2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.fe.servlets;
23 import static org.glassfish.jersey.test.TestProperties.CONTAINER_PORT;
24 import static org.junit.Assert.assertFalse;
25 import static org.junit.Assert.assertTrue;
26 import static org.mockito.Mockito.times;
27 import static org.mockito.Mockito.verify;
28 import static org.mockito.Mockito.when;
30 import java.io.IOException;
31 import java.util.ArrayList;
32 import java.util.List;
33 import javax.servlet.RequestDispatcher;
34 import javax.servlet.ServletContext;
35 import javax.servlet.ServletException;
36 import javax.servlet.ServletRequest;
37 import javax.servlet.ServletResponse;
38 import javax.servlet.http.Cookie;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
41 import javax.servlet.http.HttpSession;
42 import javax.ws.rs.core.Application;
43 import org.glassfish.jersey.internal.inject.AbstractBinder;
44 import org.glassfish.jersey.server.ResourceConfig;
45 import org.glassfish.jersey.test.JerseyTest;
46 import org.junit.jupiter.api.AfterEach;
47 import org.junit.jupiter.api.BeforeAll;
48 import org.junit.jupiter.api.BeforeEach;
49 import org.junit.jupiter.api.Test;
50 import org.mockito.Mockito;
51 import org.mockito.stubbing.Answer;
52 import org.openecomp.sdc.common.api.Constants;
53 import org.openecomp.sdc.fe.config.Configuration;
54 import org.openecomp.sdc.fe.config.ConfigurationManager;
56 class PortalServletTest extends JerseyTest {
58 private static final HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
59 private static final HttpSession httpSession = Mockito.mock(HttpSession.class);
60 private static final ServletContext servletContext = Mockito.mock(ServletContext.class);
61 private static final ConfigurationManager configurationManager = Mockito.mock(ConfigurationManager.class);
62 private static final Configuration configuration = Mockito.mock(Configuration.class);
63 private static final HttpServletResponse response = Mockito.spy(HttpServletResponse.class);
64 private static final RequestDispatcher rd = Mockito.spy(RequestDispatcher.class);
65 private static final Configuration.CookieConfig cookieConfiguration = Mockito.mock(Configuration.CookieConfig.class);
67 @SuppressWarnings("serial")
69 public static void setUpTests() {
70 when(request.getRequestDispatcher(Mockito.anyString())).thenReturn(rd);
71 when(request.getSession()).thenReturn(httpSession);
72 when(httpSession.getServletContext()).thenReturn(servletContext);
73 when(servletContext.getAttribute(Constants.CONFIGURATION_MANAGER_ATTR)).thenReturn(configurationManager);
74 when(configurationManager.getConfiguration()).thenReturn(configuration);
75 when(configuration.getAuthCookie()).thenReturn(cookieConfiguration);
76 List<List<String>> mandatoryHeaders = new ArrayList<>();
77 mandatoryHeaders.add(new ArrayList<String>() {
83 mandatoryHeaders.add(new ArrayList<String>() {
85 add("HTTP_CSP_ATTUID");
89 mandatoryHeaders.add(new ArrayList<String>() {
95 mandatoryHeaders.add(new ArrayList<String>() {
97 add("HTTP_CSP_WSTYPE");
98 add("csp-wstype csp-wstype");
102 List<List<String>> optionalHeaders = new ArrayList<>();
103 optionalHeaders.add(new ArrayList<String>() {
105 add("HTTP_CSP_FIRSTNAME");
106 add("csp-firstname");
109 optionalHeaders.add(new ArrayList<String>() {
111 add("HTTP_CSP_LASTNAME");
115 optionalHeaders.add(new ArrayList<String>() {
117 add("HTTP_IV_REMOTE_ADDRESS");
118 add("iv-remote-address");
122 when(configuration.getIdentificationHeaderFields()).thenReturn(mandatoryHeaders);
123 when(configuration.getOptionalHeaderFields()).thenReturn(optionalHeaders);
128 public void before() throws Exception {
133 public void tearDown() throws Exception {
135 Mockito.reset(response, rd);
139 void testMissingHeadersRequest() throws IOException {
140 when(request.getHeader(Mockito.anyString())).thenReturn(null);
141 when(request.getCookies()).thenReturn(getCookies());
142 target().path("/portal").request().get();
143 Mockito.verify(response, times(1))
144 .sendError(HttpServletResponse.SC_USE_PROXY, PortalServlet.MISSING_HEADERS_MSG);
148 void testSuccessfulRequest() throws IOException, ServletException {
149 ConfigurationManager.setTestInstance(configurationManager);
150 when(configuration.getAuthCookie().getCookieName()).thenReturn("cookieName");
151 when(configuration.getAuthCookie().getPath()).thenReturn("/");
152 when(configuration.getAuthCookie().getDomain()).thenReturn("");
153 when(configuration.getAuthCookie().getSecurityKey()).thenReturn("");
154 Mockito.doAnswer((Answer<Object>) invocation -> {
155 Object[] args = invocation.getArguments();
156 return (String) args[0];
157 }).when(request).getHeader(Mockito.anyString());
158 target().path("/portal").request().get();
159 verify(rd).forward(Mockito.any(ServletRequest.class), Mockito.any(ServletResponse.class));
163 void testSuccessfullAddofAuthCookie() throws IOException, ServletException {
164 ConfigurationManager.setTestInstance(configurationManager);
165 when(configuration.getAuthCookie().getCookieName()).thenReturn("cookieName");
166 when(configuration.getAuthCookie().getPath()).thenReturn("/");
167 when(configuration.getAuthCookie().getDomain()).thenReturn("");
168 when(configuration.getAuthCookie().getSecurityKey()).thenReturn("AGLDdG4D04BKm2IxIWEr8o==");
169 PortalServlet pp = new PortalServlet();
170 assertTrue(pp.addAuthCookie(response, "user", "test", "User"));
174 void testFailureMissingCookieConfiguration() throws IOException {
176 //missing configuration mock therefore will fail
177 PortalServlet pp = new PortalServlet();
178 pp.doGet(request, response);
179 assertFalse(pp.addAuthCookie(response, "user", "test", "User"));
184 protected Application configure() {
185 // Use any available port - this allows us to run the BE tests in parallel with this one.
186 forceSet(CONTAINER_PORT, "0");
187 ResourceConfig resourceConfig = new ResourceConfig(PortalServlet.class);
189 resourceConfig.register(new AbstractBinder() {
191 protected void configure() {
192 bind(request).to(HttpServletRequest.class);
193 bind(response).to(HttpServletResponse.class);
197 return resourceConfig;
200 private Cookie[] getCookies() {
201 Cookie[] cookies = new Cookie[1];
202 cookies[0] = new Cookie("someName", "aaa");