java.io.FileInputStream) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

JsonRiJaxrsProvider (org.ow2.authzforce.jaxrs.util.JsonRiJaxrsProvider)4 WebClient (org.apache.cxf.jaxrs.client.WebClient)3 JSONObject (org.json.JSONObject)3 LimitsCheckingJSONObject (org.ow2.authzforce.xacml.json.model.LimitsCheckingJSONObject)3 FileInputStream (java.io.FileInputStream)2 InputStream (java.io.InputStream)2 InputStreamReader (java.io.InputStreamReader)2 Test (org.junit.Test)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 FileReader (java.io.FileReader)1 Response (javax.ws.rs.core.Response)1 LoggingFeature (org.apache.cxf.ext.logging.LoggingFeature)1 JAXRSServerFactoryBean (org.apache.cxf.jaxrs.JAXRSServerFactoryBean)1 SingletonResourceProvider (org.apache.cxf.jaxrs.lifecycle.SingletonResourceProvider)1 PdpEngineConfiguration (org.ow2.authzforce.core.pdp.impl.PdpEngineConfiguration)1 XacmlPdpResource (org.ow2.authzforce.rest.pdp.jaxrs.XacmlPdpResource)1