1 package club.wpia.gigi.api;
3 import static org.junit.Assert.*;
5 import java.io.IOException;
6 import java.io.UnsupportedEncodingException;
7 import java.net.HttpURLConnection;
8 import java.net.MalformedURLException;
9 import java.net.URLEncoder;
10 import java.security.GeneralSecurityException;
11 import java.security.KeyManagementException;
12 import java.security.NoSuchAlgorithmException;
14 import org.junit.Test;
16 import club.wpia.gigi.GigiApiException;
17 import club.wpia.gigi.api.CATSImport;
18 import club.wpia.gigi.api.CATSResolve;
19 import club.wpia.gigi.dbObjects.Certificate;
20 import club.wpia.gigi.dbObjects.CertificateProfile;
21 import club.wpia.gigi.dbObjects.Digest;
22 import club.wpia.gigi.dbObjects.User;
23 import club.wpia.gigi.dbObjects.CATS.CATSType;
24 import club.wpia.gigi.dbObjects.Certificate.CSRType;
25 import club.wpia.gigi.dbObjects.Certificate.SANType;
26 import club.wpia.gigi.testUtils.IOUtils;
27 import club.wpia.gigi.testUtils.RestrictedApiTest;
28 import club.wpia.gigi.util.ServerConstants;
30 public class ImportCATSResult extends RestrictedApiTest {
33 public void testLookupSerial() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
34 Certificate target2 = new Certificate(u, u, Certificate.buildDN("EMAIL", u.getEmail()), Digest.SHA256, generatePEMCSR(generateKeypair(), "EMAIL=" + u.getEmail()), CSRType.CSR, CertificateProfile.getByName("client"), new Certificate.SubjectAlternateName(SANType.EMAIL, "cats@example.com"));
35 await(target2.issue(null, "2y", u));
36 target2.setLoginEnabled(true);
38 assertEquals(u.getId(), Integer.parseInt(apiLookup(target2)));
40 Certificate target3 = new Certificate(selfOrg, u, Certificate.buildDN("EMAIL", ServerConstants.getQuizAdminMailAddress()), Digest.SHA256, generatePEMCSR(generateKeypair(), "EMAIL=" + ServerConstants.getQuizAdminMailAddress()), CSRType.CSR, CertificateProfile.getByName("client-orga"), new Certificate.SubjectAlternateName(SANType.EMAIL, ServerConstants.getQuizAdminMailAddress()));
41 await(target3.issue(null, "2y", u));
42 target3.setLoginEnabled(true);
44 assertEquals("admin", apiLookup(target3));
48 public void testImportCATS() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
50 assertEquals(1, u.getTrainings().length);
51 apiImport(u, "Test Training");
52 assertEquals(2, u.getTrainings().length);
54 User u2 = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.com", TEST_PASSWORD));
55 assertEquals(0, u2.getTrainings().length);
56 assertFalse(u2.hasPassedCATS());
57 apiImport(u2, "Test Training");
58 assertEquals(1, u2.getTrainings().length);
59 assertFalse(u2.hasPassedCATS());
60 apiImport(u2, CATSType.AGENT_CHALLENGE.getDisplayName());
61 assertEquals(2, u2.getTrainings().length);
62 assertTrue(u2.hasPassedCATS());
67 public void testImportCATSFailures() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
68 assertEquals(1, u.getTrainings().length);
69 assertNotEquals(200, executeImportQuery("").getResponseCode());
70 assertNotEquals(200, executeImportQuery("mid=" + u.getId()).getResponseCode());
71 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training").getResponseCode());
72 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training&date=" + System.currentTimeMillis()).getResponseCode());
73 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training&date=" + System.currentTimeMillis() + "&language=en").getResponseCode());
74 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training&date=" + System.currentTimeMillis() + "&version=1.0").getResponseCode());
75 assertEquals(1, u.getTrainings().length);
76 apiImport(u, "Test Training");
77 assertEquals(2, u.getTrainings().length);
81 private void apiImport(User target, String test) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException, GeneralSecurityException {
82 HttpURLConnection connection = executeImportQuery("mid=" + target.getId() + "&variant=" + URLEncoder.encode(test, "UTF-8") + "&date=" + System.currentTimeMillis() + "&language=en&version=1.0");
83 if (connection.getResponseCode() != 200) {
84 throw new Error(connection.getResponseMessage());
88 private HttpURLConnection executeImportQuery(String query) throws IOException, GeneralSecurityException {
89 return doApi(CATSImport.PATH, query);
92 private String apiLookup(Certificate target) throws IOException, GeneralSecurityException {
93 HttpURLConnection connection = doApi(CATSResolve.PATH, "serial=" + target.cert().getSerialNumber().toString(16).toLowerCase());
94 if (connection.getResponseCode() != 200) {
95 throw new Error(connection.getResponseMessage());
97 return IOUtils.readURL(connection);