1 package org.cacert.gigi.api;
3 import static org.junit.Assert.*;
5 import java.io.IOException;
6 import java.io.OutputStream;
7 import java.io.UnsupportedEncodingException;
8 import java.net.HttpURLConnection;
9 import java.net.MalformedURLException;
11 import java.net.URLEncoder;
12 import java.security.GeneralSecurityException;
13 import java.security.KeyManagementException;
14 import java.security.KeyPair;
15 import java.security.NoSuchAlgorithmException;
16 import java.security.PrivateKey;
17 import java.security.cert.X509Certificate;
19 import org.cacert.gigi.GigiApiException;
20 import org.cacert.gigi.dbObjects.CATS.CATSType;
21 import org.cacert.gigi.dbObjects.Certificate;
22 import org.cacert.gigi.dbObjects.Certificate.CSRType;
23 import org.cacert.gigi.dbObjects.Certificate.SANType;
24 import org.cacert.gigi.dbObjects.CertificateProfile;
25 import org.cacert.gigi.dbObjects.Digest;
26 import org.cacert.gigi.dbObjects.Group;
27 import org.cacert.gigi.dbObjects.Organisation;
28 import org.cacert.gigi.dbObjects.User;
29 import org.cacert.gigi.testUtils.ClientTest;
30 import org.cacert.gigi.testUtils.IOUtils;
31 import org.junit.Test;
33 public class ImportCATSResult extends ClientTest {
35 private PrivateKey pk;
37 private X509Certificate ce;
39 public ImportCATSResult() throws IOException, GeneralSecurityException, InterruptedException, GigiApiException {
42 grant(u.getEmail(), Group.ORGASSURER);
44 u = User.getById(u.getId());
45 Organisation o = new Organisation(Organisation.SELF_ORG_NAME, "NA", "NA", "NA", "contact@cacert.org", "", "", u);
46 assertTrue(o.isSelfOrganisation());
47 KeyPair kp = generateKeypair();
48 String key1 = generatePEMCSR(kp, "EMAIL=cats@cacert.org");
49 Certificate c = new Certificate(o, u, Certificate.buildDN("EMAIL", "cats@cacert.org"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getByName("client-orga"), new Certificate.SubjectAlternateName(SANType.EMAIL, "cats@cacert.org"));
51 await(c.issue(null, "2y", u));
56 public void testLookupSerial() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
57 Certificate target2 = new Certificate(u, u, Certificate.buildDN("EMAIL", u.getEmail()), Digest.SHA256, generatePEMCSR(generateKeypair(), "EMAIL=" + u.getEmail()), CSRType.CSR, CertificateProfile.getByName("client"), new Certificate.SubjectAlternateName(SANType.EMAIL, "cats@cacert.org"));
58 await(target2.issue(null, "2y", u));
60 assertEquals(u.getId(), Integer.parseInt(apiLookup(target2)));
64 public void testImportCATS() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
66 assertEquals(1, u.getTrainings().length);
67 apiImport(u, "Test Training");
68 assertEquals(2, u.getTrainings().length);
70 User u2 = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.com", TEST_PASSWORD));
71 assertEquals(0, u2.getTrainings().length);
72 assertFalse(u2.hasPassedCATS());
73 apiImport(u2, "Test Training");
74 assertEquals(1, u2.getTrainings().length);
75 assertFalse(u2.hasPassedCATS());
76 apiImport(u2, CATSType.ASSURER_CHALLENGE.getDisplayName());
77 assertEquals(2, u2.getTrainings().length);
78 assertTrue(u2.hasPassedCATS());
83 public void testImportCATSFailures() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
84 assertEquals(1, u.getTrainings().length);
85 assertNotEquals(200, executeImportQuery("").getResponseCode());
86 assertNotEquals(200, executeImportQuery("mid=" + u.getId()).getResponseCode());
87 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training").getResponseCode());
88 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training&date=" + System.currentTimeMillis()).getResponseCode());
89 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training&date=" + System.currentTimeMillis() + "&language=en").getResponseCode());
90 assertNotEquals(200, executeImportQuery("mid=" + u.getId() + "&variant=Test+Training&date=" + System.currentTimeMillis() + "&version=1.0").getResponseCode());
91 assertEquals(1, u.getTrainings().length);
92 apiImport(u, "Test Training");
93 assertEquals(2, u.getTrainings().length);
97 private void apiImport(User target, String test) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException, GeneralSecurityException {
98 HttpURLConnection connection = executeImportQuery("mid=" + target.getId() + "&variant=" + URLEncoder.encode(test, "UTF-8") + "&date=" + System.currentTimeMillis() + "&language=en&version=1.0");
99 if (connection.getResponseCode() != 200) {
100 throw new Error(connection.getResponseMessage());
104 private HttpURLConnection executeImportQuery(String query) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException, Error {
105 HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + CATSImport.PATH).openConnection();
106 authenticateClientCert(pk, ce, connection);
107 connection.setDoOutput(true);
108 OutputStream os = connection.getOutputStream();
109 os.write(query.getBytes("UTF-8"));
113 private String apiLookup(Certificate target) throws IOException, MalformedURLException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException, GeneralSecurityException {
114 HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + CATSResolve.PATH).openConnection();
115 authenticateClientCert(pk, ce, connection);
116 connection.setDoOutput(true);
117 OutputStream os = connection.getOutputStream();
118 os.write(("serial=" + target.cert().getSerialNumber().toString(16).toLowerCase()).getBytes());
119 if (connection.getResponseCode() != 200) {
120 throw new Error(connection.getResponseMessage());
122 return IOUtils.readURL(connection);