tests/org/cacert/gigi/testUtils/RestrictedApiTest.java

   1 package org.cacert.gigi.testUtils;
   2
   3 import static org.junit.Assert.*;
   4
   5 import java.io.IOException;
   6 import java.io.OutputStream;
   7 import java.net.HttpURLConnection;
   8 import java.net.URL;
   9 import java.security.GeneralSecurityException;
  10 import java.security.KeyPair;
  11 import java.security.PrivateKey;
  12 import java.security.cert.X509Certificate;
  13
  14 import org.cacert.gigi.GigiApiException;
  15 import org.cacert.gigi.dbObjects.Certificate;
  16 import org.cacert.gigi.dbObjects.Certificate.CSRType;
  17 import org.cacert.gigi.dbObjects.Certificate.SANType;
  18 import org.cacert.gigi.dbObjects.CertificateProfile;
  19 import org.cacert.gigi.dbObjects.Country;
  20 import org.cacert.gigi.dbObjects.Country.CountryCodeType;
  21 import org.cacert.gigi.dbObjects.Digest;
  22 import org.cacert.gigi.dbObjects.Group;
  23 import org.cacert.gigi.dbObjects.Organisation;
  24 import org.cacert.gigi.dbObjects.User;
  25 import org.cacert.gigi.util.ServerConstants;
  26 import org.junit.BeforeClass;
  27
  28 public class RestrictedApiTest extends ClientTest {
  29
  30     protected static PrivateKey pk;
  31
  32     protected static X509Certificate ce;
  33
  34     protected static Organisation selfOrg;
  35
  36     public RestrictedApiTest() {
  37         makeAssurer(id);
  38     }
  39
  40     @BeforeClass
  41     public static void initCert() {
  42         initEnvironment();
  43         try {
  44             User u = User.getById(createAssuranceUser("f", "l", createUniqueName() + "@email.com", TEST_PASSWORD));
  45             grant(u, Group.ORGASSURER);
  46             clearCaches();
  47             u = User.getById(u.getId());
  48             selfOrg = new Organisation(Organisation.SELF_ORG_NAME, Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "NA", "NA", "contact@cacert.org", "", "", u);
  49             assertTrue(selfOrg.isSelfOrganisation());
  50             KeyPair kp = generateKeypair();
  51             String key1 = generatePEMCSR(kp, "EMAIL=" + ServerConstants.getQuizMailAddress());
  52             Certificate apiCert = new Certificate(selfOrg, u, Certificate.buildDN("EMAIL", ServerConstants.getQuizMailAddress()), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getByName("client-orga"), new Certificate.SubjectAlternateName(SANType.EMAIL, ServerConstants.getQuizMailAddress()));
  53             pk = kp.getPrivate();
  54             await(apiCert.issue(null, "2y", u));
  55             ce = apiCert.cert();
  56             apiCert.setLoginEnabled(true);
  57         } catch (IOException e) {
  58             throw new Error(e);
  59         } catch (GigiApiException e) {
  60             throw new Error(e);
  61         } catch (GeneralSecurityException e) {
  62             throw new Error(e);
  63         } catch (InterruptedException e) {
  64             throw new Error(e);
  65         }
  66
  67     }
  68
  69     public HttpURLConnection doApi(String path, String content) throws IOException, GeneralSecurityException {
  70         HttpURLConnection connection = (HttpURLConnection) new URL("https://" + getServerName().replaceFirst("^www.", "api.") + path).openConnection();
  71         authenticateClientCert(pk, ce, connection);
  72         connection.setDoOutput(true);
  73         OutputStream os = connection.getOutputStream();
  74         os.write(content.getBytes());
  75         return connection;
  76     }
  77 }