001/* 002 * Licensed to DuraSpace under one or more contributor license agreements. 003 * See the NOTICE file distributed with this work for additional information 004 * regarding copyright ownership. 005 * 006 * DuraSpace licenses this file to you under the Apache License, 007 * Version 2.0 (the "License"); you may not use this file except in 008 * compliance with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.fcrepo.client.integration; 019 020import static javax.ws.rs.core.Response.Status.CREATED; 021import static javax.ws.rs.core.Response.Status.FORBIDDEN; 022import static javax.ws.rs.core.Response.Status.NO_CONTENT; 023import static javax.ws.rs.core.Response.Status.OK; 024import static org.fcrepo.client.TestUtils.TEXT_TURTLE; 025import static org.fcrepo.client.TestUtils.rdfTtl; 026import static org.fcrepo.client.TestUtils.sparqlUpdate; 027import static org.junit.Assert.assertEquals; 028 029import java.io.ByteArrayInputStream; 030import java.io.InputStream; 031import java.net.URI; 032 033import org.apache.commons.io.IOUtils; 034import org.fcrepo.client.FcrepoClient; 035import org.fcrepo.client.FcrepoResponse; 036import org.junit.Ignore; 037import org.junit.Test; 038 039/** 040 * @author mohideen 041 */ 042public class FcrepoAuthenticationIT extends AbstractResourceIT { 043 044 protected static FcrepoClient authClient; 045 046 public FcrepoAuthenticationIT() throws Exception { 047 super(); 048 049 client = FcrepoClient.client().credentials("testuser", "testpass") 050 .authScope("localhost") 051 .build(); 052 authClient = FcrepoClient.client() 053 .credentials("fedoraAdmin", "fedoraAdmin") 054 .authScope("localhost") 055 .build(); 056 } 057 058 @Test 059 public void testAuthUserCanPut() throws Exception { 060 061 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 062 final FcrepoResponse response = authClient.put(new URI(serverAddress + "testobj1")) 063 .body(body, TEXT_TURTLE) 064 .perform(); 065 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 066 final int status = response.getStatusCode(); 067 assertEquals("Didn't get a CREATED response! Got content:\n" + content, 068 CREATED.getStatusCode(), status); 069 } 070 071 @Test 072 public void testUnAuthUserCannotPut() throws Exception { 073 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 074 final FcrepoResponse response = client.put(new URI(serverAddress + "testobj2")) 075 .body(body, TEXT_TURTLE) 076 .perform(); 077 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 078 final int status = response.getStatusCode(); 079 assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content, 080 FORBIDDEN.getStatusCode(), status); 081 } 082 083 @Test 084 public void testAuthUserCanPatch() throws Exception { 085 086 final InputStream body = new ByteArrayInputStream(sparqlUpdate.getBytes()); 087 final FcrepoResponse response = authClient.patch(new URI(serverAddress + "testobj1")) 088 .body(body) 089 .perform(); 090 final int status = response.getStatusCode(); 091 assertEquals("Didn't get a successful PATCH response! Got content:\n", 092 NO_CONTENT.getStatusCode(), status); 093 } 094 095 @Test 096 public void testUnAuthUserCannotPatch() throws Exception { 097 final InputStream body = new ByteArrayInputStream(sparqlUpdate.getBytes()); 098 final FcrepoResponse response = client.patch(new URI(serverAddress + "testobj1")) 099 .body(body) 100 .perform(); 101 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 102 final int status = response.getStatusCode(); 103 assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content, 104 FORBIDDEN.getStatusCode(), status); 105 } 106 107 @Test 108 public void testAuthUserCanPost() throws Exception { 109 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 110 final FcrepoResponse response = authClient.post(new URI(serverAddress)) 111 .body(body, TEXT_TURTLE) 112 .perform(); 113 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 114 final int status = response.getStatusCode(); 115 assertEquals("Didn't get a CREATED response! Got content:\n" + content, 116 CREATED.getStatusCode(), status); 117 } 118 119 @Test 120 public void testUnAuthUserCannotPost() throws Exception { 121 final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes()); 122 final FcrepoResponse response = client.post(new URI(serverAddress)) 123 .body(body, TEXT_TURTLE) 124 .perform(); 125 final String content = IOUtils.toString(response.getBody(), "UTF-8"); 126 final int status = response.getStatusCode(); 127 assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content, 128 FORBIDDEN.getStatusCode(), status); 129 } 130 131 @Test 132 public void testAuthUserCanGet() 133 throws Exception { 134 final FcrepoResponse response = authClient.get(new URI(serverAddress)).perform(); 135 final int status = response.getStatusCode(); 136 assertEquals("Authenticated user can not read root!", OK 137 .getStatusCode(), status); 138 } 139 140 @Ignore("Pending alignment with WebAC in FCREPO-2952") 141 @Test 142 public void testUnAuthUserCannotGet() 143 throws Exception { 144 final FcrepoResponse response = client.get(new URI(serverAddress)).perform(); 145 final int status = response.getStatusCode(); 146 assertEquals("Unauthenticated user should be forbidden!", FORBIDDEN 147 .getStatusCode(), status); 148 } 149}