From cf4eee1bdef0a5327b1a1a9fcae92c9e414b97d6 Mon Sep 17 00:00:00 2001
From: Georgios Andrianakis <geoand@gmail.com>
Date: Wed, 10 Jun 2020 17:35:53 +0300
Subject: [PATCH] Add test to make sure that trustStore work in native mode

---
 .../generate-trust-store-for-self-signed.sh   |  10 ++++
 integration-tests/rest-client/pom.xml         |   6 ++-
 integration-tests/rest-client/self-signed     | Bin 0 -> 1194 bytes
 .../ExternalSelfSignedResource.java           |  45 ++++++++++++++++++
 .../selfsigned/ExternalSelfSignedITCase.java  |   8 ++++
 .../ExternalSelfSignedTestCase.java           |  23 +++++++++
 6 files changed, 91 insertions(+), 1 deletion(-)
 create mode 100755 integration-tests/rest-client/generate-trust-store-for-self-signed.sh
 create mode 100644 integration-tests/rest-client/self-signed
 create mode 100644 integration-tests/rest-client/src/main/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedResource.java
 create mode 100644 integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedITCase.java
 create mode 100644 integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedTestCase.java

diff --git a/integration-tests/rest-client/generate-trust-store-for-self-signed.sh b/integration-tests/rest-client/generate-trust-store-for-self-signed.sh
new file mode 100755
index 00000000000000..a15a1994a39023
--- /dev/null
+++ b/integration-tests/rest-client/generate-trust-store-for-self-signed.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+##########################################################################################################################################
+# Script that generates the trustStore containing the self signed certificate used in 'io.quarkus.it.rest.client.selfsigned.ExternalSelfSignedResource' #
+##########################################################################################################################################
+
+
+echo -n | openssl s_client -connect self-signed.badssl.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > self-signed.cert
+keytool -importcert -file self-signed.cert -alias self-signed -keystore self-signed -storepass changeit -noprompt
+rm self-signed.cert
diff --git a/integration-tests/rest-client/pom.xml b/integration-tests/rest-client/pom.xml
index bf77e6b144705e..b271a14d68b0ee 100644
--- a/integration-tests/rest-client/pom.xml
+++ b/integration-tests/rest-client/pom.xml
@@ -70,6 +70,8 @@
 					<systemPropertyVariables>
 						<!-- force the locale as we want to explicitly test message interpolation -->
 						<user.language>en</user.language>
+						<javax.net.ssl.trustStore>${project.basedir}/self-signed</javax.net.ssl.trustStore>
+						<javax.net.ssl.trustStorePassword>changeit</javax.net.ssl.trustStorePassword>
 					</systemPropertyVariables>
 				</configuration>
 			</plugin>
@@ -119,9 +121,11 @@
 									<reportErrorsAtRuntime>false</reportErrorsAtRuntime>
 									<cleanupServer>true</cleanupServer>
 									<enableHttpUrlHandler>true</enableHttpUrlHandler>
+									<enableHttpsUrlHandler>true</enableHttpsUrlHandler>
 									<enableServer>false</enableServer>
 									<dumpProxies>false</dumpProxies>
 									<graalvmHome>${graalvmHome}</graalvmHome>
+									<additionalBuildArgs>-J-Djavax.net.ssl.trustStore=${project.basedir}/self-signed, -J-Djavax.net.ssl.trustStorePassword=changeit</additionalBuildArgs>
 								</configuration>
 							</execution>
 						</executions>
@@ -131,4 +135,4 @@
 		</profile>
 	</profiles>
 
-</project>
\ No newline at end of file
+</project>
diff --git a/integration-tests/rest-client/self-signed b/integration-tests/rest-client/self-signed
new file mode 100644
index 0000000000000000000000000000000000000000..52feac47daf37dda0c68c044e9b5aa440f6abc96
GIT binary patch
literal 1194
zcmV;b1XcSmf&``l0Ru3C1YZUTDuzgg_YDCD0ic2ePy~VmOfZ53NHBr~L<R{ehDe6@
z4FLxRpn?Q7FoFaz0s#Opf&?lC2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCEjz5W%
zNX?C4kcQ-Q3FSy#N`YRb0s{cUP=JC1@ag5Y{gUl9E`f5gjZ{5lVni!I7`!Zd@h$bH
zhb)qs9UE`{KlrG@-k$mt-}?So$RYJA8r=e>^znQ!Suj+rm!5`!B#@{06|+(KQRgFn
zgKt(M2^<>tAC0Z!<(UOl)#(JxTAu%CRhpV;HZRS|E6;D9zzAkUPIIUcxwQzrUo!YN
zc>Z`}zF&h<+nFsH{v!p~>q-?-ao!Kr@SaNdT1e0VK-_Asp~C^WY8RbY{E#wegW4cJ
z=nB5XtaDYKYo?$Xid0>O-19s~fa<K<j>KS&;Yq5qtNPPAXww(ceOUWp!uNZIDl(uw
z>CF?IekcdxFMQ6$_cHM=OJZw29|)9N!ABGcMZC7M-@&l?B<bpAl(cI~9y4gs-8Y)&
z=xKXj@;^6gucZOHy4GTsN0LXA{??wid~lh3*|WRuQmdQsAb8E?_A}~tcsh1?OIB39
zGHTFvfmr#}i|E0inCYQZQ<;B1!_I6-OT&MbA)+#xF`3|MUz+2jN(ta0{f7)}lmDJG
zL246nf7q4C<zQRf-O?kx%GGD73Fak!k~#tt43s&aKR@68esa^zp%vqoWq~QVp;m%#
zJ_>B$aVh|la>DEE9qqfjkdf}Ry-2+)Ql4ZU*R5J<!a8+p`sK;?;&7*4m$-@{2$QHS
z@<d=^Wr;TEJ&+hKxMq!NxQvOsH7-xLLhY7;g6bqz82NjWPOO6RT$;LMD(grh#q}op
z`79UU6L?^k*d!_}vI|<N5^5$H!mnFnJM*V+Uhor0_h(P1R}>Yp^aWtAhU6`M?;4gq
zzk=DL7Pw2C@^VKQ+!LU<0inq%GEm7a-42^ZUxfb+oS^Kne&Cmi&LfT6<Eh(~O%Ct{
zC9Ramm~IxWMK0Zu5&)GjNEE}dc%+al(AO$&(j0D&?c+?^i29e!sCm()NLn-Xkah;R
zCU2IIm9Eo}uxN{lp3}l32<<~P#@N;lV}ygo`?{tH?E%(soxqsjx`VPH+m&=>l+n_J
z>IZWpb|$NBTzdx@3Y9LQS(kbsgiKK`8+_krv3lX`OSD$i>|UEhuim>Dz$L&CO25UQ
zG7mBid2<9%huYTEef;TO5?YfS6n%q4TS`2==Kq2c&56^Du)4{Dfo=<9xHt<Z0YTqC
zHQm9SfsSh7wDP>vWnqY?d&?mH!h!b-jeB=U1P&(z?TpvV%FeI@H~&Jni=6YDmzX64
z@)BxU8JuQW!bS2pmEEo1efk}HOFk&52x~B|!8PbQ5Rcpqe^u}3eTJkKt)BgTa>m|j
zj-jTkPTa6S%)p&Xe_zsZ&0sHmQ152}uLW8d^f&q$46uFel+?1;BSYsLAuv8LAutIB
z1uG5%0vZJX1Qe1L=7=H1H$5#%Ds1LspnJ}Xd9(x+BcHm_1QUxlaNFSLAxW+Dtxk`w
I0s{etpe9^A!vFvP

literal 0
HcmV?d00001

diff --git a/integration-tests/rest-client/src/main/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedResource.java b/integration-tests/rest-client/src/main/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedResource.java
new file mode 100644
index 00000000000000..f62a6f7d674625
--- /dev/null
+++ b/integration-tests/rest-client/src/main/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedResource.java
@@ -0,0 +1,45 @@
+package io.quarkus.it.rest.client.selfsigned;
+
+import java.io.IOException;
+import java.net.URL;
+
+import javax.net.ssl.HttpsURLConnection;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+/**
+ * This has nothing to do with rest-client, but we add it here in order to avoid creating
+ * a new integration test that would slow down our CI
+ */
+@Path("/self-signed")
+public class ExternalSelfSignedResource {
+
+    @GET
+    @Produces(MediaType.TEXT_PLAIN)
+    public String perform() throws IOException {
+        try {
+            return doGetCipher();
+        } catch (IOException e) {
+
+            // if it fails it might be because the remote service is down, so sleep and try again
+            try {
+                Thread.sleep(1000);
+            } catch (InterruptedException ignored) {
+
+            }
+
+            return doGetCipher();
+        }
+    }
+
+    private String doGetCipher() throws IOException {
+        // this URL provides an always on example of an HTTPS URL utilizing self-signed certificate
+        URL url = new URL("https://self-signed.badssl.com/");
+        HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
+        con.setRequestMethod("GET");
+        con.getResponseCode();
+        return con.getCipherSuite();
+    }
+}
diff --git a/integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedITCase.java b/integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedITCase.java
new file mode 100644
index 00000000000000..d7d20bcc28bc91
--- /dev/null
+++ b/integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedITCase.java
@@ -0,0 +1,8 @@
+package io.quarkus.it.rest.client.selfsigned;
+
+import io.quarkus.test.junit.NativeImageTest;
+
+@NativeImageTest
+public class ExternalSelfSignedITCase extends ExternalSelfSignedTestCase {
+
+}
diff --git a/integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedTestCase.java b/integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedTestCase.java
new file mode 100644
index 00000000000000..7b2530e7d93bbc
--- /dev/null
+++ b/integration-tests/rest-client/src/test/java/io/quarkus/it/rest/client/selfsigned/ExternalSelfSignedTestCase.java
@@ -0,0 +1,23 @@
+package io.quarkus.it.rest.client.selfsigned;
+
+import static org.hamcrest.Matchers.empty;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
+
+import org.junit.jupiter.api.Test;
+
+import io.quarkus.test.junit.QuarkusTest;
+import io.restassured.RestAssured;
+
+@QuarkusTest
+public class ExternalSelfSignedTestCase {
+
+    @Test
+    public void included() {
+        RestAssured.when()
+                .get("/self-signed")
+                .then()
+                .statusCode(200)
+                .body(is(not(empty())));
+    }
+}