1 files changed, 207 insertions, 0 deletions

diff --git a/catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/PortalServletTest.java b/catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/PortalServletTest.java
new file mode 100644
index 0000000000..fccb41bc99
--- /dev/null
+++ b/catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/PortalServletTest.java
@@ -0,0 +1,207 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * SDC
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.openecomp.sdc.fe.servlets;
+
+import org.glassfish.jersey.internal.inject.AbstractBinder;
+import org.glassfish.jersey.server.ResourceConfig;
+import org.glassfish.jersey.test.JerseyTest;
+import org.junit.After;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.mockito.stubbing.Answer;
+import org.onap.sdc.security.CipherUtil;
+import org.openecomp.sdc.common.api.Constants;
+import org.openecomp.sdc.fe.config.Configuration;
+import org.openecomp.sdc.fe.config.ConfigurationManager;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.ws.rs.core.Application;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.glassfish.jersey.test.TestProperties.CONTAINER_PORT;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+
+public class PortalServletTest extends JerseyTest {
+	
+	private final static HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+    private final static HttpSession httpSession = Mockito.mock(HttpSession.class);
+    private final static ServletContext servletContext = Mockito.mock(ServletContext.class);
+    private final static ConfigurationManager configurationManager = Mockito.mock(ConfigurationManager.class);
+    private final static Configuration configuration = Mockito.mock(Configuration.class);
+    private final static HttpServletResponse response = Mockito.spy(HttpServletResponse.class);
+    private final static RequestDispatcher rd = Mockito.spy(RequestDispatcher.class);
+	private static CipherUtil cipherUtil = Mockito.mock(CipherUtil.class);
+	final static Configuration.CookieConfig cookieConfiguration = Mockito.mock(Configuration.CookieConfig.class);
+
+	@SuppressWarnings("serial")
+	@BeforeClass
+	public static void setUpTests() {
+		when(request.getRequestDispatcher(Mockito.anyString())).thenReturn(rd);
+		when(request.getSession()).thenReturn(httpSession);
+		when(httpSession.getServletContext()).thenReturn(servletContext);
+		when(servletContext.getAttribute(Constants.CONFIGURATION_MANAGER_ATTR)).thenReturn(configurationManager);
+		when(configurationManager.getConfiguration()).thenReturn(configuration);
+		when(configuration.getAuthCookie()).thenReturn(cookieConfiguration);
+		List<List<String>> mandatoryHeaders = new ArrayList<>();
+		mandatoryHeaders.add(new ArrayList<String>() {
+			{
+				add("HTTP_IV_USER");
+				add("iv-user");
+			}
+		});
+		mandatoryHeaders.add(new ArrayList<String>() {
+			{
+				add("HTTP_CSP_ATTUID");
+				add("csp-attuid");
+			}
+		});
+		mandatoryHeaders.add(new ArrayList<String>() {
+			{
+				add("USER_ID");
+				add("csp-userId");
+			}
+		});
+		mandatoryHeaders.add(new ArrayList<String>() {
+			{
+				add("HTTP_CSP_WSTYPE");
+				add("csp-wstype csp-wstype");
+			}
+		});
+
+		List<List<String>> optionalHeaders = new ArrayList<>();
+		optionalHeaders.add(new ArrayList<String>() {
+			{
+				add("HTTP_CSP_FIRSTNAME");
+				add("csp-firstname");
+			}
+		});
+		optionalHeaders.add(new ArrayList<String>() {
+			{
+				add("HTTP_CSP_LASTNAME");
+				add("csp-lastname");
+			}
+		});
+		optionalHeaders.add(new ArrayList<String>() {
+			{
+				add("HTTP_IV_REMOTE_ADDRESS");
+				add("iv-remote-address");
+			}
+		});
+
+		when(configuration.getIdentificationHeaderFields()).thenReturn(mandatoryHeaders);
+		when(configuration.getOptionalHeaderFields()).thenReturn(optionalHeaders);
+
+	}
+
+	@After
+    public void tearDown() {
+	    Mockito.reset(response, rd);
+    }
+
+	@Test
+	public void testMissingHeadersRequest() throws IOException {
+		when(request.getHeader(Mockito.anyString())).thenReturn(null);
+        when(request.getCookies()).thenReturn(getCookies());
+        target().path("/portal").request().get();
+		Mockito.verify(response, times(1)).sendError(HttpServletResponse.SC_USE_PROXY, PortalServlet.MISSING_HEADERS_MSG);
+	}
+
+	@Test
+	public void testSuccessfulRequest() throws IOException, ServletException {
+		ConfigurationManager.setTestInstance(configurationManager);
+		when(configuration.getAuthCookie().getCookieName()).thenReturn("cookieName");
+		when(configuration.getAuthCookie().getPath()).thenReturn("/");
+		when(configuration.getAuthCookie().getDomain()).thenReturn("");
+		when(configuration.getAuthCookie().getSecurityKey()).thenReturn("");
+        Mockito.doAnswer((Answer<Object>) invocation -> {
+            Object[] args = invocation.getArguments();
+            return (String) args[0];
+        }).when(request).getHeader(Mockito.anyString());
+		target().path("/portal").request().get();
+		verify(rd).forward(Mockito.any(ServletRequest.class), Mockito.any(ServletResponse.class));
+	}
+
+
+	@Test
+	public void testSuccessfullAddofAuthCookie() throws IOException, ServletException {
+		ConfigurationManager.setTestInstance(configurationManager);
+		when(configuration.getAuthCookie().getCookieName()).thenReturn("cookieName");
+		when(configuration.getAuthCookie().getPath()).thenReturn("/");
+		when(configuration.getAuthCookie().getDomain()).thenReturn("");
+		when(configuration.getAuthCookie().getSecurityKey()).thenReturn("AGLDdG4D04BKm2IxIWEr8o==");
+		PortalServlet pp = new PortalServlet();
+		assertTrue(pp.addAuthCookie(response,"user", "test" ,"User"));
+	}
+
+	@Test
+	public void testFailureMissingCookieConfiguration() throws IOException {
+
+		//missing configuration mock therefore will fail
+		PortalServlet pp = new PortalServlet();
+		pp.doGet(request,response);
+		assertFalse(pp.addAuthCookie(response,"user", "test" ,"User"));
+
+	}
+
+
+
+	@Override
+	protected Application configure() {
+		// Use any available port - this allows us to run the BE tests in parallel with this one.
+		forceSet(CONTAINER_PORT, "0");
+		ResourceConfig resourceConfig = new ResourceConfig(PortalServlet.class);
+
+		resourceConfig.register(new AbstractBinder() {
+			@Override
+			protected void configure() {
+				bind(request).to(HttpServletRequest.class);
+				bind(response).to(HttpServletResponse.class);
+			}
+		});
+
+
+
+		return resourceConfig;
+	}
+
+    private Cookie[] getCookies() {
+        Cookie[] cookies = new Cookie [1];
+        cookies[0] = new Cookie("someName", "aaa");
+        return cookies;
+    }
+
+}