zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-14 00:17:20 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/javatests/google/registry/flows/EppLoginTlsTest.java
guyben 4b23523d74 Consolidate some domain creation / deletion EPPs in testdata 
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=183847223
2018-02-01 22:03:57 -05:00

179 lines
6.4 KiB
Java
Raw Blame History

// Copyright 2017 The Nomulus Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static google.registry.testing.DatastoreHelper.loadRegistrar;
import static google.registry.testing.DatastoreHelper.persistResource;
import static org.joda.time.DateTimeZone.UTC;
import com.google.common.collect.ImmutableMap;
import google.registry.testing.AppEngineRule;
import google.registry.testing.CertificateSamples;
import java.util.Optional;
import org.joda.time.DateTime;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
/** Test logging in with TLS credentials. */
@RunWith(JUnit4.class)
public class EppLoginTlsTest extends EppTestCase {
@Rule
public final AppEngineRule appEngine = AppEngineRule.builder()
.withDatastore()
.build();
void setClientCertificateHash(String clientCertificateHash) {
setTransportCredentials(new TlsCredentials(
clientCertificateHash, Optional.of("192.168.1.100:54321"), "test.example"));
}
@Before
public void initTest() throws Exception {
persistResource(
loadRegistrar("NewRegistrar")
.asBuilder()
.setClientCertificateHash(CertificateSamples.SAMPLE_CERT_HASH)
.build());
// Set a cert for the second registrar, or else any cert will be allowed for login.
persistResource(
loadRegistrar("TheRegistrar")
.asBuilder()
.setClientCertificateHash(CertificateSamples.SAMPLE_CERT2_HASH)
.build());
}
@Test
public void testLoginLogout() throws Exception {
setClientCertificateHash(CertificateSamples.SAMPLE_CERT_HASH);
assertCommandAndResponse("login_valid.xml", "login_response.xml");
assertCommandAndResponse("logout.xml", "logout_response.xml");
}
@Test
public void testLogin_wrongPasswordFails() throws Exception {
setClientCertificateHash(CertificateSamples.SAMPLE_CERT_HASH);
// For TLS login, we also check the epp xml password.
assertCommandAndResponse(
"login_invalid_wrong_password.xml",
ImmutableMap.of(),
"response_error.xml",
ImmutableMap.of("MSG", "Registrar password is incorrect", "CODE", "2200"));
}
@Test
public void testMultiLogin() throws Exception {
setClientCertificateHash(CertificateSamples.SAMPLE_CERT_HASH);
assertCommandAndResponse("login_valid.xml", "login_response.xml");
assertCommandAndResponse("logout.xml", "logout_response.xml");
assertCommandAndResponse("login_valid.xml", "login_response.xml");
assertCommandAndResponse("logout.xml", "logout_response.xml");
assertCommandAndResponse(
"login2_valid.xml",
ImmutableMap.of(),
"response_error.xml",
ImmutableMap.of(
"MSG", "Registrar certificate does not match stored certificate", "CODE", "2200"));
}
@Test
public void testNonAuthedLogin_fails() throws Exception {
setClientCertificateHash(CertificateSamples.SAMPLE_CERT_HASH);
assertCommandAndResponse(
"login2_valid.xml",
ImmutableMap.of(),
"response_error.xml",
ImmutableMap.of(
"MSG", "Registrar certificate does not match stored certificate", "CODE", "2200"));
}
@Test
public void testBadCertificate_failsBadCertificate2200() throws Exception {
setClientCertificateHash("laffo");
assertCommandAndResponse(
"login_valid.xml",
ImmutableMap.of(),
"response_error.xml",
ImmutableMap.of(
"MSG", "Registrar certificate does not match stored certificate", "CODE", "2200"));
}
@Test
public void testGfeDidntProvideClientCertificate_failsMissingCertificate2200() throws Exception {
setClientCertificateHash("");
assertCommandAndResponse(
"login_valid.xml",
ImmutableMap.of(),
"response_error.xml",
ImmutableMap.of("MSG", "Registrar certificate not present", "CODE", "2200"));
}
@Test
public void testGoodPrimaryCertificate() throws Exception {
setClientCertificateHash(CertificateSamples.SAMPLE_CERT_HASH);
DateTime now = DateTime.now(UTC);
persistResource(
loadRegistrar("NewRegistrar")
.asBuilder()
.setClientCertificate(CertificateSamples.SAMPLE_CERT, now)
.setFailoverClientCertificate(CertificateSamples.SAMPLE_CERT2, now)
.build());
assertCommandAndResponse("login_valid.xml", "login_response.xml");
}
@Test
public void testGoodFailoverCertificate() throws Exception {
setClientCertificateHash(CertificateSamples.SAMPLE_CERT2_HASH);
DateTime now = DateTime.now(UTC);
persistResource(
loadRegistrar("NewRegistrar")
.asBuilder()
.setClientCertificate(CertificateSamples.SAMPLE_CERT, now)
.setFailoverClientCertificate(CertificateSamples.SAMPLE_CERT2, now)
.build());
assertCommandAndResponse("login_valid.xml", "login_response.xml");
}
@Test
public void testMissingPrimaryCertificateButHasFailover_usesFailover() throws Exception {
setClientCertificateHash(CertificateSamples.SAMPLE_CERT2_HASH);
DateTime now = DateTime.now(UTC);
persistResource(
loadRegistrar("NewRegistrar")
.asBuilder()
.setClientCertificate(null, now)
.setFailoverClientCertificate(CertificateSamples.SAMPLE_CERT2, now)
.build());
assertCommandAndResponse("login_valid.xml", "login_response.xml");
}
@Test
public void testRegistrarHasNoCertificatesOnFile_disablesCertChecking() throws Exception {
setClientCertificateHash("laffo");
DateTime now = DateTime.now(UTC);
persistResource(
loadRegistrar("NewRegistrar")
.asBuilder()
.setClientCertificate(null, now)
.setFailoverClientCertificate(null, now)
.build());
assertCommandAndResponse("login_valid.xml", "login_response.xml");
}
}
Reference in a new issue View git blame Copy permalink