tests/org/cacert/gigi/pages/account/TestPasswordResetExternal.java

   1 package org.cacert.gigi.pages.account;
   2
   3 import static org.junit.Assert.*;
   4
   5 import java.io.IOException;
   6 import java.io.OutputStream;
   7 import java.io.UnsupportedEncodingException;
   8 import java.net.MalformedURLException;
   9 import java.net.URL;
  10 import java.net.URLConnection;
  11 import java.net.URLEncoder;
  12
  13 import org.cacert.gigi.dbObjects.User;
  14 import org.cacert.gigi.pages.wot.TestAssurance;
  15 import org.cacert.gigi.testUtils.ClientTest;
  16 import org.cacert.gigi.testUtils.IOUtils;
  17 import org.cacert.gigi.testUtils.TestEmailReceiver.TestMail;
  18 import org.cacert.gigi.util.RandomToken;
  19 import org.junit.Test;
  20
  21 public class TestPasswordResetExternal extends ClientTest {
  22
  23     @Test
  24     public void testByAssurance() throws IOException {
  25         User u = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@example.com", TEST_PASSWORD));
  26         String cookie2 = login(u.getEmail(), TEST_PASSWORD);
  27         URLConnection uc = TestAssurance.buildupAssureFormConnection(cookie2, email, true);
  28         String avalue = RandomToken.generateToken(32);
  29         uc.getOutputStream().write(("date=1910-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10&passwordReset=1&passwordResetValue=" + URLEncoder.encode(avalue, "UTF-8")).getBytes("UTF-8"));
  30         uc.getOutputStream().flush();
  31         String error = fetchStartErrorMessage(IOUtils.readURL(uc));
  32         assertNull(error);
  33
  34         TestMail mail = getMailReciever().receive();
  35         System.out.println(mail.getMessage());
  36         String link = mail.extractLink();
  37         String npw = TEST_PASSWORD + "'";
  38         assertNotNull(toPasswordReset(avalue, link, npw, npw + "'"));
  39         assertNotNull(toPasswordReset(avalue + "'", link, npw, npw));
  40         assertNotNull(toPasswordReset(avalue, link, "a", "a"));
  41         assertNull(toPasswordReset(avalue, link, npw, npw));
  42         assertNotNull(login(email, npw));
  43     }
  44
  45     private String toPasswordReset(String avalue, String link, String npw, String npw2) throws IOException, MalformedURLException, UnsupportedEncodingException {
  46         URLConnection uc2 = new URL(link).openConnection();
  47         String csrf = getCSRF(uc2);
  48         String headerField = uc2.getHeaderField("Set-Cookie");
  49         assertNotNull(headerField);
  50         String cookie3 = stripCookie(headerField);
  51         uc2 = new URL(link).openConnection();
  52         cookie(uc2, cookie3);
  53         uc2.setDoOutput(true);
  54         OutputStream o = uc2.getOutputStream();
  55         o.write(("csrf=" + csrf + "&pword1=" + URLEncoder.encode(npw, "UTF-8") + "&pword2=" + URLEncoder.encode(npw2, "UTF-8") + "&private_token=" + URLEncoder.encode(avalue, "UTF-8")).getBytes("UTF-8"));
  56         return fetchStartErrorMessage(IOUtils.readURL(uc2));
  57     }
  58 }