1 package club.wpia.gigi.pages.account;
3 import static org.hamcrest.CoreMatchers.*;
4 import static org.junit.Assert.*;
6 import java.io.IOException;
7 import java.security.GeneralSecurityException;
8 import java.security.KeyPair;
9 import java.util.Locale;
11 import org.junit.Test;
13 import club.wpia.gigi.GigiApiException;
14 import club.wpia.gigi.database.GigiPreparedStatement;
15 import club.wpia.gigi.dbObjects.EmailAddress;
16 import club.wpia.gigi.dbObjects.Group;
17 import club.wpia.gigi.pages.account.certs.CertificateRequest;
18 import club.wpia.gigi.testUtils.ClientTest;
19 import club.wpia.gigi.util.AuthorizationContext;
20 import club.wpia.gigi.util.TimeConditions;
22 public class TestCertificateRequest extends ClientTest {
24 KeyPair kp = generateKeypair();
26 AuthorizationContext ac;
28 public TestCertificateRequest() throws GeneralSecurityException, IOException, GigiApiException {
29 ac = new AuthorizationContext(u, u, false);
34 public void testIssuingOtherName() throws Exception {
36 new CertificateRequest(ac, generatePEMCSR(kp, "CN=hansi")).draft();
38 } catch (GigiApiException e) {
39 assertThat(e.getMessage(), containsString("name you entered was invalid"));
44 public void testIssuingDefault() throws Exception {
45 new CertificateRequest(ac, generatePEMCSR(kp, "CN=" + CertificateRequest.DEFAULT_CN + ",EMAIL=" + email)).draft();
49 public void testIssuingRealName() throws Exception {
50 new CertificateRequest(ac, generatePEMCSR(kp, "CN=a b,EMAIL=" + email)).draft();
54 public void testIssuingModifiedName() throws Exception {
56 new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab")).draft();
58 } catch (GigiApiException e) {
59 assertThat(e.getMessage(), containsString("name you entered was invalid"));
64 // TODO annotate that this depends on default config
66 public void testCodesignModifiedName() throws Exception {
68 u.grantGroup(getSupporter(), Group.CODESIGNING);
69 CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab"));
70 cr.update("name", "SHA512", "code-a", null, null, "email:" + email);
73 } catch (GigiApiException e) {
74 assertThat(e.getMessage(), containsString("does not match the details"));
79 // TODO annotate that this depends on default config
81 public void testCodesignNoPermModifiedName() throws Exception {
83 CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab"));
84 cr.update("name", "SHA512", "code-a", null, null, "email:" + email);
87 } catch (GigiApiException e) {
88 assertThat(e.getMessage(), containsString("Certificate Profile is invalid."));
94 public void testPingPeriodOneAddress() throws IOException, GeneralSecurityException, GigiApiException {
95 // get new email address with last ping in past
96 String furtherEmail = createUniqueName() + "@example.org";
97 new EmailAddress(u, furtherEmail, Locale.ENGLISH);
98 getMailReceiver().receive(furtherEmail);
99 try (GigiPreparedStatement stmt = new GigiPreparedStatement("UPDATE `emailPinglog` SET `status`='success'::`pingState`, `when` = (now() - interval '1 months' * ?::INTEGER) WHERE `email`=? ")) {
100 stmt.setInt(1, TimeConditions.getInstance().getEmailPingMonths());
101 stmt.setString(2, furtherEmail);
102 stmt.executeUpdate();
106 CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab"));
107 cr.update("name", "SHA512", "mail", null, null, "email:" + furtherEmail);
110 } catch (GigiApiException e) {
111 assertThat(e.getMessage(), containsString("needs a verification via email ping within the past"));
117 public void testPingPeriodTwoAddresses() throws IOException, GeneralSecurityException, GigiApiException {
118 // get new email address with last ping in past
119 String furtherEmail = createUniqueName() + "@example.org";
120 new EmailAddress(u, furtherEmail, Locale.ENGLISH);
121 getMailReceiver().receive(furtherEmail);
122 try (GigiPreparedStatement stmt = new GigiPreparedStatement("UPDATE `emailPinglog` SET `status`='success'::`pingState`, `when` = (now() - interval '1 months' * ?::INTEGER) WHERE `email`=? ")) {
123 stmt.setInt(1, TimeConditions.getInstance().getEmailPingMonths());
124 stmt.setString(2, furtherEmail);
125 stmt.executeUpdate();
129 CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab"));
130 cr.update("name", "SHA512", "mail", null, null, "email:" + furtherEmail + ",email:" + email);
133 } catch (GigiApiException e) {
134 assertThat(e.getMessage(), containsString("needs a verification via email ping within the past"));