Make TLS client auth configurable in test driver factory

author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2020-03-03 12:25:49 +0100
committer: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2020-03-03 16:01:38 +0100
commit: 3ea3a1ab4f77d181025d5beecdb8c2a4694780d0 (patch)
tree: 45eaa220aaed9919c27d8ac21f35e8a1682a539c /jdisc_http_service
parent: 12bce6d56011a44f1c55b72353d10f7ab5e52437 (diff)
2 files changed, 11 insertions, 4 deletions
diff --git a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java
index 31ecf3ca2fc..0e7bdd409e1 100644
--- a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java
+++ b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java
@@ -87,6 +87,7 @@ import static org.mockito.Mockito.when;
 /**
  * @author Oyvind Bakksjo
  * @author Simon Thoresen Hult
+ * @author bjorncs
  */
 public class HttpServerTest {
 
@@ -478,7 +479,7 @@ public class HttpServerTest {
         Path certificateFile = tmpFolder.newFile().toPath();
         generatePrivateKeyAndCertificate(privateKeyFile, certificateFile);
 
-        final TestDriver driver = TestDrivers.newInstanceWithSsl(new EchoRequestHandler(), certificateFile, privateKeyFile);
+        final TestDriver driver = TestDrivers.newInstanceWithSsl(new EchoRequestHandler(), certificateFile, privateKeyFile, TlsClientAuth.WANT);
         driver.client().get("/status.html")
               .expectStatusCode(is(OK));
         assertThat(driver.close(), is(true));
@@ -489,7 +490,7 @@ public class HttpServerTest {
         Path privateKeyFile = tmpFolder.newFile().toPath();
         Path certificateFile = tmpFolder.newFile().toPath();
         generatePrivateKeyAndCertificate(privateKeyFile, certificateFile);
-        TestDriver driver = TestDrivers.newInstanceWithSsl(new EchoRequestHandler(), certificateFile, privateKeyFile);
+        TestDriver driver = TestDrivers.newInstanceWithSsl(new EchoRequestHandler(), certificateFile, privateKeyFile, TlsClientAuth.WANT);
 
         SSLContext trustStoreOnlyCtx = new SslContextBuilder()
                 .withTrustStore(certificateFile)
@@ -507,7 +508,7 @@ public class HttpServerTest {
         Path privateKeyFile = tmpFolder.newFile().toPath();
         Path certificateFile = tmpFolder.newFile().toPath();
         generatePrivateKeyAndCertificate(privateKeyFile, certificateFile);
-        TestDriver driver = TestDrivers.newInstanceWithSsl(new EchoRequestHandler(), certificateFile, privateKeyFile);
+        TestDriver driver = TestDrivers.newInstanceWithSsl(new EchoRequestHandler(), certificateFile, privateKeyFile, TlsClientAuth.WANT);
 
         SSLContext trustStoreOnlyCtx = new SslContextBuilder()
                 .withTrustStore(certificateFile)
diff --git a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/TestDrivers.java b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/TestDrivers.java
index e0933ac485e..4908da2ba75 100644
--- a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/TestDrivers.java
+++ b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/TestDrivers.java
@@ -20,6 +20,7 @@ import java.nio.file.Path;
 
 /**
  * @author Simon Thoresen Hult
+ * @author bjorncs
  */
 public class TestDrivers {
 
@@ -45,9 +46,12 @@ public class TestDrivers {
                 ));
     }
 
+    public enum TlsClientAuth { NEED, WANT }
+
     public static TestDriver newInstanceWithSsl(final RequestHandler requestHandler,
                                                 Path certificateFile,
                                                 Path privateKeyFile,
+                                                TlsClientAuth tlsClientAuth,
                                                 final Module... guiceModules) throws IOException {
         return TestDriver.newInstance(
                 JettyHttpServer.class,
@@ -61,7 +65,9 @@ public class TestDrivers {
                                                 .pathWhitelist("/status.html"))
                                 .ssl(new ConnectorConfig.Ssl.Builder()
                                              .enabled(true)
-                                             .clientAuth(ConnectorConfig.Ssl.ClientAuth.Enum.WANT_AUTH)
+                                             .clientAuth(tlsClientAuth == TlsClientAuth.NEED
+                                                                 ? ConnectorConfig.Ssl.ClientAuth.Enum.NEED_AUTH
+                                                                 : ConnectorConfig.Ssl.ClientAuth.Enum.WANT_AUTH)
                                              .privateKeyFile(privateKeyFile.toString())
                                              .certificateFile(certificateFile.toString())
                                              .caCertificateFile(certificateFile.toString())),
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2020-03-03 12:25:49 +0100
committer	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2020-03-03 16:01:38 +0100
commit	3ea3a1ab4f77d181025d5beecdb8c2a4694780d0 (patch)
tree	45eaa220aaed9919c27d8ac21f35e8a1682a539c /jdisc_http_service
parent	12bce6d56011a44f1c55b72353d10f7ab5e52437 (diff)