clean up code + add back failing tests

Author: ldetmer

google-api-client-apache-v5/src/test/java/com/google/api/client/googleapis/apache/v5/ITGoogleApache5HttpTransportTest.java

@@ -29,11 +29,12 @@
 
 public class ITGoogleApache5HttpTransportTest {
 
-  /*@Test
-  public void testHttpRequestFailsWhenMakingRequestToSiteWithoutGoogleCerts()
+  @Test
+  public void testHttpRequestFailsWhenMakingRequestToSiteWithoutDefaultJdkCerts()
       throws GeneralSecurityException, IOException {
     Apache5HttpTransport apache5HttpTransport = GoogleApache5HttpTransport.newTrustedTransport();
-    HttpGet httpGet = new HttpGet("https://shopify.com/");
+    // Use a self-signed certificate site that won't be trusted by default trust store
+    HttpGet httpGet = new HttpGet("https://self-signed.badssl.com/");
     Exception exception = null;
     try {
       apache5HttpTransport
@@ -43,7 +44,7 @@ public void testHttpRequestFailsWhenMakingRequestToSiteWithoutGoogleCerts()
               new HttpClientResponseHandler<Void>() {
                 @Override
                 public Void handleResponse(ClassicHttpResponse response) {
-                  fail("Should not have been able to complete SSL request on non google site.");
+                  fail("Should not have been able to complete SSL request with untrusted cert.");
                   return null;
                 }
               });
@@ -54,7 +55,7 @@ public Void handleResponse(ClassicHttpResponse response) {
 
     assertNotNull(exception);
     assertEquals(exception.getClass(), SSLHandshakeException.class);
-  }*/
+  }
 
   @Test
   public void testHttpRequestPassesWhenMakingRequestToGoogleSite() throws Exception {

google-api-client/src/main/java/com/google/api/client/googleapis/GoogleUtils.java

@@ -79,6 +79,19 @@ public final class GoogleUtils {
   /** Bundled keystore password. */
   static final String BUNDLED_KEYSTORE_PASSWORD = "notasecret";
 
+  /** Default JDK cacerts file path relative to java.home. */
+  @VisibleForTesting
+  static String[] possibleJdkPaths = {
+          "lib/security/cacerts", // Java 9+
+          "jre/lib/security/cacerts" // Java 8 and earlier
+  };
+
+  /** Java home system property key. */
+  static final String JAVA_HOME_KEY = "java.home";
+
+  /** Default password for JDK cacerts file. */
+  static final String DEFAULT_CACERTS_PASSWORD = "changeit";
+
   /**
    * Loads the bundled google.p12 keystore containing trusted root certificates.
    *
@@ -103,16 +116,12 @@ static KeyStore getJdkDefaultKeyStore() throws IOException, GeneralSecurityExcep
     KeyStore keyStore = SecurityUtils.getDefaultKeyStore();
 
     // Find the default JDK cacerts location
-    String javaHome = System.getProperty("java.home");
-    String[] possiblePaths = {
-      "lib/security/cacerts", // Java 9+
-      "jre/lib/security/cacerts" // Java 8 and earlier
-    };
+    String javaHome = System.getProperty(JAVA_HOME_KEY);
 
-    for (String path : possiblePaths) {
+    for (String path : possibleJdkPaths) {
       File cacertsFile = new File(javaHome, path);
       try (FileInputStream fis = new FileInputStream(cacertsFile)) {
-        keyStore.load(fis, "changeit".toCharArray());
+        keyStore.load(fis, DEFAULT_CACERTS_PASSWORD.toCharArray());
         return keyStore;
       } catch (IOException e) {
         // File doesn't exist or can't be read, try next path

google-api-client/src/test/java/com/google/api/client/googleapis/GoogleUtilsTest.java

@@ -40,10 +40,10 @@ public void testGetCertificateTrustStore_LoadsJdkDefaultFirst() throws Exception
         trustStore.size());
   }
 
- /* public void testGetCertificateTrustStore_LoadsBundledKeystoreIfJdkDefaultLoadFails()
+  public void testGetCertificateTrustStore_LoadsBundledKeystoreIfJdkDefaultLoadFails()
       throws Exception {
     GoogleUtils.certTrustStore = null;
-    GoogleUtils.defaultCacertsPath = "bad/path";
+    GoogleUtils.possibleJdkPaths = new String[0];
 
     KeyStore trustStore = GoogleUtils.getCertificateTrustStore();
 
@@ -53,7 +53,7 @@ public void testGetCertificateTrustStore_LoadsJdkDefaultFirst() throws Exception
         "Certificate truststore should contain the same amount of certificates as the bundled keystore",
         trustStore.size(),
         bundled.size());
-  }*/
+  }
 
   public void testGetCertificateTrustStore_IsCached() throws Exception {
     KeyStore trustStore1 = GoogleUtils.getCertificateTrustStore();