1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2022 Nordix Foundation.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
package org.onap.policy.gui.server.config;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.junit.jupiter.api.Test;
import org.onap.policy.gui.server.test.util.hello.HelloWorldApplication;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.web.client.RestClientException;
/**
* In this test, SSL validation and hostname check are enabled.
* Since our keystore cert has a hostname 'helloworld' and our test request is
* to localhost, the request will fail with an SSLPeerUnverifiedException, as
* the SSL cert name does not match the server name 'localhost'.
*/
@SpringBootTest(
classes = {
HelloWorldApplication.class,
AcmRuntimeRestTemplateConfig.class,
PolicyApiRestTemplateConfig.class,
PolicyPapRestTemplateConfig.class
},
properties = {
"server.ssl.enabled=true",
"server.ssl.key-store=file:src/test/resources/helloworld-keystore.jks",
"server.ssl.key-store-password=changeit",
"server.ssl.trust-store=file:src/test/resources/helloworld-truststore.jks",
"server.ssl.trust-store-password=changeit",
"runtime-ui.acm.disable-ssl-validation=false",
"runtime-ui.acm.disable-ssl-hostname-check=false",
"runtime-ui.policy-api.disable-ssl-validation=false",
"runtime-ui.policy-api.disable-ssl-hostname-check=false",
"runtime-ui.policy-pap.disable-ssl-validation=false",
"runtime-ui.policy-pap.disable-ssl-hostname-check=false"
},
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
class RestTemplateConfig1Test {
@Test
void testRequestFailsWhenSslHostnameCheckIsEnabled() {
RestTemplateConfig rtConfig = new RestTemplateConfig();
rtConfig.getRestTemplateList().forEach(restTemplate -> {
var helloUrl = "https://localhost:" + rtConfig.getPort() + "/";
Exception e = assertThrows(RestClientException.class,
() -> restTemplate.getForEntity(helloUrl, String.class));
assertTrue(e.getCause() instanceof SSLPeerUnverifiedException);
});
}
}
|