core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4235HttpAuthDeploymentChecksumsTest.java - maven-integration-testing - Git at Google

 package org.apache.maven.it;

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 import org.apache.maven.it.util.ResourceExtractor;
 import org.apache.maven.it.utils.DeployedResource;
 import org.codehaus.plexus.util.StringUtils;
 import org.mortbay.jetty.HttpMethods;
 import org.mortbay.jetty.Request;
 import org.mortbay.jetty.Server;
 import org.mortbay.jetty.handler.DefaultHandler;
 import org.mortbay.jetty.handler.HandlerList;
 import org.mortbay.jetty.handler.ResourceHandler;
 import org.mortbay.jetty.security.Constraint;
 import org.mortbay.jetty.security.ConstraintMapping;
 import org.mortbay.jetty.security.HashUserRealm;
 import org.mortbay.jetty.security.SecurityHandler;
 import org.mortbay.resource.Resource;
 import org.mortbay.util.IO;

 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.File;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Properties;

 /**
  * This is a test set for <a href="https://issues.apache.org/jira/browse/MNG-4235">MNG-4235</a>.
  *
  * @author Benjamin Bentmann
  * @version $Id$
  */
 public class MavenITmng4235HttpAuthDeploymentChecksumsTest
     extends AbstractMavenIntegrationTestCase
 {

     private File testDir;

     private Server server;

     private int port;

     RepoHandler repoHandler = new RepoHandler();

     public MavenITmng4235HttpAuthDeploymentChecksumsTest()
     {
         super( "[2.0.5,2.2.0),(2.2.0,)" );
     }

     public void setUp()
         throws Exception
     {
         super.setUp();

         testDir = ResourceExtractor.simpleExtractResources( getClass(), "/mng-4235" );

         repoHandler.setResourceBase( testDir.getAbsolutePath() );

         Constraint constraint = new Constraint();
         constraint.setName( Constraint.__BASIC_AUTH );
         constraint.setRoles( new String[]{ "deployer" } );
         constraint.setAuthenticate( true );

         ConstraintMapping constraintMapping = new ConstraintMapping();
         constraintMapping.setConstraint( constraint );
         constraintMapping.setPathSpec( "/*" );

         HashUserRealm userRealm = new HashUserRealm( "TestRealm" );
         userRealm.put( "testuser", "testpass" );
         userRealm.addUserToRole( "testuser", "deployer" );

         SecurityHandler securityHandler = new SecurityHandler();
         securityHandler.setUserRealm( userRealm );
         securityHandler.setConstraintMappings( new ConstraintMapping[]{ constraintMapping } );

         HandlerList handlerList = new HandlerList();
         handlerList.addHandler( securityHandler );
         handlerList.addHandler( repoHandler );
         handlerList.addHandler( new DefaultHandler() );

         server = new Server( 0 );
         server.setHandler( handlerList );
         server.start();

         port = server.getConnectors()[0].getLocalPort();
     }

     protected void tearDown()
         throws Exception
     {
         if ( server != null )
         {
             server.stop();
             server = null;
         }

         super.tearDown();
     }

     /**
      * Test the creation of proper checksums during deployment to a secured HTTP repo. The pitfall with HTTP auth is
      * that it might require double submission of the data, first during an initial PUT without credentials and second
      * during a retried PUT with credentials in response to the auth challenge by the server. The checksum must
      * nevertheless only be calculated on the non-doubled data stream.
      */
     public void testit()
         throws Exception
     {
         Properties filterProps = new Properties();
         filterProps.setProperty( "@port@", Integer.toString( port ) );

         Verifier verifier = newVerifier( testDir.getAbsolutePath() );
         verifier.filterFile( "pom-template.xml", "pom.xml", "UTF-8", filterProps );
         verifier.setAutoclean( false );
         verifier.deleteArtifacts( "org.apache.maven.its.mng4235" );
         verifier.deleteDirectory( "repo" );
         verifier.addCliOption( "--settings" );
         verifier.addCliOption( "settings.xml" );
         verifier.executeGoal( "validate" );
         verifier.verifyErrorFreeLog();
         verifier.resetStreams();

         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".sha1", "SHA-1" );
         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".md5", "MD5" );

         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".sha1", "SHA-1" );
         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".md5", "MD5" );

         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".sha1", "SHA-1" );
         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".md5", "MD5" );

         for ( DeployedResource deployedResource : repoHandler.deployedResources )
         {
             if ( StringUtils.equalsIgnoreCase( "chunked", deployedResource.transferEncoding ) )
             {
                 fail( "deployedResource " + deployedResource
                           + " use chuncked transfert encoding some http server doesn't support that" );
             }
         }
     }

     private void assertHash( Verifier verifier, String dataFile, String hashExt, String algo )
         throws Exception
     {
         String actualHash = ItUtils.calcHash( new File( verifier.getBasedir(), dataFile ), algo );

         String expectedHash = verifier.loadLines( dataFile + hashExt, "UTF-8" ).get( 0 ).toString().trim();

         assertTrue( "expected=" + expectedHash + ", actual=" + actualHash,
                     expectedHash.equalsIgnoreCase( actualHash ) );
     }


     public static class RepoHandler
         extends ResourceHandler
     {
         List<DeployedResource> deployedResources = new ArrayList<>();

         public void handle( String target, HttpServletRequest request, HttpServletResponse response, int dispatch )
             throws IOException, ServletException
         {
             System.out.println( request.getMethod() + " " + request.getRequestURI() );

             if ( HttpMethods.PUT.equals( request.getMethod() ) )
             {
                 Resource resource = getResource( request );

                 // NOTE: This can get called concurrently but File.mkdirs() isn't thread-safe in all JREs
                 File dir = resource.getFile().getParentFile();
                 for ( int i = 0; i < 10 && !dir.exists(); i++ )
                 {
                     dir.mkdirs();
                 }

                 request.getContentLength();

                 try ( OutputStream os = resource.getOutputStream() )
                 {
                     IO.copy( request.getInputStream(), os );
                 }

                 DeployedResource deployedResource = new DeployedResource();

                 deployedResource.httpMethod = request.getMethod();
                 deployedResource.requestUri = request.getRequestURI();
                 deployedResource.transferEncoding = request.getHeader( "Transfer-Encoding" );
                 deployedResource.contentLength = request.getHeader( "Content-Length" );

                 deployedResources.add( deployedResource );

                 response.setStatus( HttpServletResponse.SC_NO_CONTENT );

                 ( (Request) request ).setHandled( true );
             }
             else
             {
                 super.handle( target, request, response, dispatch );
             }
         }
     }


 }
	package org.apache.maven.it;

	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	import org.apache.maven.it.util.ResourceExtractor;
	import org.apache.maven.it.utils.DeployedResource;
	import org.codehaus.plexus.util.StringUtils;
	import org.mortbay.jetty.HttpMethods;
	import org.mortbay.jetty.Request;
	import org.mortbay.jetty.Server;
	import org.mortbay.jetty.handler.DefaultHandler;
	import org.mortbay.jetty.handler.HandlerList;
	import org.mortbay.jetty.handler.ResourceHandler;
	import org.mortbay.jetty.security.Constraint;
	import org.mortbay.jetty.security.ConstraintMapping;
	import org.mortbay.jetty.security.HashUserRealm;
	import org.mortbay.jetty.security.SecurityHandler;
	import org.mortbay.resource.Resource;
	import org.mortbay.util.IO;

	import javax.servlet.ServletException;
	import javax.servlet.http.HttpServletRequest;
	import javax.servlet.http.HttpServletResponse;
	import java.io.File;
	import java.io.IOException;
	import java.io.OutputStream;
	import java.util.ArrayList;
	import java.util.List;
	import java.util.Properties;

	/**
	* This is a test set for <a href="https://issues.apache.org/jira/browse/MNG-4235">MNG-4235</a>.
	*
	* @author Benjamin Bentmann
	* @version $Id$
	*/
	public class MavenITmng4235HttpAuthDeploymentChecksumsTest
	extends AbstractMavenIntegrationTestCase
	{

	private File testDir;

	private Server server;

	private int port;

	RepoHandler repoHandler = new RepoHandler();

	public MavenITmng4235HttpAuthDeploymentChecksumsTest()
	{
	super( "[2.0.5,2.2.0),(2.2.0,)" );
	}

	public void setUp()
	throws Exception
	{
	super.setUp();

	testDir = ResourceExtractor.simpleExtractResources( getClass(), "/mng-4235" );

	repoHandler.setResourceBase( testDir.getAbsolutePath() );

	Constraint constraint = new Constraint();
	constraint.setName( Constraint.__BASIC_AUTH );
	constraint.setRoles( new String[]{ "deployer" } );
	constraint.setAuthenticate( true );

	ConstraintMapping constraintMapping = new ConstraintMapping();
	constraintMapping.setConstraint( constraint );
	constraintMapping.setPathSpec( "/*" );

	HashUserRealm userRealm = new HashUserRealm( "TestRealm" );
	userRealm.put( "testuser", "testpass" );
	userRealm.addUserToRole( "testuser", "deployer" );

	SecurityHandler securityHandler = new SecurityHandler();
	securityHandler.setUserRealm( userRealm );
	securityHandler.setConstraintMappings( new ConstraintMapping[]{ constraintMapping } );

	HandlerList handlerList = new HandlerList();
	handlerList.addHandler( securityHandler );
	handlerList.addHandler( repoHandler );
	handlerList.addHandler( new DefaultHandler() );

	server = new Server( 0 );
	server.setHandler( handlerList );
	server.start();

	port = server.getConnectors()[0].getLocalPort();
	}

	protected void tearDown()
	throws Exception
	{
	if ( server != null )
	{
	server.stop();
	server = null;
	}

	super.tearDown();
	}

	/**
	* Test the creation of proper checksums during deployment to a secured HTTP repo. The pitfall with HTTP auth is
	* that it might require double submission of the data, first during an initial PUT without credentials and second
	* during a retried PUT with credentials in response to the auth challenge by the server. The checksum must
	* nevertheless only be calculated on the non-doubled data stream.
	*/
	public void testit()
	throws Exception
	{
	Properties filterProps = new Properties();
	filterProps.setProperty( "@port@", Integer.toString( port ) );

	Verifier verifier = newVerifier( testDir.getAbsolutePath() );
	verifier.filterFile( "pom-template.xml", "pom.xml", "UTF-8", filterProps );
	verifier.setAutoclean( false );
	verifier.deleteArtifacts( "org.apache.maven.its.mng4235" );
	verifier.deleteDirectory( "repo" );
	verifier.addCliOption( "--settings" );
	verifier.addCliOption( "settings.xml" );
	verifier.executeGoal( "validate" );
	verifier.verifyErrorFreeLog();
	verifier.resetStreams();

	assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".sha1", "SHA-1" );
	assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".md5", "MD5" );

	assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".sha1", "SHA-1" );
	assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".md5", "MD5" );

	assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".sha1", "SHA-1" );
	assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".md5", "MD5" );

	for ( DeployedResource deployedResource : repoHandler.deployedResources )
	{
	if ( StringUtils.equalsIgnoreCase( "chunked", deployedResource.transferEncoding ) )
	{
	fail( "deployedResource " + deployedResource
	+ " use chuncked transfert encoding some http server doesn't support that" );
	}
	}
	}

	private void assertHash( Verifier verifier, String dataFile, String hashExt, String algo )
	throws Exception
	{
	String actualHash = ItUtils.calcHash( new File( verifier.getBasedir(), dataFile ), algo );

	String expectedHash = verifier.loadLines( dataFile + hashExt, "UTF-8" ).get( 0 ).toString().trim();

	assertTrue( "expected=" + expectedHash + ", actual=" + actualHash,
	expectedHash.equalsIgnoreCase( actualHash ) );
	}


	public static class RepoHandler
	extends ResourceHandler
	{
	List<DeployedResource> deployedResources = new ArrayList<>();

	public void handle( String target, HttpServletRequest request, HttpServletResponse response, int dispatch )
	throws IOException, ServletException
	{
	System.out.println( request.getMethod() + " " + request.getRequestURI() );

	if ( HttpMethods.PUT.equals( request.getMethod() ) )
	{
	Resource resource = getResource( request );

	// NOTE: This can get called concurrently but File.mkdirs() isn't thread-safe in all JREs
	File dir = resource.getFile().getParentFile();
	for ( int i = 0; i < 10 && !dir.exists(); i++ )
	{
	dir.mkdirs();
	}

	request.getContentLength();

	try ( OutputStream os = resource.getOutputStream() )
	{
	IO.copy( request.getInputStream(), os );
	}

	DeployedResource deployedResource = new DeployedResource();

	deployedResource.httpMethod = request.getMethod();
	deployedResource.requestUri = request.getRequestURI();
	deployedResource.transferEncoding = request.getHeader( "Transfer-Encoding" );
	deployedResource.contentLength = request.getHeader( "Content-Length" );

	deployedResources.add( deployedResource );

	response.setStatus( HttpServletResponse.SC_NO_CONTENT );

	( (Request) request ).setHandled( true );
	}
	else
	{
	super.handle( target, request, response, dispatch );
	}
	}
	}


	}