dmaap-bc/src/test/java/org/onap/dmaap/dbcapi/resources/AAFAuthenticationFilterTest.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * org.onap.dmaap
   4  * ================================================================================
   5  * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20 package org.onap.dmaap.dbcapi.resources;
  21
  22 import static org.junit.Assert.assertEquals;
  23 import static org.junit.Assert.assertFalse;
  24 import static org.junit.Assert.assertNotNull;
  25 import static org.junit.Assert.assertNull;
  26 import static org.junit.Assert.assertTrue;
  27 import static org.mockito.Matchers.anyString;
  28 import static org.mockito.Matchers.eq;
  29 import static org.mockito.Mockito.doReturn;
  30 import static org.mockito.Mockito.verify;
  31 import static org.mockito.Mockito.verifyNoMoreInteractions;
  32 import static org.mockito.Mockito.verifyZeroInteractions;
  33
  34 import java.io.PrintWriter;
  35 import java.io.StringWriter;
  36 import javax.servlet.FilterChain;
  37 import javax.servlet.FilterConfig;
  38 import javax.servlet.ServletException;
  39 import javax.servlet.http.HttpServletRequest;
  40 import javax.servlet.http.HttpServletResponse;
  41 import org.junit.Before;
  42 import org.junit.Rule;
  43 import org.junit.Test;
  44 import org.junit.rules.ExpectedException;
  45 import org.junit.runner.RunWith;
  46 import org.mockito.Mock;
  47 import org.mockito.Spy;
  48 import org.mockito.runners.MockitoJUnitRunner;
  49 import org.onap.aaf.cadi.filter.CadiFilter;
  50 import org.onap.dmaap.dbcapi.util.DmaapConfig;
  51
  52 @RunWith(MockitoJUnitRunner.class)
  53 public class AAFAuthenticationFilterTest {
  54
  55     @Spy
  56     private AAFAuthenticationFilter filter;
  57     @Mock
  58     private FilterConfig filterConfig;
  59     @Mock
  60     private CadiFilter cadiFilterMock;
  61     @Mock
  62     private HttpServletRequest servletRequest;
  63     @Mock
  64     private HttpServletResponse servletResponse;
  65     @Mock
  66     private FilterChain filterChain;
  67     @Mock
  68     private DmaapConfig dmaapConfig;
  69
  70     @Rule
  71     public ExpectedException thrown = ExpectedException.none();
  72
  73     @Before
  74     public void setUp() throws Exception {
  75         doReturn(dmaapConfig).when(filter).getConfig();
  76     }
  77
  78     @Test
  79     public void init_shouldNotInitializeCADI_whenAafIsNotUsed() throws Exception {
  80         //given
  81         doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
  82
  83         //when
  84         filter.init(filterConfig);
  85
  86         //then
  87         assertFalse(filter.isCadiEnabled());
  88         assertNull(filter.getCadiFilter());
  89     }
  90
  91     @Test
  92     public void doFilter_shouldSkipCADI_whenAafIsNotUsed() throws Exception {
  93         //given
  94         doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
  95         filter.init(filterConfig);
  96         filter.setCadiFilter(cadiFilterMock);
  97
  98         //when
  99         filter.doFilter(servletRequest, servletResponse, filterChain);
 100
 101         //then
 102         verify(filterChain).doFilter(servletRequest,servletResponse);
 103         verifyZeroInteractions(cadiFilterMock,servletRequest,servletResponse);
 104     }
 105
 106     @Test
 107     public void init_shouldFail_whenAafIsUsed_andCadiPropertiesHasNotBeenSet() throws Exception {
 108         //given
 109         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 110         doReturn("").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 111
 112         //then
 113         thrown.expect(ServletException.class);
 114         thrown.expectMessage("Cannot initialize CADI filter.CADI properties not available.");
 115
 116         //when
 117         filter.init(filterConfig);
 118     }
 119
 120     @Test
 121     public void init_shouldFail_whenAafIsUsed_andInvalidCadiPropertiesSet() throws Exception {
 122         //given
 123         String invalidFilePath = "src/test/resources/notExisting.properties";
 124         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 125         doReturn(invalidFilePath).when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 126
 127         //then
 128         thrown.expect(ServletException.class);
 129         thrown.expectMessage("Could not load CADI properties file: "+invalidFilePath);
 130
 131         //when
 132         filter.init(filterConfig);
 133     }
 134
 135   /*
 136    * See https://jira.onap.org/browse/DMAAP-1361  for why this is commented out
 137     @Test
 138     public void init_shouldInitializeCADI_whenAafIsUsed_andValidCadiPropertiesSet() throws Exception {
 139         //given
 140         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 141         doReturn("src/test/resources/cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 142
 143         //when
 144         filter.init(filterConfig);
 145
 146         //then
 147         assertTrue(filter.isCadiEnabled());
 148         assertNotNull(filter.getCadiFilter());
 149     }
 150
 151     @Test
 152     public void doFilter_shouldUseCADIfilter_andAuthenticateUser_whenAAFisUsed_andUserIsValid() throws Exception{
 153         //given
 154         initCADIFilter();
 155         doReturn(200).when(servletResponse).getStatus();
 156
 157         //when
 158         filter.doFilter(servletRequest,servletResponse,filterChain);
 159
 160         //then
 161         verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
 162         verify(servletResponse).getStatus();
 163         verifyNoMoreInteractions(servletResponse);
 164         verifyZeroInteractions(filterChain, servletRequest);
 165     }
 166
 167     @Test
 168     public void doFilter_shouldUseCADIfilter_andReturnAuthenticationError_whenAAFisUsed_andUserInvalid() throws Exception{
 169         //given
 170         String errorResponseJson = "{\"code\":401,\"message\":\"invalid or no credentials provided\",\"fields\":\"Authentication\",\"2xx\":false}";
 171         initCADIFilter();
 172         doReturn(401).when(servletResponse).getStatus();
 173         StringWriter sw = new StringWriter();
 174         PrintWriter pw = new PrintWriter(sw);
 175         doReturn(pw).when(servletResponse).getWriter();
 176
 177         //when
 178         filter.doFilter(servletRequest,servletResponse,filterChain);
 179
 180         //then
 181         verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
 182         verify(servletResponse).getStatus();
 183         verify(servletResponse).setContentType("application/json");
 184         verifyZeroInteractions(filterChain, servletRequest);
 185         assertEquals(errorResponseJson, sw.toString());
 186     }
 187
 188     private void initCADIFilter() throws Exception{
 189         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 190         doReturn("src/test/resources/cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 191         filter.init(filterConfig);
 192         filter.setCadiFilter(cadiFilterMock);
 193     }
 194 */
 195 }