simplified scenario/stories

.gitignore

@@ -4,4 +4,6 @@
 zap/tmp
 build/
 .gradle
-*.iml
+*.iml
+*.output
+log4j.properties

config.xml

@@ -7,14 +7,11 @@
     <!-- The web driver to use, can be either Firefox, Chrome or HtmlUnit.  Optionally specify path to the driver (required for linux)
          Some drivers require a path to the platform specific driver binary, for example chrome needs chromedriver.  If these values are not specified, we'll use HtmlUnit
     <defaultDriver>firefox</defaultDriver> -->
-    <defaultDriver path="src/test/resources/drivers/chromedriver-linux64">Chrome</defaultDriver>
+    <defaultDriver path="src/test/resources/drivers/chromedriver-mac">Chrome</defaultDriver>
 
     <!-- Base URL of the application to test -->
     <baseUrl>http://localhost:8080/</baseUrl>
 
-    <!-- Base Secure URL of the application to test.  Used for the SSL and the HTTP header tests -->
-    <baseSecureUrl>https://www.ssllabs.com/</baseSecureUrl>
-
     <!-- A Java class to hold the Selenium steps to test the application in depth. Optionally required for in-depth authn/z and session management testing. -->
     <class>net.continuumsecurity.examples.ropeytasks.RopeyTasksApplication</class>
 

log4j.properties

@@ -10,5 +10,4 @@ log4j.appender.A1.layout.ConversionPattern=%d{HH:mm:ss,SSS} %-5p [%c] - %m%n
 # Remove noise
 log4j.logger.org.apache.commons.httpclient = WARN
 log4j.logger.httpclient.wire = WARN
-log4j.logger.net.continuumsecurity = DEBUG
-log4j.logger.org.jbehave = DEBUG
+log4j.logger.net.continuumsecurity = DEBUG

src/test/java/net/continuumsecurity/steps/CorsSteps.java

@@ -34,7 +34,7 @@ public void checkAccessControlAllowOriginHeader(@Named("origin") String origin)
     	assertThat("The returned Access-Control-Allow-Origin header equals the Origin", returnedHeader, equalTo(origin));
     }
 
-    @Then("the header 'Access-Control-Allow-Origin' header is not returned")
+    @Then("the 'Access-Control-Allow-Origin' header is not returned")
     public void checkAccessControlAllowOriginHeader() {
     	String returnedHeader = ((ICors) app).getAccessControlAllowOriginHeader();
     	assertThat("The header 'Access-Control-Allow-Origin' header was not returned", returnedHeader, equalTo(null));

src/test/java/net/continuumsecurity/steps/SSLyzeSteps.java

@@ -1,10 +1,9 @@
 package net.continuumsecurity.steps;
 
-import cucumber.api.java.en.Given;
 import cucumber.api.java.en.Then;
+import cucumber.api.java.en.When;
 import net.continuumsecurity.Config;
 import net.continuumsecurity.ProcessExecutor;
-import net.continuumsecurity.Utils;
 import net.continuumsecurity.scanner.SSLyzeParser;
 
 import java.io.IOException;
@@ -26,42 +25,39 @@ public class SSLyzeSteps {
     SSLyzeParser parser;
     final static String OUTFILENAME="sslyze.output";
 
-    private ProcessExecutor createSSLyzeProcess() throws MalformedURLException {
+    private ProcessExecutor createSSLyzeProcess(String target, int port) throws MalformedURLException {
         List<String> cmds = new ArrayList<>();
         cmds.addAll(Arrays.asList(Config.getInstance().getSSLyze().split("\\s+")));
-        int port = Utils.getPortFromUrl(Config.getInstance().getBaseSecureUrl());
-
-        String target = Utils.getHostFromUrl(Config.getInstance().getBaseSecureUrl());
         if (port > -1) {
             target = target+":"+port;
         }
         cmds.add(target);
         return new ProcessExecutor(cmds);
     }
 
-    @Given("the SSLyze command is run against the secure base Url")
-    public void runSSLTestsOnSecureBaseUrl() throws IOException {
+    @When("^the SSLyze command is run against the (.*) on (\\d+)$")
+    public void runSSLTestsOnSecureBaseUrl(String host, int port) throws IOException {
         if (sslTester == null) {
-            sslTester = createSSLyzeProcess();
+            sslTester = createSSLyzeProcess(host, port);
             sslTester.setOutputFile(OUTFILENAME);
             sslTester.start();
             parser = new SSLyzeParser(sslTester.getOutput());
         }
     }
 
-    @Then("the output must contain the text $text")
+    @Then("the output must contain the text (.*)")
     public void verifyThatOutputContainsText(String text) throws IOException {
         if (text.startsWith("\"") || text.startsWith("'")) text = text.substring(1,text.length()-1);
         assertThat(sslTester.getOutput(), containsString(text));
     }
 
-    @Then("the output must contain a line that matches the regular expression $text")
+    @Then("^the output must contain a line that matches (.*)")
     public void verifyThatOutputMatchesRegex(String regex) throws IOException {
         if (regex.startsWith("\"") || regex.startsWith("'")) regex = regex.substring(1,regex.length()-1);
         assertThat(parser.doesAnyLineMatch(regex), equalTo(true));
     }
 
-    @Then("the minimum key size must be $size bits")
+    @Then("the minimum key size must be (\\d+) bits")
     public void verifyMinimumKeySize(int size) {
         assertThat(parser.findSmallestAcceptedKeySize(), greaterThanOrEqualTo(size));
     }