1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.providers.x509;
17  
18  import java.security.cert.X509Certificate;
19  
20  import junit.framework.TestCase;
21  
22  import org.acegisecurity.Authentication;
23  import org.acegisecurity.AuthenticationException;
24  import org.acegisecurity.BadCredentialsException;
25  import org.acegisecurity.GrantedAuthority;
26  import org.acegisecurity.GrantedAuthorityImpl;
27  import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
28  import org.acegisecurity.userdetails.User;
29  import org.acegisecurity.userdetails.UserDetails;
30  
31  
32  /***
33   * Tests {@link org.acegisecurity.providers.x509.X509AuthenticationProvider}
34   *
35   * @author Luke Taylor
36   * @version $Id: X509AuthenticationProviderTests.java,v 1.8 2005/11/30 01:23:36 benalex Exp $
37   */
38  public class X509AuthenticationProviderTests extends TestCase {
39      //~ Constructors ===========================================================
40  
41      public X509AuthenticationProviderTests() {
42          super();
43      }
44  
45      public X509AuthenticationProviderTests(String arg0) {
46          super(arg0);
47      }
48  
49      //~ Methods ================================================================
50  
51      public final void setUp() throws Exception {
52          super.setUp();
53      }
54  
55      public void testAuthenticationIsNullWithUnsupportedToken() {
56          X509AuthenticationProvider provider = new X509AuthenticationProvider();
57          Authentication request = new UsernamePasswordAuthenticationToken("dummy",
58                  "dummy");
59          Authentication result = provider.authenticate(request);
60          assertNull(result);
61      }
62  
63      public void testFailsWithNullCertificate() {
64          X509AuthenticationProvider provider = new X509AuthenticationProvider();
65  
66          provider.setX509AuthoritiesPopulator(new MockAuthoritiesPopulator(false));
67  
68          try {
69              provider.authenticate(new X509AuthenticationToken(null));
70              fail("Should have thrown BadCredentialsException");
71          } catch (BadCredentialsException e) {
72              //ignore
73          }
74      }
75  
76      public void testNormalOperation() throws Exception {
77          X509AuthenticationProvider provider = new X509AuthenticationProvider();
78  
79          provider.setX509AuthoritiesPopulator(new MockAuthoritiesPopulator(false));
80          provider.afterPropertiesSet();
81  
82          Authentication result = provider.authenticate(X509TestUtils.createToken());
83  
84          assertNotNull(result);
85          assertNotNull(result.getAuthorities());
86      }
87  
88      public void testPopulatorRejectionCausesFailure() throws Exception {
89          X509AuthenticationProvider provider = new X509AuthenticationProvider();
90          provider.setX509AuthoritiesPopulator(new MockAuthoritiesPopulator(true));
91  
92          try {
93              provider.authenticate(X509TestUtils.createToken());
94              fail("Should have thrown BadCredentialsException");
95          } catch (BadCredentialsException e) {
96              //ignore
97          }
98      }
99  
100     public void testRequiresPopulator() throws Exception {
101         X509AuthenticationProvider provider = new X509AuthenticationProvider();
102 
103         try {
104             provider.afterPropertiesSet();
105             fail("Should have thrown IllegalArgumentException");
106         } catch (IllegalArgumentException failed) {
107             //ignored
108         }
109     }
110 
111     //~ Inner Classes ==========================================================
112 
113     public static class MockAuthoritiesPopulator
114         implements X509AuthoritiesPopulator {
115         private boolean rejectCertificate;
116 
117         public MockAuthoritiesPopulator(boolean rejectCertificate) {
118             this.rejectCertificate = rejectCertificate;
119         }
120 
121         public UserDetails getUserDetails(X509Certificate userCertificate)
122             throws AuthenticationException {
123             if (rejectCertificate) {
124                 throw new BadCredentialsException("Invalid Certificate");
125             }
126 
127             return new User("user", "password", true, true, true, true,
128                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl(
129                         "ROLE_B")});
130         }
131     }
132 }