private String encryptSecurityToken(BlobCrypterSecurityToken securityToken) throws SecurityTokenException { String encryptedToken = null; try { encryptedToken = container + ":" + blobCrypter.wrap(securityToken.toMap()); if (logger.isTraceEnabled()) { logger.trace("Encrypted token created from security token: " + securityToken.toString() + " -- encrypted token is: " + encryptedToken); } } catch (Exception e) { throw new SecurityTokenException("Error creating security token from person gadget", e); } return encryptedToken; } }
@Test public void testUnknownContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testUnknownContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testWrongContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "example:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid token signature")); } }
@Test public void testUnknownContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testWrongContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "example:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid token signature")); } }
@Test public void testWrongContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "example:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid token signature")); } }
@Test public void testChangingContainers() throws Exception { String newContainer = "newcontainer"; Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(newContainer, null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey(newContainer)).wrap(t.toMap()); // fails when trying to create a token for a non-existing container try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("Should have thrown a SecurityTokenException"); } catch (SecurityTokenException e) { // pass } // add the container, now it should succeed config.newTransaction().addContainer(makeContainer(newContainer)).commit(); codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); // remove the token, now it should fail again config.newTransaction().removeContainer(newContainer).commit(); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("Should have thrown a SecurityTokenException"); } catch (SecurityTokenException e) { // pass } }
@Test public void testCreateToken() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); SecurityToken t2 = codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }
@Test public void testChangingContainers() throws Exception { String newContainer = "newcontainer"; Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(newContainer, null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey(newContainer)).wrap(t.toMap()); // fails when trying to create a token for a non-existing container try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("Should have thrown a SecurityTokenException"); } catch (SecurityTokenException e) { // pass } // add the container, now it should succeed config.newTransaction().addContainer(makeContainer(newContainer)).commit(); codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); // remove the token, now it should fail again config.newTransaction().removeContainer(newContainer).commit(); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("Should have thrown a SecurityTokenException"); } catch (SecurityTokenException e) { // pass } }
@Test public void testChangingContainers() throws Exception { String newContainer = "newcontainer"; Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(newContainer, null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey(newContainer)).wrap(t.toMap()); // fails when trying to create a token for a non-existing container try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("Should have thrown a SecurityTokenException"); } catch (SecurityTokenException e) { // pass } // add the container, now it should succeed config.newTransaction().addContainer(makeContainer(newContainer)).commit(); codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); // remove the token, now it should fail again config.newTransaction().removeContainer(newContainer).commit(); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("Should have thrown a SecurityTokenException"); } catch (SecurityTokenException e) { // pass } }
@Test public void testCreateToken() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); SecurityToken t2 = codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }
@Test public void testCreateToken() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); SecurityToken t2 = codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }
@Test public void testRealValues() throws Exception { for (BasicBlobCrypter crypter: crypters) { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, values); String token = t.getContainer() + ":" + crypter.wrap(t.toMap()); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, "active", crypter.unwrap(fields[1])); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); assertEquals(CONTAINER, t2.getContainer()); assertEquals("active", t2.getActiveUrl()); } }
@Test public void testRealValues() throws Exception { for (BasicBlobCrypter crypter: crypters) { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, values); String token = t.getContainer() + ":" + crypter.wrap(t.toMap()); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, "active", crypter.unwrap(fields[1])); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); assertEquals(CONTAINER, t2.getContainer()); assertEquals("active", t2.getActiveUrl()); } }
@Test public void testRealValues() throws Exception { for (BasicBlobCrypter crypter: crypters) { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, values); String token = t.getContainer() + ":" + crypter.wrap(t.toMap()); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, "active", crypter.unwrap(fields[1])); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); assertEquals(CONTAINER, t2.getContainer()); assertEquals("active", t2.getActiveUrl()); } }
@Test public void testNullValues() throws Exception { for (BasicBlobCrypter crypter: crypters) { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, null); String token = t.getContainer() + ":" + crypter.wrap(t.toMap()); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, crypter.unwrap(fields[1])); assertNull(t2.getAppId(), t2.getAppId()); assertNull(t2.getAppUrl(), t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(0, t2.getModuleId()); assertNull(t2.getOwnerId(), t2.getOwnerId()); assertNull(t2.getViewerId(), t2.getViewerId()); assertNull(t2.getTrustedJson(), t2.getTrustedJson()); assertNull(t2.getUpdatedToken(), t2.getUpdatedToken()); assertEquals(CONTAINER, t2.getContainer()); assertNull(t2.getActiveUrl(), t2.getActiveUrl()); } }
@Test public void testNullValues() throws Exception { for (BasicBlobCrypter crypter: crypters) { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, null); String token = t.getContainer() + ":" + crypter.wrap(t.toMap()); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, crypter.unwrap(fields[1])); assertNull(t2.getAppId(), t2.getAppId()); assertNull(t2.getAppUrl(), t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(0, t2.getModuleId()); assertNull(t2.getOwnerId(), t2.getOwnerId()); assertNull(t2.getViewerId(), t2.getViewerId()); assertNull(t2.getTrustedJson(), t2.getTrustedJson()); assertNull(t2.getUpdatedToken(), t2.getUpdatedToken()); assertEquals(CONTAINER, t2.getContainer()); assertNull(t2.getActiveUrl(), t2.getActiveUrl()); } }
@Test public void testNullValues() throws Exception { for (BasicBlobCrypter crypter: crypters) { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, null); String token = t.getContainer() + ":" + crypter.wrap(t.toMap()); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, crypter.unwrap(fields[1])); assertNull(t2.getAppId(), t2.getAppId()); assertNull(t2.getAppUrl(), t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(0, t2.getModuleId()); assertNull(t2.getOwnerId(), t2.getOwnerId()); assertNull(t2.getViewerId(), t2.getViewerId()); assertNull(t2.getTrustedJson(), t2.getTrustedJson()); assertNull(t2.getUpdatedToken(), t2.getUpdatedToken()); assertEquals(CONTAINER, t2.getContainer()); assertNull(t2.getActiveUrl(), t2.getActiveUrl()); } }