1 package com.atlassian.security.auth.trustedapps;
2
3 import java.security.KeyPair;
4 import java.security.NoSuchAlgorithmException;
5 import java.security.NoSuchProviderException;
6 import java.security.PublicKey;
7
8 import javax.servlet.http.HttpServletRequest;
9
10 import junit.framework.TestCase;
11
12 public class TestTrustedApplications extends TestCase
13 {
14 private final long timeout = 200L;
15 private final TestApplication app = new TestApplication("test", timeout);
16
17 public void testRoundTrip() throws Exception
18 {
19 final EncryptedCertificate encodedCert = app.encode("userX");
20 final ApplicationCertificate cert = app.decode(encodedCert, null);
21 assertEquals("userX", cert.getUserName());
22 assertEquals(app.getID(), cert.getApplicationID());
23 }
24
25 public void testNonExpiry() throws InvalidCertificateException
26 {
27 final EncryptedCertificate encodedCert = app.encode("userX");
28 final ApplicationCertificate cert = app.decode(encodedCert, null);
29 assertEquals("userX", cert.getUserName());
30 assertEquals(app.getID(), cert.getApplicationID());
31
32
33 app.decode(encodedCert, null);
34 }
35
36 public void testExpiry() throws Exception
37 {
38 final EncryptedCertificate encodedCert = app.encode("userX");
39 ApplicationCertificate cert = app.decode(encodedCert, null);
40 assertEquals("userX", cert.getUserName());
41 assertEquals(app.getID(), cert.getApplicationID());
42
43 Thread.sleep(timeout + 10);
44
45
46 try
47 {
48 cert = app.decode(encodedCert, null);
49 fail("This certificate should have expired");
50 }
51 catch (final InvalidCertificateException e)
52 {
53
54 }
55 }
56
57 static class TestApplication implements CurrentApplication, TrustedApplication
58 {
59 private final KeyPair keyPair;
60 private final String id;
61 private final DefaultTrustedApplication trustedApp;
62 private final DefaultCurrentApplication curApp;
63
64 public TestApplication(final String id, final long timeout)
65 {
66 final EncryptionProvider encryptionProvider = new BouncyCastleEncryptionProvider();
67 try
68 {
69 this.keyPair = encryptionProvider.generateNewKeyPair();
70 }
71 catch (final NoSuchAlgorithmException e)
72 {
73 throw new RuntimeException(e);
74 }
75 catch (final NoSuchProviderException e)
76 {
77 throw new RuntimeException(e);
78 }
79 this.id = id;
80 trustedApp = new DefaultTrustedApplication(encryptionProvider, keyPair.getPublic(), id,
81 null, RequestConditions.builder().setCertificateTimeout(timeout).build())
82 {
83 @Override
84 protected void checkRequest(HttpServletRequest request) throws InvalidCertificateException
85 {
86 }
87 };
88 curApp = new DefaultCurrentApplication(keyPair.getPublic(), keyPair.getPrivate(), id);
89 }
90
91 public EncryptedCertificate encode(final String userName)
92 {
93 return curApp.encode(userName);
94 }
95
96 public String getID()
97 {
98 return id;
99 }
100
101 public PublicKey getPublicKey()
102 {
103 return trustedApp.getPublicKey();
104 }
105
106 public ApplicationCertificate decode(final EncryptedCertificate certificateStr, final HttpServletRequest request) throws InvalidCertificateException
107 {
108 return trustedApp.decode(certificateStr, request);
109 }
110
111 public RequestConditions getRequestConditions()
112 {
113 return trustedApp.getRequestConditions();
114 }
115
116 public String getName()
117 {
118 return null;
119 }
120 }
121 }