Google Git
Sign in
apache / maven-integration-testing / refs/heads/master / . / core-it-suite / src / test / java / org / apache / maven / it / MavenITmng0553SettingsAuthzEncryptionTest.java
blob: b360619d4c97bb20d25383868e8438567403babb [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.maven.it;
import java.io.File;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.maven.shared.verifier.Verifier;
import org.apache.maven.shared.verifier.util.ResourceExtractor;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.security.UserStore;
import org.eclipse.jetty.server.NetworkConnector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.ResourceHandler;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Password;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
/**
* This is a test set for <a href="https://issues.apache.org/jira/browse/MNG-553">MNG-553</a>.
*
* @author Benjamin Bentmann
*/
public class MavenITmng0553SettingsAuthzEncryptionTest extends AbstractMavenIntegrationTestCase {
private File testDir;
private Server server;
private int port;
public MavenITmng0553SettingsAuthzEncryptionTest() {
super("[2.1.0,3.0-alpha-1),[3.0-alpha-3,)");
}
@BeforeEach
protected void setUp() throws Exception {
testDir = ResourceExtractor.simpleExtractResources(getClass(), "/mng-0553");
Constraint constraint = new Constraint(__BASIC_AUTH, "user");
constraint.setAuthenticate(true);
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setConstraint(constraint);
constraintMapping.setPathSpec("/*");
HashLoginService userRealm = new HashLoginService("TestRealm");
UserStore userStore = new UserStore();
userStore.addUser("testuser", new Password("testtest"), new String[] {"user"});
userRealm.setUserStore(userStore);
server = new Server(0);
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.setLoginService(userRealm);
securityHandler.setAuthMethod(__BASIC_AUTH);
securityHandler.setConstraintMappings(new ConstraintMapping[] {constraintMapping});
ResourceHandler repoHandler = new ResourceHandler();
repoHandler.setResourceBase(new File(testDir, "repo").getAbsolutePath());
HandlerList handlerList = new HandlerList();
handlerList.addHandler(securityHandler);
handlerList.addHandler(repoHandler);
handlerList.addHandler(new DefaultHandler());
server.setHandler(handlerList);
server.start();
if (server.isFailed()) {
fail("Couldn't bind the server socket to a free port!");
}
port = ((NetworkConnector) server.getConnectors()[0]).getLocalPort();
System.out.println("Bound server socket to the port " + port);
}
@AfterEach
protected void tearDown() throws Exception {
if (server != null) {
server.stop();
server.join();
}
}
/**
* Test that the encrypted auth infos given in the settings.xml are decrypted.
*
* @throws Exception in case of failure
*/
@Test
public void testitBasic() throws Exception {
testDir = new File(testDir, "test-1");
Map<String, String> filterProps = new HashMap<>();
filterProps.put("@port@", Integer.toString(port));
Verifier verifier = newVerifier(testDir.getAbsolutePath());
verifier.setAutoclean(false);
verifier.deleteArtifacts("org.apache.maven.its.mng0553");
verifier.verifyArtifactNotPresent("org.apache.maven.its.mng0553", "a", "0.1-SNAPSHOT", "jar");
verifier.filterFile("settings-template.xml", "settings.xml", "UTF-8", filterProps);
ItUtils.setUserHome(verifier, new File(testDir, "userhome"));
verifier.addCliArgument("--settings");
verifier.addCliArgument("settings.xml");
verifier.addCliArgument("validate");
verifier.execute();
verifier.verifyErrorFreeLog();
verifier.verifyArtifactPresent("org.apache.maven.its.mng0553", "a", "0.1-SNAPSHOT", "jar");
}
/**
* Test that the encrypted auth infos given in the settings.xml are decrypted when the master password resides
* in an external file.
*
* @throws Exception in case of failure
*/
@Test
public void testitRelocation() throws Exception {
testDir = new File(testDir, "test-2");
Map<String, String> filterProps = new HashMap<>();
filterProps.put("@port@", Integer.toString(port));
// NOTE: The upper-case scheme name is essential part of the test
String secUrl = "FILE://"
+ new File(testDir, "relocated-settings-security.xml").toURI().getRawPath();
filterProps.put("@relocation@", secUrl);
Verifier verifier = newVerifier(testDir.getAbsolutePath());
verifier.setAutoclean(false);
verifier.deleteArtifacts("org.apache.maven.its.mng0553");
verifier.verifyArtifactNotPresent("org.apache.maven.its.mng0553", "a", "0.1-SNAPSHOT", "jar");
// NOTE: The tilde ~ in the file name is essential part of the test
verifier.filterFile("security-template.xml", "settings~security.xml", "UTF-8", filterProps);
verifier.filterFile("settings-template.xml", "settings.xml", "UTF-8", filterProps);
verifier.addCliArgument("--settings");
verifier.addCliArgument("settings.xml");
// NOTE: The selection of the Turkish language for the JVM locale is essential part of the test
verifier.setEnvironmentVariable(
"MAVEN_OPTS",
"-Dsettings.security=" + new File(testDir, "settings~security.xml").getAbsolutePath()
+ " -Duser.language=tr");
verifier.addCliArgument("validate");
verifier.execute();
verifier.verifyErrorFreeLog();
verifier.verifyArtifactPresent("org.apache.maven.its.mng0553", "a", "0.1-SNAPSHOT", "jar");
}
/**
* Test that the CLI supports generation of encrypted (master) passwords.
*
* @throws Exception in case of failure
*/
@Test
public void testitEncryption() throws Exception {
requiresMavenVersion("[2.1.0,3.0-alpha-1),[3.0-alpha-7,)");
testDir = new File(testDir, "test-3");
Verifier verifier = newVerifier(testDir.getAbsolutePath());
verifier.setAutoclean(false);
ItUtils.setUserHome(verifier, new File(testDir, "userhome"));
verifier.addCliArgument("--encrypt-master-password");
verifier.addCliArgument("test");
verifier.setLogFileName("log-emp.txt");
verifier.addCliArgument("-e");
verifier.execute();
verifier.verifyErrorFreeLog();
List<String> log = verifier.loadLines(verifier.getLogFileName(), null);
assertNotNull(findPassword(log));
verifier = newVerifier(testDir.getAbsolutePath());
verifier.setAutoclean(false);
ItUtils.setUserHome(verifier, new File(testDir, "userhome"));
verifier.addCliArgument("--encrypt-password");
verifier.addCliArgument("testpass");
verifier.setLogFileName("log-ep.txt");
verifier.addCliArgument("-e");
verifier.execute();
verifier.verifyErrorFreeLog();
log = verifier.loadLines(verifier.getLogFileName(), null);
assertNotNull(findPassword(log));
}
private String findPassword(List<String> log) {
for (String line : log) {
if (line.matches(".*\\{[A-Za-z0-9+/=]+\\}.*")) {
return line;
}
}
return null;
}
}