View Javadoc
1   package org.apache.maven.it;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.maven.it.util.ResourceExtractor;
23  import org.apache.maven.it.utils.DeployedResource;
24  import org.codehaus.plexus.util.StringUtils;
25  import org.eclipse.jetty.security.ConstraintMapping;
26  import org.eclipse.jetty.security.ConstraintSecurityHandler;
27  import org.eclipse.jetty.security.HashLoginService;
28  import org.eclipse.jetty.server.NetworkConnector;
29  import org.eclipse.jetty.server.Request;
30  import org.eclipse.jetty.server.Server;
31  import org.eclipse.jetty.server.handler.DefaultHandler;
32  import org.eclipse.jetty.server.handler.HandlerList;
33  import org.eclipse.jetty.server.handler.ResourceHandler;
34  import org.eclipse.jetty.servlet.ServletContextHandler;
35  import org.eclipse.jetty.util.resource.Resource;
36  import org.eclipse.jetty.util.security.Constraint;
37  import org.eclipse.jetty.util.security.Password;
38  
39  import javax.servlet.ServletException;
40  import javax.servlet.http.HttpServletRequest;
41  import javax.servlet.http.HttpServletResponse;
42  import java.io.File;
43  import java.io.IOException;
44  import java.nio.file.Files;
45  import java.util.Deque;
46  import java.util.Properties;
47  import java.util.concurrent.ConcurrentLinkedDeque;
48  
49  import static java.nio.file.StandardCopyOption.REPLACE_EXISTING;
50  import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
51  import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
52  import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
53  
54  /**
55   * This is a test set for <a href="https://issues.apache.org/jira/browse/MNG-4235">MNG-4235</a>.
56   *
57   * @author Benjamin Bentmann
58   *
59   */
60  public class MavenITmng4235HttpAuthDeploymentChecksumsTest
61      extends AbstractMavenIntegrationTestCase
62  {
63      private File testDir;
64  
65      private Server server;
66  
67      private int port;
68  
69      private final RepoHandler repoHandler = new RepoHandler();
70  
71      public MavenITmng4235HttpAuthDeploymentChecksumsTest()
72      {
73          super( "[2.0.5,2.2.0),(2.2.0,)" );
74      }
75  
76      @Override
77      protected void setUp()
78          throws Exception
79      {
80          testDir = ResourceExtractor.simpleExtractResources( getClass(), "/mng-4235" );
81  
82          repoHandler.setResourceBase( testDir.getAbsolutePath() );
83  
84          Constraint constraint = new Constraint();
85          constraint.setName( Constraint.__BASIC_AUTH );
86          constraint.setRoles( new String[]{ "deployer" } );
87          constraint.setAuthenticate( true );
88  
89          ConstraintMapping constraintMapping = new ConstraintMapping();
90          constraintMapping.setConstraint( constraint );
91          constraintMapping.setPathSpec( "/*" );
92  
93          HashLoginService userRealm = new HashLoginService( "TestRealm" );
94          userRealm.putUser( "testuser", new Password( "testpass" ), new String[] { "deployer" } );
95  
96          ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
97          ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
98          securityHandler.setLoginService( userRealm );
99          securityHandler.setAuthMethod( __BASIC_AUTH );
100         securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
101 
102         HandlerList handlerList = new HandlerList();
103         handlerList.addHandler( securityHandler );
104         handlerList.addHandler( repoHandler );
105         handlerList.addHandler( new DefaultHandler() );
106 
107         server = new Server( 0 );
108         server.setHandler( handlerList );
109         server.start();
110         if ( server.isFailed() )
111         {
112             fail( "Couldn't bind the server socket to a free port!" );
113         }
114         port = ( (NetworkConnector) server.getConnectors()[0] ).getLocalPort();
115         System.out.println( "Bound server socket to the port " + port );
116     }
117 
118     @Override
119     protected void tearDown()
120         throws Exception
121     {
122         if ( server != null )
123         {
124             server.stop();
125             server.join();
126         }
127     }
128 
129     /**
130      * Test the creation of proper checksums during deployment to a secured HTTP repo. The pitfall with HTTP auth is
131      * that it might require double submission of the data, first during an initial PUT without credentials and second
132      * during a retried PUT with credentials in response to the auth challenge by the server. The checksum must
133      * nevertheless only be calculated on the non-doubled data stream.
134      *
135      * @throws Exception in case of failure
136      */
137     public void testit()
138         throws Exception
139     {
140         Properties filterProps = new Properties();
141         filterProps.setProperty( "@port@", Integer.toString( port ) );
142 
143         Verifier verifier = newVerifier( testDir.getAbsolutePath() );
144         verifier.filterFile( "pom-template.xml", "pom.xml", "UTF-8", filterProps );
145         verifier.setAutoclean( false );
146         verifier.deleteArtifacts( "org.apache.maven.its.mng4235" );
147         verifier.deleteDirectory( "repo" );
148         verifier.addCliOption( "--settings" );
149         verifier.addCliOption( "settings.xml" );
150         verifier.executeGoal( "validate" );
151         verifier.verifyErrorFreeLog();
152         verifier.resetStreams();
153 
154         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".sha1", "SHA-1" );
155         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".md5", "MD5" );
156 
157         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".sha1", "SHA-1" );
158         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".md5", "MD5" );
159 
160         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".sha1", "SHA-1" );
161         assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".md5", "MD5" );
162 
163         for ( DeployedResource deployedResource : repoHandler.deployedResources )
164         {
165             if ( StringUtils.equalsIgnoreCase( "chunked", deployedResource.transferEncoding ) )
166             {
167                 fail( "deployedResource " + deployedResource
168                           + " use chuncked transfert encoding some http server doesn't support that" );
169             }
170         }
171     }
172 
173     private void assertHash( Verifier verifier, String dataFile, String hashExt, String algo )
174         throws Exception
175     {
176         String actualHash = ItUtils.calcHash( new File( verifier.getBasedir(), dataFile ), algo );
177 
178         String expectedHash = verifier.loadLines( dataFile + hashExt, "UTF-8" ).get( 0 ).trim();
179 
180         assertTrue( "expected=" + expectedHash + ", actual=" + actualHash,
181                     expectedHash.equalsIgnoreCase( actualHash ) );
182     }
183 
184     private static class RepoHandler
185             extends ResourceHandler
186     {
187         private final Deque<DeployedResource> deployedResources = new ConcurrentLinkedDeque<>();
188 
189         @Override
190         public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
191             throws IOException, ServletException
192         {
193             System.out.println( request.getMethod() + " " + request.getRequestURI() );
194 
195             if ( "PUT".equals( request.getMethod() ) )
196             {
197                 Resource resource = getResource( request );
198 
199                 // NOTE: This can get called concurrently but File.mkdirs() isn't thread-safe in all JREs
200                 File dir = resource.getFile().getParentFile();
201                 for ( int i = 0; i < 10 && !dir.exists(); i++ )
202                 {
203                     dir.mkdirs();
204                 }
205 
206                 Files.copy( request.getInputStream(), resource.getFile().toPath(), REPLACE_EXISTING );
207 
208                 DeployedResource deployedResource = new DeployedResource();
209 
210                 deployedResource.httpMethod = request.getMethod();
211                 deployedResource.requestUri = request.getRequestURI();
212                 deployedResource.transferEncoding = request.getHeader( "Transfer-Encoding" );
213                 deployedResource.contentLength = request.getHeader( "Content-Length" );
214 
215                 deployedResources.add( deployedResource );
216 
217                 response.setStatus( HttpServletResponse.SC_NO_CONTENT );
218 
219                 ( (Request) request ).setHandled( true );
220             }
221             else
222             {
223                 super.handle( target, baseRequest, request, response );
224             }
225         }
226     }
227 }