vid-app-common/src/test/java/org/onap/vid/controller/ClientCredentialsFilterTest.java

   1 package org.onap.vid.controller;
   2
   3
   4 import org.junit.Assert;
   5 import org.mockito.Mockito;
   6 import org.onap.vid.controller.filter.ClientCredentialsFilter;
   7 import org.testng.annotations.DataProvider;
   8 import org.testng.annotations.Test;
   9
  10 import javax.servlet.FilterChain;
  11 import javax.servlet.ServletException;
  12 import javax.servlet.http.HttpServletRequest;
  13 import javax.servlet.http.HttpServletResponse;
  14 import java.io.IOException;
  15
  16 import static org.mockito.ArgumentMatchers.any;
  17
  18
  19 /**
  20  * Created by amichai on 16/05/2018.
  21  */
  22 public class ClientCredentialsFilterTest {
  23
  24     @DataProvider
  25     public static Object[][] authorizedData() {
  26         return new Object[][] {
  27                 {"Basic 123==", null},
  28                 {null, null},
  29                 {null, ""},
  30                 {"Basic 123==", ""},
  31                 {"Basic 123==", "Basic 123=="}
  32         };
  33     }
  34
  35     @DataProvider
  36     public static Object[][] notAuthorizedData() {
  37         return new Object[][] {
  38                 {null, "Basic 123=="},
  39                 {"", "Basic 123=="},
  40                 {"not null but not as expected", "Basic 123=="},
  41                 {"basic 123==", "Basic 123=="}
  42         };
  43     }
  44
  45     @DataProvider
  46     public static Object[][] clientVerified() {
  47         return new Object[][] {
  48                 {true},
  49                 {false}
  50         };
  51     }
  52
  53     @Test(dataProvider = "authorizedData")
  54     public void givenAuthorizationHeader_Authorized(String actualAuth, String expectedAuth){
  55         ClientCredentialsFilter filter = new ClientCredentialsFilter();
  56         Assert.assertTrue(filter.verifyClientCredentials(actualAuth, expectedAuth));
  57     }
  58
  59     @Test(dataProvider = "notAuthorizedData")
  60     public void givenAuthorizationHeader_NotAuthorized(String actualAuth, String expectedAuth){
  61         ClientCredentialsFilter filter = new ClientCredentialsFilter();
  62         Assert.assertFalse(filter.verifyClientCredentials(actualAuth, expectedAuth));
  63     }
  64
  65     //@Test(dataProvider = "clientVerified")
  66     public void notAuthorized_return401(Boolean clientVerified) throws IOException, ServletException {
  67         ClientCredentialsFilter filter = Mockito.mock(ClientCredentialsFilter.class);
  68         HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  69         HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  70         FilterChain chain = Mockito.mock(FilterChain.class);
  71
  72
  73         Mockito.when(filter.verifyClientCredentials(any(),any())).thenReturn(clientVerified);
  74         Mockito.doNothing().when(response).sendError(401);
  75
  76         Mockito.doCallRealMethod().when(filter).doFilter(request,response,chain);
  77         filter.doFilter(request,response,chain);
  78
  79         if (clientVerified)
  80         {
  81             Mockito.verify(chain).doFilter(request,response);
  82
  83         }
  84         else {
  85             Mockito.verify(response).sendError(401);
  86         }
  87
  88     }
  89
  90
  91 }