Example #1
0
  @Test
  public void shouldReplyNicelyToTooManyFailedAuthAttempts() throws Exception {
    // Given
    startServerWithConfiguredUser();
    long timeout = System.currentTimeMillis() + 30_000;

    // When
    HTTP.Response response = null;
    while (System.currentTimeMillis() < timeout) {
      // Done in a loop because we're racing with the clock to get enough failed requests into 5
      // seconds
      response =
          HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "incorrect"))
              .POST(
                  server.baseUri().resolve("authentication").toString(),
                  HTTP.RawPayload.quotedJson(
                      "{'username':'******', 'password':'******'}"));

      if (response.status() == 429) {
        break;
      }
    }

    // Then
    assertThat(response.status(), equalTo(429));
    JsonNode firstError = response.get("errors").get(0);
    assertThat(
        firstError.get("code").asText(),
        equalTo("Neo.ClientError.Security.AuthenticationRateLimit"));
    assertThat(
        firstError.get("message").asText(),
        equalTo("Too many failed authentication requests. Please wait 5 seconds and try again."));
  }
Example #2
0
  @Test
  public void shouldAcceptFolderWithCypFilesAsFixtures() throws Exception {
    // Given two files in the root folder
    File targetFolder = testDir.directory();
    FileUtils.writeToFile(
        new File(targetFolder, "fixture1.cyp"),
        "CREATE (u:User)\n" + "CREATE (a:OtherUser)",
        false);
    FileUtils.writeToFile(
        new File(targetFolder, "fixture2.cyp"),
        "CREATE (u:User)\n" + "CREATE (a:OtherUser)",
        false);

    // And given one file in a sub directory
    File subDir = new File(targetFolder, "subdirectory");
    subDir.mkdir();
    FileUtils.writeToFile(
        new File(subDir, "subDirFixture.cyp"), "CREATE (u:User)\n" + "CREATE (a:OtherUser)", false);

    // When
    try (ServerControls server =
        newInProcessBuilder(targetFolder).withFixture(targetFolder).newServer()) {
      // Then
      HTTP.Response response =
          HTTP.POST(
              server.httpURI().toString() + "db/data/transaction/commit",
              quotedJson("{'statements':[{'statement':'MATCH (n:User) RETURN n'}]}"));

      assertThat(response.get("results").get(0).get("data").size(), equalTo(3));
    }
  }
Example #3
0
 public void startServerWithConfiguredUser() throws IOException {
   startServer(true);
   // Set the password
   HTTP.Response post =
       HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "neo4j"))
           .POST(
               server.baseUri().resolve("/user/neo4j/password").toString(),
               RawPayload.quotedJson("{'password':'******'}"));
   assertEquals(200, post.status());
 }
Example #4
0
  @Test
  public void txEndpointShouldReplyWithHttpsWhenItReturnsURLs() throws Exception {
    // Given
    server.start();

    // When
    HTTP.Response response =
        POST(httpsUri + "db/data/transaction", quotedJson("{'statements':[]}"));

    // Then
    assertThat(response.location(), startsWith(httpsUri));
    assertThat(response.get("commit").asText(), startsWith(httpsUri));
  }
  @Test
  public void shouldReturnEmptyMapForEmptyProperties() throws Exception {
    // Given
    String node = HTTP.POST(server().baseUri().resolve("db/data/node").toString()).location();
    String rel =
        HTTP.POST(node + "/relationships", quotedJson("{'to':'" + node + "', " + "'type':'LOVES'}"))
            .location();

    // When
    HTTP.Response res = HTTP.GET(rel + "/properties");

    // Then
    MatcherAssert.assertThat(res.rawContent(), equalTo("{ }"));
  }
  @Test
  public void shouldFindThreeLabel() {
    HTTP.Response response =
        HTTP.GET(neo4j.httpURI().resolve("/v1/service/closest/Three/to/0").toString());
    HashMap actual = response.content();

    LinkedHashMap<String, HashMap<String, Object>> expected =
        new LinkedHashMap<String, HashMap<String, Object>>();
    LinkedHashMap<String, Object> prop = new LinkedHashMap<String, Object>();
    prop.put("name", "3.0");
    expected.put("4", prop);

    assertEquals(expected, actual);
  }
Example #7
0
  @Test
  public void shouldHandleStringFixtures() throws Exception {
    // Given two files in the root folder
    File targetFolder = testDir.directory();

    // When
    try (ServerControls server =
        newInProcessBuilder(targetFolder).withFixture("CREATE (a:User)").newServer()) {
      // Then
      HTTP.Response response =
          HTTP.POST(
              server.httpURI().toString() + "db/data/transaction/commit",
              quotedJson("{'statements':[{'statement':'MATCH (n:User) RETURN n'}]}"));

      assertThat(response.get("results").get(0).get("data").size(), equalTo(1));
    }
  }
Example #8
0
  @Test
  public void shouldSayMalformedHeaderIfMalformedAuthorization() throws Exception {
    // Given
    startServerWithConfiguredUser();

    // When
    HTTP.Response response =
        HTTP.withHeaders(HttpHeaders.AUTHORIZATION, "This makes no sense").GET(dataURL());

    // Then
    assertThat(response.status(), equalTo(400));
    assertThat(
        response.get("errors").get(0).get("code").asText(),
        equalTo("Neo.ClientError.Request.InvalidFormat"));
    assertThat(
        response.get("errors").get(0).get("message").asText(),
        equalTo("Invalid Authorization header."));
  }
Example #9
0
  @Test
  public void shouldAccepSingleCypherFileAsFixture() throws Exception {
    // Given
    File targetFolder = testDir.directory();
    File fixture = new File(targetFolder, "fixture.cyp");
    FileUtils.writeToFile(fixture, "CREATE (u:User)" + "CREATE (a:OtherUser)", false);

    // When
    try (ServerControls server =
        newInProcessBuilder(targetFolder).withFixture(fixture).newServer()) {
      // Then
      HTTP.Response response =
          HTTP.POST(
              server.httpURI().toString() + "db/data/transaction/commit",
              quotedJson("{'statements':[{'statement':'MATCH (n:User) RETURN n'}]}"));

      assertThat(response.status(), equalTo(200));
      assertThat(response.get("results").get(0).get("data").size(), equalTo(1));
    }
  }
  @Test
  public void shouldFindFourLabel() {
    HTTP.Response response =
        HTTP.GET(
            neo4j.httpURI().resolve("/v1/service/closest/Four/to/0?direction=outgoing").toString());
    HashMap actual = response.content();
    LinkedHashMap<String, HashMap<String, Object>> expected =
        new LinkedHashMap<String, HashMap<String, Object>>();
    assertEquals(expected, actual);

    response =
        HTTP.GET(
            neo4j.httpURI().resolve("/v1/service/closest/Four/to/0?direction=incoming").toString());
    actual = response.content();

    expected = new LinkedHashMap<String, HashMap<String, Object>>();
    LinkedHashMap<String, Object> prop = new LinkedHashMap<String, Object>();
    prop.put("name", "4.0");
    expected.put("5", prop);

    assertEquals(expected, actual);
  }
Example #11
0
  @Test
  public void testFindWithin() throws Exception {
    Nearby param = new Nearby();
    param.setLongitude(79.8547);
    param.setLatitude(6.8939);
    param.setDistance(1);
    HTTP.Response response =
        HTTP.POST(server.httpURI().resolve("/contra/location/findwithin").toString(), param);

    // Check the status.
    assertEquals("Error in request.", HttpURLConnection.HTTP_OK, response.status());

    Gson gson = new Gson();
    Message<List<Location>> message =
        gson.fromJson(response.rawContent(), new TypeToken<Message<List<Location>>>() {}.getType());
    List<Location> locations = message.getEntity();
    // Check the status.
    assertEquals("Exact locations are not found.", 3, locations.size());

    String[] expected = {"Majestic City", "Unity Plaza"};
    String[] actual = {locations.get(0).getName(), locations.get(1).getName()};
    assertArrayEquals("Expected locations are not found.", expected, actual);
  }
Example #12
0
  @Test
  public void testCreateLocation() throws Exception {
    Time time = Time.of(2015, 12, 24, 9, 1, 0);
    UserLocation mc =
        TestUtility.createUserLocation(
            "+94770780210", "CDC47124648058A", 98.0f, "Home", 79.857488, 6.8781381, time);

    HTTP.Response response =
        HTTP.POST(server.httpURI().resolve("/contra/location/create").toString(), mc);

    // Check the status.
    assertEquals("Error in request.", HttpURLConnection.HTTP_OK, response.status());

    // Do not use the exact location for withinDistance
    Result result =
        server
            .graph()
            .execute(
                "START n = node:location_layer('withinDistance:[6.8781381, 79.857487, 0.1]') RETURN n.name as name");

    Map<String, Object> map = result.next();

    assertEquals("Location is not created.", "Home", map.get("name"));
  }
Example #13
0
  private void assertAuthorizationRequired(
      String method, String path, Object payload, int expectedAuthorizedStatus)
      throws JsonParseException {
    // When no header
    HTTP.Response response =
        HTTP.request(method, server.baseUri().resolve(path).toString(), payload);
    assertThat(response.status(), equalTo(401));
    assertThat(
        response.get("errors").get(0).get("code").asText(),
        equalTo("Neo.ClientError.Security.AuthorizationFailed"));
    assertThat(
        response.get("errors").get(0).get("message").asText(),
        equalTo("No authorization header supplied."));
    assertThat(response.header(HttpHeaders.WWW_AUTHENTICATE), equalTo("None"));

    // When malformed header
    response =
        HTTP.withHeaders(HttpHeaders.AUTHORIZATION, "This makes no sense")
            .request(method, server.baseUri().resolve(path).toString(), payload);
    assertThat(response.status(), equalTo(400));
    assertThat(
        response.get("errors").get(0).get("code").asText(),
        equalTo("Neo.ClientError.Request.InvalidFormat"));
    assertThat(
        response.get("errors").get(0).get("message").asText(),
        equalTo("Invalid Authorization header."));

    // When invalid credential
    response =
        HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "incorrect"))
            .request(method, server.baseUri().resolve(path).toString(), payload);
    assertThat(response.status(), equalTo(401));
    assertThat(
        response.get("errors").get(0).get("code").asText(),
        equalTo("Neo.ClientError.Security.AuthorizationFailed"));
    assertThat(
        response.get("errors").get(0).get("message").asText(),
        equalTo("Invalid username or password."));
    assertThat(response.header(HttpHeaders.WWW_AUTHENTICATE), equalTo("None"));

    // When authorized
    response =
        HTTP.withHeaders(HttpHeaders.AUTHORIZATION, challengeResponse("neo4j", "secret"))
            .request(method, server.baseUri().resolve(path).toString(), payload);
    assertThat(response.status(), equalTo(expectedAuthorizedStatus));
  }
  @Test
  public void shouldFindSixLabel() {
    // literal property value limit
    HTTP.Response response =
        HTTP.GET(
            neo4j
                .httpURI()
                .resolve(
                    "/v1/service/closest/Six/to/0?all=1&properties=literal%40_%40foo%40_%40bar")
                .toString());
    HashMap actual = response.content();

    LinkedHashMap<String, HashMap<String, Object>> expected =
        new LinkedHashMap<String, HashMap<String, Object>>();
    LinkedHashMap<String, Object> prop = new LinkedHashMap<String, Object>();
    prop.put("name", "x");
    prop.put("foo", "bar");
    prop.put("reg", "ex");
    expected.put("10", prop);
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "z");
    prop.put("foo", "bar");
    expected.put("12", prop);

    assertEquals(expected, actual);

    // regex limit
    response =
        HTTP.GET(
            neo4j
                .httpURI()
                .resolve(
                    "/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex.%2A")
                .toString());
    actual = response.content();

    expected = new LinkedHashMap<String, HashMap<String, Object>>();
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "x");
    prop.put("foo", "bar");
    prop.put("reg", "ex");
    expected.put("10", prop);
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "y");
    prop.put("foo", "cat");
    prop.put("reg", "expression");
    expected.put("11", prop);

    assertEquals(expected, actual);

    response =
        HTTP.GET(
            neo4j
                .httpURI()
                .resolve(
                    "/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex%5Cw%2B")
                .toString());
    actual = response.content();

    expected = new LinkedHashMap<String, HashMap<String, Object>>();
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "y");
    prop.put("foo", "cat");
    prop.put("reg", "expression");
    expected.put("11", prop);

    assertEquals(expected, actual);

    // regex and literal
    response =
        HTTP.GET(
            neo4j
                .httpURI()
                .resolve(
                    "/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex.%2A%40%40%40literal%40_%40foo%40_%40bar")
                .toString());
    actual = response.content();

    expected = new LinkedHashMap<String, HashMap<String, Object>>();
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "x");
    prop.put("foo", "bar");
    prop.put("reg", "ex");
    expected.put("10", prop);

    assertEquals(expected, actual);

    // regex and regex
    response =
        HTTP.GET(
            neo4j
                .httpURI()
                .resolve(
                    "/v1/service/closest/Six/to/0?all=1&properties=regex%40_%40reg%40_%40ex.%2A%40%40%40regex%40_%40foo%40_%40.a.")
                .toString());
    actual = response.content();

    expected = new LinkedHashMap<String, HashMap<String, Object>>();
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "x");
    prop.put("foo", "bar");
    prop.put("reg", "ex");
    expected.put("10", prop);
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "y");
    prop.put("foo", "cat");
    prop.put("reg", "expression");
    expected.put("11", prop);

    assertEquals(expected, actual);

    // literal and literal
    response =
        HTTP.GET(
            neo4j
                .httpURI()
                .resolve(
                    "/v1/service/closest/Six/to/0?all=1&properties=literal%40_%40reg%40_%40expression%40%40%40literal%40_%40foo%40_%40cat")
                .toString());
    actual = response.content();

    expected = new LinkedHashMap<String, HashMap<String, Object>>();
    prop = new LinkedHashMap<String, Object>();
    prop.put("name", "y");
    prop.put("foo", "cat");
    prop.put("reg", "expression");
    expected.put("11", prop);

    assertEquals(expected, actual);

    // failing literal and literal
    response =
        HTTP.GET(
            neo4j
                .httpURI()
                .resolve(
                    "/v1/service/closest/Six/to/0?all=1&properties=literal%40_%40reg%40_%40ex%40%40%40literal%40_%40foo%40_%40cat")
                .toString());
    actual = response.content();

    expected = new LinkedHashMap<String, HashMap<String, Object>>();
    assertEquals(expected, actual);
  }