/** * Exposes a factory for JWTs asserting a device's registration status as a Spring bean. * * @return The bean. */ @Bean @Qualifier("signing") public RegistrationAssertionHelper registrationAssertionFactory() { final ServiceConfigProperties amqpProps = amqpProperties(); final FileBasedRegistrationConfigProperties serviceProps = serviceProperties(); if (!serviceProps.getSigning().isAppropriateForCreating() && amqpProps.getKeyPath() != null) { // fall back to TLS configuration serviceProps.getSigning().setKeyPath(amqpProps.getKeyPath()); } return RegistrationAssertionHelperImpl.forSigning(vertx(), serviceProps.getSigning()); }
/** * Exposes a factory for JWTs asserting a device's registration status as a Spring bean. * * @return The bean. */ @Bean @Qualifier("signing") public RegistrationAssertionHelper registrationAssertionFactory() { final ServiceConfigProperties amqpProps = amqpProperties(); final FileBasedRegistrationConfigProperties serviceProps = serviceProperties(); if (!serviceProps.getSigning().isAppropriateForCreating() && amqpProps.getKeyPath() != null) { // fall back to TLS configuration serviceProps.getSigning().setKeyPath(amqpProps.getKeyPath()); } return RegistrationAssertionHelperImpl.forSigning(vertx(), serviceProps.getSigning()); }
/** * Verifies that the addDevice method returns not implemented. * * @param ctx The vertx unit test context. */ @Test public void testAddDevice(final TestContext ctx) { // GIVEN an empty registry final CompleteBaseRegistrationService<ServiceConfigProperties> registrationService = newCompleteRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to add a new device registrationService.addDevice(Constants.DEFAULT_TENANT, "4711", new JsonObject(), ctx.asyncAssertSuccess(result -> { // THEN the response contain a JWT token with an empty result with status code 501. ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_NOT_IMPLEMENTED); ctx.assertNull(result.getPayload()); })); }
/** * Verifies that the updateDevice method returns not implemented. * * @param ctx The vertx unit test context. */ @Test public void testUpdateDevice(final TestContext ctx) { // GIVEN an empty registry final CompleteBaseRegistrationService<ServiceConfigProperties> registrationService = newCompleteRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to update a device registrationService.updateDevice(Constants.DEFAULT_TENANT, "4711", new JsonObject(), ctx.asyncAssertSuccess(result -> { // THEN the response contain a JWT token with an empty result with status code 501. ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_NOT_IMPLEMENTED); ctx.assertNull(result.getPayload()); })); }
/** * Verifies that a device's status can be asserted by an existing gateway. * * @param ctx The vertx unit test context. */ @Test public void testAssertDeviceRegistrationSucceedsForExistingGateway(final TestContext ctx) { // GIVEN a registry that contains an enabled device that is configured to // be connected to an enabled gateway final BaseRegistrationService<ServiceConfigProperties> registrationService = newRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to assert the device's registration status for a gateway registrationService.assertRegistration(Constants.DEFAULT_TENANT, "4711", "gw-1", ctx.asyncAssertSuccess(result -> { // THEN the response contains a 200 status ctx.assertEquals(HttpURLConnection.HTTP_OK, result.getStatus()); final JsonObject payload = result.getPayload(); ctx.assertNotNull(payload); // and contains a JWT token ctx.assertNotNull(payload.getString(RegistrationConstants.FIELD_ASSERTION)); })); }
/** * Verifies that an enabled device's status can be asserted successfully. * * @param ctx The vertx unit test context. */ @Test public void testAssertDeviceRegistrationReturnsToken(final TestContext ctx) { // GIVEN a registry that contains an enabled device with a default content type set final BaseRegistrationService<ServiceConfigProperties> registrationService = newRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to assert the device's registration status registrationService.assertRegistration(Constants.DEFAULT_TENANT, "4711", ctx.asyncAssertSuccess(result -> { ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_OK); final JsonObject payload = result.getPayload(); ctx.assertNotNull(payload); // THEN the response contains a JWT token asserting the device's registration status final String compactJws = payload.getString(RegistrationConstants.FIELD_ASSERTION); ctx.assertNotNull(compactJws); // and contains the registered default content type final JsonObject defaults = payload.getJsonObject(RegistrationConstants.FIELD_DEFAULTS); ctx.assertNotNull(defaults); ctx.assertEquals("application/default", defaults.getString(MessageHelper.SYS_PROPERTY_CONTENT_TYPE)); })); }
/** * Verifies that signatures created using an RSA private key can be validated using the corresponding public key. */ @Test public void testForSigningWorksWithRsaSignatures() { final SignatureSupportingConfigProperties props = new SignatureSupportingConfigProperties(); props.setKeyPath("target/certs/hono-messaging-key.pem"); props.setCertPath("target/certs/hono-messaging-cert.pem"); final RegistrationAssertionHelper factory = RegistrationAssertionHelperImpl.forSigning(vertx, props); final String assertion = factory.getAssertion("tenant", "device"); assertNotNull(assertion); final RegistrationAssertionHelper validator = RegistrationAssertionHelperImpl.forValidating(vertx, props); assertTrue(validator.isValid(assertion, "tenant", "device")); }
/** * Verifies that the registry returns 400 when issuing a request with an unsupported action. * * @param ctx The vert.x test context. */ @Test public void testProcessRequestFailsWithUnsupportedAction(final TestContext ctx) { // GIVEN an empty registry final CompleteBaseRegistrationService<ServiceConfigProperties> registrationService = newCompleteRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); registrationService .processRequest(EventBusMessage.forOperation("unknown-action")) .setHandler(ctx.asyncAssertFailure(t -> { ctx.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, ((ServiceInvocationException) t).getErrorCode()); })); }
/** * Verifies that a disabled device's status cannot be asserted. * * @param ctx The vertx unit test context. */ @Test public void testAssertDeviceRegistrationFailsForDisabledDevice(final TestContext ctx) { // GIVEN a registry that contains a disabled device final BaseRegistrationService<ServiceConfigProperties> registrationService = newRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to assert the device's registration status registrationService.assertRegistration(Constants.DEFAULT_TENANT, "4712", ctx.asyncAssertSuccess(result -> { // THEN the response does not contain a JWT token ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_NOT_FOUND); ctx.assertNull(result.getPayload()); })); }
/** * Verifies that the getDevice method returns not implemented. * * @param ctx The vertx unit test context. */ @Test public void testGetDevice(final TestContext ctx) { // GIVEN an empty registry final CompleteBaseRegistrationService<ServiceConfigProperties> registrationService = newCompleteRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to get a device's data registrationService.getDevice(Constants.DEFAULT_TENANT, "4711", ctx.asyncAssertSuccess(result -> { // THEN the response contain a JWT token with an empty result with status code 501. ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_NOT_IMPLEMENTED); ctx.assertNull(result.getPayload()); })); }
/** * Verifies that a non existing device's status cannot be asserted. * * @param ctx The vertx unit test context. */ @Test public void testAssertDeviceRegistrationFailsForNonExistingDevice(final TestContext ctx) { // GIVEN a registry that does not contain any devices final BaseRegistrationService<ServiceConfigProperties> registrationService = newRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to assert a device's registration status registrationService.assertRegistration(Constants.DEFAULT_TENANT, "non-existent", ctx.asyncAssertSuccess(result -> { // THEN the response does not contain a JWT token ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_NOT_FOUND); ctx.assertNull(result.getPayload()); })); }
/** * Verifies that the removeDevice method returns not implemented. * * @param ctx The vertx unit test context. */ @Test public void testRemoveDevice(final TestContext ctx) { // GIVEN an empty registry final CompleteBaseRegistrationService<ServiceConfigProperties> registrationService = newCompleteRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to remove a device registrationService.removeDevice(Constants.DEFAULT_TENANT, "4711", ctx.asyncAssertSuccess(result -> { // THEN the response contain a JWT token with an empty result with status code 501. ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_NOT_IMPLEMENTED); ctx.assertNull(result.getPayload()); })); }
/** * Verifies that a device's status cannot be asserted by a disabled gateway. * * @param ctx The vertx unit test context. */ @Test public void testAssertDeviceRegistrationFailsForDisabledGateway(final TestContext ctx) { // GIVEN a registry that contains an enabled device // and a gateway that the device is configured for but // which is disabled final BaseRegistrationService<ServiceConfigProperties> registrationService = newRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to assert the device's registration status for a gateway registrationService.assertRegistration(Constants.DEFAULT_TENANT, "4713", "gw-3", ctx.asyncAssertSuccess(result -> { // THEN the response contains a 403 status ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_FORBIDDEN); // and does not contain a JWT token ctx.assertNull(result.getPayload()); })); }
/** * Verifies that a device's status cannot be asserted by a non-existing gateway. * * @param ctx The vertx unit test context. */ @Test public void testAssertDeviceRegistrationFailsForNonExistingGateway(final TestContext ctx) { // GIVEN a registry that contains an enabled device but no gateway final BaseRegistrationService<ServiceConfigProperties> registrationService = newRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to assert the device's registration status for a gateway registrationService.assertRegistration(Constants.DEFAULT_TENANT, "4711", "non-existent-gw", ctx.asyncAssertSuccess(result -> { // THEN the response contains a 403 status ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_FORBIDDEN); // and does not contain a JWT token ctx.assertNull(result.getPayload()); })); }
/** * Verifies that a device's status cannot be asserted by a gateway that does not * match the device's configured gateway. * * @param ctx The vertx unit test context. */ @Test public void testAssertDeviceRegistrationFailsForWrongGateway(final TestContext ctx) { // GIVEN a registry that contains an enabled device and two gateways: // 1. the gateway that the device is configured for. // 2. another gateway final BaseRegistrationService<ServiceConfigProperties> registrationService = newRegistrationService(); registrationService.setRegistrationAssertionFactory(RegistrationAssertionHelperImpl.forSigning(vertx, props)); // WHEN trying to assert the device's registration status for the wrong gateway registrationService.assertRegistration(Constants.DEFAULT_TENANT, "4711", "gw-2", ctx.asyncAssertSuccess(result -> { // THEN the response contains a 403 status ctx.assertEquals(result.getStatus(), HttpURLConnection.HTTP_FORBIDDEN); // and does not contain a JWT token ctx.assertNull(result.getPayload()); })); }