updating tests for JWE callout

apigee · Sep 12, 2016 · d8b2477 · d8b2477
1 parent 4908b87
commit d8b2477
Show file tree

Hide file tree

Showing 2 changed files with 100 additions and 13 deletions.
diff --git a/jwe/callout/src/main/java/com/apigee/callout/jwe/JweDecryptorCallout.java b/jwe/callout/src/main/java/com/apigee/callout/jwe/JweDecryptorCallout.java
@@ -247,13 +247,16 @@ public ExecutionResult execute(MessageContext msgCtxt, ExecutionContext exeCtxt)
             msgCtxt.setVariable(varName("plaintext"), plaintext);
 
             String foundAlgorithm = jwe.getEncryptionMethodHeaderParameter();
-            String requiredAlgorithm = getAlgorithm(msgCtxt);
-
-            if (! foundAlgorithm.equals(requiredAlgorithm)) {
-                msgCtxt.setVariable(varName("error"),
-                                    String.format("Algorithm mismatch: found [%s], expected [%s]",
-                                                  foundAlgorithm, requiredAlgorithm));
-                return ExecutionResult.ABORT;
+            msgCtxt.setVariable(varName("algorithm"), foundAlgorithm);
+            if (!StringUtils.isEmpty(foundAlgorithm)) {
+                String requiredAlgorithm = getAlgorithm(msgCtxt);
+
+                if (! foundAlgorithm.equals(requiredAlgorithm)) {
+                    msgCtxt.setVariable(varName("error"),
+                                        String.format("Algorithm mismatch: found [%s], expected [%s]",
+                                                      foundAlgorithm, requiredAlgorithm));
+                    return ExecutionResult.ABORT;
+                }
             }
         }
         catch (Exception e) {

diff --git a/jwe/callout/src/test/java/com/apigee/testng/tests/TestJweCreation.java b/jwe/callout/src/test/java/com/apigee/testng/tests/TestJweCreation.java
@@ -9,6 +9,7 @@
 import org.testng.annotations.BeforeSuite;
 import org.testng.annotations.BeforeTest;
 import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.DataProvider;
 
 import mockit.Mock;
 import mockit.MockUp;
@@ -29,6 +30,9 @@
 import java.security.spec.InvalidKeySpecException;
 import java.security.KeyFactory;
 
+import org.apache.commons.lang.RandomStringUtils;
+import org.apache.commons.lang.StringUtils;
+
 public class TestJweCreation {
     MessageContext msgCtxt;
     ExecutionContext exeCtxt;
@@ -96,7 +100,7 @@ public void BasicCreateAndParse() {
 
         // retrieve output
         String jwe = msgCtxt.getVariable("jwe_jwe");
-        //System.out.println("jwe: " + jwe);
+
         // check result and output
         Assert.assertEquals(result, ExecutionResult.SUCCESS);
 
@@ -136,7 +140,7 @@ public void BasicCreateAndParse_Variables() {
 
         // retrieve output
         String jwe = msgCtxt.getVariable("jwe_jwe");
-        System.out.println("jwe: " + jwe);
+
         // check result and output
         Assert.assertEquals(result, ExecutionResult.SUCCESS);
 
@@ -157,6 +161,32 @@ public void BasicCreateAndParse_Variables() {
         Assert.assertEquals(jwe_plainText, plainText, "Plaintext");
     }
 
+    @Test()
+    public void BadEncryptionAlgorithm() {
+        String secretKey = "ABCDEFGH12345678_ABCDEFGH12345678";
+        String plainText = "The quick brown fox jumps over the lazy dog";
+        String bogusAlg = "A128SKiddo-HS256";
+
+        msgCtxt.setVariable("secretKey", secretKey);
+        msgCtxt.setVariable("plainText", plainText);
+
+        Map properties = new HashMap();
+        properties.put("algorithm", bogusAlg);
+        properties.put("debug", "true");
+        properties.put("secret-key", "{secretKey}"); // a variable reference
+        properties.put("plaintext", "{plainText}");
+
+        JweEncryptorCallout callout = new JweEncryptorCallout(properties);
+        ExecutionResult result = callout.execute(msgCtxt, exeCtxt);
+
+        // check result and output
+        Assert.assertEquals(result, ExecutionResult.ABORT);
+
+        String error = msgCtxt.getVariable("jwe_error");
+        String expectedError = "Exception java.lang.IllegalStateException: unsupported algorithm: '"+bogusAlg+"'";
+        Assert.assertEquals(error, expectedError, "error");
+    }
+
     @Test()
     public void BadDecryptionAlgorithm() {
         String secretKey = "ABCDEFGH12345678_ABCDEFGH12345678";
@@ -177,7 +207,7 @@ public void BadDecryptionAlgorithm() {
 
         // retrieve output
         String jwe = msgCtxt.getVariable("jwe_jwe");
-        // System.out.println("jwe: " + jwe);
+
         // check result and output
         Assert.assertEquals(result, ExecutionResult.SUCCESS);
 
@@ -194,7 +224,6 @@ public void BadDecryptionAlgorithm() {
         Assert.assertEquals(result, ExecutionResult.ABORT);
 
         String error = msgCtxt.getVariable("jwe_error");
-        // String expectedError = "Algorithm mismatch: found [A128CBC-HS256], expected [hello]";
         String expectedError = "Exception java.lang.IllegalStateException: unsupported algorithm: 'hello'";
         Assert.assertEquals(error, expectedError, "error");
     }
@@ -219,7 +248,7 @@ public void MismatchedDecryptionAlgorithm() {
 
         // retrieve output
         String jwe = msgCtxt.getVariable("jwe_jwe");
-        //System.out.println("jwe: " + jwe);
+
         // check result and output
         Assert.assertEquals(result, ExecutionResult.SUCCESS);
 
@@ -237,8 +266,63 @@ public void MismatchedDecryptionAlgorithm() {
 
         String error = msgCtxt.getVariable("jwe_error");
         String expectedError = "Algorithm mismatch: found [A128CBC-HS256], expected [A128GCM]";
-        //String expectedError = "Exception java.lang.IllegalStateException: unsupported algorithm: 'hello'";
         Assert.assertEquals(error, expectedError, "error");
     }
 
+
+    @DataProvider(name = "batch1")
+    public static Object[][] getDataForBatch1() {
+        Object[][] supportedAlgorithms = new Object[][] {
+            new Object[] {"A128CBC-HS256"},
+            new Object[] {"A192CBC-HS384"},
+            new Object[] {"A256CBC-HS512"},
+            new Object[] {"A128GCM"},
+            new Object[] {"A192GCM"},
+            new Object[] {"A256GCM"}
+        };
+
+        return supportedAlgorithms;
+    }
+
+
+    @Test(dataProvider = "batch1")
+    public void testGoodAlgorithms(String algorithm) {
+        // this will get called once, for each supported algorithm
+        String secretKey = RandomStringUtils.random(32);
+        String plainText = "The quick brown fox jumps over the lazy dog.";
+
+        Map properties = new HashMap();
+        properties.put("algorithm", algorithm);
+        properties.put("debug", "true");
+        properties.put("secret-key", secretKey);
+        properties.put("plaintext", plainText);
+
+        JweEncryptorCallout callout = new JweEncryptorCallout(properties);
+        ExecutionResult result = callout.execute(msgCtxt, exeCtxt);
+
+        // retrieve output
+        String jwe = msgCtxt.getVariable("jwe_jwe");
+
+        // check result and output
+        Assert.assertEquals(result, ExecutionResult.SUCCESS);
+
+        // now parse and verify
+        properties = new HashMap();
+        properties.put("algorithm", algorithm);
+        properties.put("debug", "true");
+        properties.put("secret-key", secretKey);
+        properties.put("jwe", jwe);
+        JweDecryptorCallout callout2 = new JweDecryptorCallout(properties);
+        result = callout2.execute(msgCtxt, exeCtxt);
+
+        String jwe_plainText = msgCtxt.getVariable("jwe_plaintext");
+        String error = msgCtxt.getVariable("jwe_error");
+        String jwe_algorithm = msgCtxt.getVariable("jwe_algorithm");
+
+        Assert.assertEquals(result, ExecutionResult.SUCCESS);
+        Assert.assertEquals(jwe_plainText, plainText, "Plaintext");
+        Assert.assertEquals(jwe_algorithm, algorithm, "Algorithm");
+        Assert.assertTrue(StringUtils.isEmpty(error), "error");
+    }
+
 }