Java tutorial
/* * Copyright (c) 2016 Network New Technologies Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * You may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.networknt.basic; import com.networknt.client.Http2Client; import com.networknt.config.Config; import com.networknt.exception.ClientException; import com.networknt.status.Status; import io.undertow.Handlers; import io.undertow.Undertow; import io.undertow.client.ClientConnection; import io.undertow.client.ClientRequest; import io.undertow.client.ClientResponse; import io.undertow.server.HttpHandler; import io.undertow.server.RoutingHandler; import io.undertow.util.Headers; import io.undertow.util.HttpString; import io.undertow.util.Methods; import org.apache.commons.codec.binary.Base64; import org.junit.AfterClass; import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Test; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.xnio.IoUtils; import org.xnio.OptionMap; import java.net.URI; import java.util.HashMap; import java.util.Map; import java.util.concurrent.CountDownLatch; import java.util.concurrent.atomic.AtomicReference; import static java.nio.charset.StandardCharsets.UTF_8; /** * This is a test class for BasicAuthHandler. It tests all scenarios of positive and negative. * * @author Steve Hu */ public class BasicAuthHandlerTest { static final Logger logger = LoggerFactory.getLogger(BasicAuthHandlerTest.class); static Undertow server = null; @BeforeClass public static void setUp() { if (server == null) { logger.info("starting server"); HttpHandler handler = getTestHandler(); // inject the BasicAuthHandler before the TestHandler for security BasicAuthHandler basicAuthHandler = new BasicAuthHandler(); basicAuthHandler.setNext(handler); server = Undertow.builder().addHttpListener(17352, "localhost").setHandler(basicAuthHandler).build(); server.start(); } } @AfterClass public static void tearDown() throws Exception { if (server != null) { try { Thread.sleep(100); } catch (InterruptedException ignored) { } server.stop(); logger.info("The server is stopped."); } } static RoutingHandler getTestHandler() { return Handlers.routing().add(Methods.GET, "/v2/pet", exchange -> exchange.getResponseSender().send("OK")); } private static String encodeCredentials(String username, String password) { String cred; if (password != null) { cred = username + ":" + password; } else { cred = username; } String encodedValue; byte[] encodedBytes = Base64.encodeBase64(cred.getBytes(UTF_8)); encodedValue = new String(encodedBytes, UTF_8); return encodedValue; } @Test public void testWithRightCredentials() throws Exception { final Http2Client client = Http2Client.getInstance(); final CountDownLatch latch = new CountDownLatch(1); final ClientConnection connection; try { connection = client.connect(new URI("http://localhost:17352"), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.EMPTY).get(); } catch (Exception e) { throw new ClientException(e); } final AtomicReference<ClientResponse> reference = new AtomicReference<>(); try { ClientRequest request = new ClientRequest().setPath("/v2/pet").setMethod(Methods.GET); request.getRequestHeaders().put(Headers.HOST, "localhost"); request.getRequestHeaders().put(Headers.AUTHORIZATION, "BASIC " + encodeCredentials("user1", "user1pass")); connection.sendRequest(request, client.createClientCallback(reference, latch)); latch.await(); } catch (Exception e) { logger.error("Exception: ", e); throw new ClientException(e); } finally { IoUtils.safeClose(connection); } int statusCode = reference.get().getResponseCode(); Assert.assertEquals(200, statusCode); if (statusCode == 200) { Assert.assertNotNull(reference.get().getAttachment(Http2Client.RESPONSE_BODY)); } } @Test public void testEncryptedPassword() throws Exception { final Http2Client client = Http2Client.getInstance(); final CountDownLatch latch = new CountDownLatch(1); final ClientConnection connection; try { connection = client.connect(new URI("http://localhost:17352"), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.EMPTY).get(); } catch (Exception e) { throw new ClientException(e); } final AtomicReference<ClientResponse> reference = new AtomicReference<>(); try { ClientRequest request = new ClientRequest().setPath("/v2/pet").setMethod(Methods.GET); request.getRequestHeaders().put(Headers.HOST, "localhost"); request.getRequestHeaders().put(Headers.AUTHORIZATION, "BASIC " + encodeCredentials("user2", "password")); connection.sendRequest(request, client.createClientCallback(reference, latch)); latch.await(); } catch (Exception e) { logger.error("Exception: ", e); throw new ClientException(e); } finally { IoUtils.safeClose(connection); } int statusCode = reference.get().getResponseCode(); Assert.assertEquals(200, statusCode); if (statusCode == 200) { Assert.assertNotNull(reference.get().getAttachment(Http2Client.RESPONSE_BODY)); } } @Test public void testMissingToken() throws Exception { final Http2Client client = Http2Client.getInstance(); final CountDownLatch latch = new CountDownLatch(1); final ClientConnection connection; try { connection = client.connect(new URI("http://localhost:17352"), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.EMPTY).get(); } catch (Exception e) { throw new ClientException(e); } final AtomicReference<ClientResponse> reference = new AtomicReference<>(); try { ClientRequest request = new ClientRequest().setPath("/v2/pet").setMethod(Methods.GET); request.getRequestHeaders().put(Headers.HOST, "localhost"); connection.sendRequest(request, client.createClientCallback(reference, latch)); latch.await(); } catch (Exception e) { logger.error("Exception: ", e); throw new ClientException(e); } finally { IoUtils.safeClose(connection); } int statusCode = reference.get().getResponseCode(); Assert.assertEquals(401, statusCode); if (statusCode == 401) { Status status = Config.getInstance().getMapper() .readValue(reference.get().getAttachment(Http2Client.RESPONSE_BODY), Status.class); Assert.assertNotNull(status); Assert.assertEquals("ERR10002", status.getCode()); } } @Test public void testInvalidBasicHeader() throws Exception { final Http2Client client = Http2Client.getInstance(); final CountDownLatch latch = new CountDownLatch(1); final ClientConnection connection; try { connection = client.connect(new URI("http://localhost:17352"), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.EMPTY).get(); } catch (Exception e) { throw new ClientException(e); } final AtomicReference<ClientResponse> reference = new AtomicReference<>(); try { ClientRequest request = new ClientRequest().setPath("/v2/pet").setMethod(Methods.GET); request.getRequestHeaders().put(Headers.HOST, "localhost"); request.getRequestHeaders().put(Headers.AUTHORIZATION, "Bearer " + encodeCredentials("user1", "user1pass")); connection.sendRequest(request, client.createClientCallback(reference, latch)); latch.await(); } catch (Exception e) { logger.error("Exception: ", e); throw new ClientException(e); } finally { IoUtils.safeClose(connection); } int statusCode = reference.get().getResponseCode(); Assert.assertEquals(401, statusCode); if (statusCode == 401) { Status status = Config.getInstance().getMapper() .readValue(reference.get().getAttachment(Http2Client.RESPONSE_BODY), Status.class); Assert.assertNotNull(status); Assert.assertEquals("ERR10046", status.getCode()); } } @Test public void testInvalidUsername() throws Exception { final Http2Client client = Http2Client.getInstance(); final CountDownLatch latch = new CountDownLatch(1); final ClientConnection connection; try { connection = client.connect(new URI("http://localhost:17352"), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.EMPTY).get(); } catch (Exception e) { throw new ClientException(e); } final AtomicReference<ClientResponse> reference = new AtomicReference<>(); try { ClientRequest request = new ClientRequest().setPath("/v2/pet").setMethod(Methods.GET); request.getRequestHeaders().put(Headers.HOST, "localhost"); request.getRequestHeaders().put(Headers.AUTHORIZATION, "BASIC " + encodeCredentials("user3", "user1pass")); connection.sendRequest(request, client.createClientCallback(reference, latch)); latch.await(); } catch (Exception e) { logger.error("Exception: ", e); throw new ClientException(e); } finally { IoUtils.safeClose(connection); } int statusCode = reference.get().getResponseCode(); Assert.assertEquals(401, statusCode); if (statusCode == 401) { Status status = Config.getInstance().getMapper() .readValue(reference.get().getAttachment(Http2Client.RESPONSE_BODY), Status.class); Assert.assertNotNull(status); Assert.assertEquals("ERR10047", status.getCode()); } } @Test public void testInvalidPassword() throws Exception { final Http2Client client = Http2Client.getInstance(); final CountDownLatch latch = new CountDownLatch(1); final ClientConnection connection; try { connection = client.connect(new URI("http://localhost:17352"), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.EMPTY).get(); } catch (Exception e) { throw new ClientException(e); } final AtomicReference<ClientResponse> reference = new AtomicReference<>(); try { ClientRequest request = new ClientRequest().setPath("/v2/pet").setMethod(Methods.GET); request.getRequestHeaders().put(Headers.HOST, "localhost"); request.getRequestHeaders().put(Headers.AUTHORIZATION, "BASIC " + encodeCredentials("user2", "ppp")); connection.sendRequest(request, client.createClientCallback(reference, latch)); latch.await(); } catch (Exception e) { logger.error("Exception: ", e); throw new ClientException(e); } finally { IoUtils.safeClose(connection); } int statusCode = reference.get().getResponseCode(); Assert.assertEquals(401, statusCode); if (statusCode == 401) { Status status = Config.getInstance().getMapper() .readValue(reference.get().getAttachment(Http2Client.RESPONSE_BODY), Status.class); Assert.assertNotNull(status); Assert.assertEquals("ERR10047", status.getCode()); } } }