private static JsonObject createValidCredentialsObject(final JsonObject secret) { return createValidCredentialsObject("someType", secret); }
private static JsonObject createValidCredentialsObject() { return createValidCredentialsObject(new JsonObject()); }
/** * Verifies that the base service rejects a request for adding * hashed password credentials containing a malformed bcrypt hash. * * @param ctx The vert.x test context. */ @Test public void testAddFailsForMalformedBcryptSecrets(final TestContext ctx) { final JsonObject malformedSecret = new JsonObject() .put(CredentialsConstants.FIELD_SECRETS_HASH_FUNCTION, CredentialsConstants.HASH_FUNCTION_BCRYPT) .put(CredentialsConstants.FIELD_SECRETS_PWD_HASH, "$2y$11$malformed"); final JsonObject credentials = createValidCredentialsObject(CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, malformedSecret); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, credentials); service.processRequest(msg).setHandler(ctx.asyncAssertFailure(t -> { ctx.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, ((ServiceInvocationException) t).getErrorCode()); })); }
/** * Verifies that the base service accepts a request for adding * credentials that contains a secret with a time stamp including * an offset. * * @param ctx The vert.x test context. */ @Test public void testAddSucceedsForLongTimestamp(final TestContext ctx) { final JsonObject secret = new JsonObject() .put(CredentialsConstants.FIELD_SECRETS_NOT_BEFORE, "2007-04-05T12:30-02:00"); final JsonObject testData = createValidCredentialsObject(secret); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, testData); service.processRequest(msg).setHandler(ctx.asyncAssertSuccess(response -> { ctx.assertEquals(HttpURLConnection.HTTP_CREATED, response.getStatus()); })); }
/** * Verifies that the base service rejects a request for adding * credentials that contains a secret with a time stamp that does * not include an offset. * * @param ctx The vert.x test context. */ @Test public void testAddFailsForShortTimestamp(final TestContext ctx) { final JsonObject secret = new JsonObject() .put(CredentialsConstants.FIELD_SECRETS_NOT_BEFORE, "2007-04-05T14:30"); final JsonObject testData = createValidCredentialsObject(secret); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, testData); service.processRequest(msg).setHandler(ctx.asyncAssertFailure(t -> { ctx.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, ((ServiceInvocationException) t).getErrorCode()); })); }
/** * Verifies that the base service rejects a request for adding * credentials that contain a secret with a malformed time stamp. * * @param ctx The vert.x test context. */ @Test public void testAddFailsForMalformedTimestamp(final TestContext ctx) { final JsonObject secret = new JsonObject() .put(CredentialsConstants.FIELD_SECRETS_NOT_BEFORE, "no-timestamp"); final JsonObject testData = createValidCredentialsObject(secret); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, testData); service.processRequest(msg).setHandler(ctx.asyncAssertFailure(t -> { ctx.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, ((ServiceInvocationException) t).getErrorCode()); })); }
/** * Verifies that the base service accepts a request for adding and updating clear text * hashed password credentials. * * @param ctx The vert.x test context. */ @Test public void testUpdateSucceedsForClearTextPassword(final TestContext ctx) { final JsonObject secret = new JsonObject().put(CredentialsConstants.FIELD_SECRETS_PWD_PLAIN, "initial"); final JsonObject credentials = createValidCredentialsObject( CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, secret); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, credentials); service.processRequest(msg) .compose(r -> { ctx.assertEquals(HttpURLConnection.HTTP_CREATED, r.getStatus()); verify(pwdEncoder).encode("initial"); final JsonObject updatedSecret = new JsonObject().put(CredentialsConstants.FIELD_SECRETS_PWD_PLAIN, "updated"); final JsonObject updatedCredentials = createValidCredentialsObject( CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, updatedSecret); secret.put(CredentialsConstants.FIELD_SECRETS_PWD_PLAIN, "updated"); final EventBusMessage updateMsg = createRequestForPayload(CredentialsConstants.CredentialsAction.update, updatedCredentials); return service.processRequest(updateMsg); }).setHandler(ctx.asyncAssertSuccess(r -> { ctx.assertEquals(HttpURLConnection.HTTP_NO_CONTENT, r.getStatus()); verify(pwdEncoder).encode("updated"); })); }
/** * Verifies that the base service rejects a request for adding * credentials containing an empty <em>secrets</em> array. * * @param ctx The vert.x test context. */ @Test public void testAddFailsForEmptySecrets(final TestContext ctx) { final JsonObject testData = createValidCredentialsObject(null); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, testData); service.processRequest(msg).setHandler(ctx.asyncAssertFailure(t -> { ctx.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, ((ServiceInvocationException) t).getErrorCode()); })); }
/** * Verifies that the base service accepts a request for adding * credentials that contains the minimum required properties. * * @param ctx The vert.x test context. */ @Test public void testAddSucceedsForMinimalData(final TestContext ctx) { final JsonObject testData = createValidCredentialsObject(); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, testData); service.processRequest(msg).setHandler(ctx.asyncAssertSuccess(response -> { ctx.assertEquals(HttpURLConnection.HTTP_CREATED, response.getStatus()); })); }
/** * Verifies that the base service rejects a request for adding * credentials that do not contain a <em>secrets</em> array at all. * * @param ctx The vert.x test context. */ @Test public void testAddFailsForMissingSecrets(final TestContext ctx) { final JsonObject testData = createValidCredentialsObject(); testData.remove(CredentialsConstants.FIELD_SECRETS); final EventBusMessage msg = createRequestForPayload(CredentialsConstants.CredentialsAction.add, testData); service.processRequest(msg).setHandler(ctx.asyncAssertFailure(t -> { ctx.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, ((ServiceInvocationException) t).getErrorCode()); })); }