001/* 002 * Licensed to DuraSpace under one or more contributor license agreements. 003 * See the NOTICE file distributed with this work for additional information 004 * regarding copyright ownership. 005 * 006 * DuraSpace licenses this file to you under the Apache License, 007 * Version 2.0 (the "License"); you may not use this file except in 008 * compliance with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.fcrepo.client.integration; 019 020import static javax.ws.rs.core.Response.Status.CREATED; 021import static javax.ws.rs.core.Response.Status.FORBIDDEN; 022import static javax.ws.rs.core.Response.Status.NO_CONTENT; 023import static javax.ws.rs.core.Response.Status.OK; 024import static org.fcrepo.client.TestUtils.TEXT_TURTLE; 025import static org.fcrepo.client.TestUtils.rdfTtl; 026import static org.fcrepo.client.TestUtils.sparqlUpdate; 027import static org.junit.Assert.assertEquals; 028 029import java.io.ByteArrayInputStream; 030import java.io.InputStream; 031import java.net.URI; 032 033import org.apache.commons.io.IOUtils; 034import org.fcrepo.client.FcrepoClient; 035import org.fcrepo.client.FcrepoResponse; 036import org.junit.Ignore; 037import org.junit.Test; 038 039/** 040 * @author mohideen 041 */ 042public class FcrepoAuthenticationIT extends AbstractResourceIT { 043 044 protected static FcrepoClient authClient; 045 046 public FcrepoAuthenticationIT() throws Exception { 047 super(); 048 049 client = FcrepoClient.client().build(); 050 authClient = FcrepoClient.client() 051 .credentials("fedoraAdmin", "password") 052 .authScope("localhost") 053 .build(); 054 } 055 056 @Test 057 public void testAuthUserCanPut() throws Exception { 058 059 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 060 final FcrepoResponse response = authClient.put(new URI(serverAddress + "testobj1")) 061 .body(body, TEXT_TURTLE) 062 .perform(); 063 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 064 final int status = response.getStatusCode(); 065 assertEquals("Didn't get a CREATED response! Got content:\n" + content, 066 CREATED.getStatusCode(), status); 067 } 068 069 @Test 070 public void testUnAuthUserCannotPut() throws Exception { 071 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 072 final FcrepoResponse response = client.put(new URI(serverAddress + "testobj2")) 073 .body(body, TEXT_TURTLE) 074 .perform(); 075 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 076 final int status = response.getStatusCode(); 077 assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content, 078 FORBIDDEN.getStatusCode(), status); 079 } 080 081 @Test 082 public void testAuthUserCanPatch() throws Exception { 083 final InputStream body = new ByteArrayInputStream(sparqlUpdate.getBytes()); 084 final FcrepoResponse response = authClient.patch(new URI(serverAddress + "testobj1")) 085 .body(body) 086 .perform(); 087 final int status = response.getStatusCode(); 088 assertEquals("Didn't get a successful PATCH response! Got content:\n", 089 NO_CONTENT.getStatusCode(), status); 090 } 091 092 @Test 093 public void testUnAuthUserCannotPatch() throws Exception { 094 final InputStream body = new ByteArrayInputStream(sparqlUpdate.getBytes()); 095 final FcrepoResponse response = client.patch(new URI(serverAddress + "testobj1")) 096 .body(body) 097 .perform(); 098 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 099 final int status = response.getStatusCode(); 100 assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content, 101 FORBIDDEN.getStatusCode(), status); 102 } 103 104 @Test 105 public void testAuthUserCanPost() throws Exception { 106 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 107 final FcrepoResponse response = authClient.post(new URI(serverAddress)) 108 .body(body, TEXT_TURTLE) 109 .perform(); 110 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 111 final int status = response.getStatusCode(); 112 assertEquals("Didn't get a CREATED response! Got content:\n" + content, 113 CREATED.getStatusCode(), status); 114 } 115 116 @Test 117 public void testUnAuthUserCannotPost() throws Exception { 118 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 119 final FcrepoResponse response = client.post(new URI(serverAddress)) 120 .body(body, TEXT_TURTLE) 121 .perform(); 122 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 123 final int status = response.getStatusCode(); 124 assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content, 125 FORBIDDEN.getStatusCode(), status); 126 } 127 128 @Test 129 public void testAuthUserCanGet() 130 throws Exception { 131 final FcrepoResponse response = authClient.get(new URI(serverAddress)).perform(); 132 final int status = response.getStatusCode(); 133 assertEquals("Authenticated user can not read root!", OK 134 .getStatusCode(), status); 135 } 136 137 @Ignore("Pending alignment with WebAC in FCREPO-2952") 138 @Test 139 public void testUnAuthUserCannotGet() 140 throws Exception { 141 final FcrepoResponse response = client.get(new URI(serverAddress)).perform(); 142 final int status = response.getStatusCode(); 143 assertEquals("Unauthenticated user should be forbidden!", FORBIDDEN 144 .getStatusCode(), status); 145 } 146}