1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.wa.starter;
20
21 import static org.junit.jupiter.api.Assertions.assertEquals;
22 import static org.junit.jupiter.api.Assertions.assertNotEquals;
23 import static org.junit.jupiter.api.Assertions.assertNotNull;
24 import static org.junit.jupiter.api.Assertions.assertTrue;
25
26 import java.io.IOException;
27 import java.util.ArrayList;
28 import java.util.List;
29 import java.util.stream.Stream;
30 import javax.ws.rs.core.HttpHeaders;
31 import org.apache.http.Consts;
32 import org.apache.http.Header;
33 import org.apache.http.HttpStatus;
34 import org.apache.http.NameValuePair;
35 import org.apache.http.client.entity.UrlEncodedFormEntity;
36 import org.apache.http.client.methods.CloseableHttpResponse;
37 import org.apache.http.client.methods.HttpGet;
38 import org.apache.http.client.methods.HttpPost;
39 import org.apache.http.client.protocol.HttpClientContext;
40 import org.apache.http.impl.client.BasicCookieStore;
41 import org.apache.http.impl.client.CloseableHttpClient;
42 import org.apache.http.impl.client.HttpClients;
43 import org.apache.http.message.BasicHeader;
44 import org.apache.http.message.BasicNameValuePair;
45 import org.apache.http.util.EntityUtils;
46 import org.junit.jupiter.api.Test;
47
48 public class BasicTest extends AbstractTest {
49
50 private String getLoginURL() {
51 return "http://localhost:" + port + "/syncope-wa/login";
52 }
53
54 @Test
55 public void loginLogout() throws IOException {
56 CloseableHttpClient httpclient = HttpClients.createDefault();
57 HttpClientContext context = HttpClientContext.create();
58 context.setCookieStore(new BasicCookieStore());
59
60
61 HttpGet get = new HttpGet(getLoginURL());
62 get.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
63 CloseableHttpResponse response = httpclient.execute(get, context);
64 assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());
65
66 String responseBody = EntityUtils.toString(response.getEntity());
67 int begin = responseBody.indexOf("name=\"execution\" value=\"");
68 assertNotEquals(-1, begin);
69 int end = responseBody.indexOf("\"/><input type=\"hidden\" name=\"_eventId\"");
70 assertNotEquals(-1, end);
71
72 String execution = responseBody.substring(begin + 24, end);
73 assertNotNull(execution);
74
75
76 List<NameValuePair> form = new ArrayList<>();
77 form.add(new BasicNameValuePair("_eventId", "submit"));
78 form.add(new BasicNameValuePair("execution", execution));
79 form.add(new BasicNameValuePair("username", "mrossi"));
80 form.add(new BasicNameValuePair("password", "password"));
81 form.add(new BasicNameValuePair("geolocation", ""));
82
83 HttpPost post = new HttpPost(getLoginURL());
84 post.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
85 post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8));
86 response = httpclient.execute(post, context);
87
88
89 assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());
90
91 Header[] cookie = response.getHeaders(HttpHeaders.SET_COOKIE);
92 assertNotNull(cookie);
93 assertTrue(cookie.length > 0);
94 assertEquals(1, Stream.of(cookie).filter(item -> item.getValue().startsWith("TGC")).count());
95
96 String body = EntityUtils.toString(response.getEntity());
97 assertTrue(body.contains("Log In Successful"));
98 assertTrue(body.contains("have successfully logged into the Central Authentication Service"));
99
100
101 HttpGet logout = new HttpGet(getLoginURL().replace("login", "logout"));
102 logout.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
103 response = httpclient.execute(logout, context);
104 assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());
105
106 body = EntityUtils.toString(response.getEntity());
107 assertTrue(body.contains("Logout successful"));
108 assertTrue(body.contains("have successfully logged out of the Central Authentication Service"));
109 }
110
111 @Test
112 public void loginError() throws IOException {
113 CloseableHttpClient httpclient = HttpClients.createDefault();
114 HttpClientContext context = HttpClientContext.create();
115 context.setCookieStore(new BasicCookieStore());
116
117
118 HttpGet get = new HttpGet(getLoginURL());
119 get.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
120 CloseableHttpResponse response = httpclient.execute(get, context);
121 assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());
122
123 String responseBody = EntityUtils.toString(response.getEntity());
124 int begin = responseBody.indexOf("name=\"execution\" value=\"");
125 assertNotEquals(-1, begin);
126 int end = responseBody.indexOf("\"/><input type=\"hidden\" name=\"_eventId\"");
127 assertNotEquals(-1, end);
128
129 String execution = responseBody.substring(begin + 24, end);
130 assertNotNull(execution);
131
132
133 List<NameValuePair> form = new ArrayList<>();
134 form.add(new BasicNameValuePair("_eventId", "submit"));
135 form.add(new BasicNameValuePair("execution", execution));
136 form.add(new BasicNameValuePair("username", "mrossi"));
137 form.add(new BasicNameValuePair("password", "WRONG"));
138 form.add(new BasicNameValuePair("geolocation", ""));
139
140 HttpPost post = new HttpPost(getLoginURL());
141 post.addHeader(new BasicHeader(HttpHeaders.ACCEPT_LANGUAGE, "en-US,en;q=0.5"));
142 post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8));
143 response = httpclient.execute(post, context);
144
145
146 assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getStatusLine().getStatusCode());
147 }
148 }