src/test/java/org/onap/dmaap/dbcapi/resources/AAFAuthenticationFilterTest.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * org.onap.dmaap
   4  * ================================================================================
   5  * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20 package org.onap.dmaap.dbcapi.resources;
  21
  22 import static org.junit.Assert.assertEquals;
  23 import static org.junit.Assert.assertFalse;
  24 import static org.junit.Assert.assertNotNull;
  25 import static org.junit.Assert.assertNull;
  26 import static org.junit.Assert.assertTrue;
  27 import static org.mockito.Matchers.anyString;
  28 import static org.mockito.Matchers.eq;
  29 import static org.mockito.Mockito.doReturn;
  30 import static org.mockito.Mockito.verify;
  31 import static org.mockito.Mockito.verifyNoMoreInteractions;
  32 import static org.mockito.Mockito.verifyZeroInteractions;
  33
  34 import java.io.PrintWriter;
  35 import java.io.StringWriter;
  36 import javax.servlet.FilterChain;
  37 import javax.servlet.FilterConfig;
  38 import javax.servlet.ServletException;
  39 import javax.servlet.http.HttpServletRequest;
  40 import javax.servlet.http.HttpServletResponse;
  41 import org.junit.Before;
  42 import org.junit.Rule;
  43 import org.junit.Test;
  44 import org.junit.rules.ExpectedException;
  45 import org.junit.runner.RunWith;
  46 import org.mockito.Mock;
  47 import org.mockito.Spy;
  48 import org.mockito.runners.MockitoJUnitRunner;
  49 import org.onap.aaf.cadi.filter.CadiFilter;
  50 import org.onap.dmaap.dbcapi.util.DmaapConfig;
  51
  52 @RunWith(MockitoJUnitRunner.class)
  53 public class AAFAuthenticationFilterTest {
  54
  55     @Spy
  56     private AAFAuthenticationFilter filter;
  57     @Mock
  58     private FilterConfig filterConfig;
  59     @Mock
  60     private CadiFilter cadiFilterMock;
  61     @Mock
  62     private HttpServletRequest servletRequest;
  63     @Mock
  64     private HttpServletResponse servletResponse;
  65     @Mock
  66     private FilterChain filterChain;
  67     @Mock
  68     private DmaapConfig dmaapConfig;
  69
  70     @Rule
  71     public ExpectedException thrown = ExpectedException.none();
  72
  73     @Before
  74     public void setUp() throws Exception {
  75         doReturn(dmaapConfig).when(filter).getConfig();
  76     }
  77
  78     @Test
  79     public void init_shouldNotInitializeCADI_whenAafIsNotUsed() throws Exception {
  80         //given
  81         doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
  82
  83         //when
  84         filter.init(filterConfig);
  85
  86         //then
  87         assertFalse(filter.isCadiEnabled());
  88         assertNull(filter.getCadiFilter());
  89     }
  90
  91     @Test
  92     public void doFilter_shouldSkipCADI_whenAafIsNotUsed() throws Exception {
  93         //given
  94         doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
  95         filter.init(filterConfig);
  96         filter.setCadiFilter(cadiFilterMock);
  97
  98         //when
  99         filter.doFilter(servletRequest, servletResponse, filterChain);
 100
 101         //then
 102         verify(filterChain).doFilter(servletRequest,servletResponse);
 103         verifyZeroInteractions(cadiFilterMock,servletRequest,servletResponse);
 104     }
 105
 106     @Test
 107     public void init_shouldFail_whenAafIsUsed_andCadiPropertiesHasNotBeenSet() throws Exception {
 108         //given
 109         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 110         doReturn("").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 111
 112         //then
 113         thrown.expect(ServletException.class);
 114         thrown.expectMessage("Cannot initialize CADI filter.CADI properties not available.");
 115
 116         //when
 117         filter.init(filterConfig);
 118     }
 119
 120     @Test
 121     public void init_shouldFail_whenAafIsUsed_andInvalidCadiPropertiesSet() throws Exception {
 122         //given
 123         String invalidFilePath = "src/test/resources/notExisting.properties";
 124         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 125         doReturn(invalidFilePath).when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 126
 127         //then
 128         thrown.expect(ServletException.class);
 129         thrown.expectMessage("Could not load CADI properties file: "+invalidFilePath);
 130
 131         //when
 132         filter.init(filterConfig);
 133     }
 134
 135     @Test
 136     public void init_shouldInitializeCADI_whenAafIsUsed_andValidCadiPropertiesSet() throws Exception {
 137         //given
 138         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 139         doReturn("src/test/resources/cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 140
 141         //when
 142         filter.init(filterConfig);
 143
 144         //then
 145         assertTrue(filter.isCadiEnabled());
 146         assertNotNull(filter.getCadiFilter());
 147     }
 148
 149     @Test
 150     public void doFilter_shouldUseCADIfilter_andAuthenticateUser_whenAAFisUsed_andUserIsValid() throws Exception{
 151         //given
 152         initCADIFilter();
 153         doReturn(200).when(servletResponse).getStatus();
 154
 155         //when
 156         filter.doFilter(servletRequest,servletResponse,filterChain);
 157
 158         //then
 159         verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
 160         verify(servletResponse).getStatus();
 161         verifyNoMoreInteractions(servletResponse);
 162         verifyZeroInteractions(filterChain, servletRequest);
 163     }
 164
 165     @Test
 166     public void doFilter_shouldUseCADIfilter_andReturnAuthenticationError_whenAAFisUsed_andUserInvalid() throws Exception{
 167         //given
 168         String errorResponseJson = "{\"code\":401,\"message\":\"invalid or no credentials provided\",\"fields\":\"Authentication\",\"2xx\":false}";
 169         initCADIFilter();
 170         doReturn(401).when(servletResponse).getStatus();
 171         StringWriter sw = new StringWriter();
 172         PrintWriter pw = new PrintWriter(sw);
 173         doReturn(pw).when(servletResponse).getWriter();
 174
 175         //when
 176         filter.doFilter(servletRequest,servletResponse,filterChain);
 177
 178         //then
 179         verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
 180         verify(servletResponse).getStatus();
 181         verify(servletResponse).setContentType("application/json");
 182         verifyZeroInteractions(filterChain, servletRequest);
 183         assertEquals(errorResponseJson, sw.toString());
 184     }
 185
 186     private void initCADIFilter() throws Exception{
 187         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.CADI_AUTHN_FLAG), anyString());
 188         doReturn("src/test/resources/cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 189         filter.init(filterConfig);
 190         filter.setCadiFilter(cadiFilterMock);
 191     }
 192
 193 }