Added unit tests for OpenConnectId

rnrneverdies · rnrneverdies · commit 143cf741e009 · 2015-12-14T16:23:25.000-03:00
diff --git a/services/azure-media/src/main/java/com/microsoft/windowsazure/services/media/implementation/templates/tokenrestriction/TokenRestrictionTemplate.java b/services/azure-media/src/main/java/com/microsoft/windowsazure/services/media/implementation/templates/tokenrestriction/TokenRestrictionTemplate.java
@@ -25,7 +25,7 @@ public class TokenRestrictionTemplate {
     @XmlElement(name = "Issuer", required = true)
     private URI issuer;
     
-    @XmlElement(name = "PrimaryVerificationKey")
+    @XmlElement(name = "PrimaryVerificationKey", nillable = true)
     private TokenVerificationKey primaryVerificationKey;
     
     @XmlElementWrapper(name = "RequiredClaims")
diff --git a/services/azure-media/src/main/java/com/microsoft/windowsazure/services/media/implementation/templates/tokenrestriction/TokenRestrictionTemplateSerializer.java b/services/azure-media/src/main/java/com/microsoft/windowsazure/services/media/implementation/templates/tokenrestriction/TokenRestrictionTemplateSerializer.java
@@ -39,30 +39,9 @@ private TokenRestrictionTemplateSerializer() {
     }
 
     public static String serialize(TokenRestrictionTemplate template) throws JAXBException {
-
-        if (template.getPrimaryVerificationKey() == null && template.getOpenIdConnectDiscoveryDocument() == null) {
-            throw new IllegalArgumentException(
-                    ErrorMessages.PRIMARY_VERIFICATIONKEY_AND_OPENIDCONNECTDISCOVERYDOCUMENT_ARE_NULL);
-        }
-
-        if (template.getOpenIdConnectDiscoveryDocument() != null) {
-            if (template.getOpenIdConnectDiscoveryDocument().getOpenIdDiscoveryUri() == null
-                    || template.getOpenIdConnectDiscoveryDocument().getOpenIdDiscoveryUri().isEmpty()) {
-                throw new IllegalArgumentException(ErrorMessages.OPENIDDISCOVERYURI_STRING_IS_NULL_OR_EMPTY);
-            }
-
-            boolean openIdDiscoveryUrlValid = true;
-            try {
-                new URL(template.getOpenIdConnectDiscoveryDocument().getOpenIdDiscoveryUri());
-            } catch (MalformedURLException e) {
-                openIdDiscoveryUrlValid = false;
-            }
-
-            if (!openIdDiscoveryUrlValid) {
-                throw new IllegalArgumentException(ErrorMessages.OPENIDDISCOVERYURI_STRING_IS_NOT_ABSOLUTE_URI);
-            }
-        }
-
+    	
+    	validateTokenRestrictionTemplate(template);
+    	
         StringWriter writer = new StringWriter();
         JAXBContext context = JAXBContext.newInstance(TokenRestrictionTemplate.class);
         Marshaller m = context.createMarshaller();
@@ -85,7 +64,32 @@ public String getPreferredPrefix(String namespaceUri, String suggestion, boolean
         return writer.toString();
     }
 
-    public static TokenRestrictionTemplate deserialize(String xml) throws JAXBException {
+    private static void validateTokenRestrictionTemplate(TokenRestrictionTemplate template) {
+    	if (template.getPrimaryVerificationKey() == null && template.getOpenIdConnectDiscoveryDocument() == null) {
+            throw new IllegalArgumentException(
+                    ErrorMessages.PRIMARY_VERIFICATIONKEY_AND_OPENIDCONNECTDISCOVERYDOCUMENT_ARE_NULL);
+        }
+
+        if (template.getOpenIdConnectDiscoveryDocument() != null) {
+            if (template.getOpenIdConnectDiscoveryDocument().getOpenIdDiscoveryUri() == null
+                    || template.getOpenIdConnectDiscoveryDocument().getOpenIdDiscoveryUri().isEmpty()) {
+                throw new IllegalArgumentException(ErrorMessages.OPENIDDISCOVERYURI_STRING_IS_NULL_OR_EMPTY);
+            }
+
+            boolean openIdDiscoveryUrlValid = true;
+            try {
+                new URL(template.getOpenIdConnectDiscoveryDocument().getOpenIdDiscoveryUri());
+            } catch (MalformedURLException e) {
+                openIdDiscoveryUrlValid = false;
+            }
+
+            if (!openIdDiscoveryUrlValid) {
+                throw new IllegalArgumentException(ErrorMessages.OPENIDDISCOVERYURI_STRING_IS_NOT_ABSOLUTE_URI);
+            }
+        }		
+	}
+
+	public static TokenRestrictionTemplate deserialize(String xml) throws JAXBException {
         try {
             return deserialize(xml, null);
         } catch (SAXException e) {
@@ -103,7 +107,9 @@ public static TokenRestrictionTemplate deserialize(String xml, String validation
             Schema schema = factory.newSchema(new File(validationSchemaFileName));
             u.setSchema(schema);
         }
-        return (TokenRestrictionTemplate) u.unmarshal(new StringReader(xml));
+        TokenRestrictionTemplate template = (TokenRestrictionTemplate) u.unmarshal(new StringReader(xml));
+    	validateTokenRestrictionTemplate(template);
+        return template;
     }
 
     private static String generateTokenExpiry(Date expiry) {
diff --git a/services/azure-media/src/test/java/com/microsoft/windowsazure/services/media/implementation/templates/tokenrestriction/TokenRestrictionTemplateSerializerTests.java b/services/azure-media/src/test/java/com/microsoft/windowsazure/services/media/implementation/templates/tokenrestriction/TokenRestrictionTemplateSerializerTests.java
@@ -3,6 +3,7 @@
 import static org.junit.Assert.assertArrayEquals;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
@@ -232,4 +233,89 @@ public void NullContentKeyIdentifierClaimShouldThrownJWT() throws Exception {
             assertTrue(e.getMessage().contains("keyIdForContentKeyIdentifierClaim"));
         }
     }
+    
+    @Test
+    public void OpenIdDocumentAsVerificationKeyRoundTrip() throws JAXBException, URISyntaxException
+    {
+        String openConnectId = "https://openconnectIddiscoveryUri";
+        String expectedElement =
+            "<OpenIdDiscoveryUri>https://openconnectIddiscoveryUri</OpenIdDiscoveryUri>";
+
+        TokenRestrictionTemplate template = new TokenRestrictionTemplate(TokenType.JWT);
+        template.setAudience(new URI(_sampleAudience));
+        template.setIssuer(new URI(_sampleIssuer));
+        OpenIdConnectDiscoveryDocument openId = new OpenIdConnectDiscoveryDocument();
+        openId.setOpenIdDiscoveryUri(openConnectId);
+        template.setOpenIdConnectDiscoveryDocument(openId);
+        String templateAsString = TokenRestrictionTemplateSerializer.serialize(template);
+        assertTrue(templateAsString.contains("<PrimaryVerificationKey i:nil=\"true\"/>"));
+        assertTrue(templateAsString.contains(expectedElement));
+        TokenRestrictionTemplate output = TokenRestrictionTemplateSerializer.deserialize(templateAsString);
+        assertNotNull(output);
+        assertNotNull(output.getOpenIdConnectDiscoveryDocument());
+        assertNull(output.getPrimaryVerificationKey());
+        assertTrue(output.getAlternateVerificationKeys().isEmpty());
+        assertEquals(output.getOpenIdConnectDiscoveryDocument().getOpenIdDiscoveryUri(), openConnectId);
+
+    }
+    
+    @Test
+    public void TokenRestrictionTemplateSerializeNotPrimaryKeyAndNoOpenConnectIdDocument() throws URISyntaxException
+    {
+        TokenRestrictionTemplate template = new TokenRestrictionTemplate(TokenType.JWT);
+        template.setAudience(new URI(_sampleAudience));
+        template.setIssuer(new URI(_sampleIssuer));
+        try {
+            TokenRestrictionTemplateSerializer.serialize(template);
+            fail();
+        }
+        catch (Exception ex) {
+            assertEquals("Both PrimaryVerificationKey and OpenIdConnectDiscoveryDocument are null.", ex.getMessage());
+        }
+    }
+    
+    @Test
+    public void InputMissingPrimaryKeyShouldNotThrow()
+    {
+        String tokenTemplate = "<TokenRestrictionTemplate xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://schemas.microsoft.com/Azure/MediaServices/KeyDelivery/TokenRestrictionTemplate/v1\"><AlternateVerificationKeys><TokenVerificationKey i:type=\"SymmetricVerificationKey\"><KeyValue>GG07fDPZ+HMD2vcoknMqYjEJMb7LSq8zUmdCYMvRCevnQK//ilbhODO/FydMrHiwZGmI6XywvOOU7SSzRPlI3Q==</KeyValue></TokenVerificationKey></AlternateVerificationKeys><Audience>http://sampleaudience/</Audience><Issuer>http://sampleissuerurl/</Issuer><RequiredClaims><TokenClaim><ClaimType>urn:microsoft:azure:mediaservices:contentkeyidentifier</ClaimType><ClaimValue i:nil=\"true\" /></TokenClaim><TokenClaim><ClaimType>urn:myservice:claims:rental</ClaimType><ClaimValue>true</ClaimValue></TokenClaim></RequiredClaims></TokenRestrictionTemplate>";
+        try {
+			TokenRestrictionTemplateSerializer.deserialize(tokenTemplate);
+			fail();
+		} catch (Exception ex) {
+            assertEquals("Both PrimaryVerificationKey and OpenIdConnectDiscoveryDocument are null.", ex.getMessage());
+		}
+    }
+    
+    @Test	
+    public void TokenRestrictionTemplateDeserializeNotAbsoluteDiscoveryUri()
+    {
+        String body =
+            "<TokenRestrictionTemplate xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://schemas.microsoft.com/Azure/MediaServices/KeyDelivery/TokenRestrictionTemplate/v1\" ><AlternateVerificationKeys /><Audience>http://sampleissuerurl/</Audience><Issuer>http://sampleaudience/</Issuer><OpenIdConnectDiscoveryDocument ><OpenIdDiscoveryUri >RelativeUri</OpenIdDiscoveryUri></OpenIdConnectDiscoveryDocument></TokenRestrictionTemplate>";
+
+        try
+        {
+            TokenRestrictionTemplateSerializer.deserialize(body);
+            fail();
+        }
+        catch (Exception ex)
+        {
+        	assertEquals("String representation of OpenIdConnectDiscoveryDocument.OpenIdDiscoveryUri is not valid absolute Uri.", ex.getMessage());
+        }
+    }
+    
+    @Test
+    public void TokenRestrictionTemplateDeserializeNilOpenConnectIdDocumentUriNoPrimaryKey()
+    {
+        String body =
+            "<TokenRestrictionTemplate xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://schemas.microsoft.com/Azure/MediaServices/KeyDelivery/TokenRestrictionTemplate/v1\" ><AlternateVerificationKeys /><Audience>http://sampleissuerurl/</Audience><Issuer>http://sampleaudience/</Issuer><OpenIdConnectDiscoveryDocument ><OpenIdDiscoveryUri i:nil=\"true\"></OpenIdDiscoveryUri></OpenIdConnectDiscoveryDocument></TokenRestrictionTemplate>";
+        try
+        {
+            TokenRestrictionTemplateSerializer.deserialize(body);
+            fail();
+        }
+        catch (Exception ex)
+        {
+        	assertEquals("OpenIdConnectDiscoveryDocument.OpenIdDiscoveryUri string value is null or empty.", ex.getMessage());
+        }
+    }
 }
