http: fix tests using keystores broken in isolation
Project: http://git-wip-us.apache.org/repos/asf/zest-java/repo Commit: http://git-wip-us.apache.org/repos/asf/zest-java/commit/4b7d771d Tree: http://git-wip-us.apache.org/repos/asf/zest-java/tree/4b7d771d Diff: http://git-wip-us.apache.org/repos/asf/zest-java/diff/4b7d771d Branch: refs/heads/develop Commit: 4b7d771da80ce7ed86fa049d4ffc0b72a0b3ebc0 Parents: 6f97f0d Author: Paul Merlin <[email protected]> Authored: Sat Nov 19 23:45:28 2016 +0100 Committer: Paul Merlin <[email protected]> Committed: Sat Nov 19 23:45:28 2016 +0100 ---------------------------------------------------------------------- .../library/http/AbstractSecureJettyTest.java | 59 ++++++++++++++------ .../http/MutualSecureJettyServiceTest.java | 4 +- .../library/http/SecureJettyServiceTest.java | 4 +- 3 files changed, 45 insertions(+), 22 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/zest-java/blob/4b7d771d/libraries/http/src/test/java/org/apache/zest/library/http/AbstractSecureJettyTest.java ---------------------------------------------------------------------- diff --git a/libraries/http/src/test/java/org/apache/zest/library/http/AbstractSecureJettyTest.java b/libraries/http/src/test/java/org/apache/zest/library/http/AbstractSecureJettyTest.java index 75d87c9..def298e 100644 --- a/libraries/http/src/test/java/org/apache/zest/library/http/AbstractSecureJettyTest.java +++ b/libraries/http/src/test/java/org/apache/zest/library/http/AbstractSecureJettyTest.java @@ -20,15 +20,16 @@ package org.apache.zest.library.http; import java.io.File; -import java.io.FileInputStream; import java.io.IOException; +import java.io.InputStream; +import java.io.UncheckedIOException; +import java.nio.file.Files; import java.security.GeneralSecurityException; import java.security.KeyStore; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManagerFactory; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.impl.client.CloseableHttpClient; @@ -37,6 +38,8 @@ import org.junit.After; import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.rules.TemporaryFolder; /** * Base class for SecureJettyMixin tests. @@ -48,17 +51,17 @@ public abstract class AbstractSecureJettyTest { protected static final int HTTPS_PORT = 8441; protected static final String KS_PASSWORD = "changeit"; - protected static final String CLIENT_KEYSTORE_PATH = "src/test/resources/org/apache/zest/library/http/zest-lib-http-unittests-client-cert.jceks"; - protected static final File CLIENT_KEYSTORE_FILE = new File( CLIENT_KEYSTORE_PATH ); - protected static final String SERVER_KEYSTORE_PATH = "src/test/resources/org/apache/zest/library/http/zest-lib-http-unittests-server-cert.jceks"; - protected static final File SERVER_KEYSTORE_FILE = new File( SERVER_KEYSTORE_PATH ); - protected static final String TRUSTSTORE_PATH = "src/test/resources/org/apache/zest/library/http/zest-lib-http-unittests-ca.jceks"; - protected static final File TRUSTSTORE_FILE = new File( TRUSTSTORE_PATH ); + protected static final String CLIENT_KEYSTORE_FILENAME = "zest-lib-http-unittests-client-cert.jceks"; + protected static final String SERVER_KEYSTORE_FILENAME = "zest-lib-http-unittests-server-cert.jceks"; + protected static final String TRUSTSTORE_FILENAME = "zest-lib-http-unittests-ca.jceks"; // These two clients use a HostnameVerifier that don't do any check, don't do this in production code protected CloseableHttpClient trustHttpClient; protected CloseableHttpClient mutualHttpClient; + @Rule + public final TemporaryFolder tmpDir = new TemporaryFolder(); + @Before public void beforeSecure() throws GeneralSecurityException, IOException @@ -98,14 +101,7 @@ public abstract class AbstractSecureJettyTest { defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier(); defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory(); - HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier() - { - @Override - public boolean verify( String string, SSLSession ssls ) - { - return true; - } - } ); + HttpsURLConnection.setDefaultHostnameVerifier( ( string, ssls ) -> true ); HttpsURLConnection.setDefaultSSLSocketFactory( buildTrustSSLContext().getSocketFactory() ); } @@ -147,7 +143,10 @@ public abstract class AbstractSecureJettyTest throws IOException, GeneralSecurityException { KeyStore truststore = KeyStore.getInstance( "JCEKS" ); - truststore.load( new FileInputStream( TRUSTSTORE_FILE ), KS_PASSWORD.toCharArray() ); + try( InputStream stream = AbstractSecureJettyTest.class.getResourceAsStream( TRUSTSTORE_FILENAME ) ) + { + truststore.load( stream, KS_PASSWORD.toCharArray() ); + } return truststore; } @@ -155,7 +154,31 @@ public abstract class AbstractSecureJettyTest throws IOException, GeneralSecurityException { KeyStore keystore = KeyStore.getInstance( "JCEKS" ); - keystore.load( new FileInputStream( CLIENT_KEYSTORE_FILE ), KS_PASSWORD.toCharArray() ); + try( InputStream stream = AbstractSecureJettyTest.class.getResourceAsStream( CLIENT_KEYSTORE_FILENAME ) ) + { + keystore.load( stream, KS_PASSWORD.toCharArray() ); + } return keystore; } + + protected synchronized File getKeyStoreFile( String filename ) + { + try + { + File file = new File( tmpDir.getRoot(), filename ); + if( file.exists() ) + { + return file; + } + try( InputStream stream = AbstractSecureJettyTest.class.getResourceAsStream( filename ) ) + { + Files.copy( stream, file.toPath() ); + } + return file; + } + catch( IOException ex ) + { + throw new UncheckedIOException( ex ); + } + } } http://git-wip-us.apache.org/repos/asf/zest-java/blob/4b7d771d/libraries/http/src/test/java/org/apache/zest/library/http/MutualSecureJettyServiceTest.java ---------------------------------------------------------------------- diff --git a/libraries/http/src/test/java/org/apache/zest/library/http/MutualSecureJettyServiceTest.java b/libraries/http/src/test/java/org/apache/zest/library/http/MutualSecureJettyServiceTest.java index 228c791..caedeb3 100644 --- a/libraries/http/src/test/java/org/apache/zest/library/http/MutualSecureJettyServiceTest.java +++ b/libraries/http/src/test/java/org/apache/zest/library/http/MutualSecureJettyServiceTest.java @@ -46,11 +46,11 @@ public class MutualSecureJettyServiceTest config.hostName().set( "127.0.0.1" ); config.port().set( HTTPS_PORT ); - config.keystorePath().set( SERVER_KEYSTORE_PATH ); + config.keystorePath().set( getKeyStoreFile( SERVER_KEYSTORE_FILENAME ).getAbsolutePath() ); config.keystoreType().set( "JCEKS" ); config.keystorePassword().set( KS_PASSWORD ); - config.truststorePath().set( TRUSTSTORE_PATH ); + config.truststorePath().set( getKeyStoreFile( TRUSTSTORE_FILENAME ).getAbsolutePath() ); config.truststoreType().set( "JCEKS" ); config.truststorePassword().set( KS_PASSWORD ); http://git-wip-us.apache.org/repos/asf/zest-java/blob/4b7d771d/libraries/http/src/test/java/org/apache/zest/library/http/SecureJettyServiceTest.java ---------------------------------------------------------------------- diff --git a/libraries/http/src/test/java/org/apache/zest/library/http/SecureJettyServiceTest.java b/libraries/http/src/test/java/org/apache/zest/library/http/SecureJettyServiceTest.java index 68352b8..159dfaf 100644 --- a/libraries/http/src/test/java/org/apache/zest/library/http/SecureJettyServiceTest.java +++ b/libraries/http/src/test/java/org/apache/zest/library/http/SecureJettyServiceTest.java @@ -53,8 +53,8 @@ public class SecureJettyServiceTest // START SNIPPET: configssl SecureJettyConfiguration config = configModule.forMixin( SecureJettyConfiguration.class ).declareDefaults(); config.hostName().set( "127.0.0.1" ); - config.port().set( HTTPS_PORT ); - config.keystorePath().set( SERVER_KEYSTORE_PATH ); + config.port().set( httpsPort ); + config.keystorePath().set( getKeyStoreFile( SERVER_KEYSTORE_FILENAME ).getAbsolutePath() ); config.keystoreType().set( "JCEKS" ); config.keystorePassword().set( KS_PASSWORD ); // END SNIPPET: configssl
