View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.syncope.fit.sra;
20  
21  import static org.junit.jupiter.api.Assertions.assertEquals;
22  import static org.junit.jupiter.api.Assertions.assertFalse;
23  import static org.junit.jupiter.api.Assertions.fail;
24  import static org.junit.jupiter.api.Assumptions.assumeTrue;
25  
26  import com.fasterxml.jackson.databind.node.ObjectNode;
27  import java.io.IOException;
28  import java.lang.invoke.MethodHandles;
29  import java.util.ArrayList;
30  import java.util.List;
31  import java.util.concurrent.TimeoutException;
32  import javax.ws.rs.core.HttpHeaders;
33  import javax.ws.rs.core.MediaType;
34  import javax.ws.rs.core.Response;
35  import org.apache.http.Consts;
36  import org.apache.http.HttpStatus;
37  import org.apache.http.NameValuePair;
38  import org.apache.http.client.entity.UrlEncodedFormEntity;
39  import org.apache.http.client.methods.CloseableHttpResponse;
40  import org.apache.http.client.methods.HttpGet;
41  import org.apache.http.client.methods.HttpPost;
42  import org.apache.http.client.protocol.HttpClientContext;
43  import org.apache.http.impl.client.BasicCookieStore;
44  import org.apache.http.impl.client.CloseableHttpClient;
45  import org.apache.http.impl.client.HttpClients;
46  import org.apache.http.message.BasicNameValuePair;
47  import org.apache.http.util.EntityUtils;
48  import org.apache.syncope.common.lib.SyncopeConstants;
49  import org.apache.syncope.common.lib.to.CASSPClientAppTO;
50  import org.apache.syncope.common.lib.types.ClientAppType;
51  import org.apache.syncope.common.rest.api.RESTHeaders;
52  import org.apache.syncope.common.rest.api.service.wa.WAConfigService;
53  import org.junit.jupiter.api.BeforeAll;
54  import org.junit.jupiter.api.Test;
55  
56  public class CASSRAITCase extends AbstractSRAITCase {
57  
58      @BeforeAll
59      public static void startSRA() throws IOException, InterruptedException, TimeoutException {
60          assumeTrue(CASSRAITCase.class.equals(MethodHandles.lookup().lookupClass()));
61  
62          doStartSRA("cas");
63      }
64  
65      @BeforeAll
66      public static void clientAppSetup() {
67          String appName = CASSRAITCase.class.getName();
68          CASSPClientAppTO clientApp = CLIENT_APP_SERVICE.list(ClientAppType.CASSP).stream().
69                  filter(app -> appName.equals(app.getName())).
70                  map(CASSPClientAppTO.class::cast).
71                  findFirst().
72                  orElseGet(() -> {
73                      CASSPClientAppTO app = new CASSPClientAppTO();
74                      app.setName(appName);
75                      app.setRealm(SyncopeConstants.ROOT_REALM);
76                      app.setClientAppId(4L);
77                      app.setServiceId("http://127.0.0.1:8080/.*");
78  
79                      Response response = CLIENT_APP_SERVICE.create(ClientAppType.CASSP, app);
80                      if (response.getStatusInfo().getStatusCode() != Response.Status.CREATED.getStatusCode()) {
81                          fail("Could not create CAS Client App");
82                      }
83  
84                      return CLIENT_APP_SERVICE.read(
85                              ClientAppType.CASSP, response.getHeaderString(RESTHeaders.RESOURCE_KEY));
86                  });
87  
88          clientApp.setAuthPolicy(getAuthPolicy().getKey());
89  
90          CLIENT_APP_SERVICE.update(ClientAppType.CASSP, clientApp);
91          WA_CONFIG_SERVICE.pushToWA(WAConfigService.PushSubject.clientApps, List.of());
92      }
93  
94      @Test
95      public void web() throws IOException {
96          CloseableHttpClient httpclient = HttpClients.createDefault();
97          HttpClientContext context = HttpClientContext.create();
98          context.setCookieStore(new BasicCookieStore());
99  
100         // 1. public
101         HttpGet get = new HttpGet(SRA_ADDRESS + "/public/get?" + QUERY_STRING);
102         get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML);
103         get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE);
104         CloseableHttpResponse response = httpclient.execute(get, context);
105 
106         ObjectNode headers = checkGetResponse(response, get.getURI().toASCIIString().replace("/public", ""));
107         assertFalse(headers.has(HttpHeaders.COOKIE));
108 
109         // 2. protected
110         get = new HttpGet(SRA_ADDRESS + "/protected/get?" + QUERY_STRING);
111         String originalRequestURI = get.getURI().toASCIIString();
112         get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML);
113         get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE);
114         response = httpclient.execute(get, context);
115         assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());
116 
117         // 2a. authenticate
118         String responseBody = EntityUtils.toString(response.getEntity());
119         response = authenticateToWA("bellini", "password", responseBody, httpclient, context);
120 
121         // 2b. WA attribute consent screen
122         if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
123             responseBody = EntityUtils.toString(response.getEntity());
124             String execution = extractWAExecution(responseBody);
125 
126             List<NameValuePair> form = new ArrayList<>();
127             form.add(new BasicNameValuePair("_eventId", "confirm"));
128             form.add(new BasicNameValuePair("execution", execution));
129             form.add(new BasicNameValuePair("option", "1"));
130             form.add(new BasicNameValuePair("reminder", "30"));
131             form.add(new BasicNameValuePair("reminderTimeUnit", "days"));
132 
133             HttpPost post = new HttpPost(WA_ADDRESS + "/login");
134             post.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML);
135             post.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE);
136             post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8));
137             response = httpclient.execute(post, context);
138         }
139         assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode());
140 
141         // 2c. finally get requested content
142         get = new HttpGet(response.getFirstHeader(HttpHeaders.LOCATION).getValue());
143         get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML);
144         get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE);
145         response = httpclient.execute(get, context);
146 
147         headers = checkGetResponse(response, originalRequestURI.replace("/protected", ""));
148         assertFalse(headers.get(HttpHeaders.COOKIE).asText().isBlank());
149 
150         // 3. logout
151         get = new HttpGet(SRA_ADDRESS + "/protected/logout");
152         get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE);
153         response = httpclient.execute(get, context);
154 
155         checkLogout(response);
156     }
157 }