/*- | |
* ============LICENSE_START======================================================= | |
* OSAM | |
* ================================================================================ | |
* Copyright (C) 2018 AT&T | |
* ================================================================================ | |
* Licensed under the Apache License, Version 2.0 (the "License"); | |
* you may not use this file except in compliance with the License. | |
* You may obtain a copy of the License at | |
* | |
* http://www.apache.org/licenses/LICENSE-2.0 | |
* | |
* Unless required by applicable law or agreed to in writing, software | |
* distributed under the License is distributed on an "AS IS" BASIS, | |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
* See the License for the specific language governing permissions and | |
* limitations under the License. | |
* ============LICENSE_END========================================================= | |
*//* | |
package org.onap.osam.controller; | |
import org.junit.Assert; | |
import org.mockito.Mockito; | |
import org.onap.osam.filters.ClientCredentialsFilter; | |
import org.testng.annotations.DataProvider; | |
import org.testng.annotations.Test; | |
import javax.servlet.FilterChain; | |
import javax.servlet.ServletException; | |
import javax.servlet.http.HttpServletRequest; | |
import javax.servlet.http.HttpServletResponse; | |
import java.io.IOException; | |
import static org.mockito.Matchers.any; | |
@Test | |
public class ClientCredentialsFilterTest { | |
@DataProvider | |
public static Object[][] authorizedData() { | |
return new Object[][] { | |
{"Basic 123==", null}, | |
{null, null}, | |
{null, ""}, | |
{"Basic 123==", ""}, | |
{"Basic 123==", "Basic 123=="} | |
}; | |
} | |
@DataProvider | |
public static Object[][] notAuthorizedData() { | |
return new Object[][] { | |
{null, "Basic 123=="}, | |
{"", "Basic 123=="}, | |
{"not null but not as expected", "Basic 123=="}, | |
{"basic 123==", "Basic 123=="} | |
}; | |
} | |
@DataProvider | |
public static Object[][] clientVerified() { | |
return new Object[][] { | |
{true}, | |
{false} | |
}; | |
} | |
@Test(dataProvider = "authorizedData") | |
public void givenAuthorizationHeader_Authorized(String actualAuth, String expectedAuth){ | |
ClientCredentialsFilter filter = new ClientCredentialsFilter(); | |
Assert.assertTrue(filter.verifyClientCredentials(actualAuth, expectedAuth)); | |
} | |
@Test(dataProvider = "notAuthorizedData") | |
public void givenAuthorizationHeader_NotAuthorized(String actualAuth, String expectedAuth){ | |
ClientCredentialsFilter filter = new ClientCredentialsFilter(); | |
Assert.assertFalse(filter.verifyClientCredentials(actualAuth, expectedAuth)); | |
} | |
@Test(dataProvider = "clientVerified") | |
public void notAuthorized_return401(Boolean clientVerified) throws IOException, ServletException { | |
ClientCredentialsFilter filter = Mockito.mock(ClientCredentialsFilter.class); | |
HttpServletResponse response = Mockito.mock(HttpServletResponse.class); | |
HttpServletRequest request = Mockito.mock(HttpServletRequest.class); | |
FilterChain chain = Mockito.mock(FilterChain.class); | |
Mockito.when(filter.verifyClientCredentials(any(String.class),any(String.class))).thenReturn(clientVerified); | |
Mockito.doNothing().when(response).sendError(401); | |
Mockito.doCallRealMethod().when(filter).doFilter(request,response,chain); | |
filter.doFilter(request,response,chain); | |
if (clientVerified) | |
{ | |
Mockito.verify(chain).doFilter(request,response); | |
} | |
else { | |
Mockito.verify(response).sendError(401); | |
} | |
} | |
} | |
*/ |