diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 518b35a..0000000 --- a/.travis.yml +++ /dev/null @@ -1,5 +0,0 @@ -dist: trusty -sudo: false -language: java -jdk: - - openjdk11 diff --git a/CHANGELOG.md b/CHANGELOG.md index b04056e..70e0de4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,22 @@ # Change log +## 6.0.0 (August 21, 2024) + +### BREAKING CHANGES + +* Replaced deprecated `ApacheHttpTransport` with `com.google.api.client.http.apache.v2.ApacheHttpTransport` in `edgegrid-signer-google-http-client`. +* Updated `README.md` for `edgegrid-signer-google-http-client` to include changes in the instructions for signing HTTP requests with specified client credentials. + +### Improvements + +* Add support for `ProxySelector` in `ApacheHttpClientEdgeGridRoutePlanner` to enable the use of custom proxy servers. + +### Fixes + +* Fixes for various vulnerabilities by upgrading `grpc-context`, `netty` and `commons-configuration2`. +* Fixed issue when path param is an url for rest assured + + ## 5.1.1 (December 6, 2023) ### Fixes diff --git a/edgegrid-signer-apache-http-client/pom.xml b/edgegrid-signer-apache-http-client/pom.xml index 1ad9232..602d326 100644 --- a/edgegrid-signer-apache-http-client/pom.xml +++ b/edgegrid-signer-apache-http-client/pom.xml @@ -6,7 +6,7 @@ edgegrid-signer-parent com.akamai.edgegrid - 5.1.1 + 6.0.0 4.0.0 diff --git a/edgegrid-signer-apache-http-client/src/main/java/com/akamai/edgegrid/signer/apachehttpclient/ApacheHttpClientEdgeGridRoutePlanner.java b/edgegrid-signer-apache-http-client/src/main/java/com/akamai/edgegrid/signer/apachehttpclient/ApacheHttpClientEdgeGridRoutePlanner.java index 28f93a7..883bc32 100644 --- a/edgegrid-signer-apache-http-client/src/main/java/com/akamai/edgegrid/signer/apachehttpclient/ApacheHttpClientEdgeGridRoutePlanner.java +++ b/edgegrid-signer-apache-http-client/src/main/java/com/akamai/edgegrid/signer/apachehttpclient/ApacheHttpClientEdgeGridRoutePlanner.java @@ -43,7 +43,17 @@ public class ApacheHttpClientEdgeGridRoutePlanner extends SystemDefaultRoutePlan * @param clientCredential a {@link ClientCredential} */ public ApacheHttpClientEdgeGridRoutePlanner(ClientCredential clientCredential) { - super(ProxySelector.getDefault()); + this(clientCredential, ProxySelector.getDefault()); + } + + /** + * Creates an EdgeGrid route planner using {@link ClientCredential}. + * + * @param clientCredential a {@link ClientCredential} + * @param proxySelector a {@link ProxySelector} + */ + public ApacheHttpClientEdgeGridRoutePlanner(ClientCredential clientCredential, ProxySelector proxySelector) { + super(proxySelector); this.binding = new ApacheHttpClientEdgeGridRequestSigner(clientCredential); } @@ -53,7 +63,17 @@ public ApacheHttpClientEdgeGridRoutePlanner(ClientCredential clientCredential) { * @param clientCredentialProvider a {@link ClientCredentialProvider} */ public ApacheHttpClientEdgeGridRoutePlanner(ClientCredentialProvider clientCredentialProvider) { - super(ProxySelector.getDefault()); + this(clientCredentialProvider, ProxySelector.getDefault()); + } + + /** + * Creates an EdgeGrid route planner using {@link ClientCredentialProvider}. + * + * @param clientCredentialProvider a {@link ClientCredentialProvider} + * @param proxySelector a {@link ProxySelector} + */ + public ApacheHttpClientEdgeGridRoutePlanner(ClientCredentialProvider clientCredentialProvider, ProxySelector proxySelector) { + super(proxySelector); this.binding = new ApacheHttpClientEdgeGridRequestSigner(clientCredentialProvider); } diff --git a/edgegrid-signer-apache-http-client/src/test/java/com/akamai/edgegrid/signer/apachehttpclient/RestAssuredIntegrationTest.java b/edgegrid-signer-apache-http-client/src/test/java/com/akamai/edgegrid/signer/apachehttpclient/RestAssuredIntegrationTest.java index 789ec88..194d11c 100644 --- a/edgegrid-signer-apache-http-client/src/test/java/com/akamai/edgegrid/signer/apachehttpclient/RestAssuredIntegrationTest.java +++ b/edgegrid-signer-apache-http-client/src/test/java/com/akamai/edgegrid/signer/apachehttpclient/RestAssuredIntegrationTest.java @@ -35,9 +35,15 @@ import java.io.ByteArrayInputStream; import java.io.File; import java.io.IOException; +import java.net.InetSocketAddress; +import java.net.Proxy; +import java.net.ProxySelector; +import java.net.SocketAddress; +import java.net.URI; import java.net.URISyntaxException; import java.nio.charset.StandardCharsets; import java.util.List; +import java.util.ArrayList; import io.restassured.RestAssured; import io.restassured.config.HttpClientConfig; @@ -74,7 +80,6 @@ public class RestAssuredIntegrationTest { WireMockServer wireMockServer = new WireMockServer(wireMockConfig().httpsPort(SERVICE_MOCK_PORT)); - @BeforeClass public void setUp() { wireMockServer.start(); @@ -114,6 +119,33 @@ public void signAgainFollowedRedirects() throws URISyntaxException, IOException Matchers.not(CoreMatchers.equalTo(loggedRequests.get(1).getHeader("Authorization")))); } + @Test + public void signAgainFollowedRedirectsWithProxy() throws URISyntaxException, IOException { + + wireMockServer.stubFor(get(urlPathEqualTo("/billing-usage/v1/reportSources")) + .withHeader("Authorization", matching(".*")) + .withHeader("Host", equalTo(SERVICE_MOCK)) + .willReturn(aResponse() + .withStatus(302) + .withHeader("Location", "/billing-usage/v1/reportSources/alternative"))); + + wireMockServer.stubFor(get(urlPathEqualTo("/billing-usage/v1/reportSources/alternative")) + .withHeader("Authorization", matching(".*")) + .withHeader("Host", equalTo(SERVICE_MOCK)) + .willReturn(aResponse() + .withStatus(200) + .withHeader("Content-Type", "text/xml") + .withBody("Some content"))); + + getBaseRequestSpecificationWithCustomProxy() + .get("/billing-usage/v1/reportSources") + .then().statusCode(200); + + List loggedRequests = wireMockServer.findRequestsMatching(RequestPattern + .everything()).getRequests(); + MatcherAssert.assertThat(loggedRequests.get(0).getHeader("Authorization"), + Matchers.not(CoreMatchers.equalTo(loggedRequests.get(1).getHeader("Authorization")))); + } @Test @@ -224,7 +256,7 @@ public void signEachRequestWithAbsolutePath() throws URISyntaxException, IOExcep .withStatus(200))); getBaseRequestSpecification() - .get("https://" + SERVICE_MOCK+ "/billing-usage/v1/reportSources") + .get("https://" + SERVICE_MOCK + "/billing-usage/v1/reportSources") .then().statusCode(200); } @@ -277,6 +309,13 @@ private RequestSpecification getBaseRequestSpecification() { .baseUri("https://" + SERVICE_MOCK); } + private RequestSpecification getBaseRequestSpecificationWithCustomProxy() { + return RestAssured.given() + .config(getRestAssuredConfigWithCustomProxy(credential, new CustomProxySelector())) + .relaxedHTTPSValidation() + .baseUri("https://" + SERVICE_MOCK); + } + private static RestAssuredConfig getRestAssuredConfig(final ClientCredential credential) { return RestAssuredConfig.config().httpClient(HttpClientConfig.httpClientConfig().httpClientFactory(new HttpClientConfig.HttpClientFactory() { @@ -290,4 +329,41 @@ public HttpClient createHttpClient() { })); } + private static RestAssuredConfig getRestAssuredConfigWithCustomProxy(final ClientCredential credential, ProxySelector proxySelector) { + return RestAssuredConfig.config().httpClient(HttpClientConfig.httpClientConfig().httpClientFactory(new HttpClientConfig.HttpClientFactory() { + @Override + public HttpClient createHttpClient() { + final DefaultHttpClient client = new DefaultHttpClient(); + client.addRequestInterceptor(new ApacheHttpClientEdgeGridInterceptor(credential)); + client.setRoutePlanner(new ApacheHttpClientEdgeGridRoutePlanner(credential, proxySelector)); + return client; + } + })); + } + + class CustomProxySelector extends ProxySelector { + + private List proxies; + + public CustomProxySelector() { + // Define a proxy + Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("proxy.example.com", 8080)); + proxies = new ArrayList<>(); + proxies.add(proxy); + } + + @Override + public List select(URI uri) { + // Return the proxy list + if (uri == null) { + throw new IllegalArgumentException("URI can't be null."); + } + return proxies; + } + + @Override + public void connectFailed(URI uri, SocketAddress sa, IOException ioe) { + // No implementation needed + } + } } diff --git a/edgegrid-signer-apache-http-client5/pom.xml b/edgegrid-signer-apache-http-client5/pom.xml index 16e378a..d07cabf 100644 --- a/edgegrid-signer-apache-http-client5/pom.xml +++ b/edgegrid-signer-apache-http-client5/pom.xml @@ -6,7 +6,7 @@ edgegrid-signer-parent com.akamai.edgegrid - 5.1.1 + 6.0.0 4.0.0 diff --git a/edgegrid-signer-async-http-client/pom.xml b/edgegrid-signer-async-http-client/pom.xml index c5f6a10..08c84a3 100644 --- a/edgegrid-signer-async-http-client/pom.xml +++ b/edgegrid-signer-async-http-client/pom.xml @@ -5,7 +5,7 @@ edgegrid-signer-parent com.akamai.edgegrid - 5.1.1 + 6.0.0 4.0.0 diff --git a/edgegrid-signer-core/pom.xml b/edgegrid-signer-core/pom.xml index 4d37e5b..36ca196 100644 --- a/edgegrid-signer-core/pom.xml +++ b/edgegrid-signer-core/pom.xml @@ -6,7 +6,7 @@ edgegrid-signer-parent com.akamai.edgegrid - 5.1.1 + 6.0.0 edgegrid-signer-core diff --git a/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/AbstractEdgeGridRequestSigner.java b/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/AbstractEdgeGridRequestSigner.java index 2cfb512..801643d 100644 --- a/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/AbstractEdgeGridRequestSigner.java +++ b/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/AbstractEdgeGridRequestSigner.java @@ -62,7 +62,16 @@ public AbstractEdgeGridRequestSigner(ClientCredential clientCredential) { */ public AbstractEdgeGridRequestSigner(ClientCredentialProvider clientCredentialProvider) { this.clientCredentialProvider = clientCredentialProvider; - this.edgeGridSigner = new EdgeGridV1Signer(); + this.edgeGridSigner = createEdgeGridSigner(); + } + + /** + * Returns new instance of EdgeGridV1Signer. + * + * @return a {@link EdgeGridV1Signer} new instance + */ + protected EdgeGridV1Signer createEdgeGridSigner() { + return new EdgeGridV1Signer(); } /** diff --git a/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/EdgeGridV1Signer.java b/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/EdgeGridV1Signer.java index 2fe2e7f..3ad1967 100644 --- a/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/EdgeGridV1Signer.java +++ b/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/EdgeGridV1Signer.java @@ -110,7 +110,23 @@ public EdgeGridV1Signer() { */ public String getSignature(Request request, ClientCredential credential) throws RequestSigningException { - return getSignature(request, credential, System.currentTimeMillis(), generateNonce()); + return getSignature(request, credential, getTimestamp(), getNonce()); + } + + /** + * Returns timestamp needed for signing + * @return returns current time stamp + */ + protected long getTimestamp() { + return System.currentTimeMillis(); + } + + /** + * Returns nonce needed for signing + * @return returns generated nonce + */ + protected String getNonce() { + return generateNonce(); } private static String generateNonce() { diff --git a/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/Request.java b/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/Request.java index 7a01025..ae5d85c 100644 --- a/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/Request.java +++ b/edgegrid-signer-core/src/main/java/com/akamai/edgegrid/signer/Request.java @@ -286,6 +286,27 @@ public RequestBuilder uri(URI uri) { return this; } + /** + *

+ * Sets the URI of the HTTP request without any processing it, which is important when URI contains + * path parameters which consists of encoded URLs. + * This URI MUST have the correct path and query segments set. Scheme is assumed to be "HTTPS" for the purpose of this library. Host is + * actually taken from a {@link ClientCredential} at signing time; any value in this URI is + * discarded. Fragments are not removed from signing process. + *

+ *

+ * A path and/or query string is required. + *

+ * + * @param uri a {@link URI} + * @return reference back to this builder instance + */ + public RequestBuilder rawUri(URI uri) { + Objects.requireNonNull(uri, "uri cannot be empty"); + this.uri = uri; + return this; + } + /** * Returns a newly-created immutable HTTP request. * diff --git a/edgegrid-signer-google-http-client/README.md b/edgegrid-signer-google-http-client/README.md index 23059fc..f7ddb1d 100644 --- a/edgegrid-signer-google-http-client/README.md +++ b/edgegrid-signer-google-http-client/README.md @@ -22,18 +22,23 @@ Include the following Maven dependency in your project POM: Sign your HTTP request with a defined client credential: ```java -HttpTransport httpTransport = new ApacheHttpTransport.Builder() - .setSocketFactory(SSLSocketFactory.getSystemSocketFactory()) +HttpClient client = HttpClients.custom() + .setSSLSocketFactory(SSLSocketFactory.getSystemSocketFactory()) .build(); -HttpRequestFactory requestFactory = httpTransport.createRequestFactory(); +HttpRequestFactory requestFactory = new ApacheHttpTransport(client).createRequestFactory(); URI uri = URI.create("https://akaa-baseurl-xxxxxxxxxxx-xxxxxxxxxxxxx.luna.akamaiapis.net/billing-usage/v1/reportSources"); -HttpRequest request = requestFactory.buildGetRequest(new GenericUrl(uri)); +try { + HttpRequest request = requestFactory.buildGetRequest(new GenericUrl(uri)); + GoogleHttpClientEdgeGridRequestSigner requestSigner = new GoogleHttpClientEdgeGridRequestSigner(credential); -GoogleHttpClientEdgeGridRequestSigner requestSigner = new GoogleHttpClientEdgeGridRequestSigner(clientCredential); -requestSigner.sign(request); -request.execute(); + requestSigner.sign(request); + request.execute(); +} catch (IOException | RequestSigningException e) { + throw new RuntimeException("Error during HTTP request execution", e); +} ``` + This, however, requires remembering to sign every request explicitly. Alternately, you may create an `HttpRequestFactory` that will automatically diff --git a/edgegrid-signer-google-http-client/pom.xml b/edgegrid-signer-google-http-client/pom.xml index e61944c..d138075 100644 --- a/edgegrid-signer-google-http-client/pom.xml +++ b/edgegrid-signer-google-http-client/pom.xml @@ -6,7 +6,7 @@ edgegrid-signer-parent com.akamai.edgegrid - 5.1.1 + 6.0.0 edgegrid-signer-google-http-client @@ -25,7 +25,7 @@ com.google.http-client - google-http-client + google-http-client-apache-v2 com.github.tomakehurst diff --git a/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridInterceptorTest.java b/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridInterceptorTest.java index 1968000..dedca7e 100644 --- a/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridInterceptorTest.java +++ b/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridInterceptorTest.java @@ -26,6 +26,7 @@ import java.net.URI; import java.net.URISyntaxException; +import org.apache.http.client.HttpClient; import org.apache.http.conn.ssl.SSLSocketFactory; import org.testng.annotations.Test; @@ -35,8 +36,7 @@ import com.google.api.client.http.HttpRequest; import com.google.api.client.http.HttpRequestFactory; import com.google.api.client.http.HttpRequestInitializer; -import com.google.api.client.http.HttpTransport; -import com.google.api.client.http.apache.ApacheHttpTransport; +import com.google.api.client.http.apache.v2.ApacheHttpTransport; /** * Unit tests for {@link GoogleHttpClientEdgeGridInterceptor}. @@ -85,15 +85,15 @@ public void testInterceptorWithHeader() throws URISyntaxException, IOException, } private HttpRequestFactory createSigningRequestFactory() { - HttpTransport httpTransport = new ApacheHttpTransport.Builder() - .setSocketFactory(SSLSocketFactory.getSystemSocketFactory()) + HttpClient client = ApacheHttpTransport.newDefaultHttpClientBuilder() + .setSSLSocketFactory((SSLSocketFactory.getSystemSocketFactory())) .build(); - return httpTransport.createRequestFactory(new HttpRequestInitializer() { + + return new ApacheHttpTransport(client).createRequestFactory(new HttpRequestInitializer() { @Override public void initialize(HttpRequest request) throws IOException { request.setInterceptor(new GoogleHttpClientEdgeGridInterceptor(credential)); } }); } - } diff --git a/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridRequestSignerTest.java b/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridRequestSignerTest.java index 90961e4..1ba0341 100644 --- a/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridRequestSignerTest.java +++ b/edgegrid-signer-google-http-client/src/test/java/com/akamai/edgegrid/signer/googlehttpclient/GoogleHttpClientEdgeGridRequestSignerTest.java @@ -20,8 +20,12 @@ import com.akamai.edgegrid.signer.ClientCredential; import com.akamai.edgegrid.signer.exceptions.RequestSigningException; import com.akamai.edgegrid.signer.googlehttpclient.GoogleHttpClientEdgeGridRequestSigner; -import com.google.api.client.http.*; -import com.google.api.client.http.apache.ApacheHttpTransport; + +import com.google.api.client.http.GenericUrl; +import com.google.api.client.http.HttpRequest; +import com.google.api.client.http.HttpRequestFactory; +import com.google.api.client.http.HttpTransport; +import com.google.api.client.http.apache.v2.ApacheHttpTransport; import org.testng.annotations.Test; diff --git a/edgegrid-signer-rest-assured/pom.xml b/edgegrid-signer-rest-assured/pom.xml index dd2da9b..1123ac3 100644 --- a/edgegrid-signer-rest-assured/pom.xml +++ b/edgegrid-signer-rest-assured/pom.xml @@ -6,7 +6,7 @@ edgegrid-signer-parent com.akamai.edgegrid - 5.1.1 + 6.0.0 edgegrid-signer-rest-assured diff --git a/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilter.java b/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilter.java index b77ca70..cfe1a25 100644 --- a/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilter.java +++ b/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilter.java @@ -40,7 +40,7 @@ */ public class RestAssuredEdgeGridFilter implements Filter { - private final RestAssuredEdgeGridRequestSigner binding; + protected RestAssuredEdgeGridRequestSigner binding; /** * Creates an EdgeGrid signing interceptor using the same {@link ClientCredential} for each diff --git a/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridRequestSigner.java b/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridRequestSigner.java index e0cde0a..bf41901 100644 --- a/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridRequestSigner.java +++ b/edgegrid-signer-rest-assured/src/main/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridRequestSigner.java @@ -127,7 +127,7 @@ protected Request map(FilterableRequestSpecification requestSpec) { Request.RequestBuilder builder = Request.builder() .method(requestSpec.getMethod()) - .uri(URI.create(requestSpec.getURI())) + .rawUri(URI.create(requestSpec.getURI())) .body(serialize(requestSpec.getBody())); for (Header header : requestSpec.getHeaders()) { diff --git a/edgegrid-signer-rest-assured/src/test/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilterIntegrationTest.java b/edgegrid-signer-rest-assured/src/test/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilterIntegrationTest.java index 6b0ee5f..8da26ba 100644 --- a/edgegrid-signer-rest-assured/src/test/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilterIntegrationTest.java +++ b/edgegrid-signer-rest-assured/src/test/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilterIntegrationTest.java @@ -17,6 +17,7 @@ import com.akamai.edgegrid.signer.ClientCredential; +import com.akamai.edgegrid.signer.EdgeGridV1Signer; import com.akamai.edgegrid.signer.exceptions.RequestSigningException; import com.github.tomakehurst.wiremock.WireMockServer; import com.github.tomakehurst.wiremock.matching.RequestPattern; @@ -261,6 +262,61 @@ public void dontSignRequestWithMultipartContent() throws URISyntaxException, IOE .then().statusCode(200); } + class MockedEdgeGridV1Signer extends EdgeGridV1Signer { + String fixedNonce = "ec9d20ee-1e9b-4c1f-925a-f0017754f86c"; + // Fixed timestamp corresponds to 2016-08-04T07:00:00+0000. + long fixedTimestamp = 1470294000000L; + + protected long getTimestamp() { + return fixedTimestamp; + } + + protected String getNonce() { + return fixedNonce; + } + + } + + class MockedRestAssuredEdgeGridRequestSigner extends RestAssuredEdgeGridRequestSigner { + + public MockedRestAssuredEdgeGridRequestSigner(ClientCredential clientCredential) { + super(clientCredential); + } + + @Override + protected EdgeGridV1Signer createEdgeGridSigner() { + return new MockedEdgeGridV1Signer(); + } + } + + class MockedRestAssuredEdgeGridFilter extends RestAssuredEdgeGridFilter { + + public MockedRestAssuredEdgeGridFilter(ClientCredential credential) { + super(credential); + this.binding = new MockedRestAssuredEdgeGridRequestSigner(credential); + } + } + @Test + public void signRequestWithPathParamContainingURL() throws URISyntaxException, IOException { + + wireMockServer.stubFor(get(urlPathMatching("/sso-config/v1/idps/https%3A%2F%2Ffdef2ea8-64b1-4b78-ad36-bacae87af167/certificates")) + .withHeader("Authorization", equalTo("EG1-HMAC-SHA256 client_token=akaa-k7glklzuxkkh2ycw-oadjphopvpn6yjoj;access_token=akaa-dm5g2bfwoodqnc6k-ju7vlao2wz6oz2rp;timestamp=20160804T07:00:00+0000;nonce=ec9d20ee-1e9b-4c1f-925a-f0017754f86c;signature=2KunLDWST5ZgrbL8CuTF2Gxp7UfsIy/DxELcajvziTo=")) + .withHeader("Host", equalTo(SERVICE_MOCK)) + .willReturn(aResponse() + .withStatus(200) + .withHeader("Content-Type", "text/xml") + .withBody("Some content"))); + + RestAssuredEdgeGridFilter filter = new MockedRestAssuredEdgeGridFilter(credential); + RestAssured.given() + .relaxedHTTPSValidation() + .filter(filter) + .get("/sso-config/v1/idps/{id}/certificates", "https://fdef2ea8-64b1-4b78-ad36-bacae87af167") + .then().statusCode(200); + + assertThat(wireMockServer.findAllUnmatchedRequests().size(), CoreMatchers.equalTo(0)); + } + @AfterClass public void tearDownAll() { wireMockServer.stop(); diff --git a/edgegrid-signer-rest-assured/src/test/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilterTest.java b/edgegrid-signer-rest-assured/src/test/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilterTest.java deleted file mode 100644 index 240f659..0000000 --- a/edgegrid-signer-rest-assured/src/test/java/com/akamai/edgegrid/signer/restassured/RestAssuredEdgeGridFilterTest.java +++ /dev/null @@ -1,263 +0,0 @@ -/* - * Copyright 2018 Akamai Technologies, Inc. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.akamai.edgegrid.signer.restassured; - -import com.akamai.edgegrid.signer.ClientCredential; -import com.akamai.edgegrid.signer.exceptions.RequestSigningException; -import com.github.tomakehurst.wiremock.WireMockServer; -import com.github.tomakehurst.wiremock.matching.RequestPattern; -import com.github.tomakehurst.wiremock.verification.LoggedRequest; - -import io.restassured.RestAssured; -import io.restassured.filter.Filter; -import io.restassured.filter.FilterContext; -import io.restassured.response.Response; -import io.restassured.specification.FilterableRequestSpecification; -import io.restassured.specification.FilterableResponseSpecification; -import io.restassured.specification.RequestSpecification; - -import org.hamcrest.CoreMatchers; -import org.hamcrest.MatcherAssert; -import org.hamcrest.Matchers; -import org.testng.annotations.AfterClass; -import org.testng.annotations.BeforeClass; -import org.testng.annotations.BeforeMethod; -import org.testng.annotations.Test; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.net.URISyntaxException; -import java.nio.charset.StandardCharsets; -import java.util.List; - -import static com.github.tomakehurst.wiremock.client.WireMock.*; -import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig; -import static org.hamcrest.MatcherAssert.assertThat; - - -/** - * Unit tests for {@link RestAssuredEdgeGridFilterTest}. - * - * @author mgawinec@akamai.com - */ -public class RestAssuredEdgeGridFilterTest { - - static final String SERVICE_MOCK_HOST = "localhost"; - static final int SERVICE_MOCK_PORT = 9089; - static final String SERVICE_MOCK = SERVICE_MOCK_HOST + ":" + SERVICE_MOCK_PORT; - - ClientCredential credential = ClientCredential.builder() - .accessToken("akaa-dm5g2bfwoodqnc6k-ju7vlao2wz6oz2rp") - .clientToken("akaa-k7glklzuxkkh2ycw-oadjphopvpn6yjoj") - .clientSecret("SOMESECRET") - .host(SERVICE_MOCK) - .build(); - - WireMockServer wireMockServer = new WireMockServer(wireMockConfig().httpsPort(SERVICE_MOCK_PORT)); - - - - @BeforeClass - public void setUp() { - wireMockServer.start(); - } - - @BeforeMethod - public void reset() { - wireMockServer.resetMappings(); - wireMockServer.resetRequests(); - } - - @Test - // Due to limitations of REST-assured we cannot sign again followed redirects - // https://github.com/akamai-open/AkamaiOPEN-edgegrid-java/issues/21 - public void cannotSignAgainFollowedRedirects() throws URISyntaxException, IOException { - - wireMockServer.stubFor(get(urlPathEqualTo("/billing-usage/v1/reportSources")) - .withHeader("Authorization", matching(".*")) - .withHeader("Host", equalTo(SERVICE_MOCK)) - .willReturn(aResponse() - .withStatus(302) - .withHeader("Location", "/billing-usage/v1/reportSources/alternative"))); - - wireMockServer.stubFor(get(urlPathEqualTo("/billing-usage/v1/reportSources/alternative")) - .withHeader("Authorization", matching(".*")) - .withHeader("Host", equalTo(SERVICE_MOCK)) - .willReturn(aResponse() - .withStatus(200) - .withHeader("Content-Type", "text/xml") - .withBody("Some content"))); - - RestAssured.given() - .relaxedHTTPSValidation() - .filter(new RestAssuredEdgeGridFilter(credential)) - .get("/billing-usage/v1/reportSources") - .then().statusCode(200); - - List loggedRequests = wireMockServer.findRequestsMatching(RequestPattern - .everything()).getRequests(); - MatcherAssert.assertThat(loggedRequests.get(0).getHeader("Authorization"), - CoreMatchers.equalTo(loggedRequests.get(1).getHeader("Authorization"))); - } - - @Test - public void signEachRequest() throws URISyntaxException, IOException { - - wireMockServer.stubFor(get(urlPathEqualTo("/billing-usage/v1/reportSources")) - .withHeader("Authorization", matching(".*")) - .withHeader("Host", equalTo(SERVICE_MOCK)) - .willReturn(aResponse() - .withStatus(200) - .withHeader("Content-Type", "text/xml") - .withBody("Some content"))); - - RestAssured.given() - .relaxedHTTPSValidation() - .filter(new RestAssuredEdgeGridFilter(credential)) - .get("/billing-usage/v1/reportSources") - .then().statusCode(200); - } - - @Test - public void signEachRequestWithPathParams() throws URISyntaxException, IOException { - - wireMockServer.stubFor(get(urlPathMatching("/config-gtm/v1/domains/.*")) - .withHeader("Authorization", matching(".*")) - .withHeader("Host", equalTo(SERVICE_MOCK)) - .willReturn(aResponse() - .withStatus(200) - .withHeader("Content-Type", "text/xml") - .withBody("Some content"))); - - RestAssured.given() - .relaxedHTTPSValidation() - .filter(new RestAssuredEdgeGridFilter(credential)) - .get("/config-gtm/v1/domains/{domain}", "storage1.akadns.net") - .then().statusCode(200); - } - - @Test - public void signEachRequestWithPathParamsAndQueryString() throws URISyntaxException, - IOException { - - wireMockServer.stubFor(get(urlPathMatching("/config-gtm/v1/domains/.*")) - .withHeader("Authorization", matching(".*")) - .withHeader("Host", equalTo(SERVICE_MOCK)) - .withQueryParam("param1", equalTo("value1")) - .willReturn(aResponse() - .withStatus(200) - .withHeader("Content-Type", "text/xml") - .withBody("Some content"))); - - RestAssured.given() - .relaxedHTTPSValidation() - .filter(new RestAssuredEdgeGridFilter(credential)) - .queryParam("param1", "value1") - .get("/config-gtm/v1/domains/{domain}", "storage1.akadns.net") - .then().statusCode(200); - } - - @Test - public void signWithHostHeader() throws URISyntaxException, IOException { - - wireMockServer.stubFor(get(urlPathEqualTo("/billing-usage/v1/reportSources")) - .withHeader("Authorization", matching(".*")) - .withHeader("Host", equalTo(SERVICE_MOCK)) - .willReturn(aResponse() - .withStatus(200) - .withHeader("Content-Type", "text/xml") - .withBody("Some content"))); - - RestAssured.given() - .relaxedHTTPSValidation() - .filter(new RestAssuredEdgeGridFilter(credential)) - .header("Host", "ignored-hostname.com") - .get("/billing-usage/v1/reportSources") - .then().statusCode(200); - } - - @Test - public void replacesProvidedHostHeader() throws URISyntaxException, IOException, - RequestSigningException { - - - RestAssured.given() - .relaxedHTTPSValidation() - .header("Host", "ignored-hostname.com") - .filter(new RestAssuredEdgeGridFilter(credential)) - .filter(new Filter() { - @Override - public Response filter(FilterableRequestSpecification requestSpec, FilterableResponseSpecification responseSpec, FilterContext ctx) { - MatcherAssert.assertThat(requestSpec.getHeaders().getList("Host").size(), - CoreMatchers.equalTo(1)); - MatcherAssert.assertThat(requestSpec.getHeaders().get("Host").getValue(), - CoreMatchers.equalTo(credential.getHost())); - - return ctx.next(requestSpec, responseSpec); - } - }) - .get(); - - - } - - @Test(expectedExceptions = IllegalArgumentException.class) - public void dontSignEachRequestWithAbsolutePath() throws URISyntaxException, IOException { - - RestAssured.given() - .filter(new RestAssuredEdgeGridFilter(credential)) - .get("https://ignored-hostname.com/billing-usage/v1/reportSources") - .then().statusCode(200); - } - - @Test(expectedExceptions = IllegalArgumentException.class) - public void dontSignRequestWithFileContent() throws URISyntaxException, IOException { - - RestAssured.given() - .filter(new RestAssuredEdgeGridFilter(credential)) - .body(new File("/home/johan/some_large_file.bin")) - .post("/billing-usage/v1/reportSources") - .then().statusCode(200); - } - - @Test(expectedExceptions = IllegalArgumentException.class) - public void dontSignRequestWithInputStreamContent() throws URISyntaxException, IOException { - - RestAssured.given() - .filter(new RestAssuredEdgeGridFilter(credential)) - .body(new ByteArrayInputStream("exampleString".getBytes(StandardCharsets.UTF_8))) - .post("/billing-usage/v1/reportSources") - .then().statusCode(200); - } - - @Test(expectedExceptions = IllegalArgumentException.class) - public void dontSignRequestWithMultipartContent() throws URISyntaxException, IOException { - - RestAssured.given() - .filter(new RestAssuredEdgeGridFilter(credential)) - .multiPart("file", new File("/home/johan/some_large_file.bin")) - .post("/billing-usage/v1/reportSources") - .then().statusCode(200); - } - - @AfterClass - public void tearDownAll() { - wireMockServer.stop(); - } - -} diff --git a/edgerc-reader/pom.xml b/edgerc-reader/pom.xml index e15b67c..4335c80 100644 --- a/edgerc-reader/pom.xml +++ b/edgerc-reader/pom.xml @@ -5,7 +5,7 @@ edgegrid-signer-parent com.akamai.edgegrid - 5.1.1 + 6.0.0 4.0.0 diff --git a/pom.xml b/pom.xml index 485ca47..a838823 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.akamai.edgegrid edgegrid-signer-parent - 5.1.1 + 6.0.0 edgegrid-signer-apache-http-client @@ -80,9 +80,9 @@ 11 11 1.7.36 - 4.1.101.Final + 4.1.108.Final 1.4.14 - 8.4.0 + 10.0.2 @@ -113,8 +113,8 @@ com.google.http-client - google-http-client - 1.43.3 + google-http-client-apache-v2 + 1.44.2 io.rest-assured @@ -130,7 +130,7 @@ org.apache.commons commons-configuration2 - 2.8.0 + 2.10.1 org.apache.httpcomponents @@ -189,7 +189,7 @@ io.grpc grpc-context - 1.57.2 + 1.65.0