Added functional test for authentication (#117)

ValentinTyhonov · web-flow · commit b33aa67be79b · 2018-06-15T14:52:30.000+03:00
diff --git a/pom.xml b/pom.xml
@@ -93,6 +93,12 @@
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-ldap</artifactId>
         </dependency>
+
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
         
         <dependency>
             <groupId>org.springframework.session</groupId>
@@ -310,7 +316,7 @@
 		              </configuration>
 	                </execution>
                 </executions>
-            </plugin>                                                
+            </plugin>
 
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
diff --git a/src/functionaltests/java/com/ericsson/ei/subscriptions/authentication/AuthenticationSteps.java b/src/functionaltests/java/com/ericsson/ei/subscriptions/authentication/AuthenticationSteps.java
@@ -0,0 +1,103 @@
+package com.ericsson.ei.subscriptions.authentication;
+
+import com.ericsson.ei.controller.AuthControllerImpl;
+import com.ericsson.ei.utils.FunctionalTestBase;
+import com.ericsson.ei.utils.TestLDAPInitializer;
+import cucumber.api.java.en.Given;
+import cucumber.api.java.en.Then;
+import cucumber.api.java.en.When;
+import org.apache.commons.io.FileUtils;
+import org.apache.tomcat.util.codec.binary.Base64;
+import org.apache.tomcat.util.codec.binary.StringUtils;
+import org.json.JSONObject;
+import org.junit.Ignore;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+
+import java.io.File;
+
+import static org.junit.Assert.assertEquals;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@Ignore
+@AutoConfigureMockMvc
+@ContextConfiguration(initializers = TestLDAPInitializer.class)
+public class AuthenticationSteps extends FunctionalTestBase {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationSteps.class);
+    private static final String SUBSCRIPTION = "src/functionaltests/resources/subscription_single.json";
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @Autowired
+    private AuthControllerImpl authController;
+
+    private MvcResult mvcResult;
+
+    private String requestBody;
+
+    @Given("^LDAP is activated$")
+    public void ldap_is_activated() throws Throwable {
+        String responseBody = new JSONObject().put("security", true).toString();
+        mockMvc.perform(MockMvcRequestBuilders.get("/auth")
+            .accept(MediaType.APPLICATION_JSON_VALUE))
+            .andExpect(status().isOk())
+            .andExpect(content().string(responseBody))
+            .andReturn();
+        requestBody = FileUtils.readFileToString(new File(SUBSCRIPTION), "UTF-8");
+    }
+
+    @When("^make a POST request to the subscription REST API \"(/\\w+)\" without credentials$")
+    public void make_a_post_request_to_the_subscription_rest_api_without_credentials(String endpoint) throws Throwable {
+        mvcResult = mockMvc.perform(MockMvcRequestBuilders.post(endpoint)
+            .accept(MediaType.APPLICATION_JSON)
+            .content(requestBody)
+            .contentType(MediaType.APPLICATION_JSON))
+            .andReturn();
+    }
+
+    @Then("^get response code of (\\d+) and subscription with name \"(\\w+)\" is not created$")
+    public void get_response_code_of_and_subscription_with_name_is_not_created(int statusCode, String subscriptionName) throws Throwable {
+        assertEquals(statusCode, mvcResult.getResponse().getStatus());
+        mockMvc.perform(MockMvcRequestBuilders.get("/subscriptions/" + subscriptionName)
+            .accept(MediaType.APPLICATION_JSON_VALUE))
+            .andExpect(status().isBadRequest())
+            .andExpect(content().string("[]"))
+            .andReturn();
+    }
+    ///Scenario:1 ends ===============================================================================
+
+    @When("^make a POST request to the subscription REST API \"(/\\w+)\" with username \"(\\w+)\" and password \"(\\w+)\"")
+    public void make_a_post_request_to_the_subscription_rest_api_with_username_and_password(String endpoint, String username, String password) throws Throwable {
+        String auth = username + ":" + password;
+        String encodedAuth = StringUtils.newStringUtf8(Base64.encodeBase64(auth.getBytes()));
+
+        mvcResult = mockMvc.perform(MockMvcRequestBuilders.post(endpoint)
+            .header(HttpHeaders.AUTHORIZATION, "Basic " + encodedAuth)
+            .accept(MediaType.APPLICATION_JSON)
+            .content(requestBody)
+            .contentType(MediaType.APPLICATION_JSON))
+            .andReturn();
+    }
+
+    @Then("^get response code of (\\d+) and subscription with name \"(\\w+)\" is created$")
+    public void get_response_code_of_and_subscription_with_name_is_created(int statusCode, String subscriptionName) throws Throwable {
+        assertEquals(statusCode, mvcResult.getResponse().getStatus());
+        mockMvc.perform(MockMvcRequestBuilders.get("/subscriptions/" + subscriptionName)
+            .accept(MediaType.APPLICATION_JSON_VALUE))
+            .andExpect(status().isOk())
+            .andReturn();
+    }
+    ///Scenario:2 ends ===============================================================================
+
+}
diff --git a/src/functionaltests/java/com/ericsson/ei/subscriptions/authentication/TestAuthenticationRunner.java b/src/functionaltests/java/com/ericsson/ei/subscriptions/authentication/TestAuthenticationRunner.java
@@ -0,0 +1,15 @@
+package com.ericsson.ei.subscriptions.authentication;
+
+import cucumber.api.CucumberOptions;
+import cucumber.api.junit.Cucumber;
+import org.junit.runner.RunWith;
+
+@RunWith(Cucumber.class)
+@CucumberOptions(features = "src/functionaltests/resources/features/authentication.feature", glue = {
+    "com.ericsson.ei.subscriptions.authentication" }, plugin = { "pretty",
+    "html:target/cucumber-reports/TestSubscriptionCRUDRunner" }, monochrome = false)
+public class TestAuthenticationRunner {
+
+
+
+}
diff --git a/src/functionaltests/java/com/ericsson/ei/utils/TestConfigs.java b/src/functionaltests/java/com/ericsson/ei/utils/TestConfigs.java
@@ -7,6 +7,8 @@
 import java.io.File;
 import java.io.IOException;
 
+import org.apache.tomcat.util.codec.binary.Base64;
+import org.apache.tomcat.util.codec.binary.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.amqp.core.BindingBuilder;
@@ -76,6 +78,17 @@ MongoClient mongoClient() throws IOException {
         return null;
     }
 
+    @Bean
+    void setAuthorization() {
+        String password = StringUtils.newStringUtf8(Base64.encodeBase64("password".getBytes()));
+        System.setProperty("ldap.enabled", "true");
+        System.setProperty("ldap.url", "ldap://ldap.forumsys.com:389/dc=example,dc=com");
+        System.setProperty("ldap.base.dn", "dc=example,dc=com");
+        System.setProperty("ldap.username", "cn=read-only-admin,dc=example,dc=com");
+        System.setProperty("ldap.password", password);
+        System.setProperty("ldap.user.filter", "uid={0}");
+    }
+
     public void createExchange(final String exchangeName, final String queueName) {
         final CachingConnectionFactory ccf = new CachingConnectionFactory(cf);
         RabbitAdmin admin = new RabbitAdmin(ccf);
diff --git a/src/functionaltests/java/com/ericsson/ei/utils/TestLDAPInitializer.java b/src/functionaltests/java/com/ericsson/ei/utils/TestLDAPInitializer.java
@@ -0,0 +1,21 @@
+package com.ericsson.ei.utils;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+
+public class TestLDAPInitializer extends TestConfigs
+        implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(TestLDAPInitializer.class);
+
+    @Override
+    public void initialize(ConfigurableApplicationContext ac) {
+        try {
+            setAuthorization();
+        } catch (Exception e) {
+            LOGGER.error(e.getMessage(), e);
+        }
+    }
+}
diff --git a/src/functionaltests/resources/features/authentication.feature b/src/functionaltests/resources/features/authentication.feature
@@ -0,0 +1,32 @@
+#Author: valentin.tyhonov@ericsson.com
+#Keywords Summary :
+#Feature: List of scenarios.
+#Scenario: Business rule through list of steps with arguments.
+#Given: Some precondition step
+#When: Some key actions
+#Then: To observe outcomes or validation
+#And,But: To enumerate more Given,When,Then steps
+#Scenario Outline: List of steps for data-driven as an Examples and <placeholder>
+#Examples: Container for s table
+#Background: List of steps run before each of the scenarios
+#""" (Doc Strings)
+#| (Data Tables)
+#@ (Tags/Labels):To group Scenarios
+#<> (placeholder)
+#""
+## (Comments)
+#Sample Feature Definition Template
+@tag
+Feature: Test Authentication
+
+  @tag1
+  Scenario: Call an REST API without credentials
+    Given LDAP is activated
+    When make a POST request to the subscription REST API "/subscriptions" without credentials
+    Then get response code of 401 and subscription with name "Subscription_Test" is not created
+
+  @tag2
+  Scenario: Call an REST API with credentials
+    Given LDAP is activated
+    When make a POST request to the subscription REST API "/subscriptions" with username "gauss" and password "password"
+    Then get response code of 200 and subscription with name "Subscription_Test" is created
diff --git a/src/main/java/com/ericsson/ei/controller/SubscriptionControllerImpl.java b/src/main/java/com/ericsson/ei/controller/SubscriptionControllerImpl.java
@@ -27,8 +27,6 @@
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.PathVariable;
