1/*
2 *  Licensed to the Apache Software Foundation (ASF) under one or more
3 *  contributor license agreements.  See the NOTICE file distributed with
4 *  this work for additional information regarding copyright ownership.
5 *  The ASF licenses this file to You under the Apache License, Version 2.0
6 *  (the "License"); you may not use this file except in compliance with
7 *  the License.  You may obtain a copy of the License at
8 *
9 *     http://www.apache.org/licenses/LICENSE-2.0
10 *
11 *  Unless required by applicable law or agreed to in writing, software
12 *  distributed under the License is distributed on an "AS IS" BASIS,
13 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 *  See the License for the specific language governing permissions and
15 *  limitations under the License.
16 */
17
18package org.apache.harmony.auth.tests.module;
19
20import java.security.Principal;
21import java.util.HashMap;
22import java.util.Set;
23
24import javax.security.auth.Subject;
25import javax.security.auth.login.LoginException;
26
27import junit.framework.TestCase;
28
29import org.apache.harmony.auth.module.KeyStoreLoginModule;
30
31import tests.support.resource.Support_Resources;
32
33public class KeyStoreLoginModuleTest extends TestCase {
34
35    // module options
36    private HashMap<String, String> options = new HashMap<String, String>();
37
38    private final String KEYSTORE_URL = "file:"
39            + Support_Resources.getAbsoluteResourcePath("hyts_ks.bks");
40
41    private final String KEYSTORE_PASSWORD_URL = "file:"
42            + Support_Resources.getAbsoluteResourcePath("hyts_ks_pass");
43
44    private final String KEYSTORE_FAULTPASSWORD_URL = "file:"
45            + Support_Resources.getAbsoluteResourcePath("fault_pass");
46
47    private final String KEYSTORE_ALIAS = "mykey";
48
49    public void test_abort() throws LoginException {
50        KeyStoreLoginModule ksm = new KeyStoreLoginModule();
51        try {
52            assertFalse("Should return false if login failed or no login", ksm
53                    .abort());
54        } catch (LoginException e) {
55            fail("Abort failed");
56        }
57        Subject subject = new Subject();
58        subject.setReadOnly();
59        ksm.initialize(subject, null, null, options);
60
61        assertFalse("Should return false if login failed or no login", ksm.abort());
62
63        options.remove("keyStorePasswordURL");
64        options.put("keyStorePasswordURL", KEYSTORE_FAULTPASSWORD_URL);
65        subject = new Subject();
66        ksm.initialize(subject, null, null, options);
67        try {
68            ksm.login();
69            fail("login should fail");
70        } catch (LoginException e) {
71            assertFalse("Should return false because of login failure", ksm
72                    .abort());
73        }
74        options.remove("keyStorePasswordURL");
75        options.put("keyStorePasswordURL", KEYSTORE_PASSWORD_URL);
76        subject = new Subject();
77        ksm.initialize(subject, null, null, options);
78        ksm.login();
79        assertTrue("Should return true if login was successful", ksm
80                .abort());
81    }
82
83    public void test_commit() {
84        KeyStoreLoginModule module = new KeyStoreLoginModule();
85        Subject subject = new Subject();
86        module.initialize(subject, null, null, options);
87        try {
88            assertTrue("Login should be successful", module.login());
89            module.commit();
90        } catch (LoginException e) {
91            e.printStackTrace();
92            fail("Login shouldn't fail");
93        }
94        Set<Principal> principals = subject.getPrincipals();
95        assertFalse("Should get at least one principal", principals.isEmpty());
96        Set<Object> subjects = subject.getPrivateCredentials();
97        assertFalse("Should get at least one private credential", subjects
98                .isEmpty());
99        Set<Object> subjects2 = subject.getPublicCredentials();
100        assertFalse("Should get at least one public credential", subjects2
101                .isEmpty());
102        subject = new Subject();
103        subject.setReadOnly();
104        module.initialize(subject, null, null, options);
105        try {
106            assertFalse("Commit shouldn't be successful", module.commit());
107            fail("Should throw LoginException here because of trying to clear read-only subject");
108        } catch (LoginException e) {
109            // expected LoginException here
110        }
111
112    }
113
114    public void test_initialize() {
115        KeyStoreLoginModule module = new KeyStoreLoginModule();
116        try {
117            module.initialize(null, null, null, null);
118            fail("Should throw NullPointerException here.");
119        } catch (NullPointerException e) {
120            // expected NullPointerException
121        }
122    }
123
124    public void test_login() {
125        KeyStoreLoginModule module = new KeyStoreLoginModule();
126        HashMap<String, String> emptyOptions = new HashMap<String, String>();
127        module.initialize(null, null, null, emptyOptions);
128        try {
129            module.login();
130            fail("Should throw LoginException here.");
131        } catch (LoginException e) {
132            // expected LoginException
133        }
134
135        Subject subject = new Subject();
136        module.initialize(subject, null, null, options);
137        try {
138            assertTrue("Login should be successful", module.login());
139        } catch (LoginException e) {
140            fail("Login shouldn't fail");
141        }
142        options.put("keyStorePasswordURL", KEYSTORE_FAULTPASSWORD_URL);
143        module.initialize(subject, null, null, options);
144        try {
145            assertFalse("Login shouldn't be successful", module.login());
146            fail("Login should fail");
147        } catch (LoginException e) {
148            // expected Loginexception here
149        }
150    }
151
152    public void test_logout() {
153        KeyStoreLoginModule module = new KeyStoreLoginModule();
154        Subject subject = new Subject();
155        module.initialize(subject, null, null, options);
156        try {
157            assertTrue("Login should be successful", module.login());
158            module.commit();
159        } catch (LoginException e) {
160            fail("Login shouldn't fail");
161        }
162        Set<Principal> principals = subject.getPrincipals();
163        assertFalse("Should get at least one principal", principals.isEmpty());
164        Set<Object> subjects = subject.getPrivateCredentials();
165        assertFalse("Should get at least one private credential", subjects
166                .isEmpty());
167        Set<Object> subjects2 = subject.getPublicCredentials();
168        assertFalse("Should get at least one public credential", subjects2
169                .isEmpty());
170        try {
171            assertTrue("Should be true", module.logout());
172        } catch (LoginException e) {
173            fail("Logout failed");
174        }
175        principals = subject.getPrincipals();
176        assertTrue("Principals should be cleared", principals.isEmpty());
177        subjects = subject.getPrivateCredentials();
178        assertTrue("Private credential should be cleared", subjects.isEmpty());
179        subjects2 = subject.getPublicCredentials();
180        assertTrue("Public credential should be cleared", subjects2.isEmpty());
181    }
182
183    protected void setUp() throws Exception {
184        options.put("keyStoreURL", KEYSTORE_URL);
185        options.put("keyStorePasswordURL", KEYSTORE_PASSWORD_URL);
186        options.put("keyStoreAlias", KEYSTORE_ALIAS);
187    }
188
189    @Override
190    protected void tearDown() throws Exception {
191        options.clear();
192    }
193}
194