From 863f6e4bc85f5c0e68ade40cd5d1f81bb7f4f812 Mon Sep 17 00:00:00 2001
From: eugenp <hanriseldon@gmail.com>
Date: Fri, 9 Aug 2013 11:16:11 +0300
Subject: [PATCH] new tests for ssl

---
 .../org/baeldung/client/ClientLiveTest.java   | 39 ++++++++++++++
 .../baeldung/client/RawClientLiveTest.java    | 51 ++++++++++++++++---
 2 files changed, 83 insertions(+), 7 deletions(-)

diff --git a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java
index 922c4f2373..16a2d6166a 100644
--- a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java
+++ b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java
@@ -1,7 +1,17 @@
 package org.baeldung.client;
 
+import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertThat;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.security.cert.X509Certificate;
+
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.conn.scheme.Scheme;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.conn.ssl.TrustStrategy;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.baeldung.client.spring.ClientConfig;
 import org.baeldung.web.dto.Foo;
@@ -14,6 +24,7 @@ import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.support.AnnotationConfigContextLoader;
+import org.springframework.web.client.ResourceAccessException;
 import org.springframework.web.client.RestTemplate;
 
 @RunWith(SpringJUnit4ClassRunner.class)
@@ -35,4 +46,32 @@ public class ClientLiveTest {
         System.out.println(responseEntity.getStatusCode());
     }
 
+    @Test(expected = ResourceAccessException.class)
+    public final void whenHttpsUrlIsConsumed_thenException() {
+        final String urlOverHttps = "https://localhost:8443/spring-security-rest-basic-auth/api/bars/1";
+        final ResponseEntity<String> response = new RestTemplate().exchange(urlOverHttps, HttpMethod.GET, null, String.class);
+        assertThat(response.getStatusCode().value(), equalTo(200));
+    }
+
+    @Test
+    public final void givenAcceptingAllCertificates_whenHttpsUrlIsConsumed_thenException() throws IOException, GeneralSecurityException {
+        final RestTemplate newRestTemplate = new RestTemplate();
+        final HttpComponentsClientHttpRequestFactory requestFactory = (HttpComponentsClientHttpRequestFactory) restTemplate.getRequestFactory();
+        final DefaultHttpClient httpClient = (DefaultHttpClient) requestFactory.getHttpClient();
+
+        final TrustStrategy acceptingTrustStrategy = new TrustStrategy() {
+            @Override
+            public final boolean isTrusted(final X509Certificate[] certificate, final String authType) {
+                return true;
+            }
+        };
+
+        final SSLSocketFactory sf = new SSLSocketFactory(acceptingTrustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+        httpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 8443, sf));
+
+        final String urlOverHttps = "https://localhost:8443/spring-security-rest-basic-auth/api/bars/1";
+        final ResponseEntity<String> response = newRestTemplate.exchange(urlOverHttps, HttpMethod.GET, null, String.class);
+        assertThat(response.getStatusCode().value(), equalTo(200));
+    }
+
 }
diff --git a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java
index 4c0ca44f45..61c782b00a 100644
--- a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java
+++ b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/RawClientLiveTest.java
@@ -1,26 +1,32 @@
 package org.baeldung.client;
 
+import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertThat;
+
 import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.security.cert.X509Certificate;
 import java.util.Timer;
 import java.util.TimerTask;
 
+import javax.net.ssl.SSLPeerUnverifiedException;
+
 import org.apache.http.HttpResponse;
 import org.apache.http.client.ClientProtocolException;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.params.ClientPNames;
+import org.apache.http.conn.ClientConnectionManager;
+import org.apache.http.conn.scheme.Scheme;
+import org.apache.http.conn.scheme.SchemeRegistry;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.conn.ssl.TrustStrategy;
 import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.http.impl.conn.PoolingClientConnectionManager;
 import org.apache.http.params.CoreConnectionPNames;
 import org.apache.http.params.HttpConnectionParams;
 import org.apache.http.params.HttpParams;
-import org.baeldung.client.spring.ClientConfig;
 import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.test.context.support.AnnotationConfigContextLoader;
 
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration(classes = { ClientConfig.class }, loader = AnnotationConfigContextLoader.class)
 public class RawClientLiveTest {
 
     // tests
@@ -51,6 +57,37 @@ public class RawClientLiveTest {
         System.out.println("HTTP Status of response: " + response.getStatusLine().getStatusCode());
     }
 
+    @Test(expected = SSLPeerUnverifiedException.class)
+    public final void whenHttpsUrlIsConsumed_thenException() throws ClientProtocolException, IOException {
+        final DefaultHttpClient httpClient = new DefaultHttpClient();
+
+        final String urlOverHttps = "https://localhost:8443/spring-security-rest-basic-auth/api/bars/1";
+        final HttpGet getMethod = new HttpGet(urlOverHttps);
+        final HttpResponse response = httpClient.execute(getMethod);
+        assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+    }
+
+    @Test
+    public final void givenAcceptingAllCertificates_whenHttpsUrlIsConsumed_thenException() throws IOException, GeneralSecurityException {
+        final TrustStrategy acceptingTrustStrategy = new TrustStrategy() {
+            @Override
+            public final boolean isTrusted(final X509Certificate[] certificate, final String authType) {
+                return true;
+            }
+        };
+        final SSLSocketFactory sf = new SSLSocketFactory(acceptingTrustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+        final SchemeRegistry registry = new SchemeRegistry();
+        registry.register(new Scheme("https", 8443, sf));
+        final ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);
+
+        final DefaultHttpClient httpClient = new DefaultHttpClient(ccm);
+
+        final String urlOverHttps = "https://localhost:8443/spring-security-rest-basic-auth/api/bars/1";
+        final HttpGet getMethod = new HttpGet(urlOverHttps);
+        final HttpResponse response = httpClient.execute(getMethod);
+        assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+    }
+
     // util
 
     final void configureViaHighLevelApi(final int timeout, final HttpParams httpParams) {