org.picketlink.test.trust.tests.Gateway2ServiceHttpUnitTestCase.java Source code

Java tutorial

Introduction

Here is the source code for org.picketlink.test.trust.tests.Gateway2ServiceHttpUnitTestCase.java

Source

/*
 * JBoss, Home of Professional Open Source.
 * Copyright 2008, Red Hat Middleware LLC, and individual contributors
 * as indicated by the @author tags. See the copyright.txt file in the
 * distribution for a full listing of individual contributors.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */
package org.picketlink.test.trust.tests;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.picketlink.test.integration.util.TestUtil.getServerAddress;
import static org.picketlink.test.integration.util.TestUtil.getTargetURL;
import static org.picketlink.test.integration.util.PicketLinkConfigurationUtil.addKeyStoreAlias;
import static org.picketlink.test.integration.util.PicketLinkConfigurationUtil.addValidatingAlias;

import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.util.EntityUtils;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.TargetsContainer;
import org.jboss.logging.Logger;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.exporter.ZipExporter;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.test.integration.util.MavenArtifactUtil;
import org.picketlink.test.integration.util.PicketLinkConfigurationUtil;
import org.picketlink.test.integration.util.PicketLinkIntegrationTests;
import org.picketlink.test.integration.util.TargetContainers;
import org.picketlink.test.trust.loginmodules.TokenSupplierTestLoginModule;
import org.picketlink.test.trust.servlet.GatewayServlet;
import org.picketlink.test.trust.servlet.ServiceServlet;

/**
 * Unit test to test scenario with JBWSTokenIssuingLoginModule as gateway which obtains SAML token 
 * and stores it in to the JAAS subject. It is later picked by GatewayServlet app and passed
 * in http request as header to another app (service) which will use SAML2STSLoginModule to get
 * the SAML token and locally validate it and grant access to the service app. 
 *
 * @author Peter Skopek: pskopek at redhat dot com
 * @since Aug 29, 2012
 */

@RunWith(PicketLinkIntegrationTests.class)
@TargetContainers({ "eap5" })
public class Gateway2ServiceHttpUnitTestCase extends TrustTestsBase {

    private static final Logger log = Logger.getLogger(Gateway2ServiceHttpUnitTestCase.class);

    @Test
    public void testG2S_http_compressedTokenScenario() throws Exception {
        String encodedURL = java.net.URLEncoder.encode(getTargetURL("/service/incoming"), "UTF-8");
        log.debug("encoded target URL=" + encodedURL);
        assertServiceApp("/gateway/request?action=forward&serviceServerUrl=" + getTargetURL("/service/incoming")
                + "&compression=true", "UserA", "PassA");
    }

    @Test
    public void testCheckGatewayAuth() throws Exception {
        assertGatewayApp("/gateway/request?action=authInfo", "UserA", "PassA");
    }

    private void assertGatewayApp(String appUri, String userName, String password) throws Exception {

        String content = getContentFromApp(appUri, userName, password);

        assertTrue("Request not authenticated.", content.indexOf("GatewayAuthentication=Success") > -1);

        boolean samlCredPresentOnSubject = samlCredentialPresense(content);
        assertTrue("SamlCredential on subject is missing for (" + appUri + ")", samlCredPresentOnSubject);

    }

    private void assertServiceApp(String appUri, String userName, String password) throws Exception {

        String content = getContentFromApp(appUri, userName, password);

        log.debug("Service content=" + content);
        assertTrue("Request not authenticated.", content.indexOf("ServiceAuthentication=Success") > -1);
        assertTrue("Response has to be from ServiceServlet.",
                content.indexOf("ClassName=" + ServiceServlet.class.getName()) > -1);

        boolean samlCredPresentOnSubject = samlCredentialPresense(content);
        assertTrue("SamlCredential on subject is missing for (" + appUri + ")", samlCredPresentOnSubject);

    }

    private boolean samlCredentialPresense(String content) {
        Pattern p = Pattern.compile("[.|\\s]*Credential\\[\\d\\]\\=SamlCredential\\[.*\\]", Pattern.DOTALL);
        Matcher m = p.matcher(content);
        return m.find();
    }

    private String getContentFromApp(String appUri, String userName, String password) throws Exception {
        DefaultHttpClient httpclient = new DefaultHttpClient();

        String content = null;

        try {
            httpclient.getCredentialsProvider().setCredentials(new AuthScope(getServerAddress(), 8080), // localhost
                    new UsernamePasswordCredentials(userName, password));

            HttpGet httpget = new HttpGet(getTargetURL(appUri));

            log.debug("executing request:" + httpget.getRequestLine());
            HttpResponse response = httpclient.execute(httpget);
            assertEquals("Http response has to finish with 'HTTP/1.1 200 OK'", 200,
                    response.getStatusLine().getStatusCode());

            HttpEntity entity = response.getEntity();
            log.debug("Status line: " + response.getStatusLine());

            ByteArrayOutputStream baos = new ByteArrayOutputStream();
            entity.writeTo(baos);
            content = baos.toString();
            baos.close();

            if (log.isTraceEnabled()) {
                log.trace(content);
            }
            EntityUtils.consume(entity);

        } finally {
            httpclient.getConnectionManager().shutdown();
        }

        return content;

    }

    @Deployment(name = "g2s-http-sec-domains.jar", testable = false, order = 2)
    @TargetsContainer("jboss")
    public static JavaArchive deployTestScenario1() throws IOException {
        JavaArchive ts = ShrinkWrap.create(JavaArchive.class, "g2s-http-sec-domains.jar");
        ts.addClass(TokenSupplierTestLoginModule.class);
        ts.addAsManifestResource(new File(
                "../../unit-tests/trust/target/test-classes/lmtestapp/gateway2service-http/jboss-beans.xml"));
        //ts.as(ZipExporter.class).exportTo(new File(ts.getName()), true);
        return ts;
    }

    @Deployment(name = "gateway.war", testable = false, order = 4)
    @TargetsContainer("jboss")
    public static WebArchive deployGatewayApp() throws IOException {
        WebArchive war = ShrinkWrap.create(WebArchive.class, "gateway.war");
        war.addClass(GatewayServlet.class);
        war.addAsWebInfResource(new File(
                "../../unit-tests/trust/target/test-classes/lmtestapp/gateway2service-http/gateway/jboss-web.xml"));
        war.addAsWebInfResource(new File(
                "../../unit-tests/trust/target/test-classes/lmtestapp/gateway2service-http/gateway/web.xml"));
        //war.as(ZipExporter.class).exportTo(new File(war.getName()), true);
        return war;
    }

    @Deployment(name = "service.war", testable = false, order = 5)
    @TargetsContainer("jboss")
    public static WebArchive deployServiceApp() throws IOException {
        WebArchive war = ShrinkWrap.create(WebArchive.class, "service.war");
        war.addClass(ServiceServlet.class);
        war.addAsWebInfResource(new File(
                "../../unit-tests/trust/target/test-classes/lmtestapp/gateway2service-http/service/jboss-web.xml"));
        war.addAsWebInfResource(new File(
                "../../unit-tests/trust/target/test-classes/lmtestapp/gateway2service-http/service/web.xml"));
        war.addAsWebInfResource(new File(
                "../../unit-tests/trust/target/test-classes/lmtestapp/gateway2service-http/service/context.xml"));
        //war.as(ZipExporter.class).exportTo(new File(war.getName()), true);
        return war;
    }

    // just to override
    public static JavaArchive createWSTestDeployment()
            throws ConfigurationException, ProcessingException, ParsingException, InterruptedException {
        return null;
    }

    @Deployment(name = "picketlink-sts", testable = false)
    @TargetsContainer("jboss")
    public static WebArchive createSTSDeployment() throws GeneralSecurityException, IOException {
        WebArchive sts = MavenArtifactUtil.getQuickstartsMavenArchive("picketlink-sts");

        addValidatingAlias(sts, "/WEB-INF/classes/picketlink-sts.xml", getServerAddress(), getServerAddress());
        addKeyStoreAlias(sts, "/WEB-INF/classes/sts_keystore.jks", "sts", "testpass", getServerAddress());
        PicketLinkConfigurationUtil.addSAML20TokenRoleAttributeProvider(sts, "/WEB-INF/classes/picketlink-sts.xml",
                "Role");

        //sts.as(ZipExporter.class).exportTo(new File("picketlink-sts.war"), true);

        return sts;
    }

}