1 package org.cacert.gigi.testUtils;
3 import static org.junit.Assert.*;
5 import java.io.IOException;
6 import java.io.OutputStream;
7 import java.net.HttpURLConnection;
9 import java.security.GeneralSecurityException;
10 import java.security.KeyPair;
11 import java.security.PrivateKey;
12 import java.security.cert.X509Certificate;
14 import org.cacert.gigi.GigiApiException;
15 import org.cacert.gigi.dbObjects.Certificate;
16 import org.cacert.gigi.dbObjects.Certificate.CSRType;
17 import org.cacert.gigi.dbObjects.Certificate.SANType;
18 import org.cacert.gigi.dbObjects.CertificateProfile;
19 import org.cacert.gigi.dbObjects.Country;
20 import org.cacert.gigi.dbObjects.Country.CountryCodeType;
21 import org.cacert.gigi.dbObjects.Digest;
22 import org.cacert.gigi.dbObjects.Group;
23 import org.cacert.gigi.dbObjects.Organisation;
24 import org.cacert.gigi.dbObjects.User;
25 import org.cacert.gigi.util.ServerConstants;
26 import org.junit.BeforeClass;
28 public class RestrictedApiTest extends ClientTest {
30 protected static PrivateKey pk;
32 protected static X509Certificate ce;
34 protected static Organisation selfOrg;
36 public RestrictedApiTest() {
41 public static void initCert() {
44 User u = User.getById(createAssuranceUser("f", "l", createUniqueName() + "@email.com", TEST_PASSWORD));
45 grant(u, Group.ORGASSURER);
47 u = User.getById(u.getId());
48 selfOrg = new Organisation(Organisation.SELF_ORG_NAME, Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "NA", "NA", "contact@cacert.org", "", "", u);
49 assertTrue(selfOrg.isSelfOrganisation());
50 KeyPair kp = generateKeypair();
51 String key1 = generatePEMCSR(kp, "EMAIL=" + ServerConstants.getQuizMailAddress());
52 Certificate apiCert = new Certificate(selfOrg, u, Certificate.buildDN("EMAIL", ServerConstants.getQuizMailAddress()), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getByName("client-orga"), new Certificate.SubjectAlternateName(SANType.EMAIL, ServerConstants.getQuizMailAddress()));
54 await(apiCert.issue(null, "2y", u));
56 apiCert.setLoginEnabled(true);
57 } catch (IOException e) {
59 } catch (GigiApiException e) {
61 } catch (GeneralSecurityException e) {
63 } catch (InterruptedException e) {
69 public HttpURLConnection doApi(String path, String content) throws IOException, GeneralSecurityException {
70 HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + path).openConnection();
71 authenticateClientCert(pk, ce, connection);
72 connection.setDoOutput(true);
73 OutputStream os = connection.getOutputStream();
74 os.write(content.getBytes());