diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-05-05 12:28:28 +0200 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-05-05 12:28:28 +0200 |
commit | 49cb8adfd8992dc8d21ff208d8dd93e0592e1be4 (patch) | |
tree | 7631ccdd3ce61754e7b24a8ec7be7cf9281ff37d /eaaf_core_utils/src/test/java/at | |
parent | f7941c2004a157023f1f89ef2d3c9de75548d73e (diff) | |
download | EAAF-Components-49cb8adfd8992dc8d21ff208d8dd93e0592e1be4.tar.gz EAAF-Components-49cb8adfd8992dc8d21ff208d8dd93e0592e1be4.tar.bz2 EAAF-Components-49cb8adfd8992dc8d21ff208d8dd93e0592e1be4.zip |
first tests for SSL Client Auth. with HSM-Facade
Diffstat (limited to 'eaaf_core_utils/src/test/java/at')
-rw-r--r-- | eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java | 52 |
1 files changed, 45 insertions, 7 deletions
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java index 84c0b12c..140c74f5 100644 --- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java @@ -28,7 +28,6 @@ import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.http.HttpClientConfiguration; import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; -import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap; import okhttp3.HttpUrl; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @@ -42,7 +41,6 @@ public class HttpClientFactoryTest { @Autowired private EaafKeyStoreFactory keyStoreFactory; @Autowired private IHttpClientFactory httpClientFactory; - @Autowired private DummyAuthConfigMap config; private MockWebServer mockWebServer = null; private HttpUrl mockServerUrl; @@ -53,11 +51,6 @@ public class HttpClientFactoryTest { */ @Before public void setup() { - config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST, ""); - config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT, ""); - config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, ""); - config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME, ""); - config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD, ""); } @@ -335,4 +328,49 @@ public class HttpClientFactoryTest { Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); } + + @Test + public void getCustomClientX509AuthWithHsmFacade() throws EaafException, ClientProtocolException, + IOException, KeyStoreException { + final HttpClientConfiguration config = new HttpClientConfiguration("jUnit"); + config.setAuthMode("ssl"); + config.buildKeyStoreConfig( + "hsmfacade", + null, + null, + "authhandler"); + config.setSslKeyPassword("password"); + config.setSslKeyAlias("authhandler-sign"); + config.setDisableTlsHostCertificateValidation(true); + + final CloseableHttpClient client = httpClientFactory.getHttpClient(config); + Assert.assertNotNull("httpClient", client); + + //set-up mock-up web-server with SSL client authentication + final Pair<KeyStore, Provider> sslClientKeyStore = + keyStoreFactory.buildNewKeyStore(config.getKeyStoreConfig()); + final String localhost = InetAddress.getByName("localhost").getCanonicalHostName(); + final HeldCertificate localhostCertificate = new HeldCertificate.Builder() + .addSubjectAlternativeName(localhost) + .build(); + X509Certificate clientRootCert = (X509Certificate) sslClientKeyStore.getFirst() + .getCertificateChain(config.getSslKeyAlias())[1]; + + final HandshakeCertificates serverCertificates = new HandshakeCertificates.Builder() + .addTrustedCertificate(clientRootCert) + .heldCertificate(localhostCertificate) + .build(); + mockWebServer = new MockWebServer(); + mockWebServer.useHttps(serverCertificates.sslSocketFactory(), false); + mockWebServer.requireClientAuth(); + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody("Successful auth!")); + mockServerUrl = mockWebServer.url("/sp/junit"); + + //perform test request + final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString()); + final CloseableHttpResponse httpResp2 = client.execute(httpGet2); + Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); + + } } |