vid-app-common/src/test/java/org/onap/vid/controller/ClientCredentialsFilterTest.java

   1 package org.onap.vid.controller;
   2
   3
   4 import org.junit.Assert;
   5 import org.mockito.Mockito;
   6 import org.onap.vid.controller.filter.ClientCredentialsFilter;
   7 import org.testng.annotations.DataProvider;
   8 import org.testng.annotations.Test;
   9
  10 import javax.servlet.FilterChain;
  11 import javax.servlet.ServletException;
  12 import javax.servlet.http.HttpServletRequest;
  13 import javax.servlet.http.HttpServletResponse;
  14 import java.io.IOException;
  15
  16 import static org.mockito.ArgumentMatchers.any;
  17
  18
  19 /**
  20  * Created by amichai on 16/05/2018.
  21  */
  22 @Test
  23 public class ClientCredentialsFilterTest {
  24
  25     @DataProvider
  26     public static Object[][] authorizedData() {
  27         return new Object[][] {
  28                 {"Basic 123==", null},
  29                 {null, null},
  30                 {null, ""},
  31                 {"Basic 123==", ""},
  32                 {"Basic 123==", "Basic 123=="}
  33         };
  34     }
  35
  36     @DataProvider
  37     public static Object[][] notAuthorizedData() {
  38         return new Object[][] {
  39                 {null, "Basic 123=="},
  40                 {"", "Basic 123=="},
  41                 {"not null but not as expected", "Basic 123=="},
  42                 {"basic 123==", "Basic 123=="}
  43         };
  44     }
  45
  46     @DataProvider
  47     public static Object[][] clientVerified() {
  48         return new Object[][] {
  49                 {true},
  50                 {false}
  51         };
  52     }
  53
  54     @Test(dataProvider = "authorizedData")
  55     public void givenAuthorizationHeader_Authorized(String actualAuth, String expectedAuth){
  56         ClientCredentialsFilter filter = new ClientCredentialsFilter();
  57         Assert.assertTrue(filter.verifyClientCredentials(actualAuth, expectedAuth));
  58     }
  59
  60     @Test(dataProvider = "notAuthorizedData")
  61     public void givenAuthorizationHeader_NotAuthorized(String actualAuth, String expectedAuth){
  62         ClientCredentialsFilter filter = new ClientCredentialsFilter();
  63         Assert.assertFalse(filter.verifyClientCredentials(actualAuth, expectedAuth));
  64     }
  65
  66     //@Test(dataProvider = "clientVerified")
  67     public void notAuthorized_return401(Boolean clientVerified) throws IOException, ServletException {
  68         ClientCredentialsFilter filter = Mockito.mock(ClientCredentialsFilter.class);
  69         HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  70         HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  71         FilterChain chain = Mockito.mock(FilterChain.class);
  72
  73
  74         Mockito.when(filter.verifyClientCredentials(any(),any())).thenReturn(clientVerified);
  75         Mockito.doNothing().when(response).sendError(401);
  76
  77         Mockito.doCallRealMethod().when(filter).doFilter(request,response,chain);
  78         filter.doFilter(request,response,chain);
  79
  80         if (clientVerified)
  81         {
  82             Mockito.verify(chain).doFilter(request,response);
  83
  84         }
  85         else {
  86             Mockito.verify(response).sendError(401);
  87         }
  88
  89     }
  90
  91
  92 }