From: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Date: Mon, 30 Jun 2025 06:35:18 +0000 (+0200)
Subject: Add AuthenticationTest for common library
X-Git-Tag: 1.15.5~3
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=1e0bba73f690b1c68fb74226198c79f33ee63182;p=so.git

Add AuthenticationTest for common library

- add integration test that asserts that basic auth
  is working correctly

Issue-ID: SO-4191
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Change-Id: Ief550aa42743e2bb0c8721261a3a02b3ca4bed44
---

diff --git a/common/src/test/java/org/onap/so/TestApp.java b/common/src/test/java/org/onap/so/TestApp.java
new file mode 100644
index 0000000000..dc2f1cf1b7
--- /dev/null
+++ b/common/src/test/java/org/onap/so/TestApp.java
@@ -0,0 +1,29 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP - SO
+ * ================================================================================
+ * Copyright © 2025 Deutsche Telekom AG Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so;
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * This is required to launch the full spring context in tests that use @SpringBootTest
+ */
+@SpringBootApplication
+public class TestApp {
+}
diff --git a/common/src/test/java/org/onap/so/security/AuthenticationTest.java b/common/src/test/java/org/onap/so/security/AuthenticationTest.java
new file mode 100644
index 0000000000..33c4665731
--- /dev/null
+++ b/common/src/test/java/org/onap/so/security/AuthenticationTest.java
@@ -0,0 +1,110 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP - SO
+ * ================================================================================
+ * Copyright © 2025 Deutsche Telekom AG Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.so.security;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import java.net.URI;
+import java.util.UUID;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.web.client.TestRestTemplate;
+import org.springframework.boot.web.server.LocalServerPort;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.DynamicPropertyRegistry;
+import org.springframework.test.context.DynamicPropertySource;
+import org.springframework.test.context.junit4.SpringRunner;
+import lombok.SneakyThrows;
+
+
+@ActiveProfiles("basic")
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
+public class AuthenticationTest {
+
+    private static final String USERNAME = "test-user";
+    private static final String PASSWORD = "test-password";
+    private static final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+
+    @DynamicPropertySource
+    static void configureProperties(DynamicPropertyRegistry registry) {
+        registry.add("logging.level.org.springframework.security", () -> "DEBUG");
+        registry.add("spring.security.usercredentials[0].username", () -> USERNAME);
+        registry.add("spring.security.usercredentials[0].role", () -> "test-role");
+        registry.add("spring.security.usercredentials[0].password", () -> encoder.encode(PASSWORD));
+    }
+
+    @LocalServerPort
+    int port;
+
+    @Test
+    @SneakyThrows
+    public void thatEndpointsAreAuthenticated() {
+        String baseUrl = "http://localhost:" + port;
+        TestRestTemplate restTemplate = new TestRestTemplate();
+        HttpHeaders headers = new HttpHeaders();
+        headers.set("X-ECOMP-RequestID", UUID.randomUUID().toString());
+        headers.set("X-ECOMP-InstanceID", "test");
+        headers.setBasicAuth(USERNAME, PASSWORD);
+        HttpEntity<String> entity = new HttpEntity<>(headers);
+
+        ResponseEntity<String> response =
+                restTemplate.exchange(new URI(baseUrl + "/"), HttpMethod.GET, entity, String.class);
+        assertEquals(HttpStatus.NOT_FOUND, response.getStatusCode());
+    }
+
+    @Test
+    @SneakyThrows
+    public void thatUnauthorizedRequestFails() {
+        String baseUrl = "http://localhost:" + port;
+        TestRestTemplate restTemplate = new TestRestTemplate();
+        HttpHeaders headers = new HttpHeaders();
+        headers.set("X-ECOMP-RequestID", UUID.randomUUID().toString());
+        headers.set("X-ECOMP-InstanceID", "test");
+        HttpEntity<String> entity = new HttpEntity<>(headers);
+
+        ResponseEntity<String> response =
+                restTemplate.exchange(new URI(baseUrl + "/"), HttpMethod.GET, entity, String.class);
+        assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
+    }
+
+    @Test
+    @SneakyThrows
+    public void thatManageIsAccessible() {
+        String baseUrl = "http://localhost:" + port;
+        TestRestTemplate restTemplate = new TestRestTemplate();
+        HttpHeaders headers = new HttpHeaders();
+        headers.set("X-ECOMP-RequestID", UUID.randomUUID().toString());
+        headers.set("X-ECOMP-InstanceID", "test");
+        HttpEntity<String> entity = new HttpEntity<>(headers);
+
+        ResponseEntity<String> response =
+                restTemplate.exchange(new URI(baseUrl + "/manage/health"), HttpMethod.GET, entity, String.class);
+        assertEquals(HttpStatus.NOT_FOUND, response.getStatusCode());
+    }
+}