From d604f213beb989e8fb4fdf631a6aface68242ae0 Mon Sep 17 00:00:00 2001 From: Xavi Aracil Date: Wed, 30 Nov 2022 18:50:01 +0100 Subject: [PATCH] Added test with non-http issuer --- .../org/oneedtech/inspect/vc/OB20Tests.java | 28 ++- .../org/oneedtech/inspect/vc/Samples.java | 2 + .../resources/ob20/assets/altbadgeurl.json | 2 +- .../resources/ob20/assets/bad-issuer.json | 206 ++++++++++++++++++ .../ob20/assets/badge-with-bad-issuer.json | 10 + .../resources/ob20/assets/badgeclass1.json | 2 +- .../resources/ob20/assets/badgecriteria.json | 3 + .../ob20/warning-issuer-non-http.json | 17 ++ 8 files changed, 262 insertions(+), 8 deletions(-) create mode 100644 inspector-vc/src/test/resources/ob20/assets/bad-issuer.json create mode 100644 inspector-vc/src/test/resources/ob20/assets/badge-with-bad-issuer.json create mode 100644 inspector-vc/src/test/resources/ob20/assets/badgecriteria.json create mode 100644 inspector-vc/src/test/resources/ob20/warning-issuer-non-http.json diff --git a/inspector-vc/src/test/java/org/oneedtech/inspect/vc/OB20Tests.java b/inspector-vc/src/test/java/org/oneedtech/inspect/vc/OB20Tests.java index 72ab6ff..ff79985 100644 --- a/inspector-vc/src/test/java/org/oneedtech/inspect/vc/OB20Tests.java +++ b/inspector-vc/src/test/java/org/oneedtech/inspect/vc/OB20Tests.java @@ -9,6 +9,7 @@ import static org.oneedtech.inspect.test.Assertions.assertWarning; import java.net.URI; import java.net.URISyntaxException; +import java.util.List; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Nested; @@ -26,10 +27,11 @@ public class OB20Tests { @BeforeAll static void setup() throws URISyntaxException { - validator = new TestBuilder() - .add(new URI("https://www.example.org/"), "ob20/assets") - .add(new URI("https://example.org/"), "ob20/assets") - .add(new URI("http://example.org/"), "ob20/assets") + TestBuilder builder = new TestBuilder(); + for (String localDomain : localDomains) { + builder.add(new URI(localDomain), "ob20/assets"); + } + validator = builder .set(Behavior.TEST_INCLUDE_SUCCESS, true) .set(Behavior.TEST_INCLUDE_WARNINGS, false) .set(Behavior.VALIDATOR_FAIL_FAST, true) @@ -93,8 +95,11 @@ public class OB20Tests { static class WarningTests { @BeforeAll static void setup() throws URISyntaxException { - validator = new TestBuilder() - .add(new URI("https://www.example.org/"), "ob20/assets") + TestBuilder builder = new TestBuilder(); + for (String localDomain : localDomains) { + builder.add(new URI(localDomain), "ob20/assets"); + } + validator = builder .set(Behavior.TEST_INCLUDE_SUCCESS, true) .set(Behavior.TEST_INCLUDE_WARNINGS, true) .set(Behavior.VALIDATOR_FAIL_FAST, true) @@ -110,5 +115,16 @@ public class OB20Tests { assertWarning(report); }); } + + @Test + void testWarningIssuerNonHttps() { + assertDoesNotThrow(()->{ + Report report = validator.run(Samples.OB20.JSON.WARNING_ISSUER_NON_HTTPS_JSON.asFileResource()); + if(verbose) PrintHelper.print(report, true); + assertWarning(report); + }); + } } + + private static final List localDomains = List.of("https://www.example.org/", "https://example.org/", "http://example.org/"); } diff --git a/inspector-vc/src/test/java/org/oneedtech/inspect/vc/Samples.java b/inspector-vc/src/test/java/org/oneedtech/inspect/vc/Samples.java index 6f3f861..a07ff01 100644 --- a/inspector-vc/src/test/java/org/oneedtech/inspect/vc/Samples.java +++ b/inspector-vc/src/test/java/org/oneedtech/inspect/vc/Samples.java @@ -49,6 +49,8 @@ public class Samples { public final static Sample SIMPLE_ASSERTION_INVALID_TYPE_JSON = new Sample("ob20/basic-assertion-invalid-type.json", true); // original: test_graph: test_verify_with_redirection public final static Sample WARNING_REDIRECTION_ASSERTION_JSON = new Sample("ob20/warning-with-redirection.json", true); + // original: test_validation: test_issuer_warn_on_non_https_id + public final static Sample WARNING_ISSUER_NON_HTTPS_JSON = new Sample("ob20/warning-issuer-non-http.json", true); // original: test_validation: test_can_input_badgeclass public final static Sample SIMPLE_BADGECLASS = new Sample("ob20/assets/badgeclass1.json", true); } diff --git a/inspector-vc/src/test/resources/ob20/assets/altbadgeurl.json b/inspector-vc/src/test/resources/ob20/assets/altbadgeurl.json index 3554627..588b5a5 100644 --- a/inspector-vc/src/test/resources/ob20/assets/altbadgeurl.json +++ b/inspector-vc/src/test/resources/ob20/assets/altbadgeurl.json @@ -5,6 +5,6 @@ "name": "Awesome Robotics Badge", "description": "For doing awesome things with robots that people think is pretty great.", "image": "https://example.org/robotics-badge.png", - "criteria": "https://example.org/robotics-badge.html", + "criteria": "http://example.com/badgecriteria.json", "issuer": "https://example.org/organization.json" } \ No newline at end of file diff --git a/inspector-vc/src/test/resources/ob20/assets/bad-issuer.json b/inspector-vc/src/test/resources/ob20/assets/bad-issuer.json new file mode 100644 index 0000000..d035c87 --- /dev/null +++ b/inspector-vc/src/test/resources/ob20/assets/bad-issuer.json @@ -0,0 +1,206 @@ +{ + "@context": { + "id": "@id", + "type": "@type", + "extensions": "https://w3id.org/openbadges/extensions#", + "obi": "https://w3id.org/openbadges#", + "validation": "obi:validation", + "cred": "https://w3id.org/credentials#", + "dc": "http://purl.org/dc/terms/", + "schema": "http://schema.org/", + "sec": "https://w3id.org/security#", + "xsd": "http://www.w3.org/2001/XMLSchema#", + "AlignmentObject": "schema:AlignmentObject", + "CryptographicKey": "sec:Key", + "Endorsement": "cred:Credential", + "Assertion": "obi:Assertion", + "BadgeClass": "obi:BadgeClass", + "Criteria": "obi:Criteria", + "Evidence": "obi:Evidence", + "Extension": "obi:Extension", + "FrameValidation": "obi:FrameValidation", + "IdentityObject": "obi:IdentityObject", + "Image": "obi:Image", + "HostedBadge": "obi:HostedBadge", + "hosted": "obi:HostedBadge", + "Issuer": "obi:Issuer", + "Profile": "obi:Profile", + "RevocationList": "obi:RevocationList", + "SignedBadge": "obi:SignedBadge", + "signed": "obi:SignedBadge", + "TypeValidation": "obi:TypeValidation", + "VerificationObject": "obi:VerificationObject", + "author": { + "@id": "schema:author", + "@type": "@id" + }, + "caption": { + "@id": "schema:caption" + }, + "claim": { + "@id": "cred:claim", + "@type": "@id" + }, + "created": { + "@id": "dc:created", + "@type": "xsd:dateTime" + }, + "creator": { + "@id": "dc:creator", + "@type": "@id" + }, + "description": { + "@id": "schema:description" + }, + "email": { + "@id": "schema:email" + }, + "endorsement": { + "@id": "cred:credential", + "@type": "@id" + }, + "expires": { + "@id": "sec:expiration", + "@type": "xsd:dateTime" + }, + "genre": { + "@id": "schema:genre" + }, + "image": { + "@id": "schema:image", + "@type": "@id" + }, + "name": { + "@id": "schema:name" + }, + "owner": { + "@id": "sec:owner", + "@type": "@id" + }, + "publicKey": { + "@id": "sec:publicKey", + "@type": "@id" + }, + "publicKeyPem": { + "@id": "sec:publicKeyPem" + }, + "related": { + "@id": "dc:relation", + "@type": "@id" + }, + "startsWith": { + "@id": "http://purl.org/dqm-vocabulary/v1/dqm#startsWith" + }, + "tags": { + "@id": "schema:keywords" + }, + "targetDescription": { + "@id": "schema:targetDescription" + }, + "targetFramework": { + "@id": "schema:targetFramework" + }, + "targetName": { + "@id": "schema:targetName" + }, + "targetUrl": { + "@id": "schema:targetUrl" + }, + "telephone": { + "@id": "schema:telephone" + }, + "url": { + "@id": "schema:url", + "@type": "@id" + }, + "version": { + "@id": "schema:version" + }, + "alignment": { + "@id": "obi:alignment", + "@type": "@id" + }, + "allowedOrigins": { + "@id": "obi:allowedOrigins" + }, + "audience": { + "@id": "obi:audience" + }, + "badge": { + "@id": "obi:badge", + "@type": "@id" + }, + "criteria": { + "@id": "obi:criteria", + "@type": "@id" + }, + "endorsementComment": { + "@id": "obi:endorsementComment" + }, + "evidence": { + "@id": "obi:evidence", + "@type": "@id" + }, + "hashed": { + "@id": "obi:hashed", + "@type": "xsd:boolean" + }, + "identity": { + "@id": "obi:identityHash" + }, + "issuedOn": { + "@id": "obi:issueDate", + "@type": "xsd:dateTime" + }, + "issuer": { + "@id": "obi:issuer", + "@type": "@id" + }, + "narrative": { + "@id": "obi:narrative" + }, + "recipient": { + "@id": "obi:recipient", + "@type": "@id" + }, + "revocationList": { + "@id": "obi:revocationList", + "@type": "@id" + }, + "revocationReason": { + "@id": "obi:revocationReason" + }, + "revoked": { + "@id": "obi:revoked", + "@type": "xsd:boolean" + }, + "revokedAssertions": { + "@id": "obi:revoked" + }, + "salt": { + "@id": "obi:salt" + }, + "targetCode": { + "@id": "obi:targetCode" + }, + "uid": { + "@id": "obi:uid" + }, + "validatesType": "obi:validatesType", + "validationFrame": "obi:validationFrame", + "validationSchema": "obi:validationSchema", + "verification": { + "@id": "obi:verify", + "@type": "@id" + }, + "verificationProperty": { + "@id": "obi:verificationProperty" + }, + "verify": "verification" + }, + "id": "urn:uuid:2d391246-6e0d-4dab-906c-b29770bd7aa6", + "type": "Issuer", + "url": "http://example.com", + "email": "email@example.org", + "name": "some Issuer" +} \ No newline at end of file diff --git a/inspector-vc/src/test/resources/ob20/assets/badge-with-bad-issuer.json b/inspector-vc/src/test/resources/ob20/assets/badge-with-bad-issuer.json new file mode 100644 index 0000000..f99c558 --- /dev/null +++ b/inspector-vc/src/test/resources/ob20/assets/badge-with-bad-issuer.json @@ -0,0 +1,10 @@ +{ + "@context": "https://w3id.org/openbadges/v2", + "type": "BadgeClass", + "id": "http://example.org/badge-with-bad-issuer.json", + "name": "Awesome Robotics Badge", + "description": "For doing awesome things with robots that people think is pretty great.", + "image": "https://example.org/robotics-badge.png", + "criteria": "http://example.com/badgecriteria.json", + "issuer": "https://example.org/bad-issuer.json" +} \ No newline at end of file diff --git a/inspector-vc/src/test/resources/ob20/assets/badgeclass1.json b/inspector-vc/src/test/resources/ob20/assets/badgeclass1.json index 55b5b83..f0f79b2 100644 --- a/inspector-vc/src/test/resources/ob20/assets/badgeclass1.json +++ b/inspector-vc/src/test/resources/ob20/assets/badgeclass1.json @@ -202,7 +202,7 @@ "type": "BadgeClass", "name": "Example Badge", "description": "An example", - "criteria": "http://example.org/criteria", + "criteria": "http://example.com/badgecriteria.json", "issuer": "http://example.org/issuer1", "image": "http://example.org/robotics-badge.png" } \ No newline at end of file diff --git a/inspector-vc/src/test/resources/ob20/assets/badgecriteria.json b/inspector-vc/src/test/resources/ob20/assets/badgecriteria.json new file mode 100644 index 0000000..715c42f --- /dev/null +++ b/inspector-vc/src/test/resources/ob20/assets/badgecriteria.json @@ -0,0 +1,3 @@ +{ + "narrative": "Do the important things." +} \ No newline at end of file diff --git a/inspector-vc/src/test/resources/ob20/warning-issuer-non-http.json b/inspector-vc/src/test/resources/ob20/warning-issuer-non-http.json new file mode 100644 index 0000000..b48a321 --- /dev/null +++ b/inspector-vc/src/test/resources/ob20/warning-issuer-non-http.json @@ -0,0 +1,17 @@ +{ + "@context": "https://w3id.org/openbadges/v2", + "type": "Assertion", + "id": "https://example.org/warning-issuer-non-http.json", + "recipient": { + "type": "email", + "hashed": true, + "salt": "deadsea", + "identity": "sha256$ecf5409f3f4b91ab60cc5ef4c02aef7032354375e70cf4d8e43f6a1d29891942" + }, + "image": "https://example.org/beths-robot-badge.png", + "issuedOn": "2016-12-31T23:59:59Z", + "badge": "http://example.org/badge-with-bad-issuer.json", + "verification": { + "type": "hosted" + } +} \ No newline at end of file