src/test/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojoTest.java - maven-jarsigner-plugin - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.maven.plugins.jarsigner;

 import java.io.File;
 import java.util.LinkedHashMap;
 import java.util.Map;

 import org.apache.maven.artifact.Artifact;
 import org.apache.maven.plugin.MojoExecutionException;
 import org.apache.maven.plugin.logging.Log;
 import org.apache.maven.project.MavenProject;
 import org.apache.maven.shared.jarsigner.JarSigner;
 import org.apache.maven.shared.jarsigner.JarSignerVerifyRequest;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
 import org.mockito.ArgumentCaptor;
 import org.mockito.hamcrest.MockitoHamcrest;

 import static org.apache.maven.plugins.jarsigner.TestJavaToolResults.RESULT_ERROR;
 import static org.apache.maven.plugins.jarsigner.TestJavaToolResults.RESULT_OK;
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.startsWith;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.junit.Assert.*;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.argThat;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;

 public class JarsignerVerifyMojoTest {

     @Rule
     public TemporaryFolder folder = new TemporaryFolder();

     private MavenProject project = mock(MavenProject.class);
     private JarSigner jarSigner = mock(JarSigner.class);
     private File dummyMavenProjectDir;
     private Map<String, String> configuration = new LinkedHashMap<>();
     private Log log;
     private MojoTestCreator<JarsignerVerifyMojo> mojoTestCreator;

     @Before
     public void setUp() throws Exception {
         dummyMavenProjectDir = folder.newFolder("dummy-project");
         mojoTestCreator = new MojoTestCreator<JarsignerVerifyMojo>(
                 JarsignerVerifyMojo.class, project, dummyMavenProjectDir, jarSigner);
         log = mock(Log.class);
         mojoTestCreator.setLog(log);
     }

     /** Standard Java project with nothing special configured */
     @Test
     public void testStandardJavaProject() throws Exception {
         Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
         when(project.getArtifact()).thenReturn(mainArtifact);
         when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
         JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

         mojo.execute();

         ArgumentCaptor<JarSignerVerifyRequest> requestArgument = ArgumentCaptor.forClass(JarSignerVerifyRequest.class);
         verify(jarSigner).execute(requestArgument.capture());
         JarSignerVerifyRequest request = requestArgument.getValue();

         assertFalse(request.isVerbose());
         assertNull(request.getKeystore());
         assertNull(request.getStoretype());
         assertNull(request.getStorepass());
         assertNull(request.getAlias());
         assertNull(request.getProviderName());
         assertNull(request.getProviderClass());
         assertNull(request.getProviderArg());
         assertNull(request.getMaxMemory());
         assertThat(request.getArguments()[0], startsWith("-J-Dfile.encoding="));
         assertEquals(dummyMavenProjectDir, request.getWorkingDirectory());
         assertEquals(mainArtifact.getFile(), request.getArchive());
         assertFalse(request.isProtectedAuthenticationPath());

         assertFalse(request.isCerts()); // Only verify specific parameter
     }

     /** Invocing jarsigner with the -certs parameter */
     @Test
     public void testCertsTrue() throws Exception {
         Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
         when(project.getArtifact()).thenReturn(mainArtifact);
         when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
         configuration.put("certs", "true");
         JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

         mojo.execute();

         verify(jarSigner).execute(argThat(request -> ((JarSignerVerifyRequest) request).isCerts()));
     }

     /** When the jarsigner signing verification check tells there is a problem with the signing of the file */
     @Test
     public void testVerifyFailure() throws Exception {
         Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
         when(project.getArtifact()).thenReturn(mainArtifact);
         when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_ERROR);
         JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

         MojoExecutionException mojoException = assertThrows(MojoExecutionException.class, () -> {
             mojo.execute();
         });
         assertThat(mojoException.getMessage(), containsString(String.valueOf(RESULT_ERROR.getExitCode())));
         assertThat(
                 mojoException.getMessage(),
                 containsString(RESULT_ERROR.getCommandline().toString()));
     }

     /** When setting errorWhenNotSigned, for file that has existing signing (should not fail) */
     @Test
     public void testErrorWhenNotSignedOnExistingSigning() throws Exception {
         File signedJar = TestArtifacts.createDummySignedJarFile(new File(dummyMavenProjectDir, "my-project.jar"));
         Artifact mainArtifact = TestArtifacts.createArtifact(signedJar);
         when(project.getArtifact()).thenReturn(mainArtifact);
         when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
         configuration.put("errorWhenNotSigned", "true");

         JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

         mojo.execute();

         verify(jarSigner).execute(MockitoHamcrest.argThat(RequestMatchers.hasFileName("my-project.jar")));
     }

     /** When setting errorWhenNotSigned, for file that does not have existing signing (should fail) */
     @Test
     public void testErrorWhenNotSignedOnNonExistingSigning() throws Exception {
         Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
         when(project.getArtifact()).thenReturn(mainArtifact);
         when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
         configuration.put("errorWhenNotSigned", "true");

         JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

         MojoExecutionException mojoException = assertThrows(MojoExecutionException.class, () -> {
             mojo.execute();
         });
         assertThat(
                 mojoException.getMessage(),
                 containsString(mainArtifact.getFile().getPath()));
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.maven.plugins.jarsigner;

	import java.io.File;
	import java.util.LinkedHashMap;
	import java.util.Map;

	import org.apache.maven.artifact.Artifact;
	import org.apache.maven.plugin.MojoExecutionException;
	import org.apache.maven.plugin.logging.Log;
	import org.apache.maven.project.MavenProject;
	import org.apache.maven.shared.jarsigner.JarSigner;
	import org.apache.maven.shared.jarsigner.JarSignerVerifyRequest;
	import org.junit.Before;
	import org.junit.Rule;
	import org.junit.Test;
	import org.junit.rules.TemporaryFolder;
	import org.mockito.ArgumentCaptor;
	import org.mockito.hamcrest.MockitoHamcrest;

	import static org.apache.maven.plugins.jarsigner.TestJavaToolResults.RESULT_ERROR;
	import static org.apache.maven.plugins.jarsigner.TestJavaToolResults.RESULT_OK;
	import static org.hamcrest.CoreMatchers.containsString;
	import static org.hamcrest.CoreMatchers.startsWith;
	import static org.hamcrest.MatcherAssert.assertThat;
	import static org.junit.Assert.*;
	import static org.mockito.ArgumentMatchers.any;
	import static org.mockito.ArgumentMatchers.argThat;
	import static org.mockito.Mockito.mock;
	import static org.mockito.Mockito.verify;
	import static org.mockito.Mockito.when;

	public class JarsignerVerifyMojoTest {

	@Rule
	public TemporaryFolder folder = new TemporaryFolder();

	private MavenProject project = mock(MavenProject.class);
	private JarSigner jarSigner = mock(JarSigner.class);
	private File dummyMavenProjectDir;
	private Map<String, String> configuration = new LinkedHashMap<>();
	private Log log;
	private MojoTestCreator<JarsignerVerifyMojo> mojoTestCreator;

	@Before
	public void setUp() throws Exception {
	dummyMavenProjectDir = folder.newFolder("dummy-project");
	mojoTestCreator = new MojoTestCreator<JarsignerVerifyMojo>(
	JarsignerVerifyMojo.class, project, dummyMavenProjectDir, jarSigner);
	log = mock(Log.class);
	mojoTestCreator.setLog(log);
	}

	/** Standard Java project with nothing special configured */
	@Test
	public void testStandardJavaProject() throws Exception {
	Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
	when(project.getArtifact()).thenReturn(mainArtifact);
	when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
	JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

	mojo.execute();

	ArgumentCaptor<JarSignerVerifyRequest> requestArgument = ArgumentCaptor.forClass(JarSignerVerifyRequest.class);
	verify(jarSigner).execute(requestArgument.capture());
	JarSignerVerifyRequest request = requestArgument.getValue();

	assertFalse(request.isVerbose());
	assertNull(request.getKeystore());
	assertNull(request.getStoretype());
	assertNull(request.getStorepass());
	assertNull(request.getAlias());
	assertNull(request.getProviderName());
	assertNull(request.getProviderClass());
	assertNull(request.getProviderArg());
	assertNull(request.getMaxMemory());
	assertThat(request.getArguments()[0], startsWith("-J-Dfile.encoding="));
	assertEquals(dummyMavenProjectDir, request.getWorkingDirectory());
	assertEquals(mainArtifact.getFile(), request.getArchive());
	assertFalse(request.isProtectedAuthenticationPath());

	assertFalse(request.isCerts()); // Only verify specific parameter
	}

	/** Invocing jarsigner with the -certs parameter */
	@Test
	public void testCertsTrue() throws Exception {
	Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
	when(project.getArtifact()).thenReturn(mainArtifact);
	when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
	configuration.put("certs", "true");
	JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

	mojo.execute();

	verify(jarSigner).execute(argThat(request -> ((JarSignerVerifyRequest) request).isCerts()));
	}

	/** When the jarsigner signing verification check tells there is a problem with the signing of the file */
	@Test
	public void testVerifyFailure() throws Exception {
	Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
	when(project.getArtifact()).thenReturn(mainArtifact);
	when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_ERROR);
	JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

	MojoExecutionException mojoException = assertThrows(MojoExecutionException.class, () -> {
	mojo.execute();
	});
	assertThat(mojoException.getMessage(), containsString(String.valueOf(RESULT_ERROR.getExitCode())));
	assertThat(
	mojoException.getMessage(),
	containsString(RESULT_ERROR.getCommandline().toString()));
	}

	/** When setting errorWhenNotSigned, for file that has existing signing (should not fail) */
	@Test
	public void testErrorWhenNotSignedOnExistingSigning() throws Exception {
	File signedJar = TestArtifacts.createDummySignedJarFile(new File(dummyMavenProjectDir, "my-project.jar"));
	Artifact mainArtifact = TestArtifacts.createArtifact(signedJar);
	when(project.getArtifact()).thenReturn(mainArtifact);
	when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
	configuration.put("errorWhenNotSigned", "true");

	JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

	mojo.execute();

	verify(jarSigner).execute(MockitoHamcrest.argThat(RequestMatchers.hasFileName("my-project.jar")));
	}

	/** When setting errorWhenNotSigned, for file that does not have existing signing (should fail) */
	@Test
	public void testErrorWhenNotSignedOnNonExistingSigning() throws Exception {
	Artifact mainArtifact = TestArtifacts.createJarArtifact(dummyMavenProjectDir, "my-project.jar");
	when(project.getArtifact()).thenReturn(mainArtifact);
	when(jarSigner.execute(any(JarSignerVerifyRequest.class))).thenReturn(RESULT_OK);
	configuration.put("errorWhenNotSigned", "true");

	JarsignerVerifyMojo mojo = mojoTestCreator.configure(configuration);

	MojoExecutionException mojoException = assertThrows(MojoExecutionException.class, () -> {
	mojo.execute();
	});
	assertThat(
	mojoException.getMessage(),
	containsString(mainArtifact.getFile().getPath()));
	}
	}