net.mms_projects.copy_it.api.oauth.HeaderVerifierDatabaseTest.java Source code

Java tutorial

  1. HOME
  2. Java
  3. net.mms_projects.copy_it.api.oauth.HeaderVerifierDatabaseTest.java

Introduction

Here is the source code for net.mms_projects.copy_it.api.oauth.HeaderVerifierDatabaseTest.java

Source

/*  copyit-server
 *  Copyright (C) 2013  Toon Schoenmakers
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation, either version 3 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

package net.mms_projects.copy_it.api.oauth;

import io.netty.handler.codec.http.DefaultFullHttpRequest;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpRequest;
import io.netty.handler.codec.http.HttpVersion;
import net.mms_projects.copy_it.api.oauth.exceptions.OAuthException;
import net.mms_projects.copy_it.server.config.Config;
import net.mms_projects.copy_it.server.database.Database;
import net.mms_projects.copy_it.server.database.DatabasePool;
import net.mms_projects.copy_it.server.database.MySQL;
import net.mms_projects.copy_it.server.database.OutOfConnectionsException;
import org.junit.Test;

import java.io.File;
import java.net.URI;
import java.net.URISyntaxException;
import java.sql.SQLException;

import static io.netty.handler.codec.http.HttpHeaders.Names.AUTHORIZATION;

/**
 * These tests assume you have imported test/test.sql
 */

public class HeaderVerifierDatabaseTest {
    static {
        try {
            new Config(new File(System.getProperty("testConfigFile")));
            final int maxconnections = Config.getMaxConnectionsDatabasePool();
            new DatabasePool(MySQL.class, maxconnections);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Test(timeout = 1000)
    public void verifyConsumer()
            throws OAuthException, SQLException, OutOfConnectionsException, URISyntaxException {
        String header = "OAuth realm=\"\", "
                + "oauth_consumer_key=\"401a131e03357df2a563fba48f98749448ed63d37e007f7353608cf81fa70a2d\", "
                + "oauth_nonce=\"" + Utils.generateNonce() + "\", " + "oauth_timestamp=\""
                + Long.toString(System.currentTimeMillis() / 1000) + "\", "
                + "oauth_signature_method=\"HMAC-SHA1\", " + "oauth_version=\"1.0\", "
                + "oauth_token=\"oauth_token\", " + "oauth_signature=\"CBTk%2FvzxEqqr0AvhnVgdWNHuKfw%3D\"";
        HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET,
                "http://127.0.0.1:8080/");
        request.headers().add(AUTHORIZATION, header);
        HeaderVerifier headerVerifier = new HeaderVerifier(request, new URI(request.getUri()));
        Database database = DatabasePool.getDBConnection();
        headerVerifier.verifyConsumer(database);
    }

    @Test(expected = OAuthException.class, timeout = 1000)
    public void verifyInvalidConsumer()
            throws OAuthException, SQLException, OutOfConnectionsException, URISyntaxException {
        String header = "OAuth realm=\"\", " + "oauth_consumer_key=\"This is a totally invalid consumer key\", "
                + "oauth_nonce=\"" + Utils.generateNonce() + "\", " + "oauth_timestamp=\""
                + Long.toString(System.currentTimeMillis() / 1000) + "\", "
                + "oauth_signature_method=\"HMAC-SHA1\", " + "oauth_version=\"1.0\", "
                + "oauth_token=\"oauth_token\", " + "oauth_signature=\"CBTk%2FvzxEqqr0AvhnVgdWNHuKfw%3D\"";
        HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET,
                "http://127.0.0.1:8080/");
        request.headers().add(AUTHORIZATION, header);
        HeaderVerifier headerVerifier = new HeaderVerifier(request, new URI(request.getUri()));
        Database database = DatabasePool.getDBConnection();
        headerVerifier.verifyConsumer(database);
    }

    @Test(timeout = 1000)
    public void verifyUserToken()
            throws OAuthException, OutOfConnectionsException, SQLException, URISyntaxException {
        String header = "OAuth realm=\"\", "
                + "oauth_consumer_key=\"401a131e03357df2a563fba48f98749448ed63d37e007f7353608cf81fa70a2d\", "
                + "oauth_nonce=\"" + Utils.generateNonce() + "\", " + "oauth_timestamp=\""
                + Long.toString(System.currentTimeMillis() / 1000) + "\", "
                + "oauth_signature_method=\"HMAC-SHA1\", " + "oauth_version=\"1.0\", "
                + "oauth_token=\"9476f5130a07a7c0061de48bc19123f51636af704c5df369701960e0bc151255\", "
                + "oauth_signature=\"CBTk%2FvzxEqqr0AvhnVgdWNHuKfw%3D\"";
        HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET,
                "http://127.0.0.1:8080/");
        request.headers().add(AUTHORIZATION, header);
        HeaderVerifier headerVerifier = new HeaderVerifier(request, new URI(request.getUri()));
        Database database = DatabasePool.getDBConnection();
        headerVerifier.verifyConsumer(database);
        headerVerifier.verifyOAuthToken(database);
    }

    @Test(expected = OAuthException.class, timeout = 1000)
    public void verifyInvalidUserToken()
            throws OAuthException, OutOfConnectionsException, SQLException, URISyntaxException {
        String header = "OAuth realm=\"\", "
                + "oauth_consumer_key=\"401a131e03357df2a563fba48f98749448ed63d37e007f7353608cf81fa70a2d\", "
                + "oauth_nonce=\"" + Utils.generateNonce() + "\", " + "oauth_timestamp=\""
                + Long.toString(System.currentTimeMillis() / 1000) + "\", "
                + "oauth_signature_method=\"HMAC-SHA1\", " + "oauth_version=\"1.0\", "
                + "oauth_token=\"oauth_token\", " + "oauth_signature=\"CBTk%2FvzxEqqr0AvhnVgdWNHuKfw%3D\"";
        HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET,
                "http://127.0.0.1:8080/");
        request.headers().add(AUTHORIZATION, header);
        HeaderVerifier headerVerifier = new HeaderVerifier(request, new URI(request.getUri()));
        Database database = DatabasePool.getDBConnection();
        headerVerifier.verifyConsumer(database);
        headerVerifier.verifyOAuthToken(database);
    }

    @Test(expected = OAuthException.class, timeout = 1000)
    public void replayAttack() throws OAuthException, OutOfConnectionsException, SQLException, URISyntaxException {
        String header = "OAuth realm=\"\", "
                + "oauth_consumer_key=\"401a131e03357df2a563fba48f98749448ed63d37e007f7353608cf81fa70a2d\", "
                + "oauth_nonce=\"" + Utils.generateNonce() + "\", " + "oauth_timestamp=\""
                + Long.toString(System.currentTimeMillis() / 1000) + "\", "
                + "oauth_signature_method=\"HMAC-SHA1\", " + "oauth_version=\"1.0\", "
                + "oauth_token=\"9476f5130a07a7c0061de48bc19123f51636af704c5df369701960e0bc151255\", "
                + "oauth_signature=\"CBTk%2FvzxEqqr0AvhnVgdWNHuKfw%3D\"";
        HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET,
                "http://127.0.0.1:8080/");
        request.headers().add(AUTHORIZATION, header);
        HeaderVerifier headerVerifier = new HeaderVerifier(request, new URI(request.getUri()));
        Database database = DatabasePool.getDBConnection();
        headerVerifier.verifyConsumer(database);
        headerVerifier.verifyOAuthToken(database);
        headerVerifier.verifyOAuthNonce(database);
        headerVerifier.verifyOAuthNonce(database);
    }
}