catalog-fe/src/test/java/org/openecomp/sdc/fe/filters/SecurityFilterTest.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * SDC
   4  * ================================================================================
   5  * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.openecomp.sdc.fe.filters;
  22
  23 import org.junit.Before;
  24 import org.junit.Test;
  25 import org.junit.runner.RunWith;
  26 import org.mockito.InjectMocks;
  27 import org.mockito.Mock;
  28 import org.mockito.Mockito;
  29 import org.mockito.Spy;
  30 import org.mockito.junit.MockitoJUnitRunner;
  31 import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
  32
  33 import javax.servlet.FilterChain;
  34 import javax.servlet.FilterConfig;
  35 import javax.servlet.ServletException;
  36 import javax.servlet.http.Cookie;
  37 import javax.servlet.http.HttpServletRequest;
  38 import javax.servlet.http.HttpServletResponse;
  39 import java.io.IOException;
  40
  41 import static org.mockito.Mockito.times;
  42 import static org.mockito.Mockito.when;
  43
  44
  45 @RunWith(MockitoJUnitRunner.class)
  46 public class SecurityFilterTest {
  47
  48     private static final String excludedUrls = "/config,/configmgr,/rest/healthCheck";
  49
  50     @Mock
  51     private HttpServletRequest request;
  52     @Mock
  53     private FilterChain filterChain;
  54     @Mock
  55     private FilterConfig filterConfig;
  56     @Spy
  57     private HttpServletResponse response;
  58
  59     @InjectMocks
  60     private SecurityFilter securityFilter = new SecurityFilter();
  61
  62     @Before
  63     public void setUpClass() throws ServletException{
  64         when(filterConfig.getInitParameter(SecurityFilter.FILTER_EXLUDED_URLS_KEY)).thenReturn(excludedUrls);
  65         securityFilter.init(filterConfig);
  66     }
  67
  68     @Test
  69     public void redirectPortalRequestAsCookieIsNotFound() throws ServletException, IOException {
  70         when(request.getServletPath()).thenReturn("/portal");
  71         when(request.getCookies()).thenReturn(getCookies(false));
  72         securityFilter.doFilter(request, response, filterChain);
  73         Mockito.verify(response, times(1)).sendRedirect(PortalApiProperties.getProperty(SecurityFilter.PORTAL_REDIRECT_URL_KEY));
  74     }
  75
  76     @Test
  77     public void redirectFeProxyRequestAsCookiesIsNull() throws ServletException, IOException {
  78         when(request.getServletPath()).thenReturn("/feProxy");
  79         when(request.getCookies()).thenReturn(null);
  80         securityFilter.doFilter(request, response, filterChain);
  81         Mockito.verify(response, times(1)).sendRedirect(PortalApiProperties.getProperty(SecurityFilter.PORTAL_REDIRECT_URL_KEY));
  82     }
  83
  84     @Test
  85     public void requestIsNotRedirectedAsItIsFromPortal() throws ServletException, IOException {
  86         when(request.getServletPath()).thenReturn("/feProxy");
  87         when(request.getCookies()).thenReturn(getCookies(true));
  88         securityFilter.doFilter(request, response, filterChain);
  89         Mockito.verify(response, times(0)).sendRedirect(PortalApiProperties.getProperty(SecurityFilter.PORTAL_REDIRECT_URL_KEY));
  90     }
  91
  92     @Test
  93     public void requestIsNotRedirectedAsHcUrlIsExcluded() throws ServletException, IOException {
  94         when(request.getServletPath()).thenReturn("/rest/healthCheck");
  95         securityFilter.doFilter(request, response, filterChain);
  96         Mockito.verify(response, times(0)).sendRedirect(PortalApiProperties.getProperty(SecurityFilter.PORTAL_REDIRECT_URL_KEY));
  97     }
  98
  99
 100     @Test
 101     public void requestIsNotRedirectedAsConfigUrlIsExcluded() throws ServletException, IOException {
 102         when(request.getServletPath()).thenReturn("/config");
 103         securityFilter.doFilter(request, response, filterChain);
 104         Mockito.verify(response, times(0)).sendRedirect(PortalApiProperties.getProperty(SecurityFilter.PORTAL_REDIRECT_URL_KEY));
 105     }
 106
 107     @Test
 108     public void requestIsNotRedirectedForConfigMngrUrlIsExcluded() throws ServletException, IOException {
 109         when(request.getServletPath()).thenReturn("/configmgr");
 110         securityFilter.doFilter(request, response, filterChain);
 111         Mockito.verify(response, times(0)).sendRedirect(PortalApiProperties.getProperty(SecurityFilter.PORTAL_REDIRECT_URL_KEY));
 112     }
 113
 114
 115     private Cookie[] getCookies(boolean isFromPortal) {
 116         Cookie[] cookies = new Cookie [1];
 117         if (isFromPortal) {
 118             cookies[0] = new Cookie(PortalApiProperties.getProperty(SecurityFilter.PORTAL_COOKIE_NAME_KEY), "aaa");
 119         }
 120         else {
 121             cookies[0] = new Cookie("someName", "aaa");
 122         }
 123         return cookies;
 124     }
 125 }