Fail MD5 validation if server MD5 is missing (#299)

tjcelaya · web-flow · commit 0f31eaa7bb0c · 2017-08-15T03:55:41.000+09:00
Resolves #298 * Throw a checksum exception if checksum validation was requested but is impossible * Require entity to exist when validating checksum * StandardHttpHelperTest for validating response code and the fact that checksums are _required_ * Improve missing request entity error message * 100% test coverage of StandardHttpHelper#validateChecksum * Remove mistakenly-included template and extra newlines
diff --git a/java-manta-client/src/main/java/com/joyent/manta/client/MantaClient.java b/java-manta-client/src/main/java/com/joyent/manta/client/MantaClient.java
@@ -1057,6 +1057,7 @@ public MantaObjectResponse put(final String rawPath,
                                    final String string,
                                    final MantaHttpHeaders headers,
                                    final MantaMetadata metadata) throws IOException {
+        Validate.notNull(string, "String content must not be null");
         Validate.notNull(rawPath, "Path must not be null");
 
         String path = formatPath(rawPath);
diff --git a/java-manta-client/src/main/java/com/joyent/manta/http/StandardHttpHelper.java b/java-manta-client/src/main/java/com/joyent/manta/http/StandardHttpHelper.java
@@ -351,13 +351,11 @@ protected static void validateChecksum(final DigestedEntity entity,
                                            final HttpRequest request,
                                            final HttpResponse response)
             throws MantaChecksumFailedException {
-        if (entity == null) {
-            return;
-        }
+        Validate.notNull(entity, "Request body required");
 
         if (serverMd5 == null || serverMd5.length == 0) {
-            LOGGER.warn("No cryptographic check performed by the server");
-            return;
+            final String msg = "Server calculated MD5 is missing";
+            throw new MantaChecksumFailedException(msg, request, response);
         }
 
         final byte[] clientMd5 = entity.getDigest();
diff --git a/java-manta-client/src/test/java/com/joyent/manta/http/StandardHttpHelperTest.java b/java-manta-client/src/test/java/com/joyent/manta/http/StandardHttpHelperTest.java
@@ -0,0 +1,202 @@
+package com.joyent.manta.http;
+
+import com.joyent.manta.client.MantaObjectResponse;
+import com.joyent.manta.config.BaseChainedConfigContext;
+import com.joyent.manta.config.StandardConfigContext;
+import com.joyent.manta.exception.MantaChecksumFailedException;
+import com.joyent.manta.exception.MantaClientHttpResponseException;
+import com.joyent.manta.http.entity.NoContentEntity;
+import com.twmacinta.util.FastMD5Digest;
+import org.apache.commons.io.output.NullOutputStream;
+import org.apache.commons.lang3.RandomUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.http.Header;
+import org.apache.http.HttpStatus;
+import org.apache.http.StatusLine;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpPut;
+import org.apache.http.entity.ByteArrayEntity;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.message.BasicHeader;
+import org.bouncycastle.crypto.Digest;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.mockito.internal.util.reflection.Whitebox;
+import org.testng.Assert;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.Test;
+
+import java.util.Base64;
+
+import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.reset;
+import static org.mockito.Mockito.when;
+
+public class StandardHttpHelperTest {
+
+    @Mock
+    private final MantaConnectionFactory connectionFactory = mock(MantaConnectionFactory.class);
+    @Mock
+    private final CloseableHttpClient client = mock(CloseableHttpClient.class);
+    @Mock
+    private final CloseableHttpResponse response = mock(CloseableHttpResponse.class);
+    @Mock
+    private final MantaConnectionContext connCtx = mock(MantaConnectionContext.class);
+    @Mock
+    private final StatusLine statusLine = mock(StatusLine.class);
+
+    private BaseChainedConfigContext config;
+
+    @BeforeMethod
+    public void setup() throws Exception {
+        MockitoAnnotations.initMocks(this);
+        config = new StandardConfigContext().setMantaURL("");
+
+        Whitebox.setInternalState(connectionFactory, "config", config);
+
+        when(connCtx.getHttpClient())
+                .thenReturn(client);
+
+        when(client.execute(any()))
+                .thenReturn(response);
+
+        when(response.getStatusLine())
+                .thenReturn(statusLine);
+
+        when(response.getAllHeaders())
+                .thenReturn(new Header[]{});
+
+        when(connectionFactory.uriForPath(anyString()))
+                .thenCallRealMethod();
+
+        when(connectionFactory.put(Mockito.anyString()))
+                .thenCallRealMethod();
+    }
+
+    @Test
+    public void testHttpPutValidatesResponseCodeSuccessfully() throws Exception {
+        when(statusLine.getStatusCode())
+                .thenReturn(HttpStatus.SC_NO_CONTENT);
+
+        when(statusLine.getReasonPhrase())
+                .thenReturn("No Content");
+
+        config.setVerifyUploads(false);
+        final StandardHttpHelper helper = new StandardHttpHelper(connCtx, connectionFactory, config);
+
+        final MantaObjectResponse put =
+                helper.httpPut("/path", null, NoContentEntity.INSTANCE, null);
+
+        Assert.assertNotNull(put);
+    }
+
+    @Test
+    public void testHttpPutValidatesResponseCodeAndThrowsWhenInvalid() throws Exception {
+        when(statusLine.getStatusCode())
+                .thenReturn(HttpStatus.SC_OK);
+
+        when(statusLine.getReasonPhrase())
+                .thenReturn("OK");
+
+        final StandardHttpHelper helper = new StandardHttpHelper(connCtx, connectionFactory, config);
+
+        Assert.assertThrows(MantaClientHttpResponseException.class, () ->
+                helper.httpPut("/path", null, NoContentEntity.INSTANCE, null));
+    }
+
+    @Test
+    public void testHttpPutChecksumsSuccessfully() throws Exception {
+        when(statusLine.getStatusCode())
+                .thenReturn(HttpStatus.SC_NO_CONTENT);
+
+        when(statusLine.getReasonPhrase())
+                .thenReturn("No Content");
+
+        reset(client);
+        when(client.execute(any()))
+                .then((invocationOnMock) -> {
+                    // checksum is calculated as entity is written to network
+                    final HttpPut request = invocationOnMock.getArgumentAt(0, HttpPut.class);
+                    request.getEntity().writeTo(NullOutputStream.NULL_OUTPUT_STREAM);
+                    return response;
+                });
+
+        final byte[] contentBytes = RandomUtils.nextBytes(100);
+        final Digest digest = new FastMD5Digest();
+        final byte[] checksumBytes = new byte[digest.getDigestSize()];
+        digest.update(contentBytes, 0, contentBytes.length);
+        digest.doFinal(checksumBytes, 0);
+
+        when(response.getAllHeaders())
+                .thenReturn(new Header[]{
+                        new BasicHeader(
+                                MantaHttpHeaders.COMPUTED_MD5,
+                                Base64.getEncoder().encodeToString(checksumBytes))
+                });
+
+        final StandardHttpHelper helper = new StandardHttpHelper(connCtx, connectionFactory, config);
+
+        // it's the default but let's just be explicit
+        config.setVerifyUploads(true);
+
+        final MantaObjectResponse put =
+                helper.httpPut("/path", null, new ByteArrayEntity(contentBytes), null);
+
+        Assert.assertNotNull(put);
+    }
+
+    @Test
+    public void testHttpPutChecksumsCompareDifferentlyFails() throws Exception {
+        when(statusLine.getStatusCode())
+                .thenReturn(HttpStatus.SC_NO_CONTENT);
+
+        when(statusLine.getReasonPhrase())
+                .thenReturn("No Content");
+
+        reset(client);
+        when(client.execute(any()))
+                .then((invocationOnMock) -> {
+                    // checksum is calculated as entity is written to network
+                    final HttpPut request = invocationOnMock.getArgumentAt(0, HttpPut.class);
+                    request.getEntity().writeTo(NullOutputStream.NULL_OUTPUT_STREAM);
+                    return response;
+                });
+
+        final byte[] contentBytes = StringUtils.repeat('a', 100).getBytes();
+
+        when(response.getAllHeaders())
+                .thenReturn(new Header[]{
+                        new BasicHeader(
+                                MantaHttpHeaders.COMPUTED_MD5,
+                                "YmFzZTY0Cg==") // "base64" encoded in base64
+                });
+
+        final StandardHttpHelper helper = new StandardHttpHelper(connCtx, connectionFactory, config);
+
+        // it's the default but let's just be explicit
+        config.setVerifyUploads(true);
+
+        Assert.assertThrows(MantaChecksumFailedException.class, () ->
+                helper.httpPut("/path", null, new ByteArrayEntity(contentBytes), null));
+    }
+
+    @Test
+    public void testHttpPutThrowsWhenChecksumRequestedButNotReturned() throws Exception {
+        when(statusLine.getStatusCode())
+                .thenReturn(HttpStatus.SC_NO_CONTENT);
+
+        when(statusLine.getReasonPhrase())
+                .thenReturn("No Content");
+
+        final StandardHttpHelper helper = new StandardHttpHelper(connCtx, connectionFactory, config);
+
+        // it's the default but let's just be explicit
+        config.setVerifyUploads(true);
+
+        Assert.assertThrows(MantaChecksumFailedException.class, () ->
+                helper.httpPut("/path", null, NoContentEntity.INSTANCE, null));
+    }
+}
