Fix issues where cert stream was being used incorrectly. Add non-apple valid cert for testing notifier creation (which tests the certificate utils).
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/2455b6a6 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/2455b6a6 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/2455b6a6 Branch: refs/heads/master Commit: 2455b6a652520a32b1d520c6efd2611a97394749 Parents: 61c57c2 Author: Michael Russo <michaelaru...@gmail.com> Authored: Tue Jan 12 13:13:41 2016 -0800 Committer: Michael Russo <michaelaru...@gmail.com> Committed: Tue Jan 12 13:13:41 2016 -0800 ---------------------------------------------------------------------- .../notifiers/NotifierResource.java | 13 ++++--- .../notifiers/NotifiersResource.java | 12 ++++-- .../usergrid/rest/utils/CertificateUtils.java | 4 +- .../applications/notifiers/NotifiersIT.java | 37 ++++++++++++++----- .../resources/valid_non_apple_2036_01_07.p12 | Bin 0 -> 2661 bytes 5 files changed, 46 insertions(+), 20 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/2455b6a6/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifierResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifierResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifierResource.java index 21d3d73..4e4a3b1 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifierResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifierResource.java @@ -81,12 +81,16 @@ public class NotifierResource extends ServiceResource { InputStream is = null; Map<String, Object> certAttributes = null; String filename = null; + byte[] certBytes = null; if (multiPart.getField("p12Certificate") != null) { filename = multiPart.getField("p12Certificate").getContentDisposition().getFileName(); is = multiPart.getField("p12Certificate").getEntityAs(InputStream.class); - certAttributes = CertificateUtils.getCertAtrributes(is, certPassword); + if (is != null) { + certBytes = IOUtils.toByteArray(is); + certAttributes = CertificateUtils.getCertAtrributes(certBytes, certPassword); + } }else{ - throw new IllegalArgumentException("p12Certificate data cannot be empty"); + throw new IllegalArgumentException("Certificate is invalid .p12 file or incorrect certificatePassword"); } // check to see if the certificate is valid @@ -99,10 +103,9 @@ public class NotifierResource extends ServiceResource { certProps.put("provider", provider); certProps.put("environment", "production"); certProps.put("certificatePassword", certPassword); - if (is != null) { - byte[] certBytes = IOUtils.toByteArray(is); + + if(certBytes != null && certBytes.length > 0 ){ certProps.put("p12Certificate", certBytes); - is.close(); } HashMap<String, Object> certInfo = new LinkedHashMap<String, Object>(); if (certAttributes != null){ http://git-wip-us.apache.org/repos/asf/usergrid/blob/2455b6a6/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifiersResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifiersResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifiersResource.java index bd02c35..d7ce1e5 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifiersResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/notifiers/NotifiersResource.java @@ -127,12 +127,16 @@ public class NotifiersResource extends ServiceResource { InputStream is = null; Map<String, Object> certAttributes = null; String filename = null; + byte[] certBytes = null; if (multiPart.getField("p12Certificate") != null) { filename = multiPart.getField("p12Certificate").getContentDisposition().getFileName(); is = multiPart.getField("p12Certificate").getEntityAs(InputStream.class); - certAttributes = CertificateUtils.getCertAtrributes(is, certPassword); + if (is != null) { + certBytes = IOUtils.toByteArray(is); + certAttributes = CertificateUtils.getCertAtrributes(certBytes, certPassword); + } }else{ - throw new IllegalArgumentException("p12Certificate password cannot be empty or null."); + throw new IllegalArgumentException("Certificate is invalid .p12 file or incorrect certificatePassword"); } // check to see if the certificate is valid @@ -147,8 +151,8 @@ public class NotifiersResource extends ServiceResource { certProps.put("provider", provider); certProps.put("environment", environment); certProps.put("certificatePassword", certPassword); - if (is != null) { - byte[] certBytes = IOUtils.toByteArray(is); + + if(certBytes != null && certBytes.length > 0 ){ certProps.put("p12Certificate", certBytes); } HashMap<String, Object> certInfo = new LinkedHashMap<String, Object>(); http://git-wip-us.apache.org/repos/asf/usergrid/blob/2455b6a6/stack/rest/src/main/java/org/apache/usergrid/rest/utils/CertificateUtils.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/utils/CertificateUtils.java b/stack/rest/src/main/java/org/apache/usergrid/rest/utils/CertificateUtils.java index 6f4be92..5d2e43b 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/utils/CertificateUtils.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/utils/CertificateUtils.java @@ -19,6 +19,7 @@ package org.apache.usergrid.rest.utils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.io.ByteArrayInputStream; import java.io.InputStream; import java.security.KeyStore; import java.security.cert.X509Certificate; @@ -35,7 +36,7 @@ public class CertificateUtils { private static final String APPLE_TOPIC_OID = "1.2.840.113635.100.6.3.6"; - public static Map<String, Object> getCertAtrributes(InputStream stream, String certPassword){ + public static Map<String, Object> getCertAtrributes(byte[] certBytes, String certPassword){ if(certPassword == null){ certPassword = ""; // if there is no password, pass in empty string @@ -48,6 +49,7 @@ public class CertificateUtils { Map<String,Object> attributes = new HashMap<>(1); try{ KeyStore p12 = KeyStore.getInstance("pkcs12"); + InputStream stream = new ByteArrayInputStream(certBytes); p12.load(stream, certPassword.toCharArray()); Enumeration aliases = p12.aliases(); while(aliases.hasMoreElements()){ http://git-wip-us.apache.org/repos/asf/usergrid/blob/2455b6a6/stack/rest/src/test/java/org/apache/usergrid/rest/applications/notifiers/NotifiersIT.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/applications/notifiers/NotifiersIT.java b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/notifiers/NotifiersIT.java index a866e23..acbbb25 100644 --- a/stack/rest/src/test/java/org/apache/usergrid/rest/applications/notifiers/NotifiersIT.java +++ b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/notifiers/NotifiersIT.java @@ -39,38 +39,56 @@ public class NotifiersIT extends AbstractRestIT { private static final Logger logger = LoggerFactory.getLogger( NotifiersIT.class ); - //private static final String VALID_CERT_FILE = "apple_push_valid_nocommit.p12"; + private static final String VALID_CERT_NON_APPLE = "valid_non_apple_2036_01_07.p12"; + private static final String VALID_CERT_APPLE = "valid_apple_2017_01_12.p12"; private static final String INVALID_CERT_FILE = "pushtest_dev_recent.p12"; - private static byte[] validCertBytes; + private static byte[] validCertBytesApple; + private static byte[] validCertBytesNonApple; private static byte[] invalidCertBytes; @BeforeClass public static void setup() throws IOException { - //InputStream validCertStream = NotifiersIT.class.getClassLoader().getResourceAsStream(VALID_CERT_FILE); + //InputStream validCertStreamApple = NotifiersIT.class.getClassLoader().getResourceAsStream(VALID_CERT_APPLE); + InputStream validCertStreamNonApple = NotifiersIT.class.getClassLoader().getResourceAsStream(VALID_CERT_NON_APPLE); InputStream invalidCertStream = NotifiersIT.class.getClassLoader().getResourceAsStream(INVALID_CERT_FILE); - //validCertBytes = IOUtils.toByteArray(validCertStream); + //validCertBytesApple = IOUtils.toByteArray(validCertStreamApple); + validCertBytesNonApple = IOUtils.toByteArray(validCertStreamNonApple); invalidCertBytes = IOUtils.toByteArray(invalidCertStream); - //validCertStream.close(); + //validCertStreamApple.close(); + validCertStreamNonApple.close(); invalidCertStream.close(); } - @Ignore("Pending valid certificate being committed to the source code.") @Test - public void createAppleNotifierValidCertificate() { + public void createNotifierValidCertificateNonApple() { + + FormDataMultiPart form = new FormDataMultiPart() + .field("name", "validNotifierNonAppleCert") + .field("environment", "development") + .field("provider", "apple") + .field( "p12Certificate", validCertBytesNonApple, MediaType.MULTIPART_FORM_DATA_TYPE ); + + ApiResponse postResponse = pathResource( getOrgAppPath( "notifiers" )).post( form ); + assertNotNull("certInfo should not be null", postResponse.getEntities().get(0).get("certInfo")); + + } + + @Ignore("Pending valid certificate from Apple committed to the source code or alternate way of specifying.") + @Test + public void createAppleNotifierValidCertificate() { FormDataMultiPart form = new FormDataMultiPart() .field("name", "validAppleNotifier") .field("environment", "development") .field("provider", "apple") - .field( "p12Certificate", validCertBytes, MediaType.MULTIPART_FORM_DATA_TYPE ); + .field( "p12Certificate", validCertBytesApple, MediaType.MULTIPART_FORM_DATA_TYPE ); ApiResponse postResponse = pathResource( getOrgAppPath( "notifiers" )).post( form ); - assertNotNull("certInfo should not be null", postResponse.getEntities().get(0).get("certInfo")); } @@ -78,7 +96,6 @@ public class NotifiersIT extends AbstractRestIT { @Test public void createAppleNotifierInvalidCertificate() { - FormDataMultiPart form = new FormDataMultiPart() .field("name", "validAppleNotifier") .field("environment", "development") http://git-wip-us.apache.org/repos/asf/usergrid/blob/2455b6a6/stack/rest/src/test/resources/valid_non_apple_2036_01_07.p12 ---------------------------------------------------------------------- diff --git a/stack/rest/src/test/resources/valid_non_apple_2036_01_07.p12 b/stack/rest/src/test/resources/valid_non_apple_2036_01_07.p12 new file mode 100644 index 0000000..8fc41a5 Binary files /dev/null and b/stack/rest/src/test/resources/valid_non_apple_2036_01_07.p12 differ