src/test/java/org/onap/dmaap/dbcapi/resources/AAFAuthenticationFilterTest.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * org.onap.dmaap
   4  * ================================================================================
   5  * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20 package org.onap.dmaap.dbcapi.resources;
  21
  22 import static org.junit.Assert.assertEquals;
  23 import static org.junit.Assert.assertFalse;
  24 import static org.junit.Assert.assertNotNull;
  25 import static org.junit.Assert.assertNull;
  26 import static org.junit.Assert.assertTrue;
  27 import static org.mockito.Matchers.anyString;
  28 import static org.mockito.Matchers.eq;
  29 import static org.mockito.Mockito.doReturn;
  30 import static org.mockito.Mockito.verify;
  31 import static org.mockito.Mockito.verifyNoMoreInteractions;
  32 import static org.mockito.Mockito.verifyZeroInteractions;
  33
  34 import java.io.PrintWriter;
  35 import java.io.StringWriter;
  36 import javax.servlet.FilterChain;
  37 import javax.servlet.FilterConfig;
  38 import javax.servlet.ServletException;
  39 import javax.servlet.http.HttpServletRequest;
  40 import javax.servlet.http.HttpServletResponse;
  41 import org.junit.Before;
  42 import org.junit.Rule;
  43 import org.junit.Test;
  44 import org.junit.rules.ExpectedException;
  45 import org.junit.runner.RunWith;
  46 import org.mockito.Mock;
  47 import org.mockito.Spy;
  48 import org.mockito.runners.MockitoJUnitRunner;
  49 import org.onap.aaf.cadi.filter.CadiFilter;
  50 import org.onap.dmaap.dbcapi.util.DmaapConfig;
  51
  52 @RunWith(MockitoJUnitRunner.class)
  53 public class AAFAuthenticationFilterTest {
  54
  55     @Spy
  56     private AAFAuthenticationFilter filter;
  57     @Mock
  58     private FilterConfig filterConfig;
  59     @Mock
  60     private CadiFilter cadiFilterMock;
  61     @Mock
  62     private HttpServletRequest servletRequest;
  63     @Mock
  64     private HttpServletResponse servletResponse;
  65     @Mock
  66     private FilterChain filterChain;
  67     @Mock
  68     private DmaapConfig dmaapConfig;
  69
  70     @Rule
  71     public ExpectedException thrown = ExpectedException.none();
  72
  73     @Before
  74     public void setUp() throws Exception {
  75         doReturn(dmaapConfig).when(filter).getConfig();
  76     }
  77
  78     @Test
  79     public void init_shouldNotInitializeCADI_whenAafIsNotUsed() throws Exception {
  80         //given
  81         doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.AAF_AUTHN_FLAG), anyString());
  82
  83         //when
  84         filter.init(filterConfig);
  85
  86         //then
  87         assertFalse(filter.isAafEnabled());
  88         assertNull(filter.getCadiFilter());
  89     }
  90
  91     @Test
  92     public void doFilter_shouldSkipCADI_whenAafIsNotUsed() throws Exception {
  93         //given
  94         doReturn("false").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.AAF_AUTHN_FLAG), anyString());
  95         filter.init(filterConfig);
  96         filter.setCadiFilter(cadiFilterMock);
  97
  98         //when
  99         filter.doFilter(servletRequest, servletResponse, filterChain);
 100
 101         //then
 102         verify(filterChain).doFilter(servletRequest,servletResponse);
 103         verifyZeroInteractions(cadiFilterMock,servletRequest,servletResponse);
 104     }
 105
 106     @Test
 107     public void init_shouldFail_whenAafIsUsed_andCadiPropertiesHasNotBeenSet() throws Exception {
 108         //given
 109         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.AAF_AUTHN_FLAG), anyString());
 110         doReturn("").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 111
 112         //then
 113         thrown.expect(ServletException.class);
 114         thrown.expectMessage("Cannot initialize CADI filter.CADI properties not available.");
 115
 116         //when
 117         filter.init(filterConfig);
 118     }
 119
 120     @Test
 121     public void init_shouldInitializeCADI_whenAafIsUsed_andCadiPropertiesSet() throws Exception {
 122         //given
 123         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.AAF_AUTHN_FLAG), anyString());
 124         doReturn("cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 125
 126         //when
 127         filter.init(filterConfig);
 128
 129         //then
 130         assertTrue(filter.isAafEnabled());
 131         assertNotNull(filter.getCadiFilter());
 132     }
 133
 134     @Test
 135     public void doFilter_shouldUseCADIfilter_andAuthenticateUser_whenAAFisUsed_andUserIsValid() throws Exception{
 136         //given
 137         initCADIFilter();
 138         doReturn(200).when(servletResponse).getStatus();
 139
 140         //when
 141         filter.doFilter(servletRequest,servletResponse,filterChain);
 142
 143         //then
 144         verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
 145         verify(servletResponse).getStatus();
 146         verifyNoMoreInteractions(servletResponse);
 147         verifyZeroInteractions(filterChain, servletRequest);
 148     }
 149
 150     @Test
 151     public void doFilter_shouldUseCADIfilter_andReturnAuthenticationError_whenAAFisUsed_andUserInvalid() throws Exception{
 152         //given
 153         String errorResponseJson = "{\"code\":401,\"message\":\"invalid or no credentials provided\",\"fields\":\"Authentication\",\"2xx\":false}";
 154         initCADIFilter();
 155         doReturn(401).when(servletResponse).getStatus();
 156         StringWriter sw = new StringWriter();
 157         PrintWriter pw = new PrintWriter(sw);
 158         doReturn(pw).when(servletResponse).getWriter();
 159
 160         //when
 161         filter.doFilter(servletRequest,servletResponse,filterChain);
 162
 163         //then
 164         verify(cadiFilterMock).doFilter(servletRequest,servletResponse,filterChain);
 165         verify(servletResponse).getStatus();
 166         verify(servletResponse).setContentType("application/json");
 167         verifyZeroInteractions(filterChain, servletRequest);
 168         assertEquals(errorResponseJson, sw.toString());
 169     }
 170
 171     private void initCADIFilter() throws Exception{
 172         doReturn("true").when(dmaapConfig).getProperty(eq(AAFAuthenticationFilter.AAF_AUTHN_FLAG), anyString());
 173         doReturn("cadi.properties").when(dmaapConfig).getProperty(AAFAuthenticationFilter.CADI_PROPERTIES);
 174         filter.init(filterConfig);
 175         filter.setCadiFilter(cadiFilterMock);
 176     }
 177
 178 }