client/src/test/java/org/apache/qpid/client/security/scram/ScramSHA1MechanismTest.java - qpid-jms-amqp-0-x - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.qpid.client.security.scram;

 import static org.junit.Assert.assertArrayEquals;

 import java.nio.charset.StandardCharsets;

 import org.apache.qpid.client.AMQConnectionURL;
 import org.apache.qpid.client.security.UsernamePasswordCallbackHandler;
 import org.apache.qpid.jms.ConnectionURL;

 /**
  * The known good used by these tests is taken from the example in RFC 5802 section 5.
  */
 public class ScramSHA1MechanismTest extends AbstractScramSHAMechanismTestBase
 {

     private static final String USERNAME = "user";
     private static final String PASSWORD = "pencil";

     private static final String CLIENT_NONCE = "fyko+d2lbbFgONRv9qkxdawL";

     private static final byte[] EXPECTED_CLIENT_INITIAL_RESPONSE =
             "n,,n=user,r=fyko+d2lbbFgONRv9qkxdawL".getBytes(StandardCharsets.UTF_8);
     private static final byte[] SERVER_FIRST_MESSAGE =
             "r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,s=QSXCR+Q6sek8bf92,i=4096".getBytes(StandardCharsets.UTF_8);
     private static final byte[] EXPECTED_CLIENT_FINAL_MESSAGE =
             "c=biws,r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,p=v0X8v3Bz2T0CJGbJQyF0X+HI4Ts=".getBytes(
                     StandardCharsets.UTF_8);
     private static final byte[] SERVER_FINAL_MESSAGE =
             "v=rmF9pqV8S7suAoZWja4dJRkFsKQ=".getBytes(StandardCharsets.UTF_8);

     public ScramSHA1MechanismTest()
     {
         super(EXPECTED_CLIENT_INITIAL_RESPONSE,
               SERVER_FIRST_MESSAGE,
               EXPECTED_CLIENT_FINAL_MESSAGE,
               SERVER_FINAL_MESSAGE);
     }

     @Override
     protected AbstractScramSaslClient getScramSaslClient() throws Exception
     {
         return getScramSaslClient(USERNAME, PASSWORD);
     }

     @Override
     protected AbstractScramSaslClient getScramSaslClient(final String username, final String password) throws Exception
     {

         UsernamePasswordCallbackHandler callbackHandler = new UsernamePasswordCallbackHandler();
         ConnectionURL connectionURL = new AMQConnectionURL(String.format("amqp://%s:%s@////", username, password));
         callbackHandler.initialise(connectionURL);

         return new ScramSHA1SaslClient(callbackHandler, CLIENT_NONCE);
     }

     @Override
     protected String getExpectedInitialResponseString(final String escapedUsername)
     {
         return "n,,n=" + escapedUsername + ",r=" + CLIENT_NONCE;
     }

     public void testPasswordCommaEqualsCharactersNotEscaped() throws Exception
     {
         AbstractScramSaslClient mechanism = getScramSaslClient(USERNAME, PASSWORD + ",=");

         byte[] clientInitialResponse = mechanism.evaluateChallenge(null);
         assertArrayEquals(EXPECTED_CLIENT_INITIAL_RESPONSE, clientInitialResponse);

         byte[] serverFirstMessage =
                 "r=fyko+d2lbbFgONRv9qkxdawLdcbfa301-1618-46ee-96c1-2bf60139dc7f,s=Q0zM1qzKMOmI0sAzE7dXt6ru4ZIXhAzn40g4mQXKQdw=,i=4096"
                         .getBytes(StandardCharsets.UTF_8);
         byte[] expectedClientFinalMessage =
                 "c=biws,r=fyko+d2lbbFgONRv9qkxdawLdcbfa301-1618-46ee-96c1-2bf60139dc7f,p=quRNWvZqGUvPXoazebZe0ZYsjQI=".getBytes(
                         StandardCharsets.UTF_8);

         byte[] clientFinalMessage = mechanism.evaluateChallenge(serverFirstMessage);

         assertArrayEquals(expectedClientFinalMessage, clientFinalMessage);

         byte[] serverFinalMessage = "v=dnJDHm3fp6WwVrl5yjZuqKp03lQ=".getBytes(StandardCharsets.UTF_8);
         byte[] expectedFinalChallengeResponse = "".getBytes();

         assertArrayEquals(expectedFinalChallengeResponse, mechanism.evaluateChallenge(serverFinalMessage));

         assertTrue(mechanism.isComplete());
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.qpid.client.security.scram;

	import static org.junit.Assert.assertArrayEquals;

	import java.nio.charset.StandardCharsets;

	import org.apache.qpid.client.AMQConnectionURL;
	import org.apache.qpid.client.security.UsernamePasswordCallbackHandler;
	import org.apache.qpid.jms.ConnectionURL;

	/**
	* The known good used by these tests is taken from the example in RFC 5802 section 5.
	*/
	public class ScramSHA1MechanismTest extends AbstractScramSHAMechanismTestBase
	{

	private static final String USERNAME = "user";
	private static final String PASSWORD = "pencil";

	private static final String CLIENT_NONCE = "fyko+d2lbbFgONRv9qkxdawL";

	private static final byte[] EXPECTED_CLIENT_INITIAL_RESPONSE =
	"n,,n=user,r=fyko+d2lbbFgONRv9qkxdawL".getBytes(StandardCharsets.UTF_8);
	private static final byte[] SERVER_FIRST_MESSAGE =
	"r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,s=QSXCR+Q6sek8bf92,i=4096".getBytes(StandardCharsets.UTF_8);
	private static final byte[] EXPECTED_CLIENT_FINAL_MESSAGE =
	"c=biws,r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,p=v0X8v3Bz2T0CJGbJQyF0X+HI4Ts=".getBytes(
	StandardCharsets.UTF_8);
	private static final byte[] SERVER_FINAL_MESSAGE =
	"v=rmF9pqV8S7suAoZWja4dJRkFsKQ=".getBytes(StandardCharsets.UTF_8);

	public ScramSHA1MechanismTest()
	{
	super(EXPECTED_CLIENT_INITIAL_RESPONSE,
	SERVER_FIRST_MESSAGE,
	EXPECTED_CLIENT_FINAL_MESSAGE,
	SERVER_FINAL_MESSAGE);
	}

	@Override
	protected AbstractScramSaslClient getScramSaslClient() throws Exception
	{
	return getScramSaslClient(USERNAME, PASSWORD);
	}

	@Override
	protected AbstractScramSaslClient getScramSaslClient(final String username, final String password) throws Exception
	{

	UsernamePasswordCallbackHandler callbackHandler = new UsernamePasswordCallbackHandler();
	ConnectionURL connectionURL = new AMQConnectionURL(String.format("amqp://%s:%s@////", username, password));
	callbackHandler.initialise(connectionURL);

	return new ScramSHA1SaslClient(callbackHandler, CLIENT_NONCE);
	}

	@Override
	protected String getExpectedInitialResponseString(final String escapedUsername)
	{
	return "n,,n=" + escapedUsername + ",r=" + CLIENT_NONCE;
	}

	public void testPasswordCommaEqualsCharactersNotEscaped() throws Exception
	{
	AbstractScramSaslClient mechanism = getScramSaslClient(USERNAME, PASSWORD + ",=");

	byte[] clientInitialResponse = mechanism.evaluateChallenge(null);
	assertArrayEquals(EXPECTED_CLIENT_INITIAL_RESPONSE, clientInitialResponse);

	byte[] serverFirstMessage =
	"r=fyko+d2lbbFgONRv9qkxdawLdcbfa301-1618-46ee-96c1-2bf60139dc7f,s=Q0zM1qzKMOmI0sAzE7dXt6ru4ZIXhAzn40g4mQXKQdw=,i=4096"
	.getBytes(StandardCharsets.UTF_8);
	byte[] expectedClientFinalMessage =
	"c=biws,r=fyko+d2lbbFgONRv9qkxdawLdcbfa301-1618-46ee-96c1-2bf60139dc7f,p=quRNWvZqGUvPXoazebZe0ZYsjQI=".getBytes(
	StandardCharsets.UTF_8);

	byte[] clientFinalMessage = mechanism.evaluateChallenge(serverFirstMessage);

	assertArrayEquals(expectedClientFinalMessage, clientFinalMessage);

	byte[] serverFinalMessage = "v=dnJDHm3fp6WwVrl5yjZuqKp03lQ=".getBytes(StandardCharsets.UTF_8);
	byte[] expectedFinalChallengeResponse = "".getBytes();

	assertArrayEquals(expectedFinalChallengeResponse, mechanism.evaluateChallenge(serverFinalMessage));

	assertTrue(mechanism.isComplete());
	}
	}