first tests for SSL Client Auth. with HSM-Facade

1 files changed, 45 insertions, 7 deletions

diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java
index 84c0b12c..140c74f5 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java
@@ -28,7 +28,6 @@ import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.http.HttpClientConfiguration;
 import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory;
-import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
 import okhttp3.HttpUrl;
 import okhttp3.mockwebserver.MockResponse;
 import okhttp3.mockwebserver.MockWebServer;
@@ -42,7 +41,6 @@ public class HttpClientFactoryTest {
 
   @Autowired private EaafKeyStoreFactory keyStoreFactory;
   @Autowired private IHttpClientFactory httpClientFactory;
-  @Autowired private DummyAuthConfigMap config;
   
   private MockWebServer mockWebServer = null;
   private HttpUrl mockServerUrl;
@@ -53,11 +51,6 @@ public class HttpClientFactoryTest {
    */
   @Before
   public void setup() {
-    config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST, "");
-    config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT, "");
-    config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, "");
-    config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME, "");
-    config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD, "");
     
   }
 
@@ -335,4 +328,49 @@ public class HttpClientFactoryTest {
     Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode());
 
   }
+  
+  @Test
+  public void getCustomClientX509AuthWithHsmFacade() throws EaafException, ClientProtocolException,
+      IOException, KeyStoreException {
+    final HttpClientConfiguration config = new HttpClientConfiguration("jUnit");
+    config.setAuthMode("ssl");
+    config.buildKeyStoreConfig(
+        "hsmfacade",
+        null,
+        null,
+        "authhandler");
+    config.setSslKeyPassword("password");
+    config.setSslKeyAlias("authhandler-sign");
+    config.setDisableTlsHostCertificateValidation(true);
+
+    final CloseableHttpClient client = httpClientFactory.getHttpClient(config);
+    Assert.assertNotNull("httpClient", client);
+
+    //set-up mock-up web-server with SSL client authentication
+    final Pair<KeyStore, Provider> sslClientKeyStore =
+        keyStoreFactory.buildNewKeyStore(config.getKeyStoreConfig());
+    final String localhost = InetAddress.getByName("localhost").getCanonicalHostName();
+    final HeldCertificate localhostCertificate = new HeldCertificate.Builder()
+        .addSubjectAlternativeName(localhost)
+        .build();
+    X509Certificate clientRootCert = (X509Certificate) sslClientKeyStore.getFirst()
+        .getCertificateChain(config.getSslKeyAlias())[1];
+        
+    final HandshakeCertificates serverCertificates = new HandshakeCertificates.Builder()
+        .addTrustedCertificate(clientRootCert)
+        .heldCertificate(localhostCertificate)
+        .build();
+    mockWebServer = new MockWebServer();
+    mockWebServer.useHttps(serverCertificates.sslSocketFactory(), false);
+    mockWebServer.requireClientAuth();
+    mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+        .setBody("Successful auth!"));
+    mockServerUrl = mockWebServer.url("/sp/junit");
+
+    //perform test request
+    final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString());
+    final CloseableHttpResponse httpResp2 = client.execute(httpGet2);
+    Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode());
+
+  }
 }