diff --git a/modules/integration/tests-platform/src/test/java/org/wso2/automation/platform/tests/apim/is/SingleSignOnTestCase.java b/modules/integration/tests-platform/src/test/java/org/wso2/automation/platform/tests/apim/is/SingleSignOnTestCase.java index 101649d670..a3a3ea2fb8 100644 --- a/modules/integration/tests-platform/src/test/java/org/wso2/automation/platform/tests/apim/is/SingleSignOnTestCase.java +++ b/modules/integration/tests-platform/src/test/java/org/wso2/automation/platform/tests/apim/is/SingleSignOnTestCase.java @@ -59,6 +59,7 @@ import java.util.List; import static org.testng.Assert.assertEquals; +import static org.testng.Assert.assertFalse; import static org.testng.Assert.assertNotNull; import static org.testng.Assert.assertTrue; @@ -91,6 +92,7 @@ public class SingleSignOnTestCase extends APIMIntegrationBaseTest { private String apiName = "SingleSignOnAPI"; private String apiVersion = "1.0.0"; private String callbackUrl = "www.youtube.com"; + private String testApplicationName = "SSOTestApplication"; private HttpResponse response; private HttpClient httpClient; @@ -150,6 +152,7 @@ public void init() throws APIManagerIntegrationTestException { @AfterClass(alwaysRun = true) public void destroy() throws Exception { + deleteApplication(); super.cleanup(); } @@ -569,13 +572,15 @@ private Boolean createAndPublishAPI() throws Exception { return true; } - private void createApplication() throws Exception { + @Test(description = "Create an application Using API", groups = "wso2.apim.is") + public void createApplicationTest() throws Exception { //1 HttpResponse response = sendGetRequest(String.format(httpsStoreUrl + "/site/pages" + - "/applications.jag?tenant=" + storeContext.getSuperTenant().getDomain())); + "/applications.jag?tenant=" + storeContext.getSuperTenant().getDomain())); assertEquals(Response.Status.OK.getStatusCode(), response.getStatusLine().getStatusCode(), - "Response mismatch not 200"); + "Response mismatch not 200"); + String csrf = response.getLastHeader("Set-Cookie").getElements()[0].getValue(); EntityUtils.consume(response.getEntity()); //2 @@ -584,9 +589,9 @@ private void createApplication() throws Exception { urlParameters.add(new BasicNameValuePair("tenant", storeContext.getSuperTenant().getDomain())); urlParameters.add(new BasicNameValuePair("limit", "5")); response = sendPOSTMessage(httpsStoreUrl + "/site/blocks/api/recently-added/ajax/list.jag", - urlParameters); + urlParameters); assertEquals(Response.Status.OK.getStatusCode(), response.getStatusLine().getStatusCode(), - "Response mismatch not 200"); + "Response mismatch not 200"); EntityUtils.consume(response.getEntity()); @@ -594,9 +599,9 @@ private void createApplication() throws Exception { urlParameters.clear(); urlParameters.add(new BasicNameValuePair("action", "sessionCheck")); response = sendPOSTMessage(httpsStoreUrl + "/site/blocks/user/login/ajax/sessionCheck.jag", - urlParameters); + urlParameters); assertEquals(Response.Status.OK.getStatusCode(), response.getStatusLine().getStatusCode(), - "Response mismatch not 200"); + "Response mismatch not 200"); EntityUtils.consume(response.getEntity()); urlParameters.clear(); @@ -604,14 +609,53 @@ private void createApplication() throws Exception { urlParameters.add(new BasicNameValuePair("tier", "Unlimited")); urlParameters.add(new BasicNameValuePair("callbackUrl", callbackUrl)); urlParameters.add(new BasicNameValuePair("description", "This is platform based application")); - urlParameters.add(new BasicNameValuePair("application", "SSOApplication")); - response = sendPOSTMessage(httpsStoreUrl + "/site/blocks/application/" + - "application-add/ajax/application-add.jag", - urlParameters); + urlParameters.add(new BasicNameValuePair("application", testApplicationName)); + response = sendPOSTMessageWithCSRF(httpsStoreUrl + "/site/blocks/application/" + + "application-add/ajax/application-add.jag", urlParameters, csrf); assertEquals(Response.Status.OK.getStatusCode(), response.getStatusLine().getStatusCode(), - "Response mismatch not 200"); + "Response mismatch not 200"); + boolean isError = getResponseBody(response).contains("\"error\" : true"); + assertFalse(isError, "Error when Application Creation"); + EntityUtils.consume(response.getEntity()); + + response = sendGetRequest(httpsStoreUrl + "/site/blocks/application/" + + "application-list/ajax/application-list.jag?action=getApplications"); + boolean isAppExist = getResponseBody(response).contains("\"name\" : \"" + testApplicationName + "\""); + assertTrue(isAppExist, "Application Creattion not succesful"); + EntityUtils.consume(response.getEntity()); + } + + private void deleteApplication() throws Exception { + HttpResponse response = sendGetRequest(String.format(httpsStoreUrl + "/site/pages" + + "/applications.jag?tenant=" + storeContext.getSuperTenant().getDomain())); + assertEquals(Response.Status.OK.getStatusCode(), response.getStatusLine().getStatusCode(), + "Response mismatch not 200"); + String csrf = response.getLastHeader("Set-Cookie").getElements()[0].getValue(); + EntityUtils.consume(response.getEntity()); + + urlParameters.clear(); + urlParameters.add(new BasicNameValuePair("action", "removeApplication")); + urlParameters.add(new BasicNameValuePair("application", testApplicationName)); + response = sendPOSTMessageWithCSRF(httpsStoreUrl + "/site/blocks/application/" + + "application-remove/ajax/application-remove.jag", urlParameters, csrf); + assertEquals(Response.Status.OK.getStatusCode(), response.getStatusLine().getStatusCode(), + "Response mismatch not 200"); + boolean isError = getResponseBody(response).contains("\"error\" : true"); + assertFalse(isError, "Error on Application deletion"); + EntityUtils.consume(response.getEntity()); + + urlParameters.clear(); + urlParameters.add(new BasicNameValuePair("action", "sessionCheck")); + response = sendPOSTMessage(httpsStoreUrl + "/site/blocks/user/login/ajax/sessionCheck.jag", urlParameters); + assertEquals(Response.Status.OK.getStatusCode(), response.getStatusLine().getStatusCode(), + "Response mismatch not 200"); EntityUtils.consume(response.getEntity()); + response = sendGetRequest(httpsStoreUrl + "/site/blocks/application/" + + "application-list/ajax/application-list.jag?action=getApplications"); + boolean isAppExist = getResponseBody(response).contains("\"name\" : \"" + testApplicationName + "\""); + assertFalse(isAppExist, "Application Deletion not successfull"); + EntityUtils.consume(response.getEntity()); } @@ -630,6 +674,15 @@ private HttpResponse sendPOSTMessage(String url, List urlParamete return httpClient.execute(post); } + private HttpResponse sendPOSTMessageWithCSRF(String url, List urlParameters, String csrf) + throws Exception { + HttpPost post = new HttpPost(url); + post.setHeader("User-Agent", USER_AGENT); + post.addHeader("Referer", url); + post.addHeader("X-CSRFToken", csrf); + post.setEntity(new UrlEncodedFormEntity(urlParameters)); + return httpClient.execute(post); + } private HttpResponse sendRedirectRequest(HttpResponse response) throws IOException { Header[] headers = response.getAllHeaders();