package test.at.gv.egovernment.moa.spss.logger; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import java.util.Arrays; import java.util.List; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; import org.slf4j.LoggerFactory; import at.gv.egovernment.moa.spss.server.logging.IaikLog; import at.gv.egovernment.moa.spss.server.logging.TransactionId; import ch.qos.logback.classic.Level; import ch.qos.logback.classic.Logger; import ch.qos.logback.classic.LoggerContext; @RunWith(BlockJUnit4ClassRunner.class) public class IaikLoggerMaskingTest { private IaikLog log; private TransactionId transId; private MemoryLoggingAppender memoryAppender = null; private static final String LOGMSG_1 = "Signature OK from signer: serialNumber=882486130371,givenName=XXXĤáčęk,SN=XXXMûstérfřău,CN=XXXĤáčęk XXXMûstérfřău,C=AT"; private static final String LOGMSG_2 = "storing cert \"serialNumber=882486130371,givenName=XXXĤáčęk,SN=XXXMûstérfřău,CN=XXXĤáčęk XXXMûstérfřău,C=AT\" to: /data/eID/springboot-authhandler/config/moa-spss/certstore/subjectdn/518D25DA7380CF1967B5014DDB74E862E5E52827/9E1D7A221A7D1A522A9E169FA6F9A2E81EEAB643"; @Before public void initialize() { log = new IaikLog(RandomStringUtils.randomAlphabetic(5)); transId = new TransactionId(RandomStringUtils.randomAlphanumeric(5)); // setup log appender if (memoryAppender == null) { final Logger logger = (Logger) LoggerFactory.getLogger("iaik.server"); memoryAppender = new MemoryLoggingAppender(); memoryAppender.setContext((LoggerContext) LoggerFactory.getILoggerFactory()); logger.setLevel(Level.DEBUG); logger.addAppender(memoryAppender); memoryAppender.start(); } else { memoryAppender.reset(); } } @Test public void certificateMaskingInfoLevelMorePatterns() { // patterns IaikLog.addMaskPattern("(C=)(.*?)(,|$)"); IaikLog.addMaskPattern("(CN=)(.*?)(,|$)"); IaikLog.addMaskPattern("(SN=)(.*?)(,|$)"); IaikLog.addMaskPattern("(serialNumber=)(.*?)(,|$)"); IaikLog.addMaskPattern("(givenName=)(.*?)(,|$)"); //test log.info(transId, LOGMSG_1, null); //verify log verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); } @Test public void certificateMaskingInfoLevelOnePattern() { // Patterns IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); //test log.info(transId, LOGMSG_1, null); //verify log verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); } @Test public void certificateMaskingSecondMessage() { // Patterns IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); //test log.info(transId, LOGMSG_2, null); //verify log verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); } @Test public void certificateMaskingWarnLevelMorePatterns() { // patterns IaikLog.addMaskPattern("(C=)(.*?)(,|$)"); IaikLog.addMaskPattern("(CN=)(.*?)(,|$)"); IaikLog.addMaskPattern("(SN=)(.*?)(,|$)"); IaikLog.addMaskPattern("(serialNumber=)(.*?)(,|$)"); IaikLog.addMaskPattern("(givenName=)(.*?)(,|$)"); //test log.warn(transId, LOGMSG_1, null); //verify log verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); } @Test public void certificateMaskingWarnLevelOnePattern() { // Patterns IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); //test log.warn(transId, LOGMSG_1, null); //verify log verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); } @Test public void certificateMaskingErrorLevelOnePattern() { // Patterns IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); //test log.error(transId, LOGMSG_1, null); //verify log verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); } @Test public void certificateMaskingFatalLevelOnePattern() { // Patterns IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); //test log.fatal(transId, LOGMSG_1, null); //verify log verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); } @Test public void randomMessage() { // Patterns IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); String msg = RandomStringUtils.randomAlphanumeric(25); //test log.info(transId, msg, null); //verify log Arrays.asList(msg) .stream().forEach( el -> assertTrue("find wrong element", memoryAppender.getLoggedEvents().get(0).getMessage().contains(el))); } @Test public void noMsgReclassification() { String msg = RandomStringUtils.randomAlphanumeric(25); //test log.warn(transId, msg, null); //verify log assertTrue("Log Msg on Level WARN", verifyMsgOnLevel(Level.WARN, msg)); } @Test public void msgReclassification() { String msg1 = "Max. cert info store size exceeded, consider using a larger certinfostore."; String msg2 = "my new test mgs"; IaikLog.addLogMsgForReclassification(msg2); //test log.warn(transId, msg1, null); log.warn(transId, msg2, null); //verify log assertFalse("Log Msg on wrong", verifyMsgOnLevel(Level.WARN, msg1)); assertTrue("Log Msg on wrong", verifyMsgOnLevel(Level.INFO, msg1)); assertFalse("Log Msg on wrong", verifyMsgOnLevel(Level.WARN, msg2)); assertTrue("Log Msg on wrong", verifyMsgOnLevel(Level.INFO, msg2)); } private boolean verifyMsgOnLevel(Level level, String msg) { return memoryAppender.getLoggedEvents().stream() .filter(el -> el.getLevel().equals(level)) .filter(el -> el.getMessage().contains(msg)) .findFirst() .isPresent(); } private void verifyLogMessge(List checks) { assertEquals("no log", 1, memoryAppender.getSize()); checks.stream().forEach( el -> assertFalse("find wrong element", memoryAppender.getLoggedEvents().get(0).getMessage().contains(el))); } }