From b1a785eda56a28a5679934be37176ad37ff67352 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Tue, 11 Mar 2025 14:49:13 +0100 Subject: [PATCH] improved integration test --- .../WebSecurityConfigIntegrationTest.java | 91 ++++++++++++++----- 1 file changed, 66 insertions(+), 25 deletions(-) diff --git a/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java index 063527cd..8ce18a45 100644 --- a/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java @@ -3,6 +3,7 @@ package net.hostsharing.hsadminng.config; import java.util.Map; import com.github.tomakehurst.wiremock.WireMockServer; +import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Tag; import org.junit.jupiter.api.Test; @@ -18,8 +19,10 @@ import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.TestPropertySource; import static com.github.tomakehurst.wiremock.client.WireMock.aResponse; +import static com.github.tomakehurst.wiremock.client.WireMock.anyUrl; import static com.github.tomakehurst.wiremock.client.WireMock.get; import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; +import static java.util.Map.entry; import static org.assertj.core.api.Assertions.assertThat; @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @@ -43,70 +46,108 @@ class WebSecurityConfigIntegrationTest { @Autowired private WireMockServer wireMockServer; - @Test - public void shouldSupportPingEndpoint() { - // given - wireMockServer.stubFor(get(urlEqualTo("/cas/p3/serviceValidate?service=" + serviceUrl + "&ticket=test-user")) + @BeforeEach + void setUp() { + wireMockServer.stubFor(get(anyUrl()) .willReturn(aResponse() .withStatus(200) .withBody(""" - - test-user - + """))); + } - - // fake Authorization header - final var headers = new HttpHeaders(); - headers.set("Authorization", "test-user"); + @Test + void accessToApiWithValidTokenShouldBePermitted() { + // given + givenCasTicketValidationResponse("fake-cas-ticket"); // http request final var result = restTemplate.exchange( "http://localhost:" + this.serverPort + "/api/ping", HttpMethod.GET, - new HttpEntity<>(null, headers), + httpHeaders(entry("Authorization", "fake-cas-ticket")), String.class ); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); - assertThat(result.getBody()).startsWith("pong test-user"); + assertThat(result.getBody()).startsWith("pong fake-cas-ticket"); } @Test - public void shouldSupportActuatorEndpoint() { + void accessToApiWithoutTokenShouldBeDenied() { + final var result = this.restTemplate.getForEntity( + "http://localhost:" + this.serverPort + "/api/ping", String.class); + assertThat(result.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED); + } + + @Test + void accessToApiWithInvalidTokenShouldBeDenied() { + // given + givenCasTicketValidationResponse("fake-cas-ticket"); + + // when + final var result = restTemplate.exchange( + "http://localhost:" + this.serverPort + "/api/ping", + HttpMethod.GET, + httpHeaders(entry("Authorization", "WRONG-cas-ticket")), + String.class + ); + + // then + assertThat(result.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED); + } + + @Test + void accessToActuatorShouldBePermitted() { final var result = this.restTemplate.getForEntity( "http://localhost:" + this.managementPort + "/actuator", Map.class); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); } @Test - public void shouldSupportSwaggerUi() { + void accessToSwaggerUiShouldBePermitted() { final var result = this.restTemplate.getForEntity( - "http://localhost:" + this.managementPort + "/swagger-ui/index.html", String.class); + "http://localhost:" + this.serverPort + "/swagger-ui/index.html", String.class); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); } @Test - public void shouldSupportApiDocs() { + void accessToApiDocsEndpointShouldBePermitted() { final var result = this.restTemplate.getForEntity( - "http://localhost:" + this.managementPort + "/v3/api-docs/swagger-config", String.class); - assertThat(result.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND); // permitted but not configured + "http://localhost:" + this.serverPort + "/v3/api-docs/swagger-config", String.class); + assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); + assertThat(result.getBody()).contains("\"configUrl\":\"/v3/api-docs/swagger-config\""); } @Test - public void shouldSupportHealthEndpoint() { + void accessToActuatorEndpointShouldBePermitted() { final var result = this.restTemplate.getForEntity( "http://localhost:" + this.managementPort + "/actuator/health", Map.class); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); assertThat(result.getBody().get("status")).isEqualTo("UP"); } - @Test - public void shouldSupportMetricsEndpoint() { - final var result = this.restTemplate.getForEntity( - "http://localhost:" + this.managementPort + "/actuator/metrics", Map.class); - assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); + private void givenCasTicketValidationResponse(final String casToken) { + wireMockServer.stubFor(get(urlEqualTo("/cas/p3/serviceValidate?service=" + serviceUrl + "&ticket=" + casToken)) + .willReturn(aResponse() + .withStatus(200) + .withBody(""" + + + ${casToken} + + + """.replace("${casToken}", casToken)))); + } + + @SafeVarargs + private HttpEntity httpHeaders(final Map.Entry... headerValues) { + final var headers = new HttpHeaders(); + for ( Map.Entry headerValue: headerValues ) { + headers.add(headerValue.getKey(), headerValue.getValue()); + } + return new HttpEntity<>(headers); } }