/*
* Copyright 2015-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package be.ordina.msdashboard.security;
import org.junit.Test;
import be.ordina.msdashboard.configuration.CommonConfiguration;
import org.springframework.boot.autoconfigure.AutoConfigurations;
import org.springframework.boot.test.context.runner.ApplicationContextRunner;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import static org.assertj.core.api.Assertions.assertThat;
/**
* @author Tim Ysewyn
*/
public class SecurityConfigurationTests {
private static final String BASIC_PREFIX = "ms-dashboard.security.basic.client";
private static final String REGISTRATION_PREFIX = "spring.security.oauth2.client.registration.ms-dashboard";
private static final String PROVIDER_PREFIX = "spring.security.oauth2.client.provider";
private ApplicationContextRunner contextRunner = new ApplicationContextRunner()
.withConfiguration(AutoConfigurations.of(
SecurityConfiguration.class,
CommonConfiguration.class));
@Test
public void shouldNotConfigureAnyAuthFilter() {
this.contextRunner.run(context -> {
assertThat(context.containsBean("machine-to-machine-web-client")).isTrue();
assertThat(context.containsBean("ms-dashboard-m2m-basic-filter")).isFalse();
assertThat(context.containsBean("ms-dashboard-m2m-oauth-filter")).isFalse();
assertThat(context.getBeansOfType(ReactiveClientRegistrationRepository.class)).isEmpty();
});
}
@Test
public void shouldNotConfigureBeanWithBasicAuth() {
this.contextRunner
.withPropertyValues(BASIC_PREFIX + ".username=user")
.run(context -> {
assertThat(context.containsBean("machine-to-machine-web-client")).isTrue();
assertThat(context.containsBean("ms-dashboard-m2m-basic-filter")).isFalse();
});
this.contextRunner
.withPropertyValues(BASIC_PREFIX + ".password=password")
.run(context -> {
assertThat(context.containsBean("machine-to-machine-web-client")).isTrue();
assertThat(context.containsBean("ms-dashboard-m2m-basic-filter")).isFalse();
});
}
@Test
public void shouldConfigureBeanWithBasicAuth() {
this.contextRunner
.withPropertyValues(BASIC_PREFIX + ".username=user", BASIC_PREFIX + ".password=password")
.run(context -> {
assertThat(context.containsBean("machine-to-machine-web-client")).isTrue();
assertThat(context.containsBean("ms-dashboard-m2m-basic-filter")).isTrue();
});
}
@Test
public void shouldConfigureBeanWithOAuthUsingGitHubAsProvider() {
this.contextRunner
.withPropertyValues(REGISTRATION_PREFIX + ".client-id=ms-dashboard",
REGISTRATION_PREFIX + ".client-secret=secret",
REGISTRATION_PREFIX + ".provider=github")
.run(context -> {
assertThat(context.containsBean("machine-to-machine-web-client")).isTrue();
assertThat(context.containsBean("ms-dashboard-m2m-oauth-filter")).isTrue();
assertThat(context.getBeansOfType(ReactiveClientRegistrationRepository.class)).isNotEmpty();
});
}
@Test
public void shouldConfigureBeanWithOAuthUsingCustomProvider() {
this.contextRunner
.withPropertyValues(REGISTRATION_PREFIX + ".client-id=ms-dashboard",
REGISTRATION_PREFIX + ".client-secret=secret",
REGISTRATION_PREFIX + ".provider=keycloak",
REGISTRATION_PREFIX + ".authorization-grant-type=client_credentials",
PROVIDER_PREFIX + ".keycloak.authorization-uri=http://authorization-uri.com",
PROVIDER_PREFIX + ".keycloak.token-uri=http://token-uri.com",
PROVIDER_PREFIX + ".keycloak.user-info-uri=userInfoUri",
PROVIDER_PREFIX + ".keycloak.user-name-attribute-name=login")
.run(context -> {
assertThat(context.containsBean("machine-to-machine-web-client")).isTrue();
assertThat(context.containsBean("ms-dashboard-m2m-oauth-filter")).isTrue();
assertThat(context.getBeansOfType(ReactiveClientRegistrationRepository.class)).isNotEmpty();
});
}
}
