001: /* Copyright 2005 The JA-SIG Collaborative. All rights reserved.
002: * See license distributed with this file and
003: * available online at http://www.uportal.org/license.html
004: */
005: package org.jasig.portal.utils.uri;
006:
007: import java.net.URI;
008: import java.net.URISyntaxException;
009: import java.util.List;
010:
011: import junit.framework.TestCase;
012:
013: /**
014: * Testcase for PrefixUriScrutinizer. Tests argument checking and normalization
015: * and the scrutinization logic.
016: * @since uPortal 2.5.1
017: */
018: public class PrefixUriScrutinizerTest extends TestCase {
019:
020: protected void setUp() throws Exception {
021: super .setUp();
022: }
023:
024: protected void tearDown() throws Exception {
025: super .tearDown();
026: }
027:
028: public void testNullAllowPrefixArray() {
029: try {
030: new PrefixUriScrutinizer(null, new String[0]);
031: } catch (IllegalArgumentException iae) {
032: // good, threw expected exception.
033: return;
034: }
035: fail("Should have thrown IllegalArgumentException preventing "
036: + "construction with null allow prefix list.");
037: }
038:
039: public void testNullInAllowPrefixArray() {
040: try {
041: String[] nullContainingPrefixes = { "http://", null,
042: "htps://" };
043: new PrefixUriScrutinizer(nullContainingPrefixes,
044: new String[0]);
045: } catch (IllegalArgumentException iae) {
046: // good, threw expected exception.
047: return;
048: }
049: fail("Should have thrown IllegalArgumentException preventing "
050: + "construction with null in allow prefix array.");
051: }
052:
053: public void testNullDenyPrefixesArray() {
054: try {
055: new PrefixUriScrutinizer(new String[0], null);
056: } catch (IllegalArgumentException iae) {
057: // good, threw expected exception.
058: return;
059: }
060: fail("Should have thrown IllegalArgumentException preventing "
061: + "construction with null allow prefix list.");
062: }
063:
064: public void testNullInDenyPrefixArray() {
065: try {
066: String[] nullContainingPrefixes = { "http://", null,
067: "htps://" };
068: new PrefixUriScrutinizer(new String[0],
069: nullContainingPrefixes);
070: } catch (IllegalArgumentException iae) {
071: // good, threw expected exception.
072: return;
073: }
074: fail("Should have thrown IllegalArgumentException preventing "
075: + "construction with null in deny prefix array.");
076: }
077:
078: public void testNullUri() {
079: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
080: new String[0], new String[0]);
081:
082: try {
083: testMe.scrutinize(null);
084: } catch (IllegalArgumentException iae) {
085: // good, threw expected exception
086: return;
087: }
088: fail("Should have thrown IllegalArgumentException.");
089: }
090:
091: public void testAllowedHttpUri() {
092: String[] allowedPrefixes = { "http://", "https://" };
093:
094: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
095: allowedPrefixes, new String[0]);
096:
097: URI httpUri = null;
098: try {
099: httpUri = new URI("http://www.ja-sig.org");
100: } catch (URISyntaxException e) {
101: fail("testcase broken" + e);
102: }
103:
104: // testcase will fail if scrutinize throws
105: testMe.scrutinize(httpUri);
106:
107: URI httpsUri = null;
108: try {
109: httpsUri = new URI("https://secure.its.yale.edu");
110: } catch (URISyntaxException e) {
111: fail("testcase broken" + e);
112: }
113:
114: // testcase will fail if scrutinize throws
115: testMe.scrutinize(httpsUri);
116:
117: }
118:
119: public void testAllowIgnoresCase() {
120: String[] allowedPrefixes = { "HTTP://", "HtTPs://" };
121:
122: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
123: allowedPrefixes, new String[0]);
124:
125: URI httpUri = null;
126: try {
127: httpUri = new URI("http://www.ja-sig.org");
128: } catch (URISyntaxException e) {
129: fail("testcase broken" + e);
130: }
131:
132: // testcase will fail if scrutinize throws
133: testMe.scrutinize(httpUri);
134:
135: URI httpsUri = null;
136: try {
137: httpsUri = new URI("HttpS://secure.its.yale.edu");
138: } catch (URISyntaxException e) {
139: fail("testcase broken" + e);
140: }
141:
142: // testcase will fail if scrutinize throws
143: testMe.scrutinize(httpsUri);
144:
145: }
146:
147: public void testNotAllowedUri() {
148: String[] allowedPrefixes = { "http://", "https://" };
149:
150: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
151: allowedPrefixes, new String[0]);
152:
153: URI httpUri = null;
154: try {
155: httpUri = new URI("file:/etc/.passwd");
156: } catch (URISyntaxException e) {
157: fail("testcase broken" + e);
158: }
159:
160: try {
161: testMe.scrutinize(httpUri);
162: } catch (BlockedUriException bue) {
163: // good, blocked URI not bearing an allowed prefix
164: return;
165: }
166: fail("Scrutinize should have blocked URI failing to bear allowed prefix.");
167:
168: }
169:
170: public void testEplicitlyBlockedUri() {
171: String[] allowedPrefixes = { "http://", "https://" };
172:
173: String[] blockedPrefixes = { "https://secure.its.yale.edu" };
174:
175: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
176: allowedPrefixes, blockedPrefixes);
177:
178: URI httpUri = null;
179: try {
180: httpUri = new URI("https://secure.its.yale.edu/cas/");
181: } catch (URISyntaxException e) {
182: fail("testcase broken" + e);
183: }
184:
185: try {
186: testMe.scrutinize(httpUri);
187: } catch (BlockedUriException bue) {
188: // good, blocked URI matching an allowed prefix but also matching
189: // a blocked prefix
190: return;
191: }
192: fail("Scrutinize should have blocked URI bearing a blocked prefix.");
193:
194: }
195:
196: public void testBlockingIgnoresCase() {
197: String[] allowedPrefixes = { "http://", "https://" };
198:
199: String[] blockedPrefixes = { "HTTPS://secure.its.yale.edu" };
200:
201: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
202: allowedPrefixes, blockedPrefixes);
203:
204: URI httpUri = null;
205: try {
206: httpUri = new URI("https://secure.its.yale.edu/cas/");
207: } catch (URISyntaxException e) {
208: fail("testcase broken" + e);
209: }
210:
211: try {
212: testMe.scrutinize(httpUri);
213: } catch (BlockedUriException bue) {
214: // good, blocked URI matching an allowed prefix but also matching
215: // a blocked prefix
216: return;
217: }
218: fail("Scrutinize should have blocked URI bearing a blocked prefix.");
219:
220: }
221:
222: public void testNormalizedMatchingAllow() {
223: String[] allowedPrefixes = { "http://", "https://",
224: "file:/portal/" };
225:
226: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
227: allowedPrefixes, new String[0]);
228:
229: URI httpUri = null;
230: try {
231: httpUri = new URI("file:/portal/../etc/shadow");
232: } catch (URISyntaxException e) {
233: fail("testcase broken" + e);
234: }
235:
236: try {
237: testMe.scrutinize(httpUri);
238: } catch (BlockedUriException bue) {
239: // good, blocked URI which when normalized does not bear an
240: // allowed prefix
241: return;
242: }
243: fail("Scrutinize should have blocked URI failing to bear allowed prefix.");
244:
245: }
246:
247: public void testNormalizeMatchingDeny() {
248: String[] allowedPrefixes = { "http://", "https://" };
249:
250: String[] blockedPrefixes = { "http://www.uportal.org/private/" };
251:
252: PrefixUriScrutinizer testMe = new PrefixUriScrutinizer(
253: allowedPrefixes, blockedPrefixes);
254:
255: URI httpUri = null;
256: try {
257: httpUri = new URI(
258: "http://www.uportal.org/public/../private/secret.html");
259: } catch (URISyntaxException e) {
260: fail("testcase broken" + e);
261: }
262:
263: try {
264: testMe.scrutinize(httpUri);
265: } catch (BlockedUriException bue) {
266: // good, blocked URI matching an allowed prefix but also matching
267: // a blocked prefix after normalization
268: return;
269: }
270: fail("Scrutinize should have blocked URI bearing a blocked prefix.");
271:
272: }
273:
274: /**
275: * Test that null parameters translate to default behavior.
276: */
277: public void testParsingParametersDefaultsNullNull() {
278: String nullString = null;
279:
280: PrefixUriScrutinizer defaultInstance = PrefixUriScrutinizer
281: .instanceFromParameters(nullString, nullString);
282:
283: List allowPrefixes = defaultInstance.getAllowPrefixes();
284: assertTrue(allowPrefixes.contains("http://"));
285: assertTrue(allowPrefixes.contains("https://"));
286: assertEquals(2, allowPrefixes.size());
287:
288: List denyPrefixes = defaultInstance.getDenyPrefixes();
289: assertTrue(denyPrefixes.isEmpty());
290: }
291:
292: /**
293: * Test that empty parameters translate to default behavior.
294: */
295: public void testParsingParametersEmptyEmpty() {
296: String emptyString = "";
297:
298: PrefixUriScrutinizer defaultInstance = PrefixUriScrutinizer
299: .instanceFromParameters(emptyString, emptyString);
300:
301: List allowPrefixes = defaultInstance.getAllowPrefixes();
302: assertTrue(allowPrefixes.contains("http://"));
303: assertTrue(allowPrefixes.contains("https://"));
304: assertEquals(2, allowPrefixes.size());
305:
306: List denyPrefixes = defaultInstance.getDenyPrefixes();
307: assertTrue(denyPrefixes.isEmpty());
308: }
309:
310: /**
311: * Test successful parsing of overriding allow and deny lists.
312: */
313: public void testParsingParameters() {
314: String allowString = "http:// https:// file:/some/safe/path/";
315: String denyString = "https://restrictedhost.com file:/some/safe/path/hidden";
316:
317: PrefixUriScrutinizer customInstance = PrefixUriScrutinizer
318: .instanceFromParameters(allowString, denyString);
319:
320: List allowPrefixes = customInstance.getAllowPrefixes();
321: assertTrue(allowPrefixes.contains("http://"));
322: assertTrue(allowPrefixes.contains("https://"));
323: assertTrue(allowPrefixes.contains("file:/some/safe/path/"));
324: assertEquals(3, allowPrefixes.size());
325:
326: List denyPrefixes = customInstance.getDenyPrefixes();
327: assertTrue(denyPrefixes.contains("https://restrictedhost.com"));
328: assertTrue(denyPrefixes.contains("file:/some/safe/path/hidden"));
329: assertEquals(2, denyPrefixes.size());
330: }
331:
332: }
|