package at.gv.egiz.eaaf.core.test.http; import java.io.IOException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.Provider; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Base64; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpUriRequest; import org.apache.http.impl.client.CloseableHttpClient; import org.junit.Assert; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.MethodMode; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.http.HttpClientConfiguration; import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; import ch.qos.logback.classic.Level; import ch.qos.logback.classic.Logger; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration("/spring/test_eaaf_pvp_not_lazy.beans.xml") @DirtiesContext public class HttpClientFactoryProdHostTest { @Autowired private IHttpClientFactory httpClientFactory; @Autowired private EaafKeyStoreFactory keyStoreFactory; /** * Initialize full class. */ @BeforeClass public static void classInitializer() { final Logger logger = (Logger) LoggerFactory.getLogger("org.bouncycastle.jsse"); logger.setLevel(Level.TRACE); } /** * JUnit test set-up. * */ @Before public void setup() { } @Test @DirtiesContext(methodMode = MethodMode.BEFORE_METHOD) public void getCustomClientX509AuthWithHsmFacadeTrustStore() throws EaafException, ClientProtocolException, IOException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateEncodingException { System.setProperty("javax.net.debug", "ssl:handshake"); final HttpClientConfiguration clientConfig = new HttpClientConfiguration("jUnit-client"); clientConfig.setAuthMode("ssl"); //clientConfig.buildKeyStoreConfig("hsmfacade", null, null, "eid-junit"); //clientConfig.setSslKeyAlias("rsa-key-1"); clientConfig.buildKeyStoreConfig("hsmfacade", null, null, "authhandler"); clientConfig.setSslKeyAlias("authhandler-sign"); clientConfig.setDisableTlsHostCertificateValidation(false); final CloseableHttpClient client = httpClientFactory.getHttpClient(clientConfig); Assert.assertNotNull("httpClient", client); final Pair sslClientKeyStore = keyStoreFactory.buildNewKeyStore(clientConfig.getKeyStoreConfig()); final X509Certificate clientRootCert = (X509Certificate) sslClientKeyStore.getFirst() .getCertificateChain(clientConfig.getSslKeyAlias())[1]; final X509Certificate clientEeCert = (X509Certificate) sslClientKeyStore.getFirst() .getCertificateChain(clientConfig.getSslKeyAlias())[0]; Base64.getEncoder().encodeToString(clientEeCert.getEncoded()); //perform test request final HttpUriRequest httpGet2 = new HttpGet("https://apps.egiz.gv.at//sslclientcertdemo/"); final CloseableHttpResponse httpResp2 = client.execute(httpGet2); Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); } }