WebFuzzing
diff --git a/‎.gitignore‎
Lines changed: 14 additions & 1 deletion b/‎.gitignore‎
Lines changed: 14 additions & 1 deletion
diff --git a/‎jdk_11_gradle/em/embedded/graphql/patio-api/src/main/java/em/embedded/patio/EmbeddedEvoMasterController.java‎
Lines changed: 4 additions & 4 deletions b/‎jdk_11_gradle/em/embedded/graphql/patio-api/src/main/java/em/embedded/patio/EmbeddedEvoMasterController.java‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎jdk_11_gradle/em/embedded/rest/reservations-api/src/main/java/em/embedded/reservationsapi/EmbeddedEvoMasterController.java‎
Lines changed: 96 additions & 13 deletions b/‎jdk_11_gradle/em/embedded/rest/reservations-api/src/main/java/em/embedded/reservationsapi/EmbeddedEvoMasterController.java‎
Lines changed: 96 additions & 13 deletions
diff --git a/‎jdk_11_gradle/em/external/graphql/patio-api/src/main/java/em/external/patio/ExternalEvoMasterController.java‎
Lines changed: 4 additions & 4 deletions b/‎jdk_11_gradle/em/external/graphql/patio-api/src/main/java/em/external/patio/ExternalEvoMasterController.java‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎jdk_11_gradle/em/external/rest/reservations-api/src/main/java/em/external/reservationsapi/ExternalEvoMasterController.java‎
Lines changed: 91 additions & 6 deletions b/‎jdk_11_gradle/em/external/rest/reservations-api/src/main/java/em/external/reservationsapi/ExternalEvoMasterController.java‎
Lines changed: 91 additions & 6 deletions
diff --git a/‎jdk_11_maven/em/embedded/graphql/timbuctoo/src/main/java/em/embedded/nl/knaw/huygens/EmbeddedEvoMasterController.java‎
Lines changed: 1 addition & 1 deletion b/‎jdk_11_maven/em/embedded/graphql/timbuctoo/src/main/java/em/embedded/nl/knaw/huygens/EmbeddedEvoMasterController.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎jdk_11_maven/em/embedded/rest/cwa-verification/src/main/java/em/embedded/app/coronawarn/verification/EmbeddedEvoMasterController.java‎
Lines changed: 2 additions & 2 deletions b/‎jdk_11_maven/em/embedded/rest/cwa-verification/src/main/java/em/embedded/app/coronawarn/verification/EmbeddedEvoMasterController.java‎
Lines changed: 2 additions & 2 deletions
@@ -259,4 +259,17 @@ dotnet_3/em/embedded/rest/ScsDriver/generated-tests/
 /jdk_8_maven/em/embedded/graphql/spring-petclinic-graphql/target/
 /jdk_17_gradle/cs/rest/bibliothek/build/
 /jdk_17_gradle/em/external/rest/bibliothek/build
-/jdk_17_maven/cs/grpc/signal-registration/target/
+/jdk_17_maven/cs/grpc/signal-registration/target/
+/jdk_8_maven/em/embedded/grpc/ncs/target/
+/jdk_8_maven/em/embedded/grpc/scs/target/
+/jdk_8_maven/em/external/grpc/ncs/target/
+/jdk_8_maven/em/external/grpc/scs/target/
+/jdk_11_maven/em/external/rest/ind1/target/
+/jdk_17_gradle/build/
+/jdk_17_gradle/em/embedded/rest/bibliothek/build/
+/jdk_17_gradle/em/external/rest/bibliothek/build/
+/jdk_17_maven/cs/grpc/signal-registration/target/
+/jdk_17_maven/em/embedded/grpc/signal-registration/target/
+/jdk_17_maven/em/external/grpc/signal-registration/target/
+/jdk_17_maven/em/external/web/spring-petclinic/target/
+
@@ -8,11 +8,11 @@
 import org.evomaster.client.java.controller.api.dto.JsonTokenPostLoginDto;
 import org.evomaster.client.java.controller.api.dto.SutInfoDto;
 import org.evomaster.client.java.controller.api.dto.database.schema.DatabaseType;
-import org.evomaster.client.java.controller.db.DbCleaner;
-import org.evomaster.client.java.controller.db.SqlScriptRunner;
-import org.evomaster.client.java.controller.db.SqlScriptRunnerCached;
+import org.evomaster.client.java.sql.DbCleaner;
+import org.evomaster.client.java.sql.SqlScriptRunner;
+import org.evomaster.client.java.sql.SqlScriptRunnerCached;
 import org.evomaster.client.java.controller.internal.SutController;
-import org.evomaster.client.java.controller.internal.db.DbSpecification;
+import org.evomaster.client.java.sql.DbSpecification;
 import org.evomaster.client.java.controller.problem.GraphQlProblem;
 import org.evomaster.client.java.controller.problem.ProblemInfo;
 import org.testcontainers.containers.GenericContainer;
 
@@ -1,19 +1,27 @@
 package em.embedded.reservationsapi;
 
+import com.mongodb.BasicDBObject;
 import com.mongodb.client.MongoClient;
 import com.mongodb.client.MongoClients;
+import com.mongodb.client.MongoCollection;
+import com.mongodb.client.MongoDatabase;
+import org.bson.Document;
+import org.bson.types.ObjectId;
 import org.evomaster.client.java.controller.EmbeddedSutController;
 import org.evomaster.client.java.controller.InstrumentedSutStarter;
 import org.evomaster.client.java.controller.api.dto.AuthenticationDto;
+import org.evomaster.client.java.controller.api.dto.JsonTokenPostLoginDto;
 import org.evomaster.client.java.controller.api.dto.SutInfoDto;
-import org.evomaster.client.java.controller.internal.db.DbSpecification;
+import org.evomaster.client.java.sql.DbSpecification;
 import org.evomaster.client.java.controller.problem.ProblemInfo;
 import org.evomaster.client.java.controller.problem.RestProblem;
 import org.springframework.boot.SpringApplication;
 import org.springframework.context.ConfigurableApplicationContext;
 import org.testcontainers.containers.GenericContainer;
 import sk.cyrilgavala.reservationsApi.ReservationsApi;
 
+import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 
@@ -44,11 +52,22 @@ public static void main(String[] args) {
     //https://www.mongodb.com/docs/drivers/java/sync/current/compatibility/
     private static final String MONGODB_VERSION = "4.4";
 
-    private static final String MONGODB_DATABASE_NAME = "Reservations";
+    private static final String MONGODB_DATABASE_NAME = "reservations-api";
 
-    private static final GenericContainer mongodbContainer = new GenericContainer("mongo:" + MONGODB_VERSION)
+    //  docker run -p 27017:27017  -e MONGODB_REPLICA_SET_MODE=primary -e  ALLOW_EMPTY_PASSWORD=yes bitnami/mongodb:4.4
+    //  https://hub.docker.com/r/bitnami/mongodb
+    // cannot use standard Mongo image, due ridiculous handling of transaction that requires a cluster...
+
+    private static final GenericContainer mongodbContainer = new GenericContainer("bitnami/mongodb:" + MONGODB_VERSION)
+            .withTmpFs(Collections.singletonMap("/bitnami/mongodb", "rw"))
+            .withEnv("MONGODB_REPLICA_SET_MODE", "primary")
+            .withEnv("ALLOW_EMPTY_PASSWORD", "yes")
             .withExposedPorts(MONGODB_PORT);
 
+
+    private static final String rawPassword = "bar123";
+    private static final String hashedPassword = "$2a$10$nEDY5j731yXGnQHyM39PWurJWr1FukegmKYYarK5WOoAMmgDs6D3u";
+
     private String mongoDbUrl;
 
     private MongoClient mongoClient;
@@ -69,13 +88,12 @@ public String startSut() {
         mongoDbUrl = "mongodb://" + mongodbContainer.getContainerIpAddress() + ":" + mongodbContainer.getMappedPort(MONGODB_PORT) + "/" + MONGODB_DATABASE_NAME;
         mongoClient = MongoClients.create(mongoDbUrl);
 
-
-
         ctx = SpringApplication.run(ReservationsApi.class,
                 new String[]{"--server.port=0",
-                        "--databaseUrl="+mongoDbUrl,
-                        "--spring.data.mongodb.uri="+mongoDbUrl,
-                        "--spring.cache.type=NONE"
+                        "--databaseUrl=" + mongoDbUrl,
+                        "--spring.data.mongodb.uri=" + mongoDbUrl,
+                        "--spring.cache.type=NONE",
+                        "--app.jwt.secret=abcdef012345678901234567890123456789abcdef012345678901234567890123456789"
                 });
 
         return "http://localhost:" + getSutPort();
@@ -108,7 +126,40 @@ public String getPackagePrefixesToCover() {
 
     @Override
     public void resetStateOfSUT() {
-        mongoClient.getDatabase(MONGODB_DATABASE_NAME).drop();
+
+        MongoDatabase db = mongoClient.getDatabase(MONGODB_DATABASE_NAME);
+
+        //THIS WAS VERY EXPENSIVE for this API... might be due to transactions or different Docker image?
+        //db.drop();
+
+        for(String name: db.listCollectionNames()){
+            db.getCollection(name).deleteMany(new BasicDBObject());
+        }
+
+        MongoCollection<Document> users = db.getCollection("users");
+        users.insertMany(Arrays.asList(
+                new Document()
+                        .append("_id", new ObjectId())
+                        .append("_class", "sk.cyrilgavala.reservationsApi.model.User")
+                        .append("username", "foo")
+                        .append("email", "foo@foo.com")
+                        .append("password", hashedPassword)
+                        .append("role", "USER"),
+                new Document()
+                        .append("_id", new ObjectId())
+                        .append("_class", "sk.cyrilgavala.reservationsApi.model.User")
+                        .append("username", "bar")
+                        .append("email", "bar@foo.com")
+                        .append("password", hashedPassword)
+                        .append("role", "USER"),
+                new Document()
+                        .append("_id", new ObjectId())
+                        .append("_class", "sk.cyrilgavala.reservationsApi.model.User")
+                        .append("username", "admin")
+                        .append("email", "admin@foo.com")
+                        .append("password", hashedPassword)
+                        .append("role", "ADMIN")
+        ));
     }
 
     @Override
@@ -119,13 +170,41 @@ public List<DbSpecification> getDbSpecifications() {
 
     @Override
     public List<AuthenticationDto> getInfoForAuthentication() {
-        //TODO might need to setup JWT headers here
-        return null;
+        return Arrays.asList(
+                new AuthenticationDto() {{
+                    name = "admin";
+                    jsonTokenPostLogin = new JsonTokenPostLoginDto() {{
+                        userId = "admin";
+                        endpoint = "/api/user/login";
+                        jsonPayload = "{\"username\":\"admin\", \"password\":\""+rawPassword+"\"}";
+                        extractTokenField = "/accessToken";
+                        headerPrefix = "Bearer ";
+                    }};
+                }},
+                new AuthenticationDto() {{
+                    name = "foo";
+                    jsonTokenPostLogin = new JsonTokenPostLoginDto() {{
+                        userId = "foo";
+                        endpoint = "/api/user/login";
+                        jsonPayload = "{\"username\":\"foo\", \"password\":\""+rawPassword+"\"}";
+                        extractTokenField = "/accessToken";
+                        headerPrefix = "Bearer ";
+                    }};
+                }},
+                new AuthenticationDto() {{
+                    name = "bar";
+                    jsonTokenPostLogin = new JsonTokenPostLoginDto() {{
+                        userId = "bar";
+                        endpoint = "/api/user/login";
+                        jsonPayload = "{\"username\":\"bar\", \"password\":\""+rawPassword+"\"}";
+                        extractTokenField = "/accessToken";
+                        headerPrefix = "Bearer ";
+                    }};
+                }}
+        );
     }
 
 
-
-
     @Override
     public ProblemInfo getProblemInfo() {
         return new RestProblem(
@@ -139,5 +218,9 @@ public SutInfoDto.OutputFormat getPreferredOutputFormat() {
         return SutInfoDto.OutputFormat.JAVA_JUNIT_4;
     }
 
+    @Override
+    public Object getMongoConnection() {
+        return mongoClient;
+    }
 
 }
@@ -6,10 +6,10 @@
 import org.evomaster.client.java.controller.api.dto.JsonTokenPostLoginDto;
 import org.evomaster.client.java.controller.api.dto.SutInfoDto;
 import org.evomaster.client.java.controller.api.dto.database.schema.DatabaseType;
-import org.evomaster.client.java.controller.db.DbCleaner;
-import org.evomaster.client.java.controller.db.SqlScriptRunner;
-import org.evomaster.client.java.controller.db.SqlScriptRunnerCached;
-import org.evomaster.client.java.controller.internal.db.DbSpecification;
+import org.evomaster.client.java.sql.DbCleaner;
+import org.evomaster.client.java.sql.SqlScriptRunner;
+import org.evomaster.client.java.sql.SqlScriptRunnerCached;
+import org.evomaster.client.java.sql.DbSpecification;
 import org.evomaster.client.java.controller.problem.GraphQlProblem;
 import org.evomaster.client.java.controller.problem.ProblemInfo;
 import org.testcontainers.containers.GenericContainer;
 
@@ -1,16 +1,24 @@
 package em.external.reservationsapi;
 
+import com.mongodb.BasicDBObject;
 import com.mongodb.client.MongoClient;
 import com.mongodb.client.MongoClients;
+import com.mongodb.client.MongoCollection;
+import com.mongodb.client.MongoDatabase;
+import org.bson.Document;
+import org.bson.types.ObjectId;
 import org.evomaster.client.java.controller.ExternalSutController;
 import org.evomaster.client.java.controller.InstrumentedSutStarter;
 import org.evomaster.client.java.controller.api.dto.AuthenticationDto;
+import org.evomaster.client.java.controller.api.dto.JsonTokenPostLoginDto;
 import org.evomaster.client.java.controller.api.dto.SutInfoDto;
-import org.evomaster.client.java.controller.internal.db.DbSpecification;
+import org.evomaster.client.java.sql.DbSpecification;
 import org.evomaster.client.java.controller.problem.ProblemInfo;
 import org.evomaster.client.java.controller.problem.RestProblem;
 import org.testcontainers.containers.GenericContainer;
 
+import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 
 public class ExternalEvoMasterController extends ExternalSutController {
@@ -60,11 +68,17 @@ public static void main(String[] args) {
     //https://www.mongodb.com/docs/drivers/java/sync/current/compatibility/
     private static final String MONGODB_VERSION = "4.4";
 
-    private static final String MONGODB_DATABASE_NAME = "Reservations";
+    private static final String MONGODB_DATABASE_NAME = "reservations-api";
 
-    private static final GenericContainer mongodbContainer = new GenericContainer("mongo:" + MONGODB_VERSION)
+    private static final GenericContainer mongodbContainer = new GenericContainer("bitnami/mongodb:" + MONGODB_VERSION)
+            .withTmpFs(Collections.singletonMap("/bitnami/mongodb", "rw"))
+            .withEnv("MONGODB_REPLICA_SET_MODE", "primary")
+            .withEnv("ALLOW_EMPTY_PASSWORD", "yes")
             .withExposedPorts(MONGODB_PORT);
 
+    private static final String rawPassword = "bar123";
+    private static final String hashedPassword = "$2a$10$nEDY5j731yXGnQHyM39PWurJWr1FukegmKYYarK5WOoAMmgDs6D3u";
+
     private String mongoDbUrl;
 
     private MongoClient mongoClient;
@@ -101,7 +115,8 @@ public String[] getInputParameters() {
         return new String[]{
                 "--server.port=" + sutPort,
                 "--databaseUrl="+mongoDbUrl,
-                "--spring.data.mongodb.uri="+mongoDbUrl
+                "--spring.data.mongodb.uri="+mongoDbUrl,
+                "--app.jwt.secret=abcdef012345678901234567890123456789abcdef012345678901234567890123456789"
         };
     }
 
@@ -142,7 +157,40 @@ public void postStart() {
 
     @Override
     public void resetStateOfSUT() {
-        mongoClient.getDatabase(MONGODB_DATABASE_NAME).drop();
+        MongoDatabase db = mongoClient.getDatabase(MONGODB_DATABASE_NAME);
+
+        //THIS WAS VERY EXPENSIVE
+        //db.drop();
+
+        for(String name: db.listCollectionNames()){
+            db.getCollection(name).deleteMany(new BasicDBObject());
+        }
+
+        MongoCollection<Document> users = db.getCollection("users");
+        users.insertMany(Arrays.asList(
+                new Document()
+                        .append("_id", new ObjectId())
+                        .append("_class", "sk.cyrilgavala.reservationsApi.model.User")
+                        .append("username", "foo")
+                        .append("email", "foo@foo.com")
+                        .append("password", hashedPassword)
+                        .append("role", "USER"),
+                new Document()
+                        .append("_id", new ObjectId())
+                        .append("_class", "sk.cyrilgavala.reservationsApi.model.User")
+                        .append("username", "bar")
+                        .append("email", "bar@foo.com")
+                        .append("password", hashedPassword)
+                        .append("role", "USER"),
+                new Document()
+                        .append("_id", new ObjectId())
+                        .append("_class", "sk.cyrilgavala.reservationsApi.model.User")
+                        .append("username", "admin")
+                        .append("email", "admin@foo.com")
+                        .append("password", hashedPassword)
+                        .append("role", "ADMIN")
+        ));
+
     }
 
     @Override
@@ -178,11 +226,48 @@ public SutInfoDto.OutputFormat getPreferredOutputFormat() {
 
     @Override
     public List<AuthenticationDto> getInfoForAuthentication() {
-        return null;
+
+        return Arrays.asList(
+                new AuthenticationDto() {{
+                    name = "admin";
+                    jsonTokenPostLogin = new JsonTokenPostLoginDto() {{
+                        userId = "admin";
+                        endpoint = "/api/user/login";
+                        jsonPayload = "{\"username\":\"admin\", \"password\":\""+rawPassword+"\"}";
+                        extractTokenField = "/accessToken";
+                        headerPrefix = "Bearer ";
+                    }};
+                }},
+                new AuthenticationDto() {{
+                    name = "foo";
+                    jsonTokenPostLogin = new JsonTokenPostLoginDto() {{
+                        userId = "foo";
+                        endpoint = "/api/user/login";
+                        jsonPayload = "{\"username\":\"foo\", \"password\":\""+rawPassword+"\"}";
+                        extractTokenField = "/accessToken";
+                        headerPrefix = "Bearer ";
+                    }};
+                }},
+                new AuthenticationDto() {{
+                    name = "bar";
+                    jsonTokenPostLogin = new JsonTokenPostLoginDto() {{
+                        userId = "bar";
+                        endpoint = "/api/user/login";
+                        jsonPayload = "{\"username\":\"bar\", \"password\":\""+rawPassword+"\"}";
+                        extractTokenField = "/accessToken";
+                        headerPrefix = "Bearer ";
+                    }};
+                }}
+        );
     }
 
     @Override
     public List<DbSpecification> getDbSpecifications() {
         return null;
     }
+
+    @Override
+    public Object getMongoConnection() {
+        return mongoClient;
+    }
 }
@@ -10,7 +10,7 @@
 import org.evomaster.client.java.controller.InstrumentedSutStarter;
 import org.evomaster.client.java.controller.api.dto.AuthenticationDto;
 import org.evomaster.client.java.controller.api.dto.SutInfoDto;
-import org.evomaster.client.java.controller.internal.db.DbSpecification;
+import org.evomaster.client.java.sql.DbSpecification;
 import org.evomaster.client.java.controller.problem.GraphQlProblem;
 import org.evomaster.client.java.controller.problem.ProblemInfo;
 import org.testcontainers.containers.GenericContainer;
 
@@ -7,8 +7,8 @@
 import org.evomaster.client.java.controller.api.dto.AuthenticationDto;
 import org.evomaster.client.java.controller.api.dto.SutInfoDto;
 import org.evomaster.client.java.controller.api.dto.database.schema.DatabaseType;
-import org.evomaster.client.java.controller.db.DbCleaner;
-import org.evomaster.client.java.controller.internal.db.DbSpecification;
+import org.evomaster.client.java.sql.DbCleaner;
+import org.evomaster.client.java.sql.DbSpecification;
 import org.evomaster.client.java.controller.problem.ProblemInfo;
 import org.evomaster.client.java.controller.problem.RestProblem;
 import org.springframework.boot.SpringApplication;