Add manual list test for https hubs.

chenkins · chenkins · commit 42b8ab7b24b9 · 2025-08-28T18:41:07.000+02:00
diff --git a/hub/pom.xml b/hub/pom.xml
@@ -126,6 +126,24 @@
             <artifactId>testcontainers</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>io.github.coffeelibs</groupId>
+            <artifactId>tiny-oauth2-client</artifactId>
+            <version>0.8.0</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.htmlunit</groupId>
+            <artifactId>htmlunit</artifactId>
+            <version>4.2.0</version>
+            <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
 
         <!-- @Nullable annotation -->
         <dependency>
diff --git a/hub/src/test/java/cloud/katta/core/ManualListTest.java b/hub/src/test/java/cloud/katta/core/ManualListTest.java
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2025 shift7 GmbH. All rights reserved.
+ */
+
+package cloud.katta.core;
+
+import ch.cyberduck.core.Credentials;
+import ch.cyberduck.core.OAuthTokens;
+
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
+
+import java.net.ProxySelector;
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpResponse;
+import java.util.Date;
+import java.util.List;
+import java.util.UUID;
+
+import cloud.katta.client.ApiException;
+import cloud.katta.client.api.StorageProfileResourceApi;
+import cloud.katta.client.api.VaultResourceApi;
+import cloud.katta.client.model.StorageProfileDto;
+import cloud.katta.client.model.VaultDto;
+import cloud.katta.crypto.UserKeys;
+import cloud.katta.model.StorageProfileDtoWrapper;
+import cloud.katta.protocols.hub.HubSession;
+import cloud.katta.testsetup.AbstractHubTest;
+import cloud.katta.testsetup.HubTestConfig;
+import cloud.katta.workflows.CreateVaultService;
+import cloud.katta.workflows.DeviceKeysServiceImpl;
+import cloud.katta.workflows.UserKeysServiceImpl;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.github.coffeelibs.tinyoauth2client.TinyOAuth2;
+
+public class ManualListTest extends AbstractHubTest {
+
+    @Test
+    @Disabled("run manually")
+    public void testManualListing() throws Exception {
+        final String hubURL = "https://testing.katta.cloud/tamarind";
+        final String keycloakAuthServerUrl = "https://testing.katta.cloud/kc/realms/tamarind";
+        final String clientId = "cryptomator";
+        final String username = System.getenv().get("username");
+        final String accountKey = System.getenv().get("account_key");
+
+        final String storageProfileId = "45a3cd17-9955-4580-9e60-790d84f5785f";
+        final String vaultName = "vault " + username + " " + new Date();
+        final String vaultDescription = "fancy";
+
+        String initialAccessToken;
+        try (var client = HttpClient.newBuilder()
+                .followRedirects(HttpClient.Redirect.NORMAL)
+                .proxy(ProxySelector.getDefault())
+                .build()) {
+
+            final HttpResponse<String> authResponse = TinyOAuth2.client(clientId)
+                    .withTokenEndpoint(URI.create(keycloakAuthServerUrl + "/protocol/openid-connect/token"))
+                    .authorizationCodeGrant(URI.create(keycloakAuthServerUrl + "/protocol/openid-connect/auth"))
+                    .authorize(client, uri -> {
+                        System.out.println("Please login on " + uri);
+                    });
+
+            Assertions.assertEquals(200, authResponse.statusCode());
+            initialAccessToken = new ObjectMapper().reader().readTree(authResponse.body()).get("access_token").asText();
+        }
+
+        HubTestConfig.Setup config = new HubTestConfig.Setup().withUserConfig(
+                new HubTestConfig.Setup.UserConfig(new Credentials(username, null).withOauth(new OAuthTokens(initialAccessToken, null, System.currentTimeMillis() + 300 * 1000, initialAccessToken)), accountKey)
+        ).withHubURL(hubURL);
+
+
+        final HubSession hubSession = setupConnection(config);
+        printVaults(hubSession);
+
+
+        if(storageProfileId != null) {
+            final VaultResourceApi vaults = new VaultResourceApi(hubSession.getClient());
+
+            System.out.println(vaults.apiVaultsAccessibleGet(null));
+            List<StorageProfileDto> storageProfileDtos = new StorageProfileResourceApi(hubSession.getClient()).apiStorageprofileGet(false);
+            for(StorageProfileDto storageProfileDto : storageProfileDtos) {
+                System.out.println(storageProfileDto);
+            }
+            final UserKeys userKeys = new UserKeysServiceImpl(hubSession).getUserKeys(hubSession.getHost(), hubSession.getMe(),
+                    new DeviceKeysServiceImpl().getDeviceKeys(hubSession.getHost()));
+
+            final List<StorageProfileDto> storageProfiles = new StorageProfileResourceApi(hubSession.getClient()).apiStorageprofileGet(false);
+
+            final StorageProfileDtoWrapper storageProfileWrapper = storageProfiles.stream()
+                    .map(StorageProfileDtoWrapper::coerce)
+                    .filter(p -> p.getId().toString().equals(storageProfileId)).findFirst().get();
+            final UUID vaultId = UUID.randomUUID();
+
+            new CreateVaultService(hubSession).createVault(userKeys, storageProfileWrapper, new CreateVaultService.CreateVaultModel(
+                    vaultId, vaultName, vaultDescription,
+                    storageProfileId, null, null, null, "eu-west-1", true, 3));
+
+            printVaults(hubSession);
+        }
+
+
+    }
+
+    private static void printVaults(HubSession hubSession) throws ApiException {
+        List<VaultDto> vaultL = new VaultResourceApi(hubSession.getClient()).apiVaultsAccessibleGet(null);
+        for(VaultDto vaultDto : vaultL) {
+            System.out.println(vaultDto);
+        }
+    }
+
+}
diff --git a/hub/src/test/java/cloud/katta/testsetup/AbstractHubTest.java b/hub/src/test/java/cloud/katta/testsetup/AbstractHubTest.java
@@ -20,6 +20,7 @@
 import org.junit.jupiter.params.provider.Arguments;
 
 import java.io.IOException;
+import java.net.URI;
 import java.nio.file.Files;
 import java.time.ZoneId;
 import java.time.ZonedDateTime;
@@ -70,8 +71,8 @@ public abstract class AbstractHubTest extends VaultTest {
         LOCAL_DOCKER_CONFIG = new HubTestConfig.Setup.DockerConfig("/docker-compose-minio-localhost-hub.yml", "/.local.env", "local", "admin", "admin", "top-secret");
         LOCAL = new HubTestConfig.Setup()
                 .withHubURL("http://localhost:8280")
-                .withUserConfig(new HubTestConfig.Setup.UserConfig("alice", "asd", staticSetupCode()))
-                .withAdminConfig(new HubTestConfig.Setup.UserConfig("admin", "admin", staticSetupCode()))
+                .withUserConfig(new HubTestConfig.Setup.UserConfig(new Credentials("alice", "asd"), staticSetupCode()))
+                .withAdminConfig(new HubTestConfig.Setup.UserConfig(new Credentials("admin", "admin"), staticSetupCode()))
                 .withDockerConfig(LOCAL_DOCKER_CONFIG);
     }
 
@@ -88,8 +89,8 @@ public abstract class AbstractHubTest extends VaultTest {
      */
     private static final HubTestConfig.Setup LOCAL_ATTENDED = new HubTestConfig.Setup()
             .withHubURL("http://localhost:8080")
-            .withAdminConfig(new HubTestConfig.Setup.UserConfig("admin", "admin", staticSetupCode()))
-            .withUserConfig(new HubTestConfig.Setup.UserConfig("alice", "asd", staticSetupCode()));
+            .withAdminConfig(new HubTestConfig.Setup.UserConfig(new Credentials("admin", "admin"), staticSetupCode()))
+            .withUserConfig(new HubTestConfig.Setup.UserConfig(new Credentials("alice", "asd"), staticSetupCode()));
     private static final Function<HubTestConfig.VaultSpec, Arguments> argumentAttendedLocalOnly = vs -> Arguments.of(Named.of(
             String.format("%s %s (Bucket %s)", vs.storageProfileName, LOCAL_ATTENDED.hubURL, vs.bucketName),
             new HubTestConfig(LOCAL_ATTENDED, vs)));
@@ -112,15 +113,15 @@ public abstract class AbstractHubTest extends VaultTest {
         HYBRID = new HubTestConfig.Setup()
                 .withHubURL("http://localhost:8280")
                 .withUserConfig(
-                        new HubTestConfig.Setup.UserConfig(
+                        new HubTestConfig.Setup.UserConfig(new Credentials(
                                 PROPERTIES.get("testing.katta.cloud.chipotle.user.name"),
-                                PROPERTIES.get("testing.katta.cloud.chipotle.user.password"),
+                                PROPERTIES.get("testing.katta.cloud.chipotle.user.password")),
                                 staticSetupCode())
                 )
                 .withAdminConfig(
-                        new HubTestConfig.Setup.UserConfig(
+                        new HubTestConfig.Setup.UserConfig(new Credentials(
                                 PROPERTIES.get("testing.katta.cloud.chipotle.admin.name"),
-                                PROPERTIES.get("testing.katta.cloud.chipotle.admin.password"),
+                                PROPERTIES.get("testing.katta.cloud.chipotle.admin.password")),
                                 staticSetupCode())
                 )
                 .withDockerConfig(HYBRID_DOCKER_CONFIG);
@@ -194,7 +195,16 @@ protected static HubSession setupConnection(final HubTestConfig.Setup setup) thr
         final DeviceSetupCallback proxy = deviceSetupCallback(setup);
         MockableDeviceSetupCallback.setProxy(proxy);
 
-        final Host hub = new HostParser(factory).get(setup.hubURL).withCredentials(new Credentials(setup.userConfig.username, setup.userConfig.password));
+        final Scheme scheme = setup.hubURL.startsWith("https://") ? Scheme.https : Scheme.http;
+        final Protocol profile = factory.find(p -> p.getScheme().equals(scheme) && p.getIdentifier().equals("hub") && p.isEnabled()).getFirst();
+        factory.find(p -> p.getIdentifier().equals("hub") && !p.getScheme().equals(scheme) && p instanceof Profile).stream().forEach(p -> factory.unregister((Profile) p));
+        assertNotNull(factory.forName("hub"));
+        assertNotNull(factory.forName("s3"));
+        final Host hub = new Host(profile).withCredentials(new Credentials(setup.userConfig.credentials).withOauth(new OAuthTokens(setup.userConfig.credentials.getOauth() != null ? setup.userConfig.credentials.getOauth() : OAuthTokens.EMPTY)));
+        hub.setHostname(HostParser.parse(setup.hubURL).getHostname());
+        hub.setDefaultPath(HostParser.parse(setup.hubURL).getDefaultPath());
+        hub.setPort(URI.create(setup.hubURL).getPort() > 0 ? URI.create(setup.hubURL).getPort() : scheme.getPort());
+
         final HubSession session = (HubSession) SessionFactory.create(hub, new DefaultX509TrustManager(), new DefaultX509KeyManager())
                 .withRegistry(VaultRegistryFactory.get(new DisabledPasswordCallback()));
         final LoginConnectionService login = new LoginConnectionService(new DisabledLoginCallback(), new DisabledHostKeyCallback(),
diff --git a/hub/src/test/java/cloud/katta/testsetup/HubTestConfig.java b/hub/src/test/java/cloud/katta/testsetup/HubTestConfig.java
@@ -4,6 +4,8 @@
 
 package cloud.katta.testsetup;
 
+import ch.cyberduck.core.Credentials;
+
 public class HubTestConfig {
     public final Setup setup;
     public final VaultSpec vault;
@@ -80,21 +82,18 @@ public DockerConfig(final String composeFile, final String envFile, final String
         }
 
         public static class UserConfig {
-            public final String username;
-            public final String password;
             public final String setupCode;
+            public final Credentials credentials;
 
-            public UserConfig(final String username, final String password, final String setupCode) {
-                this.username = username;
-                this.password = password;
+            public UserConfig(final Credentials credentials, final String setupCode) {
                 this.setupCode = setupCode;
+                this.credentials = credentials;
             }
 
             @Override
             public String toString() {
                 final StringBuilder sb = new StringBuilder("HubTestSetupUserConfig{");
-                sb.append("username='").append(username).append('\'');
-                sb.append(", password='").append(password).append('\'');
+                sb.append("credentials='").append(credentials).append('\'');
                 sb.append(", setupCode='").append(setupCode).append('\'');
                 sb.append('}');
                 return sb.toString();
diff --git a/hub/src/test/java/cloud/katta/testsetup/HubTestUtilities.java b/hub/src/test/java/cloud/katta/testsetup/HubTestUtilities.java
@@ -29,7 +29,7 @@ public class HubTestUtilities {
     public static ApiClient getAdminApiClient(final HubTestConfig.Setup setup) throws IOException, ApiException {
         final ConfigDto config = new ConfigResourceApi(new ApiClient().setBasePath(setup.hubURL)).apiConfigGet();
         final PasswordTokenRequest request = new PasswordTokenRequest(new ApacheHttpTransport(), new GsonFactory(), new GenericUrl(config.getKeycloakTokenEndpoint()),
-                setup.adminConfig.username, setup.adminConfig.password)
+                setup.adminConfig.credentials.getUsername(), setup.adminConfig.credentials.getPassword())
                 .setClientAuthentication(new ClientParametersAuthentication(setup.clientId, null))
                 .setRequestInitializer(new UserAgentHttpRequestInitializer(new PreferencesUseragentProvider()));
         final String adminAccessToken = request.executeUnparsed().parseAs(OAuth2AuthorizationService.PermissiveTokenResponse.class).toTokenResponse().getAccessToken();
diff --git a/hub/src/test/java/cloud/katta/workflows/UserKeysServiceImplIT.java b/hub/src/test/java/cloud/katta/workflows/UserKeysServiceImplIT.java
@@ -4,7 +4,16 @@
 
 package cloud.katta.workflows;
 
+import ch.cyberduck.core.Credentials;
 import ch.cyberduck.core.PasswordStoreFactory;
+
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+
+import java.util.stream.Stream;
+
 import cloud.katta.client.api.DeviceResourceApi;
 import cloud.katta.client.api.UsersResourceApi;
 import cloud.katta.client.model.DeviceDto;
@@ -17,15 +26,10 @@
 import cloud.katta.testsetup.HubTestSetupDockerExtension;
 import cloud.katta.workflows.exceptions.SecurityFailure;
 import com.nimbusds.jose.JOSEException;
+
 import static org.junit.Assert.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.Arguments;
-import org.junit.jupiter.params.provider.MethodSource;
-
-import java.util.stream.Stream;
 
 @ExtendWith({HubTestSetupDockerExtension.Local.class})
 class UserKeysServiceImplIT extends AbstractHubTest {
@@ -60,7 +64,7 @@ public void testFailSetupNewDeviceWithAccountKeyForExistingUserKeys(final HubTes
         final HubSession hubSession = setupConnection(config.setup);
 
         // Setting up new device w/ Account Key for existing user keys with erroneous setup code
-        final SecurityFailure securityException = assertThrows(SecurityFailure.class, () -> new UserKeysServiceImpl(hubSession).getOrCreateUserKeys(hubSession.getHost(), hubSession.getMe(), DeviceKeys.create(), deviceSetupCallback(new HubTestConfig.Setup().withUserConfig(new HubTestConfig.Setup.UserConfig("alice", "wonderland", "in")))));
+        final SecurityFailure securityException = assertThrows(SecurityFailure.class, () -> new UserKeysServiceImpl(hubSession).getOrCreateUserKeys(hubSession.getHost(), hubSession.getMe(), DeviceKeys.create(), deviceSetupCallback(new HubTestConfig.Setup().withUserConfig(new HubTestConfig.Setup.UserConfig(new Credentials("alice", "wonderland"), "in")))));
         assertEquals(JOSEException.class, securityException.getCause().getClass());
         assertEquals("checksum failed", securityException.getCause().getCause().getMessage());
     }
@@ -111,7 +115,7 @@ public void testSetupNewUserKeysAndAccountKey(final HubTestConfig config) throws
         new UsersResourceApi(hubSession.getClient()).apiUsersMeGet(true, false);
 
         // setting up new user keys and account key
-        final UserKeys userKeys = new UserKeysServiceImpl(hubSession).getOrCreateUserKeys(hubSession.getHost(), newMe, DeviceKeys.create(), deviceSetupCallback(new HubTestConfig.Setup().withUserConfig(new HubTestConfig.Setup.UserConfig("alice", "wonderland", "in"))));
+        final UserKeys userKeys = new UserKeysServiceImpl(hubSession).getOrCreateUserKeys(hubSession.getHost(), newMe, DeviceKeys.create(), deviceSetupCallback(new HubTestConfig.Setup().withUserConfig(new HubTestConfig.Setup.UserConfig(new Credentials("alice", "wonderland"), "in"))));
 
         assertNotEquals(expecteduserKeys, userKeys);
 
diff --git a/hub/src/test/resources/Katta Server http.cyberduckprofile b/hub/src/test/resources/Katta Server http.cyberduckprofile
@@ -17,8 +17,6 @@
         <key>Schemes</key>
         <array>
             <string>http</string>
-            <string>https</string>
-            <string>katta</string>
         </array>
         <key>Hostname Configurable</key>
         <true/>
@@ -37,4 +35,4 @@
         <key>Username Configurable</key>
         <false/>
     </dict>
-</plist>
+</plist>
diff --git a/hub/src/test/resources/Katta Server https.cyberduckprofile b/hub/src/test/resources/Katta Server https.cyberduckprofile
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2025 shift7 GmbH. All rights reserved.
+  -->
+
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+    <dict>
+        <key>Protocol</key>
+        <string>hub</string>
+        <key>Vendor</key>
+        <string>Shift 7 GmbH</string>
+        <key>Bundled</key>
+        <true/>
+        <key>Scheme</key>
+        <string>https</string>
+        <key>Schemes</key>
+        <array>
+            <string>https</string>
+        </array>
+        <key>Hostname Configurable</key>
+        <true/>
+        <key>Authorization</key>
+        <string>PasswordGrant</string>
+        <key>Scopes</key>
+        <array>
+            <string>openid</string>
+        </array>
+        <key>OAuth Redirect Url</key>
+        <string>${oauth.handler.scheme}:oauth</string>
+        <key>OAuth Client Secret</key>
+        <string/>
+        <key>Password Configurable</key>
+        <false/>
+        <key>Username Configurable</key>
+        <false/>
+    </dict>
+</plist>
diff --git a/pom.xml b/pom.xml
@@ -20,6 +20,8 @@
     <properties>
         <maven.compiler.source>8</maven.compiler.source>
         <maven.compiler.target>8</maven.compiler.target>
+        <maven.compiler.testSource>21</maven.compiler.testSource>
+        <maven.compiler.testTarget>21</maven.compiler.testTarget>
 
         <junit.jupiter.version>5.13.4</junit.jupiter.version>
         <junit.platform.version>1.13.4</junit.platform.version>
@@ -71,6 +73,9 @@
                         <source>${maven.compiler.source}</source>
                         <target>${maven.compiler.target}</target>
                         <release>${maven.compiler.target}</release>
+                        <testSource>${maven.compiler.testSource}</testSource>
+                        <testTarget>${maven.compiler.testTarget}</testTarget>
+                        <testRelease>${maven.compiler.testTarget}</testRelease>
                         <annotationProcessorPaths>
                             <path>
                                 <groupId>com.google.auto.service</groupId>
