2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.fe.servlets;
23 import org.glassfish.jersey.internal.inject.AbstractBinder;
24 import org.glassfish.jersey.server.ResourceConfig;
25 import org.glassfish.jersey.test.JerseyTest;
26 import org.junit.After;
27 import org.junit.BeforeClass;
28 import org.junit.Test;
29 import org.mockito.Mockito;
30 import org.mockito.stubbing.Answer;
31 import org.openecomp.sdc.common.api.Constants;
32 import org.openecomp.sdc.fe.config.Configuration;
33 import org.openecomp.sdc.fe.config.ConfigurationManager;
35 import javax.servlet.RequestDispatcher;
36 import javax.servlet.ServletContext;
37 import javax.servlet.ServletException;
38 import javax.servlet.ServletRequest;
39 import javax.servlet.ServletResponse;
40 import javax.servlet.http.Cookie;
41 import javax.servlet.http.HttpServletRequest;
42 import javax.servlet.http.HttpServletResponse;
43 import javax.servlet.http.HttpSession;
44 import javax.ws.rs.core.Application;
45 import java.io.IOException;
46 import java.util.ArrayList;
47 import java.util.List;
49 import static org.glassfish.jersey.test.TestProperties.CONTAINER_PORT;
50 import static org.junit.Assert.assertFalse;
51 import static org.junit.Assert.assertTrue;
52 import static org.mockito.Mockito.times;
53 import static org.mockito.Mockito.verify;
54 import static org.mockito.Mockito.when;
57 public class PortalServletTest extends JerseyTest {
59 private final static HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
60 private final static HttpSession httpSession = Mockito.mock(HttpSession.class);
61 private final static ServletContext servletContext = Mockito.mock(ServletContext.class);
62 private final static ConfigurationManager configurationManager = Mockito.mock(ConfigurationManager.class);
63 private final static Configuration configuration = Mockito.mock(Configuration.class);
64 private final static HttpServletResponse response = Mockito.spy(HttpServletResponse.class);
65 private final static RequestDispatcher rd = Mockito.spy(RequestDispatcher.class);
66 final static Configuration.CookieConfig cookieConfiguration = Mockito.mock(Configuration.CookieConfig.class);
68 @SuppressWarnings("serial")
70 public static void setUpTests() {
71 when(request.getRequestDispatcher(Mockito.anyString())).thenReturn(rd);
72 when(request.getSession()).thenReturn(httpSession);
73 when(httpSession.getServletContext()).thenReturn(servletContext);
74 when(servletContext.getAttribute(Constants.CONFIGURATION_MANAGER_ATTR)).thenReturn(configurationManager);
75 when(configurationManager.getConfiguration()).thenReturn(configuration);
76 when(configuration.getAuthCookie()).thenReturn(cookieConfiguration);
77 List<List<String>> mandatoryHeaders = new ArrayList<>();
78 mandatoryHeaders.add(new ArrayList<String>() {
84 mandatoryHeaders.add(new ArrayList<String>() {
86 add("HTTP_CSP_ATTUID");
90 mandatoryHeaders.add(new ArrayList<String>() {
96 mandatoryHeaders.add(new ArrayList<String>() {
98 add("HTTP_CSP_WSTYPE");
99 add("csp-wstype csp-wstype");
103 List<List<String>> optionalHeaders = new ArrayList<>();
104 optionalHeaders.add(new ArrayList<String>() {
106 add("HTTP_CSP_FIRSTNAME");
107 add("csp-firstname");
110 optionalHeaders.add(new ArrayList<String>() {
112 add("HTTP_CSP_LASTNAME");
116 optionalHeaders.add(new ArrayList<String>() {
118 add("HTTP_IV_REMOTE_ADDRESS");
119 add("iv-remote-address");
123 when(configuration.getIdentificationHeaderFields()).thenReturn(mandatoryHeaders);
124 when(configuration.getOptionalHeaderFields()).thenReturn(optionalHeaders);
129 public void tearDown() {
130 Mockito.reset(response, rd);
134 public void testMissingHeadersRequest() throws IOException {
135 when(request.getHeader(Mockito.anyString())).thenReturn(null);
136 when(request.getCookies()).thenReturn(getCookies());
137 target().path("/portal").request().get();
138 Mockito.verify(response, times(1)).sendError(HttpServletResponse.SC_USE_PROXY, PortalServlet.MISSING_HEADERS_MSG);
142 public void testSuccessfulRequest() throws IOException, ServletException {
143 ConfigurationManager.setTestInstance(configurationManager);
144 when(configuration.getAuthCookie().getCookieName()).thenReturn("cookieName");
145 when(configuration.getAuthCookie().getPath()).thenReturn("/");
146 when(configuration.getAuthCookie().getDomain()).thenReturn("");
147 when(configuration.getAuthCookie().getSecurityKey()).thenReturn("");
148 Mockito.doAnswer((Answer<Object>) invocation -> {
149 Object[] args = invocation.getArguments();
150 return (String) args[0];
151 }).when(request).getHeader(Mockito.anyString());
152 target().path("/portal").request().get();
153 verify(rd).forward(Mockito.any(ServletRequest.class), Mockito.any(ServletResponse.class));
158 public void testSuccessfullAddofAuthCookie() throws IOException, ServletException {
159 ConfigurationManager.setTestInstance(configurationManager);
160 when(configuration.getAuthCookie().getCookieName()).thenReturn("cookieName");
161 when(configuration.getAuthCookie().getPath()).thenReturn("/");
162 when(configuration.getAuthCookie().getDomain()).thenReturn("");
163 when(configuration.getAuthCookie().getSecurityKey()).thenReturn("AGLDdG4D04BKm2IxIWEr8o==");
164 PortalServlet pp = new PortalServlet();
165 assertTrue(pp.addAuthCookie(response,"user", "test" ,"User"));
169 public void testFailureMissingCookieConfiguration() throws IOException {
171 //missing configuration mock therefore will fail
172 PortalServlet pp = new PortalServlet();
173 pp.doGet(request,response);
174 assertFalse(pp.addAuthCookie(response,"user", "test" ,"User"));
181 protected Application configure() {
182 // Use any available port - this allows us to run the BE tests in parallel with this one.
183 forceSet(CONTAINER_PORT, "0");
184 ResourceConfig resourceConfig = new ResourceConfig(PortalServlet.class);
186 resourceConfig.register(new AbstractBinder() {
188 protected void configure() {
189 bind(request).to(HttpServletRequest.class);
190 bind(response).to(HttpServletResponse.class);
196 return resourceConfig;
199 private Cookie[] getCookies() {
200 Cookie[] cookies = new Cookie [1];
201 cookies[0] = new Cookie("someName", "aaa");