X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=tests%2Forg%2Fcacert%2Fgigi%2FLoginTest.java;h=86e3d7b7e53314a10e9b51c4513400bc4666a304;hp=9aa24c763c5de083eaf18ae48ede7620f15fc6c5;hb=485345c765f3c66751d4aad8d5c935e3cbf58cf1;hpb=4839e26459ef687d10226dd4cda6f291bfe62e1a diff --git a/tests/org/cacert/gigi/LoginTest.java b/tests/org/cacert/gigi/LoginTest.java index 9aa24c76..86e3d7b7 100644 --- a/tests/org/cacert/gigi/LoginTest.java +++ b/tests/org/cacert/gigi/LoginTest.java @@ -1,52 +1,109 @@ package org.cacert.gigi; -import java.io.IOException; +import static org.hamcrest.CoreMatchers.*; import static org.junit.Assert.*; -import java.io.OutputStream; + +import java.io.IOException; import java.net.HttpURLConnection; import java.net.URL; +import java.net.URLConnection; import java.net.URLEncoder; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; +import org.cacert.gigi.dbObjects.Certificate; +import org.cacert.gigi.dbObjects.Certificate.CSRType; +import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; +import org.cacert.gigi.dbObjects.User; +import org.cacert.gigi.testUtils.IOUtils; import org.cacert.gigi.testUtils.ManagedTest; import org.junit.Test; public class LoginTest extends ManagedTest { - public static final String secureReference = "/account/certs/email"; - @Test - public void testLoginUnverified() throws IOException { - long uniq = System.currentTimeMillis(); - String email = "system" + uniq + "@testmail.org"; - String pw = "1'aAaA"; - registerUser("an", "bn", email, pw); - waitForMail(); - assertFalse(isLoggedin(login(email, pw))); - } - @Test - public void testLoginVerified() throws IOException { - long uniq = System.currentTimeMillis(); - String email = "system2" + uniq + "@testmail.org"; - String pw = "1'aAaA"; - createVerifiedUser("an", "bn", email, pw); - assertTrue(isLoggedin(login(email, pw))); - } - public boolean isLoggedin(String cookie) throws IOException { - URL u = new URL("https://" + getServerName() + secureReference); - HttpURLConnection huc = (HttpURLConnection) u.openConnection(); - huc.addRequestProperty("Cookie", cookie); - return huc.getResponseCode() == 200; - } - public String login(String email, String pw) throws IOException { - URL u = new URL("https://" + getServerName() + "/login"); - HttpURLConnection huc = (HttpURLConnection) u.openConnection(); - huc.setDoOutput(true); - OutputStream os = huc.getOutputStream(); - String data = "username=" + URLEncoder.encode(email, "UTF-8") - + "&password=" + URLEncoder.encode(pw, "UTF-8"); - os.write(data.getBytes()); - os.flush(); - String headerField = huc.getHeaderField("Set-Cookie"); - headerField = headerField.substring(0, headerField.indexOf(';')); - return headerField; - } + @Test + public void testLoginUnverified() throws IOException { + String email = createUniqueName() + "@testmail.org"; + registerUser("an", "bn", email, TEST_PASSWORD); + getMailReceiver().receive(); + assertFalse(isLoggedin(login(email, TEST_PASSWORD))); + } + + @Test + public void testLoginVerified() throws IOException { + String email = createUniqueName() + "@testmail.org"; + createVerifiedUser("an", "bn", email, TEST_PASSWORD); + assertTrue(isLoggedin(login(email, TEST_PASSWORD))); + } + + @Test + public void testLoginRedirectBack() throws IOException { + String email = createUniqueName() + "@testmail.org"; + createVerifiedUser("an", "bn", email, TEST_PASSWORD); + + URL u0 = new URL("https://" + getServerName() + SECURE_REFERENCE); + HttpURLConnection huc0 = (HttpURLConnection) u0.openConnection(); + String headerField = stripCookie(huc0.getHeaderField("Set-Cookie")); + + HttpURLConnection huc = post(headerField, "/login", "username=" + URLEncoder.encode(email, "UTF-8") + "&password=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8"), 0); + + headerField = huc.getHeaderField("Set-Cookie"); + assertNotNull(headerField); + assertEquals(302, huc.getResponseCode()); + assertEquals("https://" + getServerName().replaceFirst(":443$", "") + SECURE_REFERENCE, huc.getHeaderField("Location")); + } + + @Test + public void testLoginWrongPassword() throws IOException { + String email = createUniqueName() + "@testmail.org"; + createVerifiedUser("an", "bn", email, TEST_PASSWORD); + assertFalse(isLoggedin(login(email, TEST_PASSWORD + "b"))); + } + + @Test + public void testLogoutVerified() throws IOException { + String email = createUniqueName() + "@testmail.org"; + createVerifiedUser("an", "bn", email, TEST_PASSWORD); + String cookie = login(email, TEST_PASSWORD); + assertTrue(isLoggedin(cookie)); + logout(cookie); + assertFalse(isLoggedin(cookie)); + } + + private void logout(String cookie) throws IOException { + get(cookie, "/logout").getHeaderField("Location"); + } + + @Test + public void testLoginMethodDisplay() throws IOException { + String email = createUniqueName() + "@testmail.org"; + createVerifiedUser("an", "bn", email, TEST_PASSWORD); + String l = login(email, TEST_PASSWORD); + URLConnection c = get(l, ""); + String readURL = IOUtils.readURL(c); + assertThat(readURL, containsString("Password")); + } + + @Test + public void testLoginCertificate() throws IOException, GeneralSecurityException, GigiApiException, InterruptedException { + String email = createUniqueName() + "@testmail.org"; + int user = createVerifiedUser("an", "bn", email, TEST_PASSWORD); + KeyPair kp = generateKeypair(); + String csr = generatePEMCSR(kp, "CN=hans"); + User u = User.getById(user); + Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "hans"), Digest.SHA256, csr, CSRType.CSR, CertificateProfile.getById(1)); + final PrivateKey pk = kp.getPrivate(); + await(c.issue(null, "2y", u)); + final X509Certificate ce = c.cert(); + c.setLoginEnabled(true); + String cookie = login(pk, ce); + URL u2 = new URL("https://" + getServerName().replaceFirst("^www.", "secure.") + SECURE_REFERENCE); + HttpURLConnection huc = (HttpURLConnection) u2.openConnection(); + huc.addRequestProperty("Cookie", cookie); + authenticateClientCert(pk, ce, huc); + assertEquals(200, huc.getResponseCode()); + } }