From 28144714a27e0463e181924ac51fa74c48810489 Mon Sep 17 00:00:00 2001 From: Zlatko Murgoski Date: Fri, 7 Jun 2019 18:09:53 +0200 Subject: Basic auth not working https://jira.onap.org/browse/DCAEGEN2-1541 Issue-ID: DCAEGEN2-1541 Change-Id: I61211b7a4693fea60b6da4bc460c2be47a41efa7 Signed-off-by: Zlatko Murgoski --- .../onap/dcae/restapi/ApiAuthInterceptionTest.java | 57 ++++++++++------------ 1 file changed, 26 insertions(+), 31 deletions(-) (limited to 'src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java') diff --git a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java index c0a06a07..4398faad 100644 --- a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java +++ b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java @@ -20,8 +20,18 @@ package org.onap.dcae.restapi; +import static org.mockito.Mockito.atLeastOnce; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + import io.vavr.collection.HashMap; import io.vavr.collection.Map; +import java.io.IOException; +import java.io.PrintWriter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.InjectMocks; @@ -35,16 +45,6 @@ import org.springframework.http.HttpStatus; import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.PrintWriter; - -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; - @RunWith(MockitoJUnitRunner.Silent.class) public class ApiAuthInterceptionTest { private static final String USERNAME = "Foo"; @@ -61,7 +61,7 @@ public class ApiAuthInterceptionTest { private HttpServletResponse response; @Mock - private Object obj; + private FilterChain obj; @Mock private PrintWriter writer; @@ -86,21 +86,21 @@ public class ApiAuthInterceptionTest { } @Test - public void shouldSucceedWhenAuthorizationIsDisabled() throws IOException { + public void shouldSucceedWhenAuthorizationIsDisabled() throws IOException, ServletException { // given final HttpServletRequest request = createEmptyRequest(); when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value()); // when - final boolean isAuthorized = sut.preHandle(request, response, obj); + sut.doFilter(request, response, obj); // then - assertTrue(isAuthorized); + verify(obj, atLeastOnce()).doFilter(request, response); } @Test - public void shouldFailDueToEmptyBasicAuthorizationHeader() throws IOException { + public void shouldFailDueToEmptyBasicAuthorizationHeader() throws IOException, ServletException { // given final HttpServletRequest request = createEmptyRequest(); @@ -108,18 +108,16 @@ public class ApiAuthInterceptionTest { when(response.getWriter()).thenReturn(writer); // when - final boolean isAuthorized = sut.preHandle(request, response, obj); - + sut.doFilter(request, response, obj); // then - assertFalse(isAuthorized); - verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); } @Test - public void shouldFailDueToBasicAuthenticationUserMissingFromSettings() throws IOException { + public void shouldFailDueToBasicAuthenticationUserMissingFromSettings() + throws IOException, ServletException { // given final HttpServletRequest request = createRequestWithAuthorizationHeader(); @@ -127,17 +125,15 @@ public class ApiAuthInterceptionTest { when(response.getWriter()).thenReturn(writer); // when - final boolean isAuthorized = sut.preHandle(request, response, obj); + sut.doFilter(request, response, obj); // then - assertFalse(isAuthorized); - verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); } @Test - public void shouldSucceed() throws IOException { + public void shouldSucceed() throws IOException, ServletException { // given final HttpServletRequest request = createRequestWithAuthorizationHeader(); when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); @@ -146,14 +142,15 @@ public class ApiAuthInterceptionTest { when(response.getWriter()).thenReturn(writer); // when - final boolean isAuthorized = sut.preHandle(request, response, obj); + sut.doFilter(request, response, obj); // then - assertTrue(isAuthorized); + verify(obj, atLeastOnce()).doFilter(request, response); } @Test - public void shouldFailDueToInvalidBasicAuthorizationHeaderValue() throws IOException { + public void shouldFailDueToInvalidBasicAuthorizationHeaderValue() + throws IOException, ServletException { // given final HttpServletRequest request = MockMvcRequestBuilders @@ -166,11 +163,9 @@ public class ApiAuthInterceptionTest { when(response.getWriter()).thenReturn(writer); // when - final boolean isAuthorized = sut.preHandle(request, response, obj); - - // then - assertFalse(isAuthorized); + sut.doFilter(request, response, obj); + //then verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); } -- cgit 1.2.3-korg