improved integration test
This commit is contained in:
parent
5512c6682c
commit
b1a785eda5
@ -3,6 +3,7 @@ package net.hostsharing.hsadminng.config;
|
||||
import java.util.Map;
|
||||
|
||||
import com.github.tomakehurst.wiremock.WireMockServer;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Tag;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
@ -18,8 +19,10 @@ import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.TestPropertySource;
|
||||
|
||||
import static com.github.tomakehurst.wiremock.client.WireMock.aResponse;
|
||||
import static com.github.tomakehurst.wiremock.client.WireMock.anyUrl;
|
||||
import static com.github.tomakehurst.wiremock.client.WireMock.get;
|
||||
import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo;
|
||||
import static java.util.Map.entry;
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
|
||||
@ -43,70 +46,108 @@ class WebSecurityConfigIntegrationTest {
|
||||
@Autowired
|
||||
private WireMockServer wireMockServer;
|
||||
|
||||
@Test
|
||||
public void shouldSupportPingEndpoint() {
|
||||
// given
|
||||
wireMockServer.stubFor(get(urlEqualTo("/cas/p3/serviceValidate?service=" + serviceUrl + "&ticket=test-user"))
|
||||
@BeforeEach
|
||||
void setUp() {
|
||||
wireMockServer.stubFor(get(anyUrl())
|
||||
.willReturn(aResponse()
|
||||
.withStatus(200)
|
||||
.withBody("""
|
||||
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
|
||||
<cas:authenticationSuccess>
|
||||
<cas:user>test-user</cas:user>
|
||||
</cas:authenticationSuccess>
|
||||
<cas:authenticationFailure/>
|
||||
</cas:serviceResponse>
|
||||
""")));
|
||||
}
|
||||
|
||||
|
||||
// fake Authorization header
|
||||
final var headers = new HttpHeaders();
|
||||
headers.set("Authorization", "test-user");
|
||||
@Test
|
||||
void accessToApiWithValidTokenShouldBePermitted() {
|
||||
// given
|
||||
givenCasTicketValidationResponse("fake-cas-ticket");
|
||||
|
||||
// http request
|
||||
final var result = restTemplate.exchange(
|
||||
"http://localhost:" + this.serverPort + "/api/ping",
|
||||
HttpMethod.GET,
|
||||
new HttpEntity<>(null, headers),
|
||||
httpHeaders(entry("Authorization", "fake-cas-ticket")),
|
||||
String.class
|
||||
);
|
||||
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
assertThat(result.getBody()).startsWith("pong test-user");
|
||||
assertThat(result.getBody()).startsWith("pong fake-cas-ticket");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportActuatorEndpoint() {
|
||||
void accessToApiWithoutTokenShouldBeDenied() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.serverPort + "/api/ping", String.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
|
||||
@Test
|
||||
void accessToApiWithInvalidTokenShouldBeDenied() {
|
||||
// given
|
||||
givenCasTicketValidationResponse("fake-cas-ticket");
|
||||
|
||||
// when
|
||||
final var result = restTemplate.exchange(
|
||||
"http://localhost:" + this.serverPort + "/api/ping",
|
||||
HttpMethod.GET,
|
||||
httpHeaders(entry("Authorization", "WRONG-cas-ticket")),
|
||||
String.class
|
||||
);
|
||||
|
||||
// then
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
|
||||
@Test
|
||||
void accessToActuatorShouldBePermitted() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/actuator", Map.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportSwaggerUi() {
|
||||
void accessToSwaggerUiShouldBePermitted() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/swagger-ui/index.html", String.class);
|
||||
"http://localhost:" + this.serverPort + "/swagger-ui/index.html", String.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportApiDocs() {
|
||||
void accessToApiDocsEndpointShouldBePermitted() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/v3/api-docs/swagger-config", String.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND); // permitted but not configured
|
||||
"http://localhost:" + this.serverPort + "/v3/api-docs/swagger-config", String.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
assertThat(result.getBody()).contains("\"configUrl\":\"/v3/api-docs/swagger-config\"");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportHealthEndpoint() {
|
||||
void accessToActuatorEndpointShouldBePermitted() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/actuator/health", Map.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
assertThat(result.getBody().get("status")).isEqualTo("UP");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldSupportMetricsEndpoint() {
|
||||
final var result = this.restTemplate.getForEntity(
|
||||
"http://localhost:" + this.managementPort + "/actuator/metrics", Map.class);
|
||||
assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
private void givenCasTicketValidationResponse(final String casToken) {
|
||||
wireMockServer.stubFor(get(urlEqualTo("/cas/p3/serviceValidate?service=" + serviceUrl + "&ticket=" + casToken))
|
||||
.willReturn(aResponse()
|
||||
.withStatus(200)
|
||||
.withBody("""
|
||||
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
|
||||
<cas:authenticationSuccess>
|
||||
<cas:user>${casToken}</cas:user>
|
||||
</cas:authenticationSuccess>
|
||||
</cas:serviceResponse>
|
||||
""".replace("${casToken}", casToken))));
|
||||
}
|
||||
|
||||
@SafeVarargs
|
||||
private HttpEntity<?> httpHeaders(final Map.Entry<String, String>... headerValues) {
|
||||
final var headers = new HttpHeaders();
|
||||
for ( Map.Entry<String, String> headerValue: headerValues ) {
|
||||
headers.add(headerValue.getKey(), headerValue.getValue());
|
||||
}
|
||||
return new HttpEntity<>(headers);
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user