wa/starter/src/test/java/org/apache/syncope/wa/starter/BasicTest.java - syncope - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.syncope.wa.starter;

 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertTrue;

 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.stream.Stream;
 import javax.ws.rs.core.HttpHeaders;
 import org.apache.http.Consts;
 import org.apache.http.Header;
 import org.apache.http.HttpStatus;
 import org.apache.http.NameValuePair;
 import org.apache.http.client.entity.UrlEncodedFormEntity;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.protocol.HttpClientContext;
 import org.apache.http.impl.client.BasicCookieStore;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
 import org.apache.http.message.BasicHeader;
 import org.apache.http.message.BasicNameValuePair;
 import org.apache.http.util.EntityUtils;
 import org.junit.jupiter.api.Test;

 public class BasicTest extends AbstractTest {

     private String getLoginURL() {
         return "http://localhost:" + port + "/syncope-wa/login";
     }

     @Test
     public void loginLogout() throws IOException {
         CloseableHttpClient httpclient = HttpClients.createDefault();
         HttpClientContext context = HttpClientContext.create();
         context.setCookieStore(new BasicCookieStore());

         // 1. first GET to fetch execution
         HttpGet get = new HttpGet(getLoginURL());
         get.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
         CloseableHttpResponse response = httpclient.execute(get, context);
         assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

         String responseBody = EntityUtils.toString(response.getEntity());
         int begin = responseBody.indexOf("name=\"execution\" value=\"");
         assertNotEquals(-1, begin);
         int end = responseBody.indexOf("\"/><input type=\"hidden\" name=\"_eventId\"");
         assertNotEquals(-1, end);

         String execution = responseBody.substring(begin + 24, end);
         assertNotNull(execution);

         // 2. then POST to authenticate
         List<NameValuePair> form = new ArrayList<>();
         form.add(new BasicNameValuePair("_eventId", "submit"));
         form.add(new BasicNameValuePair("execution", execution));
         form.add(new BasicNameValuePair("username", "mrossi"));
         form.add(new BasicNameValuePair("password", "password"));
         form.add(new BasicNameValuePair("geolocation", ""));

         HttpPost post = new HttpPost(getLoginURL());
         post.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
         post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8));
         response = httpclient.execute(post, context);

         // 3. check authentication results
         assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

         Header[] cookie = response.getHeaders("Set-Cookie");
         assertNotNull(cookie);
         assertTrue(cookie.length > 0);
         assertEquals(1, Stream.of(cookie).filter(item -> item.getValue().startsWith("TGC")).count());

         String body = EntityUtils.toString(response.getEntity());
         assertTrue(body.contains("Log In Successful"));
         assertTrue(body.contains("have successfully logged into the Central Authentication Service"));

         // 4. logout
         HttpGet logout = new HttpGet(getLoginURL().replace("login", "logout"));
         logout.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
         response = httpclient.execute(logout, context);
         assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

         body = EntityUtils.toString(response.getEntity());
         assertTrue(body.contains("Logout successful"));
         assertTrue(body.contains("have successfully logged out of the Central Authentication Service"));
     }

     @Test
     public void loginError() throws IOException {
         CloseableHttpClient httpclient = HttpClients.createDefault();
         HttpClientContext context = HttpClientContext.create();
         context.setCookieStore(new BasicCookieStore());

         // 1. first GET to fetch execution
         HttpGet get = new HttpGet(getLoginURL());
         get.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
         CloseableHttpResponse response = httpclient.execute(get, context);
         assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

         String responseBody = EntityUtils.toString(response.getEntity());
         int begin = responseBody.indexOf("name=\"execution\" value=\"");
         assertNotEquals(-1, begin);
         int end = responseBody.indexOf("\"/><input type=\"hidden\" name=\"_eventId\"");
         assertNotEquals(-1, end);

         String execution = responseBody.substring(begin + 24, end);
         assertNotNull(execution);

         // 2. then POST to authenticate
         List<NameValuePair> form = new ArrayList<>();
         form.add(new BasicNameValuePair("_eventId", "submit"));
         form.add(new BasicNameValuePair("execution", execution));
         form.add(new BasicNameValuePair("username", "mrossi"));
         form.add(new BasicNameValuePair("password", "WRONG"));
         form.add(new BasicNameValuePair("geolocation", ""));

         HttpPost post = new HttpPost(getLoginURL());
         post.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
         post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8));
         response = httpclient.execute(post, context);

         // 3. check authentication results
         assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getStatusLine().getStatusCode());
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.syncope.wa.starter;

	import static org.junit.jupiter.api.Assertions.assertEquals;
	import static org.junit.jupiter.api.Assertions.assertNotEquals;
	import static org.junit.jupiter.api.Assertions.assertNotNull;
	import static org.junit.jupiter.api.Assertions.assertTrue;

	import java.io.IOException;
	import java.util.ArrayList;
	import java.util.List;
	import java.util.stream.Stream;
	import javax.ws.rs.core.HttpHeaders;
	import org.apache.http.Consts;
	import org.apache.http.Header;
	import org.apache.http.HttpStatus;
	import org.apache.http.NameValuePair;
	import org.apache.http.client.entity.UrlEncodedFormEntity;
	import org.apache.http.client.methods.CloseableHttpResponse;
	import org.apache.http.client.methods.HttpGet;
	import org.apache.http.client.methods.HttpPost;
	import org.apache.http.client.protocol.HttpClientContext;
	import org.apache.http.impl.client.BasicCookieStore;
	import org.apache.http.impl.client.CloseableHttpClient;
	import org.apache.http.impl.client.HttpClients;
	import org.apache.http.message.BasicHeader;
	import org.apache.http.message.BasicNameValuePair;
	import org.apache.http.util.EntityUtils;
	import org.junit.jupiter.api.Test;

	public class BasicTest extends AbstractTest {

	private String getLoginURL() {
	return "http://localhost:" + port + "/syncope-wa/login";
	}

	@Test
	public void loginLogout() throws IOException {
	CloseableHttpClient httpclient = HttpClients.createDefault();
	HttpClientContext context = HttpClientContext.create();
	context.setCookieStore(new BasicCookieStore());

	// 1. first GET to fetch execution
	HttpGet get = new HttpGet(getLoginURL());
	get.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
	CloseableHttpResponse response = httpclient.execute(get, context);
	assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

	String responseBody = EntityUtils.toString(response.getEntity());
	int begin = responseBody.indexOf("name=\"execution\" value=\"");
	assertNotEquals(-1, begin);
	int end = responseBody.indexOf("\"/><input type=\"hidden\" name=\"_eventId\"");
	assertNotEquals(-1, end);

	String execution = responseBody.substring(begin + 24, end);
	assertNotNull(execution);

	// 2. then POST to authenticate
	List<NameValuePair> form = new ArrayList<>();
	form.add(new BasicNameValuePair("_eventId", "submit"));
	form.add(new BasicNameValuePair("execution", execution));
	form.add(new BasicNameValuePair("username", "mrossi"));
	form.add(new BasicNameValuePair("password", "password"));
	form.add(new BasicNameValuePair("geolocation", ""));

	HttpPost post = new HttpPost(getLoginURL());
	post.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
	post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8));
	response = httpclient.execute(post, context);

	// 3. check authentication results
	assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

	Header[] cookie = response.getHeaders("Set-Cookie");
	assertNotNull(cookie);
	assertTrue(cookie.length > 0);
	assertEquals(1, Stream.of(cookie).filter(item -> item.getValue().startsWith("TGC")).count());

	String body = EntityUtils.toString(response.getEntity());
	assertTrue(body.contains("Log In Successful"));
	assertTrue(body.contains("have successfully logged into the Central Authentication Service"));

	// 4. logout
	HttpGet logout = new HttpGet(getLoginURL().replace("login", "logout"));
	logout.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
	response = httpclient.execute(logout, context);
	assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

	body = EntityUtils.toString(response.getEntity());
	assertTrue(body.contains("Logout successful"));
	assertTrue(body.contains("have successfully logged out of the Central Authentication Service"));
	}

	@Test
	public void loginError() throws IOException {
	CloseableHttpClient httpclient = HttpClients.createDefault();
	HttpClientContext context = HttpClientContext.create();
	context.setCookieStore(new BasicCookieStore());

	// 1. first GET to fetch execution
	HttpGet get = new HttpGet(getLoginURL());
	get.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
	CloseableHttpResponse response = httpclient.execute(get, context);
	assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());

	String responseBody = EntityUtils.toString(response.getEntity());
	int begin = responseBody.indexOf("name=\"execution\" value=\"");
	assertNotEquals(-1, begin);
	int end = responseBody.indexOf("\"/><input type=\"hidden\" name=\"_eventId\"");
	assertNotEquals(-1, end);

	String execution = responseBody.substring(begin + 24, end);
	assertNotNull(execution);

	// 2. then POST to authenticate
	List<NameValuePair> form = new ArrayList<>();
	form.add(new BasicNameValuePair("_eventId", "submit"));
	form.add(new BasicNameValuePair("execution", execution));
	form.add(new BasicNameValuePair("username", "mrossi"));
	form.add(new BasicNameValuePair("password", "WRONG"));
	form.add(new BasicNameValuePair("geolocation", ""));

	HttpPost post = new HttpPost(getLoginURL());
	post.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
	post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8));
	response = httpclient.execute(post, context);

	// 3. check authentication results
	assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getStatusLine().getStatusCode());
	}
	}