package com.belladati.sdk.exception.impl;
import static org.testng.Assert.assertEquals;
import static org.testng.Assert.assertTrue;
import static org.testng.Assert.fail;
import org.testng.annotations.Test;
import com.belladati.sdk.BellaDati;
import com.belladati.sdk.auth.impl.OAuthRequestImpl;
import com.belladati.sdk.exception.ConnectionException;
import com.belladati.sdk.exception.auth.AuthorizationException;
import com.belladati.sdk.exception.auth.AuthorizationException.Reason;
import com.belladati.sdk.exception.auth.InvalidTimestampException;
import com.belladati.sdk.exception.server.InternalErrorException;
import com.belladati.sdk.exception.server.NotFoundException;
import com.belladati.sdk.exception.server.ServerResponseException;
import com.belladati.sdk.exception.server.UnexpectedResponseException;
import com.belladati.sdk.test.SDKTest;
/**
* Verifies that various exception cases are treated correctly.
*
* @author Chris Hennigfeld
*/
@Test
public class ExceptionTest extends SDKTest {
private final String uri = "some/uri";
/** server is not available */
@Test(expectedExceptions = ConnectionException.class)
public void connectionFailed() throws Exception {
server.stop();
service.getClient().get(uri, service.getTokenHolder());
}
/** internal server error */
@Test(expectedExceptions = InternalErrorException.class)
public void internalError() {
registerError(500, "");
service.getClient().get(uri, service.getTokenHolder());
}
/** consumer key was empty or missing */
public void consumerKeyMissing() {
registerOAuthProblem(400, "missing_consumer");
assertAuthException(Reason.CONSUMER_KEY_UNKNOWN);
}
/** server didn't recognize consumer key */
public void consumerKeyUnknown() {
registerOAuthProblem(400, "invalid_consumer");
assertAuthException(Reason.CONSUMER_KEY_UNKNOWN);
}
/** secret didn't match key during OAuth request token request */
public void secretMismatchOAuth1() {
server.registerError("/oauth/requestToken", 400, "oauth_problem=invalid_signature");
try {
BellaDati.connect(server.getHttpURL()).oAuth("key", "secret");
fail("Didn't throw authorization exception");
} catch (AuthorizationException e) {
assertEquals(e.getReason(), Reason.CONSUMER_SECRET_INVALID);
}
}
/** secret didn't match key during OAuth access token request */
public void secretMismatchOAuth2() {
server.registerError("/oauth/accessToken", 400, "oauth_problem=invalid_signature");
service.getTokenHolder().setToken("token", "secret");
try {
new OAuthRequestImpl(service.getClient(), service.getTokenHolder()).requestAccess();
fail("Didn't throw authorization exception");
} catch (AuthorizationException e) {
assertEquals(e.getReason(), Reason.TOKEN_INVALID);
}
}
/** secret didn't match key during xAuth token request */
public void secretMismatchxAuth() {
server.registerError("/oauth/accessToken", 400, "oauth_problem=invalid_signature");
try {
BellaDati.connect(server.getHttpURL()).xAuth("key", "secret", "username", "password");
fail("Didn't throw authorization exception");
} catch (AuthorizationException e) {
assertEquals(e.getReason(), Reason.CONSUMER_SECRET_INVALID);
}
}
/** secret didn't match key during regular API request */
public void secretMismatchOther() {
registerOAuthProblem(400, "invalid_signature");
service.getTokenHolder().setToken("token", "secret");
assertAuthException(Reason.TOKEN_INVALID);
}
/** current actual server response for secret mismatch */
public void secretMismatchReversed() {
registerOAuthProblem(403, "signature_invalid");
service.getTokenHolder().setToken("token", "secret");
assertAuthException(Reason.TOKEN_INVALID);
}
/** domain has expired */
public void domainExpired() {
registerOAuthProblem(403, "domain_expired");
assertAuthException(Reason.DOMAIN_EXPIRED);
}
/** request or access token is invalid */
public void tokenInvalid() {
registerOAuthProblem(400, "invalid_token");
assertAuthException(Reason.TOKEN_INVALID);
}
/** request or access token is missing */
public void tokenMissing() {
registerOAuthProblem(400, "missing_token");
assertAuthException(Reason.TOKEN_INVALID);
}
/** request token is unauthorized */
public void tokenUnauthorized() {
registerOAuthProblem(400, "unauthorized_token");
assertAuthException(Reason.TOKEN_UNAUTHORIZED);
}
/** request or access token has expired */
public void tokenExpired() {
registerOAuthProblem(400, "token_expired");
assertAuthException(Reason.TOKEN_EXPIRED);
}
/** timestamp doesn't match server time */
public void timestampRefused() {
long start = 12345;
long end = 67890;
registerError(400, "oauth_problem=timestamp_refused&oauth_acceptable_timestamps=" + start + "-" + end);
AuthorizationException rawException = assertAuthException(Reason.TIMESTAMP_REFUSED);
InvalidTimestampException exception = (InvalidTimestampException) rawException;
assertEquals(exception.getEarliestTimestamp(), start);
assertEquals(exception.getLatestTimestamp(), end);
}
/** xAuth disabled when making an xAuth request */
public void xAuthDisabled() {
registerOAuthProblem(403, "x_auth_disabled");
assertAuthException(Reason.X_AUTH_DISABLED);
}
/** BD Mobile disabled when making a request */
public void xAuthMobileDisabled() {
registerOAuthProblem(403, "piccolo_not_enabled");
assertAuthException(Reason.BD_MOBILE_DISABLED);
}
/** xAuth username missing */
public void xAuthCredentialsMissingUsername() {
registerOAuthProblem(400, "missing_username");
assertAuthException(Reason.USER_CREDENTIALS_INVALID);
}
/** xAuth password missing */
public void xAuthCredentialsMissingPassword() {
registerOAuthProblem(400, "missing_password");
assertAuthException(Reason.USER_CREDENTIALS_INVALID);
}
/** xAuth credentials are invalid */
public void xAuthCredentialsInvalid() {
registerOAuthProblem(401, "invalid_credentials");
assertAuthException(Reason.USER_CREDENTIALS_INVALID);
}
/** xAuth credentials are invalid (what the server currently returns) */
public void xAuthCredentialsInvalidLegacy() {
registerOAuthProblem(401, "permission_denied");
assertAuthException(Reason.USER_CREDENTIALS_INVALID);
}
/** xAuth user is locked */
public void xAuthUserLocked() {
registerOAuthProblem(401, "account_locked");
assertAuthException(Reason.USER_ACCOUNT_LOCKED);
}
/** xAuth user is locked (what the server currently returns) */
public void xAuthUserLockedLegacy() {
registerOAuthProblem(403, "user_not_active");
assertAuthException(Reason.USER_ACCOUNT_LOCKED);
}
/** xAuth user is not in the domain */
public void xAuthNotDomainUser() {
registerOAuthProblem(403, "domain_restricted");
assertAuthException(Reason.USER_DOMAIN_MISMATCH);
}
/** some other authentication problem */
public void otherOAuthProblem() {
String problem = "something_else";
registerOAuthProblem(400, problem);
AuthorizationException exception = assertAuthException(Reason.OTHER);
assertTrue(exception.getMessage().contains(problem), "Message didn't contain problem, was " + exception.getMessage());
}
/** server returns a not found error */
public void notFoundError() {
registerError(404, "not found");
try {
service.getClient().get(uri, service.getTokenHolder());
fail("Didn't throw not found exception");
} catch (NotFoundException e) {
assertEquals(e.getUri(), server.getHttpURL() + "/" + uri);
}
}
/** server returns an error that's not an OAuth problem */
public void otherError() {
registerError(400, "not an OAuth problem");
try {
service.getClient().get(uri, service.getTokenHolder());
fail("Didn't throw response exception");
} catch (ServerResponseException e) {
assertEquals(e.getClass(), UnexpectedResponseException.class);
}
}
/** server returns an error that's not an OAuth problem */
public void otherErrorCode() {
registerError(456, "some weird error code");
try {
service.getClient().get(uri, service.getTokenHolder());
fail("Didn't throw response exception");
} catch (ServerResponseException e) {
assertEquals(e.getClass(), UnexpectedResponseException.class);
}
}
private void registerError(final int status, final String content) {
server.registerError("/" + uri, status, content);
}
private void registerOAuthProblem(final int status, final String problem) {
registerError(status, "oauth_problem=" + problem);
}
private AuthorizationException assertAuthException(Reason reason) {
try {
service.getClient().get(uri, service.getTokenHolder());
fail("Didn't throw authorization exception");
return null; // never happens, fail() throws RuntimeException
} catch (AuthorizationException e) {
assertEquals(e.getReason(), reason);
return e;
}
}
}