octoleo/plantuml
1
0
Fork 0
mirror of https://github.com/octoleo/plantuml.git synced 2024-06-03 09:00:48 +00:00
Code Issues Releases Wiki Activity
229a6129e2
plantuml/test/net/sourceforge/plantuml/security/SURLTest.java
Arnaud Roques 229a6129e2 Fixing tests
2022-05-04 19:54:15 +02:00

129 lines
3.7 KiB
Java
Raw Blame History

package net.sourceforge.plantuml.security;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.io.TempDir;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.ValueSource;
import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import static org.assertj.core.api.Assertions.assertThat;
/**
* Checks some security features
*/
class SURLTest {
private static final String EXT = ".credential";
private static String oldSecurity;
@TempDir
Path tempDir;
@BeforeAll
static void storeSecurityProperty() {
oldSecurity = System.getProperty(SecurityUtils.PATHS_SECURITY);
}
@AfterAll
static void loadSecurityProperty() {
if (oldSecurity != null) {
System.setProperty(SecurityUtils.PATHS_SECURITY, oldSecurity);
} else {
System.getProperties().remove(SecurityUtils.PATHS_SECURITY);
}
}
/**
* Checks a SURL without a Security context.
*/
@ParameterizedTest
@ValueSource(strings = {
"http://localhost:8080/api",
"http://alice@localhost:8080/api",
"http://alice:secret@localhost:8080/api",
"https://localhost:8080/api",
"https://alice@localhost:8080/api",
"https://alice:secret@localhost:8080/api"})
void urlWithoutSecurity(String url) {
SURL surl = SURL.create(url);
assertThat(surl).isNotNull();
assertThat(surl.isAuthorizationConfigured()).isFalse();
assertThat(surl).describedAs("URL should be untouched")
.hasToString(url);
}
/**
* Checks a SURL after removing the UserInfo part.
*
* @throws MalformedURLException this should not be happened
*/
@ParameterizedTest
@ValueSource(strings = {
"http://localhost:8080/api",
"http://alice@localhost:8080/api",
"http://alice_secret@localhost:8080/api",
"https://localhost:8080/api",
"https://alice@localhost:8080/api",
"https://alice_secret@localhost:8080/api"})
void removeUserInfo(String url) throws MalformedURLException {
SURL surl = SURL.createWithoutUser(new URL(url));
assertThat(surl).isNotNull();
assertThat(surl.isAuthorizationConfigured()).isFalse();
// Check http and https and removed UserInfo part
assertThat(surl.toString()).describedAs("User info should be removed from URL")
.startsWith("http").endsWith("://localhost:8080/api");
}
/**
* Checks a SURL without a Security context.
*
* @throws Exception please not
*/
@ParameterizedTest
@ValueSource(strings = {
"http://bob@localhost:8080/api",
"https://bob@localhost:8080/api"})
void urlWithSecurity(String url) throws Exception {
File secureFolder = tempDir.toFile();
System.setProperty(SecurityUtils.PATHS_SECURITY, secureFolder.getCanonicalPath());
// A credential file is needed:
File secretFile = new File(secureFolder, "bob" + EXT);
String jsonProxy = "\"proxy\": {\"type\": \"socks\", \"address\": \"192.168.92.250\", \"port\":8080}";
String jsonCredentials = "{\"name\": \"bob\", \"identifier\": \"bob\", \"secret\": \"bobssecret\"" +
", " + jsonProxy + "}";
Files.write(secretFile.toPath(), jsonCredentials.getBytes(StandardCharsets.UTF_8));
// pre-check, if test can start
assertThat(secretFile).describedAs("File should be existing with content")
.exists().isNotEmpty();
assertThat(SecurityUtils.getSecurityPath()).isNotNull();
// Our test goes here
SURL surl = SURL.create(url);
assertThat(surl).isNotNull();
assertThat(surl.isAuthorizationConfigured()).isTrue();
assertThat(surl.toString()).describedAs("User info should be removed from URL")
.startsWith("http").endsWith("://localhost:8080/api");
secretFile.delete();
}
}
View Git Blame Copy Permalink