mirror of
https://repository.entgra.net/community/device-mgt-core.git
synced 2025-10-06 02:01:45 +00:00
Refactoring
This commit is contained in:
megala21
parent
14ebe3e9e7
commit
bbdd4a88bd
@ -188,12 +188,6 @@
|
|||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
|
<groupId>org.wso2.carbon.identity.inbound.auth.oauth2</groupId>
|
||||||
<artifactId>org.wso2.carbon.identity.oauth</artifactId>
|
<artifactId>org.wso2.carbon.identity.oauth</artifactId>
|
||||||
<!--<exclusions>
|
|
||||||
<exclusion>
|
|
||||||
<groupId>org.slf4j</groupId>
|
|
||||||
<artifactId>slf4j-api</artifactId>
|
|
||||||
</exclusion>
|
|
||||||
</exclusions>-->
|
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.wso2.carbon</groupId>
|
<groupId>org.wso2.carbon</groupId>
|
||||||
|
|||||||
@ -43,7 +43,11 @@ import java.security.KeyStore;
|
|||||||
import java.security.PublicKey;
|
import java.security.PublicKey;
|
||||||
import java.security.interfaces.RSAPublicKey;
|
import java.security.interfaces.RSAPublicKey;
|
||||||
import java.text.ParseException;
|
import java.text.ParseException;
|
||||||
import java.util.*;
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
import java.util.Objects;
|
||||||
|
import java.util.Properties;
|
||||||
|
import java.util.StringTokenizer;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This authenticator authenticates HTTP requests using JWT header.
|
* This authenticator authenticates HTTP requests using JWT header.
|
||||||
|
|||||||
@ -229,6 +229,12 @@ public class CertificateAuthenticatorTest {
|
|||||||
return request;
|
return request;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* To create certificate management database.
|
||||||
|
*
|
||||||
|
* @return Datasource.
|
||||||
|
* @throws SQLException SQL Exception.
|
||||||
|
*/
|
||||||
private DataSource createDatabase() throws SQLException {
|
private DataSource createDatabase() throws SQLException {
|
||||||
URL resourceURL = ClassLoader.getSystemResource("sql-scripts" + File.separator + "h2.sql");
|
URL resourceURL = ClassLoader.getSystemResource("sql-scripts" + File.separator + "h2.sql");
|
||||||
JdbcDataSource dataSource = new JdbcDataSource();
|
JdbcDataSource dataSource = new JdbcDataSource();
|
||||||
@ -246,9 +252,7 @@ public class CertificateAuthenticatorTest {
|
|||||||
if (conn != null) {
|
if (conn != null) {
|
||||||
try {
|
try {
|
||||||
conn.close();
|
conn.close();
|
||||||
} catch (SQLException e) {
|
} catch (SQLException e) {}
|
||||||
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if (statement != null) {
|
if (statement != null) {
|
||||||
statement.close();
|
statement.close();
|
||||||
@ -257,8 +261,17 @@ public class CertificateAuthenticatorTest {
|
|||||||
return dataSource;
|
return dataSource;
|
||||||
}
|
}
|
||||||
|
|
||||||
private String createEncodedSignature(X509Certificate x509Certificate)
|
/**
|
||||||
throws CertificateEncodingException, CMSException, IOException {
|
* To create a encoded signature from certificate.
|
||||||
|
*
|
||||||
|
* @param x509Certificate Certificate that need to be encoded.
|
||||||
|
* @return Encoded signature.
|
||||||
|
* @throws CertificateEncodingException Certificate Encoding Exception.
|
||||||
|
* @throws CMSException CMS Exception.
|
||||||
|
* @throws IOException IO Exception.
|
||||||
|
*/
|
||||||
|
private String createEncodedSignature(X509Certificate x509Certificate) throws CertificateEncodingException,
|
||||||
|
CMSException, IOException {
|
||||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||||
List<X509Certificate> list = new ArrayList<>();
|
List<X509Certificate> list = new ArrayList<>();
|
||||||
list.add(x509Certificate);
|
list.add(x509Certificate);
|
||||||
|
|||||||
@ -39,6 +39,9 @@ import java.util.HashMap;
|
|||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Properties;
|
import java.util.Properties;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is a test class for {@link JWTAuthenticator}.
|
||||||
|
*/
|
||||||
public class JWTAuthenticatorTest {
|
public class JWTAuthenticatorTest {
|
||||||
private JWTAuthenticator jwtAuthenticator;
|
private JWTAuthenticator jwtAuthenticator;
|
||||||
private Field headersField;
|
private Field headersField;
|
||||||
@ -61,14 +64,12 @@ public class JWTAuthenticatorTest {
|
|||||||
URL resourceUrl = classLoader.getResource("jwt.properties");
|
URL resourceUrl = classLoader.getResource("jwt.properties");
|
||||||
File jwtPropertyFile;
|
File jwtPropertyFile;
|
||||||
JWTConfig jwtConfig = null;
|
JWTConfig jwtConfig = null;
|
||||||
|
|
||||||
if (resourceUrl != null) {
|
if (resourceUrl != null) {
|
||||||
jwtPropertyFile = new File(resourceUrl.getFile());
|
jwtPropertyFile = new File(resourceUrl.getFile());
|
||||||
Properties jwtConfigProperties = new Properties();
|
Properties jwtConfigProperties = new Properties();
|
||||||
jwtConfigProperties.load(new FileInputStream(jwtPropertyFile));
|
jwtConfigProperties.load(new FileInputStream(jwtPropertyFile));
|
||||||
jwtConfig = new JWTConfig(jwtConfigProperties);
|
jwtConfig = new JWTConfig(jwtConfigProperties);
|
||||||
}
|
}
|
||||||
|
|
||||||
Map<String, String> customClaims = new HashMap<>();
|
Map<String, String> customClaims = new HashMap<>();
|
||||||
customClaims.put(SIGNED_JWT_AUTH_USERNAME, "admin");
|
customClaims.put(SIGNED_JWT_AUTH_USERNAME, "admin");
|
||||||
customClaims.put(SIGNED_JWT_AUTH_TENANT_ID, String.valueOf(MultitenantConstants.SUPER_TENANT_ID));
|
customClaims.put(SIGNED_JWT_AUTH_TENANT_ID, String.valueOf(MultitenantConstants.SUPER_TENANT_ID));
|
||||||
@ -83,7 +84,8 @@ public class JWTAuthenticatorTest {
|
|||||||
jwtTokenWithWrongUser = JWTClientUtil.generateSignedJWTAssertion("notexisting", jwtConfig, false, customClaims);
|
jwtTokenWithWrongUser = JWTClientUtil.generateSignedJWTAssertion("notexisting", jwtConfig, false, customClaims);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(description = "This method tests the get methods in the JWTAuthenticator", dependsOnMethods = "testAuthenticate")
|
@Test(description = "This method tests the get methods in the JWTAuthenticator",
|
||||||
|
dependsOnMethods = "testAuthenticate")
|
||||||
public void testGetMethods() {
|
public void testGetMethods() {
|
||||||
Assert.assertEquals(jwtAuthenticator.getName(), "JWT", "GetName method returns wrong value");
|
Assert.assertEquals(jwtAuthenticator.getName(), "JWT", "GetName method returns wrong value");
|
||||||
Assert.assertNotNull(jwtAuthenticator.getProperties(), "Properties are not properly added to JWT "
|
Assert.assertNotNull(jwtAuthenticator.getProperties(), "Properties are not properly added to JWT "
|
||||||
@ -123,12 +125,10 @@ public class JWTAuthenticatorTest {
|
|||||||
AuthenticationInfo authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
AuthenticationInfo authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||||
Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username");
|
Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username");
|
||||||
|
|
||||||
request = createJWTRequest(jwtToken, "");
|
request = createJWTRequest(jwtToken, "");
|
||||||
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||||
Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username");
|
Assert.assertNull(authenticationInfo.getUsername(), "Un-authenticated request contain username");
|
||||||
|
|
||||||
properties = new Properties();
|
properties = new Properties();
|
||||||
properties.setProperty(ISSUER, "test");
|
properties.setProperty(ISSUER, "test");
|
||||||
jwtAuthenticator.setProperties(properties);
|
jwtAuthenticator.setProperties(properties);
|
||||||
@ -137,17 +137,14 @@ public class JWTAuthenticatorTest {
|
|||||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||||
"Un authenticated request does not contain status as failure");
|
"Un authenticated request does not contain status as failure");
|
||||||
|
|
||||||
properties = new Properties();
|
properties = new Properties();
|
||||||
properties.setProperty(ISSUER, ALIAS);
|
properties.setProperty(ISSUER, ALIAS);
|
||||||
jwtAuthenticator.setProperties(properties);
|
jwtAuthenticator.setProperties(properties);
|
||||||
|
|
||||||
request = createJWTRequest(wrongJwtToken, "");
|
request = createJWTRequest(wrongJwtToken, "");
|
||||||
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||||
"Un authenticated request does not contain status as failure");
|
"Un authenticated request does not contain status as failure");
|
||||||
|
|
||||||
request = createJWTRequest(jwtTokenWithWrongUser, "");
|
request = createJWTRequest(jwtTokenWithWrongUser, "");
|
||||||
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
authenticationInfo = jwtAuthenticator.authenticate(request, null);
|
||||||
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
Assert.assertNotNull(authenticationInfo, "Returned authentication info was null");
|
||||||
@ -175,7 +172,6 @@ public class JWTAuthenticatorTest {
|
|||||||
bytes.setString(requestUri);
|
bytes.setString(requestUri);
|
||||||
uriMB.set(coyoteRequest, bytes);
|
uriMB.set(coyoteRequest, bytes);
|
||||||
request.setCoyoteRequest(coyoteRequest);
|
request.setCoyoteRequest(coyoteRequest);
|
||||||
|
|
||||||
return request;
|
return request;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -35,7 +35,14 @@ import org.wso2.carbon.context.PrivilegedCarbonContext;
|
|||||||
|
|
||||||
import javax.security.auth.x500.X500Principal;
|
import javax.security.auth.x500.X500Principal;
|
||||||
import java.math.BigInteger;
|
import java.math.BigInteger;
|
||||||
import java.security.*;
|
import java.security.InvalidKeyException;
|
||||||
|
import java.security.KeyPair;
|
||||||
|
import java.security.KeyPairGenerator;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.NoSuchProviderException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
import java.security.Security;
|
||||||
|
import java.security.SignatureException;
|
||||||
import java.security.cert.CertificateException;
|
import java.security.cert.CertificateException;
|
||||||
import java.security.cert.CertificateExpiredException;
|
import java.security.cert.CertificateExpiredException;
|
||||||
import java.security.cert.CertificateNotYetValidException;
|
import java.security.cert.CertificateNotYetValidException;
|
||||||
@ -44,34 +51,33 @@ import java.util.ArrayList;
|
|||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is a mock implementation of {@link CertificateGenerator}.
|
||||||
|
*/
|
||||||
public class TestCertificateGenerator extends CertificateGenerator {
|
public class TestCertificateGenerator extends CertificateGenerator {
|
||||||
private int count = 0;
|
private int count = 0;
|
||||||
|
|
||||||
public X509Certificate generateX509Certificate() throws KeystoreException {
|
public X509Certificate generateX509Certificate() throws KeystoreException {
|
||||||
BigInteger serialNumber = CommonUtil.generateSerialNumber();
|
BigInteger serialNumber = CommonUtil.generateSerialNumber();
|
||||||
String defaultPrinciple = "CN=" + serialNumber + ",O=WSO2,OU=Mobile,C=LK";
|
String defaultPrinciple = "CN=" + serialNumber + ",O=WSO2,OU=Mobile,C=LK";
|
||||||
|
|
||||||
CommonUtil commonUtil = new CommonUtil();
|
CommonUtil commonUtil = new CommonUtil();
|
||||||
Date validityBeginDate = commonUtil.getValidityStartDate();
|
Date validityBeginDate = commonUtil.getValidityStartDate();
|
||||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||||
|
|
||||||
Security.addProvider(new BouncyCastleProvider());
|
Security.addProvider(new BouncyCastleProvider());
|
||||||
|
|
||||||
try {
|
try {
|
||||||
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(
|
KeyPairGenerator keyPairGenerator = KeyPairGenerator
|
||||||
CertificateManagementConstants.RSA, CertificateManagementConstants.PROVIDER);
|
.getInstance(CertificateManagementConstants.RSA, CertificateManagementConstants.PROVIDER);
|
||||||
keyPairGenerator.initialize(CertificateManagementConstants.RSA_KEY_LENGTH, new SecureRandom());
|
keyPairGenerator.initialize(CertificateManagementConstants.RSA_KEY_LENGTH, new SecureRandom());
|
||||||
KeyPair pair = keyPairGenerator.generateKeyPair();
|
KeyPair pair = keyPairGenerator.generateKeyPair();
|
||||||
X500Principal principal = new X500Principal(defaultPrinciple);
|
X500Principal principal = new X500Principal(defaultPrinciple);
|
||||||
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
|
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(principal, serialNumber,
|
||||||
principal, serialNumber, validityBeginDate, validityEndDate,
|
validityBeginDate, validityEndDate, principal, pair.getPublic());
|
||||||
principal, pair.getPublic());
|
|
||||||
ContentSigner contentSigner = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA)
|
ContentSigner contentSigner = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA)
|
||||||
.setProvider(CertificateManagementConstants.PROVIDER).build(
|
.setProvider(CertificateManagementConstants.PROVIDER).build(pair.getPrivate());
|
||||||
pair.getPrivate());
|
|
||||||
X509Certificate certificate = new JcaX509CertificateConverter()
|
X509Certificate certificate = new JcaX509CertificateConverter()
|
||||||
.setProvider(CertificateManagementConstants.PROVIDER).getCertificate(
|
.setProvider(CertificateManagementConstants.PROVIDER)
|
||||||
certificateBuilder.build(contentSigner));
|
.getCertificate(certificateBuilder.build(contentSigner));
|
||||||
certificate.verify(certificate.getPublicKey());
|
certificate.verify(certificate.getPublicKey());
|
||||||
List<Certificate> certificates = new ArrayList<>();
|
List<Certificate> certificates = new ArrayList<>();
|
||||||
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificateToStore =
|
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificateToStore =
|
||||||
@ -116,5 +122,4 @@ public class TestCertificateGenerator extends CertificateGenerator {
|
|||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,9 +1,30 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
package org.wso2.carbon.webapp.authenticator.framework.util;
|
package org.wso2.carbon.webapp.authenticator.framework.util;
|
||||||
|
|
||||||
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
|
import org.wso2.carbon.registry.indexing.service.TenantIndexingLoader;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is a mock implementation of {@link TenantIndexingLoader}
|
||||||
|
*/
|
||||||
public class TestTenantIndexingLoader implements TenantIndexingLoader {
|
public class TestTenantIndexingLoader implements TenantIndexingLoader {
|
||||||
@Override public void loadTenantIndex(int i) {
|
@Override
|
||||||
|
public void loadTenantIndex(int i) { }
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,11 +1,30 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
*
|
||||||
|
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
* Version 2.0 (the "License"); you may not use this file except
|
||||||
|
* in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing,
|
||||||
|
* software distributed under the License is distributed on an
|
||||||
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
* KIND, either express or implied. See the License for the
|
||||||
|
* specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*
|
||||||
|
*/
|
||||||
package org.wso2.carbon.webapp.authenticator.framework.util;
|
package org.wso2.carbon.webapp.authenticator.framework.util;
|
||||||
|
|
||||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||||
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
import org.wso2.carbon.registry.core.service.TenantRegistryLoader;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is a mock implementation of {@link TenantRegistryLoader} for the test cases.
|
||||||
|
*/
|
||||||
public class TestTenantRegistryLoader implements TenantRegistryLoader {
|
public class TestTenantRegistryLoader implements TenantRegistryLoader {
|
||||||
@Override
|
@Override
|
||||||
public void loadTenantRegistry(int i) throws RegistryException {
|
public void loadTenantRegistry(int i) throws RegistryException { }
|
||||||
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
# Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
#
|
#
|
||||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
# Version 2.0 (the "License"); you may not use this file except
|
# Version 2.0 (the "License"); you may not use this file except
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user