2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.dmaap.dbcapi.resources;
22 import static org.junit.Assert.assertEquals;
23 import static org.junit.Assert.assertFalse;
24 import static org.junit.Assert.assertNotNull;
25 import static org.junit.Assert.assertNull;
26 import static org.junit.Assert.assertTrue;
27 import static org.mockito.Matchers.anyString;
28 import static org.mockito.Matchers.eq;
29 import static org.mockito.Mockito.doReturn;
30 import static org.mockito.Mockito.verify;
31 import static org.mockito.Mockito.verifyNoMoreInteractions;
32 import static org.mockito.Mockito.verifyZeroInteractions;
34 import java.io.PrintWriter;
35 import java.io.StringWriter;
36 import javax.servlet.FilterChain;
37 import javax.servlet.FilterConfig;
38 import javax.servlet.ServletException;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
41 import org.junit.Before;
42 import org.junit.Rule;
43 import org.junit.Test;
44 import org.junit.rules.ExpectedException;
45 import org.junit.runner.RunWith;
46 import org.mockito.Mock;
47 import org.mockito.Spy;
48 import org.mockito.runners.MockitoJUnitRunner;
49 import org.onap.aaf.cadi.filter.CadiFilter;
50 import org.onap.dmaap.dbcapi.util.DmaapConfig;
52 @RunWith(MockitoJUnitRunner.class)
53 public class AAFAuthenticationFilterTest {
56 private AAFAuthenticationFilter filter;
58 private FilterConfig filterConfig;
60 private CadiFilter cadiFilterMock;
62 private HttpServletRequest servletRequest;
64 private HttpServletResponse servletResponse;
66 private FilterChain filterChain;
68 private DmaapConfig dmaapConfig;
71 public ExpectedException thrown = ExpectedException.none();
74 public void setUp() throws Exception {
75 doReturn(dmaapConfig).when(filter).getConfig();
79 public void init_shouldNotInitializeCADI_whenAafIsNotUsed() throws Exception {
81 doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
84 filter.init(filterConfig);
87 assertFalse(filter.isCadiEnabled());
88 assertNull(filter.getCadiFilter());
92 public void doFilter_shouldSkipCADI_whenAafIsNotUsed() throws Exception {
94 doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
95 filter.init(filterConfig);
96 filter.setCadiFilter(cadiFilterMock);
99 filter.doFilter(servletRequest, servletResponse, filterChain);
102 verify(filterChain).doFilter(servletRequest,servletResponse);
103 verifyZeroInteractions(cadiFilterMock,servletRequest,servletResponse);
107 public void init_shouldFail_whenAafIsUsed_andCadiPropertiesHasNotBeenSet() throws Exception {
109 doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
110 doReturn("").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
113 thrown.expect(ServletException.class);
114 thrown.expectMessage("Cannot initialize CADI filter.CADI properties not available.");
117 filter.init(filterConfig);
121 public void init_shouldFail_whenAafIsUsed_andInvalidCadiPropertiesSet() throws Exception {
123 String invalidFilePath = "src/test/resources/notExisting.properties";
124 doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
125 doReturn(invalidFilePath).when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
128 thrown.expect(ServletException.class);
129 thrown.expectMessage("Could not load CADI properties file: "+invalidFilePath);
132 filter.init(filterConfig);
136 public void init_shouldInitializeCADI_whenAafIsUsed_andValidCadiPropertiesSet() throws Exception {
138 doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
139 doReturn("src/test/resources/cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
142 filter.init(filterConfig);
145 assertTrue(filter.isCadiEnabled());
146 assertNotNull(filter.getCadiFilter());
150 public void doFilter_shouldUseCADIfilter_andAuthenticateUser_whenAAFisUsed_andUserIsValid() throws Exception{
153 doReturn(200).when(servletResponse).getStatus();
156 filter.doFilter(servletRequest,servletResponse,filterChain);
159 verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
160 verify(servletResponse).getStatus();
161 verifyNoMoreInteractions(servletResponse);
162 verifyZeroInteractions(filterChain, servletRequest);
166 public void doFilter_shouldUseCADIfilter_andReturnAuthenticationError_whenAAFisUsed_andUserInvalid() throws Exception{
168 String errorResponseJson = "{\"code\":401,\"message\":\"invalid or no credentials provided\",\"fields\":\"Authentication\",\"2xx\":false}";
170 doReturn(401).when(servletResponse).getStatus();
171 StringWriter sw = new StringWriter();
172 PrintWriter pw = new PrintWriter(sw);
173 doReturn(pw).when(servletResponse).getWriter();
176 filter.doFilter(servletRequest,servletResponse,filterChain);
179 verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
180 verify(servletResponse).getStatus();
181 verify(servletResponse).setContentType("application/json");
182 verifyZeroInteractions(filterChain, servletRequest);
183 assertEquals(errorResponseJson, sw.toString());
186 private void initCADIFilter() throws Exception{
187 doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
188 doReturn("src/test/resources/cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
189 filter.init(filterConfig);
190 filter.setCadiFilter(cadiFilterMock);