server/protocols/jmap-rfc-8621/src/test/scala/org/apache/james/jmap/pushsubscription/SafeWebPushClientContract.scala - james-project - Git at Google

 /****************************************************************
  * Licensed to the Apache Software Foundation (ASF) under one   *
  * or more contributor license agreements.  See the NOTICE file *
  * distributed with this work for additional information        *
  * regarding copyright ownership.  The ASF licenses this file   *
  * to you under the Apache License, Version 2.0 (the            *
  * "License"); you may not use this file except in compliance   *
  * with the License.  You may obtain a copy of the License at   *
  *                                                              *
  * http://www.apache.org/licenses/LICENSE-2.0                   *
  *                                                              *
  * Unless required by applicable law or agreed to in writing,   *
  * software distributed under the License is distributed on an  *
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY       *
  * KIND, either express or implied.  See the License for the    *
  * specific language governing permissions and limitations      *
  * under the License.                                           *
  ****************************************************************/

 package org.apache.james.jmap.pushsubscription

 import java.net.URI
 import java.nio.charset.StandardCharsets

 import org.apache.james.jmap.api.model.PushSubscriptionServerURL
 import org.apache.james.jmap.pushsubscription.WebPushClientTestFixture.PUSH_REQUEST_SAMPLE
 import org.assertj.core.api.Assertions.assertThatThrownBy
 import org.junit.jupiter.params.ParameterizedTest
 import org.junit.jupiter.params.provider.ValueSource
 import reactor.core.publisher.Mono

 object SafeWebPushClientTestFixture {
   val PUSH_CLIENT_CONFIGURATION: PushClientConfiguration =
     PushClientConfiguration(
       maxTimeoutSeconds = Some(10),
       maxConnections = Some(10))

   val PUSH_REQUEST_SAMPLE: PushRequest = PushRequest(
     ttl = PushTTL.validate(15).toOption.get,
     topic = PushTopic.validate("topicabc").toOption,
     urgency = Some(High),
     payload = "Content123".getBytes(StandardCharsets.UTF_8))
 }

 trait SafeWebPushClientContract {
   def testee: WebPushClient

   @ParameterizedTest
   @ValueSource(strings = Array("127.0.0.1", "127.0.0.9", "10.9.0.3", "192.168.102.35"))
   def serverSideRequestForgeryAttemptsShouldBeRejected(ip: String): Unit = {
     assertThatThrownBy(() => Mono.from(testee.push(PushSubscriptionServerURL(new URI(s"http://$ip").toURL), PUSH_REQUEST_SAMPLE)).block)
       .isInstanceOf(classOf[IllegalArgumentException])
   }
 }
	/****************************************************************
	* Licensed to the Apache Software Foundation (ASF) under one *
	* or more contributor license agreements. See the NOTICE file *
	* distributed with this work for additional information *
	* regarding copyright ownership. The ASF licenses this file *
	* to you under the Apache License, Version 2.0 (the *
	* "License"); you may not use this file except in compliance *
	* with the License. You may obtain a copy of the License at *
	* *
	* http://www.apache.org/licenses/LICENSE-2.0 *
	* *
	* Unless required by applicable law or agreed to in writing, *
	* software distributed under the License is distributed on an *
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY *
	* KIND, either express or implied. See the License for the *
	* specific language governing permissions and limitations *
	* under the License. *
	****************************************************************/

	package org.apache.james.jmap.pushsubscription

	import java.net.URI
	import java.nio.charset.StandardCharsets

	import org.apache.james.jmap.api.model.PushSubscriptionServerURL
	import org.apache.james.jmap.pushsubscription.WebPushClientTestFixture.PUSH_REQUEST_SAMPLE
	import org.assertj.core.api.Assertions.assertThatThrownBy
	import org.junit.jupiter.params.ParameterizedTest
	import org.junit.jupiter.params.provider.ValueSource
	import reactor.core.publisher.Mono

	object SafeWebPushClientTestFixture {
	val PUSH_CLIENT_CONFIGURATION: PushClientConfiguration =
	PushClientConfiguration(
	maxTimeoutSeconds = Some(10),
	maxConnections = Some(10))

	val PUSH_REQUEST_SAMPLE: PushRequest = PushRequest(
	ttl = PushTTL.validate(15).toOption.get,
	topic = PushTopic.validate("topicabc").toOption,
	urgency = Some(High),
	payload = "Content123".getBytes(StandardCharsets.UTF_8))
	}

	trait SafeWebPushClientContract {
	def testee: WebPushClient

	@ParameterizedTest
	@ValueSource(strings = Array("127.0.0.1", "127.0.0.9", "10.9.0.3", "192.168.102.35"))
	def serverSideRequestForgeryAttemptsShouldBeRejected(ip: String): Unit = {
	assertThatThrownBy(() => Mono.from(testee.push(PushSubscriptionServerURL(new URI(s"http://$ip").toURL), PUSH_REQUEST_SAMPLE)).block)
	.isInstanceOf(classOf[IllegalArgumentException])
	}
	}