@Test
public void shouldReplyNicelyToTooManyFailedAuthAttempts() throws Exception {
// Given
startServerWithConfiguredUser();
long timeout = System.currentTimeMillis() + 30_000;
// When
HTTP.Response response = null;
while (System.currentTimeMillis() < timeout) {
// Done in a loop because we're racing with the clock to get enough failed requests into 5
// seconds
response =
HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "incorrect"))
.POST(
server.baseUri().resolve("authentication").toString(),
HTTP.RawPayload.quotedJson(
"{'username':'******', 'password':'******'}"));
if (response.status() == 429) {
break;
}
}
// Then
assertThat(response.status(), equalTo(429));
JsonNode firstError = response.get("errors").get(0);
assertThat(
firstError.get("code").asText(),
equalTo("Neo.ClientError.Security.AuthenticationRateLimit"));
assertThat(
firstError.get("message").asText(),
equalTo("Too many failed authentication requests. Please wait 5 seconds and try again."));
}
@Test
public void shouldAcceptFolderWithCypFilesAsFixtures() throws Exception {
// Given two files in the root folder
File targetFolder = testDir.directory();
FileUtils.writeToFile(
new File(targetFolder, "fixture1.cyp"),
"CREATE (u:User)\n" + "CREATE (a:OtherUser)",
false);
FileUtils.writeToFile(
new File(targetFolder, "fixture2.cyp"),
"CREATE (u:User)\n" + "CREATE (a:OtherUser)",
false);
// And given one file in a sub directory
File subDir = new File(targetFolder, "subdirectory");
subDir.mkdir();
FileUtils.writeToFile(
new File(subDir, "subDirFixture.cyp"), "CREATE (u:User)\n" + "CREATE (a:OtherUser)", false);
// When
try (ServerControls server =
newInProcessBuilder(targetFolder).withFixture(targetFolder).newServer()) {
// Then
HTTP.Response response =
HTTP.POST(
server.httpURI().toString() + "db/data/transaction/commit",
quotedJson("{'statements':[{'statement':'MATCH (n:User) RETURN n'}]}"));
assertThat(response.get("results").get(0).get("data").size(), equalTo(3));
}
}
public void startServerWithConfiguredUser() throws IOException {
startServer(true);
// Set the password
HTTP.Response post =
HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "neo4j"))
.POST(
server.baseUri().resolve("/user/neo4j/password").toString(),
RawPayload.quotedJson("{'password':'******'}"));
assertEquals(200, post.status());
}
@Test
public void txEndpointShouldReplyWithHttpsWhenItReturnsURLs() throws Exception {
// Given
server.start();
// When
HTTP.Response response =
POST(httpsUri + "db/data/transaction", quotedJson("{'statements':[]}"));
// Then
assertThat(response.location(), startsWith(httpsUri));
assertThat(response.get("commit").asText(), startsWith(httpsUri));
}
@Test
public void shouldReturnEmptyMapForEmptyProperties() throws Exception {
// Given
String node = HTTP.POST(server().baseUri().resolve("db/data/node").toString()).location();
String rel =
HTTP.POST(node + "/relationships", quotedJson("{'to':'" + node + "', " + "'type':'LOVES'}"))
.location();
// When
HTTP.Response res = HTTP.GET(rel + "/properties");
// Then
MatcherAssert.assertThat(res.rawContent(), equalTo("{ }"));
}
@Test
public void shouldFindThreeLabel() {
HTTP.Response response =
HTTP.GET(neo4j.httpURI().resolve("/v1/service/closest/Three/to/0").toString());
HashMap actual = response.content();
LinkedHashMap<String, HashMap<String, Object>> expected =
new LinkedHashMap<String, HashMap<String, Object>>();
LinkedHashMap<String, Object> prop = new LinkedHashMap<String, Object>();
prop.put("name", "3.0");
expected.put("4", prop);
assertEquals(expected, actual);
}
@Test
public void shouldHandleStringFixtures() throws Exception {
// Given two files in the root folder
File targetFolder = testDir.directory();
// When
try (ServerControls server =
newInProcessBuilder(targetFolder).withFixture("CREATE (a:User)").newServer()) {
// Then
HTTP.Response response =
HTTP.POST(
server.httpURI().toString() + "db/data/transaction/commit",
quotedJson("{'statements':[{'statement':'MATCH (n:User) RETURN n'}]}"));
assertThat(response.get("results").get(0).get("data").size(), equalTo(1));
}
}
@Test
public void shouldSayMalformedHeaderIfMalformedAuthorization() throws Exception {
// Given
startServerWithConfiguredUser();
// When
HTTP.Response response =
HTTP.withHeaders(HttpHeaders.AUTHORIZATION, "This makes no sense").GET(dataURL());
// Then
assertThat(response.status(), equalTo(400));
assertThat(
response.get("errors").get(0).get("code").asText(),
equalTo("Neo.ClientError.Request.InvalidFormat"));
assertThat(
response.get("errors").get(0).get("message").asText(),
equalTo("Invalid Authorization header."));
}
@Test
public void shouldAccepSingleCypherFileAsFixture() throws Exception {
// Given
File targetFolder = testDir.directory();
File fixture = new File(targetFolder, "fixture.cyp");
FileUtils.writeToFile(fixture, "CREATE (u:User)" + "CREATE (a:OtherUser)", false);
// When
try (ServerControls server =
newInProcessBuilder(targetFolder).withFixture(fixture).newServer()) {
// Then
HTTP.Response response =
HTTP.POST(
server.httpURI().toString() + "db/data/transaction/commit",
quotedJson("{'statements':[{'statement':'MATCH (n:User) RETURN n'}]}"));
assertThat(response.status(), equalTo(200));
assertThat(response.get("results").get(0).get("data").size(), equalTo(1));
}
}
@Test
public void shouldFindFourLabel() {
HTTP.Response response =
HTTP.GET(
neo4j.httpURI().resolve("/v1/service/closest/Four/to/0?direction=outgoing").toString());
HashMap actual = response.content();
LinkedHashMap<String, HashMap<String, Object>> expected =
new LinkedHashMap<String, HashMap<String, Object>>();
assertEquals(expected, actual);
response =
HTTP.GET(
neo4j.httpURI().resolve("/v1/service/closest/Four/to/0?direction=incoming").toString());
actual = response.content();
expected = new LinkedHashMap<String, HashMap<String, Object>>();
LinkedHashMap<String, Object> prop = new LinkedHashMap<String, Object>();
prop.put("name", "4.0");
expected.put("5", prop);
assertEquals(expected, actual);
}
@Test
public void testFindWithin() throws Exception {
Nearby param = new Nearby();
param.setLongitude(79.8547);
param.setLatitude(6.8939);
param.setDistance(1);
HTTP.Response response =
HTTP.POST(server.httpURI().resolve("/contra/location/findwithin").toString(), param);
// Check the status.
assertEquals("Error in request.", HttpURLConnection.HTTP_OK, response.status());
Gson gson = new Gson();
Message<List<Location>> message =
gson.fromJson(response.rawContent(), new TypeToken<Message<List<Location>>>() {}.getType());
List<Location> locations = message.getEntity();
// Check the status.
assertEquals("Exact locations are not found.", 3, locations.size());
String[] expected = {"Majestic City", "Unity Plaza"};
String[] actual = {locations.get(0).getName(), locations.get(1).getName()};
assertArrayEquals("Expected locations are not found.", expected, actual);
}
@Test
public void testCreateLocation() throws Exception {
Time time = Time.of(2015, 12, 24, 9, 1, 0);
UserLocation mc =
TestUtility.createUserLocation(
"+94770780210", "CDC47124648058A", 98.0f, "Home", 79.857488, 6.8781381, time);
HTTP.Response response =
HTTP.POST(server.httpURI().resolve("/contra/location/create").toString(), mc);
// Check the status.
assertEquals("Error in request.", HttpURLConnection.HTTP_OK, response.status());
// Do not use the exact location for withinDistance
Result result =
server
.graph()
.execute(
"START n = node:location_layer('withinDistance:[6.8781381, 79.857487, 0.1]') RETURN n.name as name");
Map<String, Object> map = result.next();
assertEquals("Location is not created.", "Home", map.get("name"));
}
private void assertAuthorizationRequired(
String method, String path, Object payload, int expectedAuthorizedStatus)
throws JsonParseException {
// When no header
HTTP.Response response =
HTTP.request(method, server.baseUri().resolve(path).toString(), payload);
assertThat(response.status(), equalTo(401));
assertThat(
response.get("errors").get(0).get("code").asText(),
equalTo("Neo.ClientError.Security.AuthorizationFailed"));
assertThat(
response.get("errors").get(0).get("message").asText(),
equalTo("No authorization header supplied."));
assertThat(response.header(HttpHeaders.WWW_AUTHENTICATE), equalTo("None"));
// When malformed header
response =
HTTP.withHeaders(HttpHeaders.AUTHORIZATION, "This makes no sense")
.request(method, server.baseUri().resolve(path).toString(), payload);
assertThat(response.status(), equalTo(400));
assertThat(
response.get("errors").get(0).get("code").asText(),
equalTo("Neo.ClientError.Request.InvalidFormat"));
assertThat(
response.get("errors").get(0).get("message").asText(),
equalTo("Invalid Authorization header."));
// When invalid credential
response =
HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "incorrect"))
.request(method, server.baseUri().resolve(path).toString(), payload);
assertThat(response.status(), equalTo(401));
assertThat(
response.get("errors").get(0).get("code").asText(),
equalTo("Neo.ClientError.Security.AuthorizationFailed"));
assertThat(
response.get("errors").get(0).get("message").asText(),
equalTo("Invalid username or password."));
assertThat(response.header(HttpHeaders.WWW_AUTHENTICATE), equalTo("None"));
// When authorized
response =
HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "secret"))
.request(method, server.baseUri().resolve(path).toString(), payload);
assertThat(response.status(), equalTo(expectedAuthorizedStatus));
}
@Test
public void shouldFindSixLabel() {
// literal property value limit
HTTP.Response response =
HTTP.GET(
neo4j
.httpURI()
.resolve(
"/v1/service/closest/Six/to/0?all=1&properties=literal%40_%40foo%40_%40bar")
.toString());
HashMap actual = response.content();
LinkedHashMap<String, HashMap<String, Object>> expected =
new LinkedHashMap<String, HashMap<String, Object>>();
LinkedHashMap<String, Object> prop = new LinkedHashMap<String, Object>();
prop.put("name", "x");
prop.put("foo", "bar");
prop.put("reg", "ex");
expected.put("10", prop);
prop = new LinkedHashMap<String, Object>();
prop.put("name", "z");
prop.put("foo", "bar");
expected.put("12", prop);
assertEquals(expected, actual);
// regex limit
response =
HTTP.GET(
neo4j
.httpURI()
.resolve(
"/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex.%2A")
.toString());
actual = response.content();
expected = new LinkedHashMap<String, HashMap<String, Object>>();
prop = new LinkedHashMap<String, Object>();
prop.put("name", "x");
prop.put("foo", "bar");
prop.put("reg", "ex");
expected.put("10", prop);
prop = new LinkedHashMap<String, Object>();
prop.put("name", "y");
prop.put("foo", "cat");
prop.put("reg", "expression");
expected.put("11", prop);
assertEquals(expected, actual);
response =
HTTP.GET(
neo4j
.httpURI()
.resolve(
"/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex%5Cw%2B")
.toString());
actual = response.content();
expected = new LinkedHashMap<String, HashMap<String, Object>>();
prop = new LinkedHashMap<String, Object>();
prop.put("name", "y");
prop.put("foo", "cat");
prop.put("reg", "expression");
expected.put("11", prop);
assertEquals(expected, actual);
// regex and literal
response =
HTTP.GET(
neo4j
.httpURI()
.resolve(
"/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex.%2A%40%40%40literal%40_%40foo%40_%40bar")
.toString());
actual = response.content();
expected = new LinkedHashMap<String, HashMap<String, Object>>();
prop = new LinkedHashMap<String, Object>();
prop.put("name", "x");
prop.put("foo", "bar");
prop.put("reg", "ex");
expected.put("10", prop);
assertEquals(expected, actual);
// regex and regex
response =
HTTP.GET(
neo4j
.httpURI()
.resolve(
"/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex.%2A%40%40%40regex%40_%40foo%40_%40.a.")
.toString());
actual = response.content();
expected = new LinkedHashMap<String, HashMap<String, Object>>();
prop = new LinkedHashMap<String, Object>();
prop.put("name", "x");
prop.put("foo", "bar");
prop.put("reg", "ex");
expected.put("10", prop);
prop = new LinkedHashMap<String, Object>();
prop.put("name", "y");
prop.put("foo", "cat");
prop.put("reg", "expression");
expected.put("11", prop);
assertEquals(expected, actual);
// literal and literal
response =
HTTP.GET(
neo4j
.httpURI()
.resolve(
"/v1/service/closest/Six/to/0?all=1&properties=literal%40_%40reg%40_%40expression%40%40%40literal%40_%40foo%40_%40cat")
.toString());
actual = response.content();
expected = new LinkedHashMap<String, HashMap<String, Object>>();
prop = new LinkedHashMap<String, Object>();
prop.put("name", "y");
prop.put("foo", "cat");
prop.put("reg", "expression");
expected.put("11", prop);
assertEquals(expected, actual);
// failing literal and literal
response =
HTTP.GET(
neo4j
.httpURI()
.resolve(
"/v1/service/closest/Six/to/0?all=1&properties=literal%40_%40reg%40_%40ex%40%40%40literal%40_%40foo%40_%40cat")
.toString());
actual = response.content();
expected = new LinkedHashMap<String, HashMap<String, Object>>();
assertEquals(expected, actual);
}