src/test/java/org/onap/dmaap/util/DMaaPAuthFilterTest.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * ONAP Policy Engine
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21  package org.onap.dmaap.util;
  22
  23 import static org.junit.Assert.assertFalse;
  24 import static org.junit.Assert.assertTrue;
  25 import static org.mockito.Mockito.verify;
  26 import static org.mockito.Mockito.when;
  27
  28 import java.io.IOException;
  29 import javax.security.cert.X509Certificate;
  30 import javax.servlet.FilterChain;
  31 import javax.servlet.ServletException;
  32 import org.apache.commons.codec.binary.Base64;
  33 import org.junit.Before;
  34 import org.junit.Test;
  35 import org.junit.runner.RunWith;
  36 import org.mockito.Mock;
  37 import org.mockito.Spy;
  38 import org.mockito.runners.MockitoJUnitRunner;
  39 import org.springframework.mock.web.MockHttpServletRequest;
  40 import org.springframework.mock.web.MockHttpServletResponse;
  41
  42
  43 @RunWith(MockitoJUnitRunner.class)
  44 public class DMaaPAuthFilterTest {
  45
  46         @Spy
  47         private DMaaPAuthFilter filter;
  48
  49         private MockHttpServletRequest request;
  50
  51         private MockHttpServletResponse response;
  52
  53         @Mock
  54         private FilterChain chain;
  55
  56         @Before
  57         public void setUp() throws Exception {
  58                 request = new MockHttpServletRequest();
  59                 response = new MockHttpServletResponse();
  60         }
  61
  62         @Test
  63         public void doFilter_shouldNotUseCadiFilter_whenCadiNotEnabled() throws IOException, ServletException {
  64                 //given
  65                 when(filter.isCadiEnabled()).thenReturn(false);
  66
  67                 //when
  68                 filter.doFilter(request, response, chain);
  69
  70                 //then
  71                 verify(chain).doFilter(request, response);
  72         }
  73
  74         @Test
  75         public void shouldFilterWithCADI_willBeFalse_whenCadiEnabled_noAuthData_affNotForced_notInvenioApp() {
  76                 //given
  77                 configureSettingsFlags(false);
  78
  79                 //when
  80                 boolean filteringWithCADI = filter.shouldFilterWithCADI(request);
  81
  82                 //then
  83                 assertFalse(filteringWithCADI);
  84         }
  85
  86         @Test
  87         public void shouldFilterWithCADI_willBeTrue_whenCadiEnabled_andAAFforcedFlagSet() {
  88                 //given
  89                 configureSettingsFlags(true);
  90
  91                 //when
  92                 boolean filteringWithCADI = filter.shouldFilterWithCADI(request);
  93
  94                 //then
  95                 assertTrue(filteringWithCADI);
  96         }
  97
  98         @Test
  99         public void shouldFilterWithCADI_willBeTrue_whenCadiEnabled_andBasicAuthorization() {
 100                 //given
 101                 configureSettingsFlags(false);
 102                 request.addHeader(DMaaPAuthFilter.AUTH_HEADER, Base64.encodeBase64("user/pass".getBytes()));
 103
 104                 //when
 105                 boolean filteringWithCADI = filter.shouldFilterWithCADI(request);
 106
 107                 //then
 108                 assertTrue(filteringWithCADI);
 109         }
 110
 111         @Test
 112         public void shouldFilterWithCADI_willBeTrue_whenCadiEnabled_andClientCertificate() {
 113                 //given
 114                 configureSettingsFlags(false);
 115                 request.setAttribute(DMaaPAuthFilter.X509_ATTR, new X509Certificate[]{});
 116
 117                 //when
 118                 boolean filteringWithCADI = filter.shouldFilterWithCADI(request);
 119
 120                 //then
 121                 assertTrue(filteringWithCADI);
 122         }
 123
 124         @Test
 125         public void shouldFilterWithCADI_willBeTrue_whenCadiEnabled_andInvenioAppWithCookie() {
 126                 //given
 127                 configureSettingsFlags(false);
 128                 request.addHeader(DMaaPAuthFilter.APP_HEADER, "invenio");
 129                 request.addHeader(DMaaPAuthFilter.COOKIE_HEADER, "value");
 130
 131                 //when
 132                 boolean filteringWithCADI = filter.shouldFilterWithCADI(request);
 133
 134                 //then
 135                 assertTrue(filteringWithCADI);
 136         }
 137
 138         @Test
 139         public void shouldFilterWithCADI_willBeFalse_whenCadiEnabled_andInvenioAppWithoutCookie() {
 140                 //given
 141                 configureSettingsFlags(false);
 142                 request.addHeader(DMaaPAuthFilter.APP_HEADER, "invenio");
 143
 144                 //when
 145                 boolean filteringWithCADI = filter.shouldFilterWithCADI(request);
 146
 147                 //then
 148                 assertFalse(filteringWithCADI);
 149         }
 150
 151         @Test
 152         public void shouldFilterWithCADI_willBeFalse_whenCadiEnabled_andNotInvenioApp() {
 153                 //given
 154                 configureSettingsFlags(false);
 155                 request.addHeader(DMaaPAuthFilter.APP_HEADER, "application");
 156
 157                 //when
 158                 boolean filteringWithCADI = filter.shouldFilterWithCADI(request);
 159
 160                 //then
 161                 assertFalse(filteringWithCADI);
 162         }
 163
 164         private void configureSettingsFlags(boolean isAAFforced) {
 165                 when(filter.isCadiEnabled()).thenReturn(true);
 166                 when(filter.isAAFforced()).thenReturn(isAAFforced);
 167         }
 168
 169 }