@Test public void testRequiredForContainer() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); String target = lockedDomainService.getLockedDomainForGadget(wantsLocked, "default"); assertEquals("8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", target); target = lockedDomainService.getLockedDomainForGadget(notLocked, "default"); assertEquals("auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", target); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); }
@Test public void testNotEnabledForGadget() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(enabledConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertNull(lockedDomainService.getLockedDomainForGadget(notLocked, "default")); }
@Before public void setUp() throws Exception { requiredConfig = new BasicContainerConfig(); requiredConfig.newTransaction().addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080", LOCKED_DOMAIN_REQUIRED_KEY, true)).commit(); enabledConfig = new BasicContainerConfig(); enabledConfig.newTransaction().addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080")).commit(); wantsLocked = makeGadget(true, false, "http://somehost.com/somegadget.xml"); notLocked = makeGadget(false, false, "not-locked"); wantsSecurityToken = makeGadget(false, true, "http://somehost.com/securitytoken.xml"); wantsBoth = makeGadget(true, true, "http://somehost.com/tokenandlocked.xml"); }
@Test public void testMissingConfig() throws Exception { ContainerConfig containerMissingConfig = mock(ContainerConfig.class); expect(containerMissingConfig.getContainers()) .andReturn(Arrays.asList(ContainerConfig.DEFAULT_CONTAINER)); replay(); lockedDomainService = new HashLockedDomainService(containerMissingConfig, true); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "default")); }
@Test public void testDisabledGlobally() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); lockedDomainService = new HashLockedDomainService(enabledConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); }
@Test public void testMultiContainer() throws Exception { ContainerConfig inheritsConfig = new BasicContainerConfig(); inheritsConfig .newTransaction() .addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080", LOCKED_DOMAIN_REQUIRED_KEY, true)) .addContainer(makeContainer("other")) .commit(); lockedDomainService = new HashLockedDomainService(inheritsConfig, true, ldgen); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "other")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "other")); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "other")); }
@SuppressWarnings("unchecked") private Gadget makeGadget(boolean wantsLocked, boolean wantsSecurityToken, String url) { List<String> gadgetFeatures = Lists.newArrayList(); String requires = ""; if (wantsLocked || wantsSecurityToken) { gadgetFeatures.add("locked-domain"); if (wantsLocked) { requires += " <Require feature='locked-domain'/>"; } if (wantsSecurityToken) { requires += " <Require feature='security-token'/>"; gadgetFeatures.add("security-token"); } } String gadgetXml = "<Module><ModulePrefs title=''>" + requires + "</ModulePrefs><Content/></Module>"; GadgetSpec spec = null; try { spec = new GadgetSpec(Uri.parse(url), gadgetXml); } catch (GadgetException e) { return null; } FeatureRegistry registry = mock(FeatureRegistry.class); expect(registry.getFeatures(isA(Collection.class))).andReturn(gadgetFeatures).anyTimes(); return new Gadget().setSpec(spec).setGadgetFeatureRegistry(registry); }
@Before public void setUp() throws Exception { expect(requiredConfig.getString(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY)).andReturn("-a.example.com:8080").anyTimes(); expect(requiredConfig.getBool(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_REQUIRED_KEY)).andReturn(true).anyTimes(); expect(requiredConfig.getContainers()) .andReturn(Arrays.asList(ContainerConfig.DEFAULT_CONTAINER)).anyTimes(); expect(enabledConfig.getString(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY)).andReturn("-a.example.com:8080").anyTimes(); expect(enabledConfig.getContainers()) .andReturn(Arrays.asList(ContainerConfig.DEFAULT_CONTAINER)).anyTimes(); wantsLocked = makeGadget(true, false, "http://somehost.com/somegadget.xml"); notLocked = makeGadget(false, false, "not-locked"); wantsSecurityToken = makeGadget(false, true, "http://somehost.com/securitytoken.xml"); wantsBoth = makeGadget(true, true, "http://somehost.com/tokenandlocked.xml"); }
@Test public void testMultiContainer() throws Exception { ContainerConfig inheritsConfig = new BasicContainerConfig(); inheritsConfig .newTransaction() .addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080", LOCKED_DOMAIN_REQUIRED_KEY, true)) .addContainer(makeContainer("other")) .commit(); lockedDomainService = new HashLockedDomainService(inheritsConfig, true, ldgen); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "other")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "other")); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "other")); }
@Test public void testMultiContainer() throws Exception { ContainerConfig inheritsConfig = mock(ContainerConfig.class); expect(inheritsConfig.getContainers()) .andReturn(Arrays.asList(ContainerConfig.DEFAULT_CONTAINER, "other")); expect(inheritsConfig.getBool(isA(String.class), eq(LOCKED_DOMAIN_REQUIRED_KEY))) .andReturn(true).anyTimes(); expect(inheritsConfig.getString(isA(String.class), eq(LOCKED_DOMAIN_SUFFIX_KEY))) .andReturn("-a.example.com:8080").anyTimes(); replay(); lockedDomainService = new HashLockedDomainService(inheritsConfig, true); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", wantsLocked, "other")); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "other")); assertTrue(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "other")); } }
@Test public void testDisabledGlobally() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, false); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", notLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsBoth, "default")); lockedDomainService = new HashLockedDomainService(enabledConfig, false); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", notLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsBoth, "default")); }
@SuppressWarnings("unchecked") private Gadget makeGadget(boolean wantsLocked, boolean wantsSecurityToken, String url) { List<String> gadgetFeatures = Lists.newArrayList(); String requires = ""; if (wantsLocked || wantsSecurityToken) { gadgetFeatures.add("locked-domain"); if (wantsLocked) { requires += " <Require feature='locked-domain'/>"; } if (wantsSecurityToken) { requires += " <Require feature='security-token'/>"; gadgetFeatures.add("security-token"); } } String gadgetXml = "<Module><ModulePrefs title=''>" + requires + "</ModulePrefs><Content/></Module>"; GadgetSpec spec = null; try { spec = new GadgetSpec(Uri.parse(url), gadgetXml); } catch (GadgetException e) { return null; } FeatureRegistry registry = mock(FeatureRegistry.class); expect(registry.getFeatures(isA(Collection.class))).andReturn(gadgetFeatures).anyTimes(); return new Gadget().setSpec(spec).setContext(new GadgetContext()).setGadgetFeatureRegistry(registry); }
@Test public void testRequiredForContainer() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); String target = lockedDomainService.getLockedDomainForGadget(wantsLocked, "default"); assertEquals("8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", target); target = lockedDomainService.getLockedDomainForGadget(notLocked, "default"); assertEquals("auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", target); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); }
@Test public void testNotEnabledForGadget() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(enabledConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertNull(lockedDomainService.getLockedDomainForGadget(notLocked, "default")); }
@Test public void testMissingConfig() throws Exception { ContainerConfig containerMissingConfig = new BasicContainerConfig(); containerMissingConfig.newTransaction().addContainer(makeContainer(ContainerConfig.DEFAULT_CONTAINER)).commit(); lockedDomainService = new HashLockedDomainService(containerMissingConfig, true, ldgen); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); }
@Test public void testDisabledGlobally() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); lockedDomainService = new HashLockedDomainService(enabledConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); }
@Before public void setUp() throws Exception { requiredConfig = new BasicContainerConfig(); requiredConfig.newTransaction().addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080", LOCKED_DOMAIN_REQUIRED_KEY, true)).commit(); enabledConfig = new BasicContainerConfig(); enabledConfig.newTransaction().addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080")).commit(); wantsLocked = makeGadget(true, false, "http://somehost.com/somegadget.xml"); notLocked = makeGadget(false, false, "not-locked"); wantsSecurityToken = makeGadget(false, true, "http://somehost.com/securitytoken.xml"); wantsBoth = makeGadget(true, true, "http://somehost.com/tokenandlocked.xml"); }
@SuppressWarnings("unchecked") private Gadget makeGadget(boolean wantsLocked, boolean wantsSecurityToken, String url) { List<String> gadgetFeatures = Lists.newArrayList(); String requires = ""; if (wantsLocked || wantsSecurityToken) { gadgetFeatures.add("locked-domain"); if (wantsLocked) { requires += " <Require feature='locked-domain'/>"; } if (wantsSecurityToken) { requires += " <Require feature='security-token'/>"; gadgetFeatures.add("security-token"); } } String gadgetXml = "<Module><ModulePrefs title=''>" + requires + "</ModulePrefs><Content/></Module>"; GadgetSpec spec = null; try { spec = new GadgetSpec(Uri.parse(url), gadgetXml); } catch (GadgetException e) { return null; } FeatureRegistry registry = mock(FeatureRegistry.class); expect(registry.getFeatures(isA(Collection.class))).andReturn(gadgetFeatures).anyTimes(); return new Gadget().setSpec(spec).setContext(new GadgetContext()).setGadgetFeatureRegistry(registry); }
@Test public void testRequiredForContainer() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, true); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", wantsLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "default")); String target = lockedDomainService.getLockedDomainForGadget(wantsLocked, "default"); assertEquals("8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", target); target = lockedDomainService.getLockedDomainForGadget(notLocked, "default"); assertEquals("auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", target); assertTrue(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); }
@Test public void testNotEnabledForGadget() { replay(); lockedDomainService = new HashLockedDomainService(enabledConfig, true); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertNull(lockedDomainService.getLockedDomainForGadget(notLocked, "default")); }