broker-core/src/test/java/org/apache/qpid/server/security/auth/sasl/plain/PlainNegotiatorTest.java - qpid-broker-j - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  *
  */

 package org.apache.qpid.server.security.auth.sasl.plain;

 import static java.nio.charset.StandardCharsets.US_ASCII;
 import static org.junit.Assert.assertArrayEquals;
 import static org.junit.Assert.assertEquals;
 import static org.mockito.AdditionalMatchers.not;
 import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;

 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;

 import org.apache.qpid.server.security.auth.AuthenticationResult;
 import org.apache.qpid.server.security.auth.manager.UsernamePasswordAuthenticationProvider;
 import org.apache.qpid.test.utils.UnitTestBase;

 public class PlainNegotiatorTest extends UnitTestBase
 {
     private static final String VALID_PASSWORD = "testPassword";
     private static final String VALID_USERNAME = "testUsername";
     public static final String RESPONSE_FORMAT_STRING = "\0%s\0%s";
     private static final String VALID_RESPONSE = String.format(RESPONSE_FORMAT_STRING, VALID_USERNAME, VALID_PASSWORD);
     private UsernamePasswordAuthenticationProvider _authenticationProvider;
     private PlainNegotiator _negotiator;
     private AuthenticationResult _successfulResult;
     private AuthenticationResult _errorResult;

     @Before
     public void setUp() throws Exception
     {
         _successfulResult = mock(AuthenticationResult.class);
         _errorResult = mock(AuthenticationResult.class);
         _authenticationProvider = mock(UsernamePasswordAuthenticationProvider.class);
         when(_authenticationProvider.authenticate(eq(VALID_USERNAME), eq(VALID_PASSWORD))).thenReturn(_successfulResult);
         when(_authenticationProvider.authenticate(eq(VALID_USERNAME), not(eq(VALID_PASSWORD)))).thenReturn(_errorResult);
         when(_authenticationProvider.authenticate(not(eq(VALID_USERNAME)), anyString())).thenReturn(_errorResult);
         _negotiator = new PlainNegotiator(_authenticationProvider);
     }

     @After
     public void tearDown() throws Exception
     {
         if (_negotiator != null)
         {
             _negotiator.dispose();
         }
     }

     @Test
     public void testHandleResponse() throws Exception
     {
         final AuthenticationResult result = _negotiator.handleResponse(VALID_RESPONSE.getBytes(US_ASCII));
         verify(_authenticationProvider).authenticate(eq(VALID_USERNAME), eq(VALID_PASSWORD));
         assertEquals("Unexpected authentication result", _successfulResult, result);
     }

     @Test
     public void testMultipleAuthenticationAttempts() throws Exception
     {
         final AuthenticationResult firstResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes(US_ASCII));
         assertEquals("Unexpected first authentication result", _successfulResult, firstResult);
         final AuthenticationResult secondResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes(US_ASCII));
         assertEquals("Unexpected second authentication result",
                             AuthenticationResult.AuthenticationStatus.ERROR,
                             secondResult.getStatus());
     }

     @Test
     public void testHandleInvalidUser() throws Exception
     {
         final AuthenticationResult result = _negotiator.handleResponse(String.format(RESPONSE_FORMAT_STRING, "invalidUser", VALID_PASSWORD).getBytes(US_ASCII));
         assertEquals("Unexpected authentication result", _errorResult, result);
     }

     @Test
     public void testHandleInvalidPassword() throws Exception
     {
         final AuthenticationResult result = _negotiator.handleResponse(String.format(RESPONSE_FORMAT_STRING, VALID_USERNAME, "invalidPassword").getBytes(US_ASCII));
         assertEquals("Unexpected authentication result", _errorResult, result);
     }

     @Test
     public void testHandleNeverSendAResponse() throws Exception
     {
         final AuthenticationResult firstResult = _negotiator.handleResponse(new byte[0]);
         assertEquals("Unexpected authentication status",
                             AuthenticationResult.AuthenticationStatus.CONTINUE,
                             firstResult.getStatus());
         assertArrayEquals("Unexpected authentication challenge", new byte[0], firstResult.getChallenge());

         final AuthenticationResult secondResult = _negotiator.handleResponse(new byte[0]);
         assertEquals("Unexpected first authentication result",
                             AuthenticationResult.AuthenticationStatus.ERROR,
                             secondResult.getStatus());
     }

     @Test
     public void testHandleNoInitialResponse() throws Exception
     {
         final AuthenticationResult result = _negotiator.handleResponse(new byte[0]);
         assertEquals("Unexpected authentication status",
                             AuthenticationResult.AuthenticationStatus.CONTINUE,
                             result.getStatus());
         assertArrayEquals("Unexpected authentication challenge", new byte[0], result.getChallenge());

         final AuthenticationResult firstResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes());
         assertEquals("Unexpected first authentication result", _successfulResult, firstResult);
     }

     @Test
     public void testHandleNoInitialResponseNull() throws Exception
     {
         final AuthenticationResult result = _negotiator.handleResponse(null);
         assertEquals("Unexpected authentication status",
                             AuthenticationResult.AuthenticationStatus.CONTINUE,
                             result.getStatus());
         assertArrayEquals("Unexpected authentication challenge", new byte[0], result.getChallenge());

         final AuthenticationResult firstResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes());
         assertEquals("Unexpected first authentication result", _successfulResult, firstResult);
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*/

	package org.apache.qpid.server.security.auth.sasl.plain;

	import static java.nio.charset.StandardCharsets.US_ASCII;
	import static org.junit.Assert.assertArrayEquals;
	import static org.junit.Assert.assertEquals;
	import static org.mockito.AdditionalMatchers.not;
	import static org.mockito.ArgumentMatchers.anyString;
	import static org.mockito.ArgumentMatchers.eq;
	import static org.mockito.Mockito.mock;
	import static org.mockito.Mockito.verify;
	import static org.mockito.Mockito.when;

	import org.junit.After;
	import org.junit.Before;
	import org.junit.Test;

	import org.apache.qpid.server.security.auth.AuthenticationResult;
	import org.apache.qpid.server.security.auth.manager.UsernamePasswordAuthenticationProvider;
	import org.apache.qpid.test.utils.UnitTestBase;

	public class PlainNegotiatorTest extends UnitTestBase
	{
	private static final String VALID_PASSWORD = "testPassword";
	private static final String VALID_USERNAME = "testUsername";
	public static final String RESPONSE_FORMAT_STRING = "\0%s\0%s";
	private static final String VALID_RESPONSE = String.format(RESPONSE_FORMAT_STRING, VALID_USERNAME, VALID_PASSWORD);
	private UsernamePasswordAuthenticationProvider _authenticationProvider;
	private PlainNegotiator _negotiator;
	private AuthenticationResult _successfulResult;
	private AuthenticationResult _errorResult;

	@Before
	public void setUp() throws Exception
	{
	_successfulResult = mock(AuthenticationResult.class);
	_errorResult = mock(AuthenticationResult.class);
	_authenticationProvider = mock(UsernamePasswordAuthenticationProvider.class);
	when(_authenticationProvider.authenticate(eq(VALID_USERNAME), eq(VALID_PASSWORD))).thenReturn(_successfulResult);
	when(_authenticationProvider.authenticate(eq(VALID_USERNAME), not(eq(VALID_PASSWORD)))).thenReturn(_errorResult);
	when(_authenticationProvider.authenticate(not(eq(VALID_USERNAME)), anyString())).thenReturn(_errorResult);
	_negotiator = new PlainNegotiator(_authenticationProvider);
	}

	@After
	public void tearDown() throws Exception
	{
	if (_negotiator != null)
	{
	_negotiator.dispose();
	}
	}

	@Test
	public void testHandleResponse() throws Exception
	{
	final AuthenticationResult result = _negotiator.handleResponse(VALID_RESPONSE.getBytes(US_ASCII));
	verify(_authenticationProvider).authenticate(eq(VALID_USERNAME), eq(VALID_PASSWORD));
	assertEquals("Unexpected authentication result", _successfulResult, result);
	}

	@Test
	public void testMultipleAuthenticationAttempts() throws Exception
	{
	final AuthenticationResult firstResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes(US_ASCII));
	assertEquals("Unexpected first authentication result", _successfulResult, firstResult);
	final AuthenticationResult secondResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes(US_ASCII));
	assertEquals("Unexpected second authentication result",
	AuthenticationResult.AuthenticationStatus.ERROR,
	secondResult.getStatus());
	}

	@Test
	public void testHandleInvalidUser() throws Exception
	{
	final AuthenticationResult result = _negotiator.handleResponse(String.format(RESPONSE_FORMAT_STRING, "invalidUser", VALID_PASSWORD).getBytes(US_ASCII));
	assertEquals("Unexpected authentication result", _errorResult, result);
	}

	@Test
	public void testHandleInvalidPassword() throws Exception
	{
	final AuthenticationResult result = _negotiator.handleResponse(String.format(RESPONSE_FORMAT_STRING, VALID_USERNAME, "invalidPassword").getBytes(US_ASCII));
	assertEquals("Unexpected authentication result", _errorResult, result);
	}

	@Test
	public void testHandleNeverSendAResponse() throws Exception
	{
	final AuthenticationResult firstResult = _negotiator.handleResponse(new byte[0]);
	assertEquals("Unexpected authentication status",
	AuthenticationResult.AuthenticationStatus.CONTINUE,
	firstResult.getStatus());
	assertArrayEquals("Unexpected authentication challenge", new byte[0], firstResult.getChallenge());

	final AuthenticationResult secondResult = _negotiator.handleResponse(new byte[0]);
	assertEquals("Unexpected first authentication result",
	AuthenticationResult.AuthenticationStatus.ERROR,
	secondResult.getStatus());
	}

	@Test
	public void testHandleNoInitialResponse() throws Exception
	{
	final AuthenticationResult result = _negotiator.handleResponse(new byte[0]);
	assertEquals("Unexpected authentication status",
	AuthenticationResult.AuthenticationStatus.CONTINUE,
	result.getStatus());
	assertArrayEquals("Unexpected authentication challenge", new byte[0], result.getChallenge());

	final AuthenticationResult firstResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes());
	assertEquals("Unexpected first authentication result", _successfulResult, firstResult);
	}

	@Test
	public void testHandleNoInitialResponseNull() throws Exception
	{
	final AuthenticationResult result = _negotiator.handleResponse(null);
	assertEquals("Unexpected authentication status",
	AuthenticationResult.AuthenticationStatus.CONTINUE,
	result.getStatus());
	assertArrayEquals("Unexpected authentication challenge", new byte[0], result.getChallenge());

	final AuthenticationResult firstResult = _negotiator.handleResponse(VALID_RESPONSE.getBytes());
	assertEquals("Unexpected first authentication result", _successfulResult, firstResult);
	}
	}