Return-Path: X-Original-To: apmail-usergrid-commits-archive@minotaur.apache.org Delivered-To: apmail-usergrid-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0459C18A21 for ; Thu, 29 Oct 2015 21:25:48 +0000 (UTC) Received: (qmail 39336 invoked by uid 500); 29 Oct 2015 21:25:48 -0000 Delivered-To: apmail-usergrid-commits-archive@usergrid.apache.org Received: (qmail 39311 invoked by uid 500); 29 Oct 2015 21:25:47 -0000 Mailing-List: contact commits-help@usergrid.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@usergrid.apache.org Delivered-To: mailing list commits@usergrid.apache.org Received: (qmail 39302 invoked by uid 99); 29 Oct 2015 21:25:47 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Oct 2015 21:25:47 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id C615FE393E; Thu, 29 Oct 2015 21:25:47 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: toddnine@apache.org To: commits@usergrid.apache.org Message-Id: <05a6c6c2a3854aa299848daa6ed95083@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: usergrid git commit: Adds test to prove functionality of GET + PUT Date: Thu, 29 Oct 2015 21:25:47 +0000 (UTC) Repository: usergrid Updated Branches: refs/heads/USERGRID-1079-2x 4784b34f3 -> ba629da57 Adds test to prove functionality of GET + PUT Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/ba629da5 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/ba629da5 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/ba629da5 Branch: refs/heads/USERGRID-1079-2x Commit: ba629da577235c0c9bedf4addcb44bfb5fdbdccb Parents: 4784b34 Author: Todd Nine Authored: Thu Oct 29 15:25:42 2015 -0600 Committer: Todd Nine Committed: Thu Oct 29 15:25:42 2015 -0600 ---------------------------------------------------------------------- .../collection/users/UserResourceIT.java | 109 +++++++++++++++++++ 1 file changed, 109 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/ba629da5/stack/rest/src/test/java/org/apache/usergrid/rest/applications/collection/users/UserResourceIT.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/applications/collection/users/UserResourceIT.java b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/collection/users/UserResourceIT.java index 79b8c85..deda5eb 100644 --- a/stack/rest/src/test/java/org/apache/usergrid/rest/applications/collection/users/UserResourceIT.java +++ b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/collection/users/UserResourceIT.java @@ -37,9 +37,15 @@ import org.apache.usergrid.rest.applications.utils.UserRepo; import org.apache.usergrid.utils.UUIDUtils; import com.sun.jersey.api.client.ClientResponse.Status; +import com.sun.jersey.api.client.GenericType; import com.sun.jersey.api.client.UniformInterfaceException; +import com.sun.jersey.api.client.WebResource; +import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter; + import java.io.IOException; +import javax.ws.rs.core.MediaType; + import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; @@ -1103,4 +1109,107 @@ public class UserResourceIT extends AbstractRestIT { assertEquals(response.getResponse().getEntities().get(0).get("uuid").toString(), userId.toString()); } + + + + @Test + public void testCredentialsTransfer() throws Exception { + + usersResource.post(new User("test_1", "Test1 User", "test_1@test.com", "test123")); // client.setApiUrl(apiUrl); + refreshIndex(); + + //Entity appInfo = this.app().get().getResponse().getEntities().get(0); + + Token token = this.app().token().post(new Token("test_1", "test123")); + + assertNotNull(token.getAccessToken()); + + final String superUserName = this.clientSetup.getSuperuserName(); + final String superUserPassword = this.clientSetup.getSuperuserPassword(); + + + //get the credentials info + final CollectionEndpoint collection = userResource.entity("test_1").collection( "credentials" ); + + final WebResource resource = collection.getResource(); + + resource.addFilter( new HTTPBasicAuthFilter(superUserName, superUserPassword) ); + + + + final ApiResponse response = resource.type( MediaType.APPLICATION_JSON_TYPE) + .accept( MediaType.APPLICATION_JSON ).get( org.apache.usergrid.rest.test.resource.model.ApiResponse.class ); + + + //now get the credentials sub object + + final Map credentials = ( Map ) response.getProperties().get( "credentials" ); + + + + //get out the hash and change it so we can validate + final String originalSecret = ( String ) credentials.get( "secret" ); + + + //here we modify the hash a little, this way we can break password validation, then re-set it to ensure we're actually updating the credentials info correctly. + final String borkedSecret = originalSecret.substring( 0, originalSecret.length() -1 ); + + credentials.put( "credentials", borkedSecret ); + credentials.put( "secret", borkedSecret ); + + //now PUT it + + + final Map> wrapper = new HashMap<>( ); + wrapper.put( "credentials", credentials ); + + final WebResource putResource = collection.getResource(); + + putResource.addFilter( new HTTPBasicAuthFilter(superUserName, superUserPassword) ); + + + putResource.type( MediaType.APPLICATION_JSON_TYPE) + .accept( MediaType.APPLICATION_JSON ).put( + org.apache.usergrid.rest.test.resource.model.ApiResponse.class, wrapper ); + + + //now try to get a password, it should fail because the hash is no longer correct + + int status = 0; + + // bad access token + try { + this.app().token().post(new Token("test_1", "test123")); + fail("Should have thrown an exception"); + } catch (UniformInterfaceException uie) { + status = uie.getResponse().getStatus(); + log.info("Error Response Body: " + uie.getResponse().getEntity(String.class)); + } + + assertEquals(Status.BAD_REQUEST.getStatusCode(), status); + + + //now put the correct one + + + credentials.put( "credentials", originalSecret ); + credentials.put( "secret", originalSecret ); + + + final WebResource putResource2 = collection.getResource(); + + putResource2.addFilter( new HTTPBasicAuthFilter( superUserName, superUserPassword ) ); + + + putResource2.type( MediaType.APPLICATION_JSON_TYPE) + .accept( MediaType.APPLICATION_JSON ).put( + org.apache.usergrid.rest.test.resource.model.ApiResponse.class, wrapper ); + + + //now auth, should be good + final Token nextToken = this.app().token().post(new Token("test_1", "test123")); + + assertNotNull( nextToken.getAccessToken() ); + + } }