Source code

001/*
002 * The contents of this file are subject to the license and copyright
003 * detailed in the LICENSE and NOTICE files at the root of the source
004 * tree.
005 */
006package org.fcrepo.client.integration;
007
008import static javax.ws.rs.core.Response.Status.CREATED;
009import static javax.ws.rs.core.Response.Status.FORBIDDEN;
010import static javax.ws.rs.core.Response.Status.NO_CONTENT;
011import static javax.ws.rs.core.Response.Status.OK;
012import static org.fcrepo.client.TestUtils.TEXT_TURTLE;
013import static org.fcrepo.client.TestUtils.rdfTtl;
014import static org.fcrepo.client.TestUtils.sparqlUpdate;
015import static org.junit.Assert.assertEquals;
016
017import java.io.ByteArrayInputStream;
018import java.io.IOException;
019import java.io.InputStream;
020import java.net.URI;
021import java.util.UUID;
022
023import org.apache.commons.io.IOUtils;
024import org.fcrepo.client.FcrepoClient;
025import org.fcrepo.client.FcrepoOperationFailedException;
026import org.fcrepo.client.FcrepoResponse;
027import org.junit.AfterClass;
028import org.junit.Before;
029import org.junit.BeforeClass;
030import org.junit.Ignore;
031import org.junit.Test;
032
033/**
034 * @author mohideen
035 */
036public class FcrepoAuthenticationIT extends AbstractResourceIT {
037
038    private static FcrepoClient unauthClient;
039
040    private static FcrepoClient authClient;
041
042    private static FcrepoClient authClientNoHost;
043
044    private URI testResourceUrl;
045
046    @BeforeClass
047    public static void beforeClass() {
048
049        unauthClient = FcrepoClient.client().credentials("testuser", "testpass")
050                .authScope("localhost")
051                .build();
052        authClient = FcrepoClient.client()
053                .credentials("fedoraAdmin", "fedoraAdmin")
054                .authScope("localhost")
055                .build();
056        authClientNoHost = FcrepoClient.client()
057                .credentials("fedoraAdmin", "fedoraAdmin")
058                .build();
059    }
060
061    @AfterClass
062    public static void afterClass() throws IOException {
063        unauthClient.close();
064        authClient.close();
065        authClientNoHost.close();
066    }
067
068    @Before
069    public void before() {
070        testResourceUrl = URI.create(SERVER_ADDRESS + UUID.randomUUID().toString());
071    }
072
073    @Test
074    public void testAuthUserCanPut() throws Exception {
075
076        final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes());
077        try (final FcrepoResponse response = authClient.put(testResourceUrl)
078                .body(body, TEXT_TURTLE)
079                .perform()) {
080            final String content = IOUtils.toString(response.getBody(), "UTF-8");
081            final int status = response.getStatusCode();
082            assertEquals("Didn't get a CREATED response! Got content:\n" + content,
083                    CREATED.getStatusCode(), status);
084        }
085    }
086
087    @Test
088    public void testAuthUserNoHostCanPut() throws Exception {
089
090        final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes());
091        try (final FcrepoResponse response = authClientNoHost.put(testResourceUrl)
092                .body(body, TEXT_TURTLE)
093                .perform()) {
094            final String content = IOUtils.toString(response.getBody(), "UTF-8");
095            final int status = response.getStatusCode();
096            assertEquals("Didn't get a CREATED response! Got content:\n" + content,
097                    CREATED.getStatusCode(), status);
098        }
099    }
100
101    @Test
102    public void testUnAuthUserCannotPut() throws Exception {
103        final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes());
104        try (final FcrepoResponse response = unauthClient.put(testResourceUrl)
105                .body(body, TEXT_TURTLE)
106                .perform()) {
107            final String content = IOUtils.toString(response.getBody(), "UTF-8");
108            final int status = response.getStatusCode();
109            assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content,
110                    FORBIDDEN.getStatusCode(), status);
111        }
112    }
113
114    @Test
115    public void testAuthUserCanPatch() throws Exception {
116        final InputStream rdfBody = new ByteArrayInputStream(rdfTtl.getBytes());
117        createTestResource(rdfBody, TEXT_TURTLE);
118
119        final InputStream sparqlUpdateBody = new ByteArrayInputStream(sparqlUpdate.getBytes());
120        try (final FcrepoResponse response = authClient.patch(testResourceUrl)
121                .body(sparqlUpdateBody)
122                .perform()) {
123            final int status = response.getStatusCode();
124            assertEquals("Didn't get a successful PATCH response! Got content:\n",
125                    NO_CONTENT.getStatusCode(), status);
126        }
127    }
128
129    @Test
130    public void testAuthUserNoHostCanPatch() throws Exception {
131        final InputStream rdfBody = new ByteArrayInputStream(rdfTtl.getBytes());
132        createTestResource(rdfBody, TEXT_TURTLE);
133
134        final InputStream sparqlUpdateBody = new ByteArrayInputStream(sparqlUpdate.getBytes());
135        try (final FcrepoResponse response = authClientNoHost.patch(testResourceUrl)
136                .body(sparqlUpdateBody)
137                .perform()) {
138            final int status = response.getStatusCode();
139            assertEquals("Didn't get a successful PATCH response! Got content:\n",
140                    NO_CONTENT.getStatusCode(), status);
141        }
142    }
143
144    @Test
145    public void testUnAuthUserCannotPatch() throws Exception {
146        final InputStream rdfBody = new ByteArrayInputStream(rdfTtl.getBytes());
147        createTestResource(rdfBody, TEXT_TURTLE);
148
149        final InputStream sparqlUpdateBody = new ByteArrayInputStream(sparqlUpdate.getBytes());
150        try (final FcrepoResponse response = unauthClient.patch(testResourceUrl)
151                .body(sparqlUpdateBody)
152                .perform()) {
153            final String content = IOUtils.toString(response.getBody(), "UTF-8");
154            final int status = response.getStatusCode();
155            assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content,
156                    FORBIDDEN.getStatusCode(), status);
157        }
158    }
159
160    @Test
161    public void testAuthUserCanPost() throws Exception {
162        final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes());
163        try (final FcrepoResponse response = authClient.post(new URI(SERVER_ADDRESS))
164                .body(body, TEXT_TURTLE)
165                .perform()) {
166            final String content = IOUtils.toString(response.getBody(), "UTF-8");
167            final int status = response.getStatusCode();
168            assertEquals("Didn't get a CREATED response! Got content:\n" + content,
169                    CREATED.getStatusCode(), status);
170        }
171    }
172
173    @Test
174    public void testAuthUserNoHostCanPost() throws Exception {
175        final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes());
176        try (final FcrepoResponse response = authClientNoHost.post(new URI(SERVER_ADDRESS))
177                .body(body, TEXT_TURTLE)
178                .perform()) {
179            final String content = IOUtils.toString(response.getBody(), "UTF-8");
180            final int status = response.getStatusCode();
181            assertEquals("Didn't get a CREATED response! Got content:\n" + content,
182                    CREATED.getStatusCode(), status);
183        }
184    }
185
186    @Test
187    public void testUnAuthUserCannotPost() throws Exception {
188        final InputStream body = new ByteArrayInputStream(rdfTtl.getBytes());
189        try (final FcrepoResponse response = unauthClient.post(new URI(SERVER_ADDRESS))
190                .body(body, TEXT_TURTLE)
191                .perform()) {
192            final String content = IOUtils.toString(response.getBody(), "UTF-8");
193            final int status = response.getStatusCode();
194            assertEquals("Unauthenticated user should be forbidden! Got content:\n" + content,
195                    FORBIDDEN.getStatusCode(), status);
196        }
197    }
198
199    @Test
200    public void testAuthUserCanGet()
201            throws Exception {
202        try (final FcrepoResponse response = authClient.get(new URI(SERVER_ADDRESS)).perform()) {
203            final int status = response.getStatusCode();
204            assertEquals("Authenticated user can not read root!", OK
205                    .getStatusCode(), status);
206        }
207
208    }
209
210    @Test
211    public void testAuthUserNoHostCanGet()
212            throws Exception {
213        try (final FcrepoResponse response = authClientNoHost.get(new URI(SERVER_ADDRESS)).perform()) {
214            final int status = response.getStatusCode();
215            assertEquals("Authenticated user can not read root!", OK
216                    .getStatusCode(), status);
217        }
218    }
219
220    @Ignore("Pending alignment with WebAC in FCREPO-2952")
221    @Test
222    public void testUnAuthUserCannotGet()
223            throws Exception {
224        try (final FcrepoResponse response = unauthClient.get(new URI(SERVER_ADDRESS)).perform()) {
225            final int status = response.getStatusCode();
226            assertEquals("Unauthenticated user should be forbidden!", FORBIDDEN
227                    .getStatusCode(), status);
228        }
229    }
230
231    private void createTestResource(final InputStream body, final String contentType)
232            throws IOException, FcrepoOperationFailedException {
233        try (final FcrepoResponse response = authClient.put(testResourceUrl).perform()) {
234            assertEquals("Test resource wasn't created at the expected location:\n",
235                    testResourceUrl.toString(), response.getLocation().toString());
236        }
237    }
238}