2 * ========================LICENSE_START=================================
3 * Copyright (C) 2021 Nordix Foundation. All rights reserved.
4 * ======================================================================
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 * ========================LICENSE_END===================================
19 package org.oransc.rappcatalogue;
21 import static org.junit.jupiter.api.Assertions.assertEquals;
22 import static org.junit.jupiter.api.Assertions.assertThrows;
23 import static org.junit.jupiter.api.Assertions.assertTrue;
25 import javax.net.ssl.SSLContext;
27 import org.apache.http.client.HttpClient;
28 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
29 import org.apache.http.impl.client.HttpClients;
30 import org.apache.http.ssl.SSLContextBuilder;
31 import org.junit.jupiter.api.Test;
32 import org.junit.jupiter.api.extension.ExtendWith;
33 import org.springframework.beans.factory.annotation.Autowired;
34 import org.springframework.beans.factory.annotation.Value;
35 import org.springframework.boot.test.context.SpringBootTest;
36 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
37 import org.springframework.boot.test.web.client.TestRestTemplate;
38 import org.springframework.boot.test.web.client.TestRestTemplate.HttpClientOption;
39 import org.springframework.boot.web.client.RestTemplateBuilder;
40 import org.springframework.boot.web.server.AbstractConfigurableWebServerFactory;
41 import org.springframework.boot.web.server.LocalServerPort;
42 import org.springframework.http.HttpStatus;
43 import org.springframework.http.ResponseEntity;
44 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
45 import org.springframework.test.context.TestPropertySource;
46 import org.springframework.test.context.junit.jupiter.SpringExtension;
47 import org.springframework.util.ResourceUtils;
48 import org.springframework.web.client.ResourceAccessException;
50 @ExtendWith(SpringExtension.class)
51 @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
54 "server.ssl.key-store=./config/r-app-catalogue-keystore.jks", //
55 "server.http-port=0"})
56 public class HttpsRequestTest {
58 @Value("${server.ssl.key-store-password}")
59 private String keyStorePassword; // inject password from config
61 @Value("${server.ssl.key-store}")
62 private String keyStore; // inject keyStore from config
68 private AbstractConfigurableWebServerFactory webServerFactory;
71 public void testSsl() {
72 assertEquals(true, this.webServerFactory.getSsl().isEnabled());
76 public void rest_OverPlainHttp_GetsBadRequestRequiresTLS() throws Exception {
77 TestRestTemplate template = new TestRestTemplate();
78 ResponseEntity<String> responseEntity =
79 template.getForEntity("http://localhost:" + port + "/services", String.class);
80 assertEquals(HttpStatus.BAD_REQUEST, responseEntity.getStatusCode());
81 assertTrue(responseEntity.getBody().contains("This combination of host and port requires TLS"));
85 public void rest_WithoutSSLConfiguration_ThrowsSSLExceptionUnableFindValidCertPath() throws Exception {
86 TestRestTemplate template = new TestRestTemplate();
88 ResourceAccessException thrown = assertThrows(ResourceAccessException.class, () -> {
89 template.getForEntity("https://localhost:" + port + "/services", String.class);
91 assertTrue(thrown.getMessage().contains("unable to find valid certification path to requested target"));
95 public void rest_WithTwoWaySSL_AuthenticatesAndGetsExpectedResponse() throws Exception {
97 SSLContext sslContext = new SSLContextBuilder().loadKeyMaterial(ResourceUtils.getFile(keyStore),
98 keyStorePassword.toCharArray(), keyStorePassword.toCharArray()).build();
100 SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext);
101 HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
102 HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
103 RestTemplateBuilder rtb =
104 new RestTemplateBuilder().requestFactory(() -> factory).rootUri("https://localhost:" + port);
106 TestRestTemplate template = new TestRestTemplate(rtb, null, null, HttpClientOption.SSL);
108 ResponseEntity<String> responseEntity = template.getForEntity("/services", String.class);
109 assertEquals(HttpStatus.OK, responseEntity.getStatusCode());
110 assertEquals("[]", responseEntity.getBody());