import io.vertx.core.DeploymentOptions;
import io.vertx.core.Vertx;
import io.vertx.core.json.Json;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.unit.Async;
import io.vertx.ext.unit.TestContext;
import io.vertx.ext.unit.junit.VertxUnitRunner;
import java.util.Arrays;
import java.util.HashMap;
import org.apache.logging.log4j.Logger;
import org.folio.okapi.auth.MainVerticle;
import org.folio.okapi.common.ErrorType;
import org.folio.okapi.common.OkapiClient;
import org.folio.okapi.common.OkapiLogger;
import org.folio.okapi.common.XOkapiHeaders;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@java.lang.SuppressWarnings({"squid:S1192"})
@RunWith(VertxUnitRunner.class)
public class AuthModuleTest {
private Vertx vertx;
private static final int PORT = 9230;
private static final String URL = "http://localhost:" + Integer.toString(PORT);
private final Logger logger = OkapiLogger.get();
@Before
public void setUp(TestContext context) {
logger.debug("setUp");
vertx = Vertx.vertx();
System.setProperty("port", Integer.toString(PORT));
DeploymentOptions opt = new DeploymentOptions();
vertx.deployVerticle(MainVerticle.class.getName(), opt, context.asyncAssertSuccess());
}
@After
public void tearDown(TestContext context) {
Async async = context.async();
vertx.close(x -> async.complete());
}
@Test
public void testNoTokenNoTenant(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.get("/notokentenant", res -> {
cli.close();
context.assertTrue(res.succeeded());
async.complete();
});
}
@Test
public void testNoTokenNoTenantPermRequired(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.PERMISSIONS_REQUIRED, "foo,bar");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.get("/notokentenant", res -> {
cli.close();
context.assertTrue(res.failed());
context.assertEquals("401: Permissions required: foo,bar", res.cause().getMessage());
async.complete();
});
}
@Test
public void testNoTenant(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.setOkapiToken("a.b.c");
cli.get("/notenant", res -> {
context.assertTrue(res.failed());
context.assertEquals(ErrorType.USER, res.getType());
async.complete();
});
}
@Test
public void testBadToken(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.setOkapiToken("a.b");
cli.get("/badtoken", res -> {
cli.close();
context.assertTrue(res.failed());
context.assertEquals(ErrorType.USER, res.getType());
async.complete();
});
}
@Test
public void testBadTokenJwt(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.setOkapiToken("a.b.c");
cli.get("/badjwt", res -> {
cli.close();
context.assertTrue(res.failed());
context.assertEquals(ErrorType.USER, res.getType());
async.complete();
});
}
@Test
public void testBadTokenPayload(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.setOkapiToken("dummyJwt.b.c");
cli.get("/badpayload", res -> {
cli.close();
context.assertTrue(res.failed());
context.assertEquals(ErrorType.USER, res.getType());
async.complete();
});
}
@Test
public void testBadLogin(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
JsonObject j = new JsonObject();
j.put("tenant", "my-lib");
j.put("username", "foo");
j.put("password", "badpassword");
String body = j.encodePrettily();
cli.post("/authn/login", body, res -> {
cli.close();
context.assertTrue(res.failed());
context.assertEquals(ErrorType.USER, res.getType());
async.complete();
});
}
@Test
public void testEmptyLogin(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.post("/authn/login", "", res -> {
cli.close();
context.assertTrue(res.succeeded());
async.complete();
});
}
@Test
public void testBadJsonLogin(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.post("/authn/login", "{", res -> {
cli.close();
context.assertTrue(res.failed());
context.assertEquals(ErrorType.USER, res.getType());
async.complete();
});
}
@Test
public void testGetLogin(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.get("/authn/login", res -> {
cli.close();
context.assertTrue(res.succeeded());
async.complete();
});
}
@Test
public void testOkLogin(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
headers.put("Content-Type", "application/json");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
JsonObject j = new JsonObject();
j.put("tenant", "my-lib");
j.put("username", "foo");
j.put("password", "foo-password");
String body = j.encodePrettily();
cli.post("/authn/login", body, res -> {
context.assertTrue(res.succeeded());
cli.setOkapiToken(cli.getRespHeaders().get(XOkapiHeaders.TOKEN));
testNormal(context, cli, async);
});
}
private void testNormal(TestContext context, OkapiClient cli, Async async) {
cli.get("/normal", res -> {
if (res.succeeded()) {
cli.post("/normal", "{}", res2 -> {
cli.close();
context.assertTrue(res2.succeeded());
async.complete();
});
} else {
cli.close();
context.assertTrue(res.succeeded());
async.complete();
}
});
}
@Test
public void testPostTenant1(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
headers.put("Content-Type", "application/json");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
JsonObject j = new JsonObject();
j.put("tenant", "my-lib");
j.put("username", "foo");
j.put("password", "foo-password");
String body = j.encodePrettily();
cli.post("/authn/login", body, res -> {
context.assertTrue(res.succeeded());
cli.setOkapiToken(cli.getRespHeaders().get(XOkapiHeaders.TOKEN));
cli.post("/_/tenant", "{}", res2 -> {
context.assertTrue(res2.succeeded());
async.complete();
});
});
}
@Test
public void testPostTenant2(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
headers.put("Content-Type", "application/json");
headers.put(XOkapiHeaders.PERMISSIONS_REQUIRED, "a,b");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
JsonObject j = new JsonObject();
j.put("tenant", "my-lib");
j.put("username", "foo");
j.put("password", "foo-password");
String body = j.encodePrettily();
cli.post("/authn/login", body, res -> {
context.assertTrue(res.succeeded());
cli.setOkapiToken(cli.getRespHeaders().get(XOkapiHeaders.TOKEN));
cli.post("/_/tenant", "{}", res2 -> {
context.assertTrue(res2.failed());
async.complete();
});
});
}
@Test
public void testFilterResponse(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
headers.put(XOkapiHeaders.FILTER, "pre");
headers.put("X-filter-pre", "404");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.get("/normal", res -> {
context.assertTrue(res.failed());
context.assertEquals(ErrorType.NOT_FOUND, res.getType());
cli.close();
async.complete();
});
}
@Test
public void testFilterError(TestContext context) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
headers.put(XOkapiHeaders.FILTER, "pre");
headers.put("X-filter-pre-error", "true");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.get("/normal", res -> {
context.assertTrue(res.failed());
context.assertEquals(ErrorType.INTERNAL, res.getType());
cli.close();
async.complete();
});
}
@Test
public void testFilterRequestHeaders(TestContext context) {
for (String phase : Arrays.asList(XOkapiHeaders.FILTER_PRE,
XOkapiHeaders.FILTER_POST)) {
Async async = context.async();
HashMap<String, String> headers = new HashMap<>();
headers.put(XOkapiHeaders.URL, URL);
headers.put(XOkapiHeaders.TENANT, "my-lib");
headers.put(XOkapiHeaders.FILTER, phase);
headers.put("X-request-" + phase + "-error", "true");
headers.put(XOkapiHeaders.REQUEST_IP, "10.0.0.1");
headers.put(XOkapiHeaders.REQUEST_TIMESTAMP, "123");
headers.put(XOkapiHeaders.REQUEST_METHOD, "GET");
OkapiClient cli = new OkapiClient(URL, vertx, headers);
cli.get("/normal", res -> {
context.assertTrue(res.failed());
context.assertEquals(ErrorType.INTERNAL, res.getType());
cli.close();
async.complete();
});
}
}
}
