1 package org.cacert.gigi.api;
3 import static org.hamcrest.CoreMatchers.*;
4 import static org.junit.Assert.*;
6 import java.io.IOException;
7 import java.io.InputStreamReader;
8 import java.net.HttpURLConnection;
9 import java.security.GeneralSecurityException;
10 import java.util.Arrays;
12 import org.cacert.gigi.GigiApiException;
13 import org.cacert.gigi.dbObjects.Certificate;
14 import org.cacert.gigi.dbObjects.Certificate.CSRType;
15 import org.cacert.gigi.dbObjects.Certificate.SANType;
16 import org.cacert.gigi.dbObjects.CertificateProfile;
17 import org.cacert.gigi.dbObjects.Digest;
18 import org.cacert.gigi.dbObjects.Group;
19 import org.cacert.gigi.dbObjects.User;
20 import org.cacert.gigi.pages.account.FindAgentAccess;
21 import org.cacert.gigi.testUtils.IOUtils;
22 import org.cacert.gigi.testUtils.RestrictedApiTest;
23 import org.cacert.gigi.testUtils.TestEmailReceiver.TestMail;
24 import org.json.JSONArray;
25 import org.json.JSONObject;
26 import org.json.JSONTokener;
27 import org.junit.Test;
29 public class TestFindAgent extends RestrictedApiTest {
32 public void testResolve() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
33 Certificate target2 = new Certificate(u, u, Certificate.buildDN("EMAIL", u.getEmail()), Digest.SHA256, generatePEMCSR(generateKeypair(), "EMAIL=" + u.getEmail()), CSRType.CSR, CertificateProfile.getByName("client"), new Certificate.SubjectAlternateName(SANType.EMAIL, "cats@cacert.org"));
34 await(target2.issue(null, "2y", u));
36 HttpURLConnection v = doApi(FindAgent.PATH_RESOLVE, "serial=" + target2.getSerial().toLowerCase());
37 assertEquals(501, v.getResponseCode());
38 assertThat(IOUtils.readURL(new InputStreamReader(v.getErrorStream(), "UTF-8")), containsString(FindAgentAccess.PATH));
40 grant(u, Group.LOCATE_AGENT);
41 v = doApi(FindAgent.PATH_RESOLVE, "serial=" + target2.getSerial().toLowerCase());
42 assertEquals(u.getId(), Integer.parseInt(IOUtils.readURL(v)));
46 public void testMailA() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
51 public void testMailB() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
55 public void testMail(boolean userUFirst) throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
56 int u2 = createVerifiedUser("f", "l", createUniqueName() + "@email.com", TEST_PASSWORD);
57 User us2 = User.getById(u2);
59 // email sending fails
60 HttpURLConnection v = doApi(FindAgent.PATH_MAIL, "from=" + id + "&to=" + u2 + "&subject=the-subject&body=body");
61 assertEquals(v.getResponseMessage(), 501, v.getResponseCode());
62 assertThat(v.getResponseMessage(), containsString("needs to enable access"));
64 // even if sender enables service
65 grant((userUFirst ? u : us2), Group.LOCATE_AGENT);
66 v = doApi(FindAgent.PATH_MAIL, "from=" + id + "&to=" + u2 + "&subject=the-subject&body=body");
67 assertEquals(v.getResponseMessage(), 501, v.getResponseCode());
68 assertThat(v.getResponseMessage(), containsString("needs to enable access"));
70 // receiver needs to enable access as well
71 grant((userUFirst ? us2 : u), Group.LOCATE_AGENT);
72 v = doApi(FindAgent.PATH_MAIL, "from=" + id + "&to=" + u2 + "&subject=the-subject&body=body");
73 assertEquals(v.getResponseMessage(), 200, v.getResponseCode());
74 TestMail mail = getMailReceiver().receive();
75 assertEquals("body", mail.getMessage());
76 assertThat(mail.getSubject(), containsString("the-subject"));
77 assertEquals(us2.getEmail(), mail.getTo());
81 public void testLookupName() throws GigiApiException, IOException, GeneralSecurityException, InterruptedException {
82 int u2 = createVerifiedUser("f", "l", createUniqueName() + "@email.com", TEST_PASSWORD);
84 String res = IOUtils.readURL(doApi(FindAgent.PATH_INFO, "id=" + id + "&id=" + u2)).replace("\r", "");
85 res = IOUtils.readURL(doApi(FindAgent.PATH_INFO, "id=" + id + "&id=" + u2)).replace("\r", "");
86 assertEquals(new JSONArray().toString(), new JSONArray(new JSONTokener(res)).toString());
87 grant(u, Group.LOCATE_AGENT);
88 grant(User.getById(u2), Group.LOCATE_AGENT);
89 res = IOUtils.readURL(doApi(FindAgent.PATH_INFO, "id=" + id + "&id=" + u2)).replace("\r", "");
90 JSONTokener jt = new JSONTokener(res);
91 JSONObject j1 = new JSONObject();
93 j1.put("canAssure", true);
94 j1.put("name", u.getPreferredName().toAbbreviatedString());
95 JSONObject j2 = new JSONObject();
97 j2.put("canAssure", false);
98 j2.put("name", User.getById(u2).getPreferredName().toAbbreviatedString());
99 JSONArray ja = new JSONArray(Arrays.asList(j1, j2));
100 assertEquals(ja.toString(), new JSONArray(jt).toString());