]> WPIA git - gigi.git/blobdiff - tests/org/cacert/gigi/TestCrossDomainAccess.java
projects / gigi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upd: factor out default client certificate profile
[gigi.git] / tests / org / cacert / gigi / TestCrossDomainAccess.java
diff --git a/tests/org/cacert/gigi/TestCrossDomainAccess.java b/tests/org/cacert/gigi/TestCrossDomainAccess.java
index 26dc35fb312206c99d6c1adb41687ec7c435415a..e2a600704b5087f642c36a974f6732e6c344a94a 100644 (file)
--- a/tests/org/cacert/gigi/TestCrossDomainAccess.java
+++ b/tests/org/cacert/gigi/TestCrossDomainAccess.java
@@ -8,8 +8,14 @@ import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLConnection;
 import java.security.GeneralSecurityException;
+import java.security.KeyPair;
+import java.security.PrivateKey;
 import java.sql.SQLException;
 
+import org.cacert.gigi.dbObjects.Certificate;
+import org.cacert.gigi.dbObjects.Certificate.CSRType;
+import org.cacert.gigi.dbObjects.Digest;
+import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.testUtils.IOUtils;
 import org.cacert.gigi.testUtils.ManagedTest;
 import org.cacert.gigi.util.ServerConstants;
@@ -39,7 +45,16 @@ public class TestCrossDomainAccess extends ManagedTest {
 
     @Test
     public void testCorrectOriginHeaderFromHttpsToSecure() throws MalformedURLException, IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException {
+        User u = User.getById(createVerifiedUser("fn", "ln", "testmail@example.com", TEST_PASSWORD));
+        KeyPair kp = generateKeypair();
+        String key = generatePEMCSR(kp, "CN=testmail@example.com");
+        Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, getClientProfile());
+        final PrivateKey pk = kp.getPrivate();
+        c.setLoginEnabled(true);
+        await(c.issue(null, "2y", u));
+
         URLConnection con = new URL("https://" + ServerConstants.getSecureHostNamePort()).openConnection();
+        authenticateClientCert(pk, c.cert(), (HttpURLConnection) con);
         con.setRequestProperty("Origin", "https://" + ServerConstants.getWwwHostNamePortSecure());
         String contains = IOUtils.readURL(con);
         assertTrue( !contains.contains("No cross domain access allowed."));
WPIA Certificate Web Issuance Platform