1 package org.cacert.gigi;
3 import static org.hamcrest.CoreMatchers.*;
4 import static org.junit.Assert.*;
6 import java.io.IOException;
7 import java.net.HttpURLConnection;
9 import java.net.URLConnection;
10 import java.net.URLEncoder;
11 import java.security.GeneralSecurityException;
12 import java.security.KeyPair;
13 import java.security.PrivateKey;
14 import java.security.cert.X509Certificate;
16 import org.cacert.gigi.dbObjects.Certificate;
17 import org.cacert.gigi.dbObjects.Certificate.CSRType;
18 import org.cacert.gigi.dbObjects.CertificateProfile;
19 import org.cacert.gigi.dbObjects.Digest;
20 import org.cacert.gigi.dbObjects.User;
21 import org.cacert.gigi.testUtils.IOUtils;
22 import org.cacert.gigi.testUtils.ManagedTest;
23 import org.junit.Test;
25 public class LoginTest extends ManagedTest {
28 public void testLoginUnverified() throws IOException {
29 String email = createUniqueName() + "@testmail.org";
30 registerUser("an", "bn", email, TEST_PASSWORD);
31 getMailReceiver().receive();
32 assertFalse(isLoggedin(login(email, TEST_PASSWORD)));
36 public void testLoginVerified() throws IOException {
37 String email = createUniqueName() + "@testmail.org";
38 createVerifiedUser("an", "bn", email, TEST_PASSWORD);
39 assertTrue(isLoggedin(login(email, TEST_PASSWORD)));
43 public void testLoginRedirectBack() throws IOException {
44 String email = createUniqueName() + "@testmail.org";
45 createVerifiedUser("an", "bn", email, TEST_PASSWORD);
47 URL u0 = new URL("https://" + getServerName() + SECURE_REFERENCE);
48 HttpURLConnection huc0 = (HttpURLConnection) u0.openConnection();
49 String headerField = stripCookie(huc0.getHeaderField("Set-Cookie"));
51 HttpURLConnection huc = post(headerField, "/login", "username=" + URLEncoder.encode(email, "UTF-8") + "&password=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8"), 0);
53 headerField = huc.getHeaderField("Set-Cookie");
54 assertNotNull(headerField);
55 assertEquals(302, huc.getResponseCode());
56 assertEquals("https://" + getServerName() + SECURE_REFERENCE, huc.getHeaderField("Location"));
60 public void testLoginWrongPassword() throws IOException {
61 String email = createUniqueName() + "@testmail.org";
62 createVerifiedUser("an", "bn", email, TEST_PASSWORD);
63 assertFalse(isLoggedin(login(email, TEST_PASSWORD + "b")));
67 public void testLogoutVerified() throws IOException {
68 String email = createUniqueName() + "@testmail.org";
69 createVerifiedUser("an", "bn", email, TEST_PASSWORD);
70 String cookie = login(email, TEST_PASSWORD);
71 assertTrue(isLoggedin(cookie));
73 assertFalse(isLoggedin(cookie));
76 private void logout(String cookie) throws IOException {
77 get(cookie, "/logout").getHeaderField("Location");
81 public void testLoginMethodDisplay() throws IOException {
82 String email = createUniqueName() + "@testmail.org";
83 createVerifiedUser("an", "bn", email, TEST_PASSWORD);
84 String l = login(email, TEST_PASSWORD);
85 URLConnection c = get(l, "");
86 String readURL = IOUtils.readURL(c);
87 assertThat(readURL, containsString("Password"));
91 public void testLoginCertificate() throws IOException, GeneralSecurityException, GigiApiException, InterruptedException {
92 String email = createUniqueName() + "@testmail.org";
93 int user = createVerifiedUser("an", "bn", email, TEST_PASSWORD);
94 KeyPair kp = generateKeypair();
95 String csr = generatePEMCSR(kp, "CN=hans");
96 User u = User.getById(user);
97 Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "hans"), Digest.SHA256, csr, CSRType.CSR, CertificateProfile.getById(1));
98 final PrivateKey pk = kp.getPrivate();
99 await(c.issue(null, "2y", u));
100 final X509Certificate ce = c.cert();
101 c.setLoginEnabled(true);
102 String cookie = login(pk, ce);
103 URL u2 = new URL("https://" + getSecureServerName() + SECURE_REFERENCE);
104 HttpURLConnection huc = (HttpURLConnection) u2.openConnection();
105 huc.addRequestProperty("Cookie", cookie);
106 authenticateClientCert(pk, ce, huc);
107 assertEquals(200, huc.getResponseCode());