1 package com.atlassian.asap.core.server.filter;
2
3 import com.atlassian.asap.api.Jwt;
4 import com.google.common.collect.ImmutableMap;
5 import org.junit.Test;
6
7 import java.util.Map;
8 import java.util.function.Predicate;
9
10 import static com.atlassian.asap.core.server.filter.IssuerAndSubjectAwareRequestAuthorizationFilterTest.getJwt;
11 import static org.hamcrest.MatcherAssert.assertThat;
12 import static org.hamcrest.Matchers.is;
13
14 public class RulesAwareRequestAuthorizationFilterTest {
15 @Test
16 public void issuerCanBeAuthorized() throws Exception {
17 Map<String, Predicate<Jwt>> rules = ImmutableMap.of("good/issuer", (jwt) -> true);
18 RulesAwareRequestAuthorizationFilter filter = new RulesAwareRequestAuthorizationFilter(rules);
19 Jwt jwt = getJwt("good/issuer", null);
20
21 assertThat(filter.isAuthorized(null, jwt), is(true));
22 }
23
24 @Test
25 public void issuerCanBeRejected() throws Exception {
26 Map<String, Predicate<Jwt>> rules = ImmutableMap.of("bad/issuer", (jwt) -> false);
27 RulesAwareRequestAuthorizationFilter filter = new RulesAwareRequestAuthorizationFilter(rules);
28 Jwt jwt = getJwt("bad/issuer", null);
29
30 assertThat(filter.isAuthorized(null, jwt), is(false));
31 }
32
33 @Test
34 public void unlistedIssuerIsRejected() throws Exception {
35 Map<String, Predicate<Jwt>> rules = ImmutableMap.of("good/issuer", (jwt) -> true);
36 RulesAwareRequestAuthorizationFilter filter = new RulesAwareRequestAuthorizationFilter(rules);
37 Jwt jwt = getJwt("bad/issuer", null);
38
39 assertThat(filter.isAuthorized(null, jwt), is(false));
40 }
41
42 @Test
43 public void correctJwtIsPassedThrough() throws Exception {
44 Jwt jwt = getJwt("good/issuer", null);
45
46 Map<String, Predicate<Jwt>> rules = ImmutableMap.of("good/issuer", (passedJwt) -> {
47 assert passedJwt.equals(jwt);
48 return true;
49 });
50 new RulesAwareRequestAuthorizationFilter(rules).isAuthorized(null, jwt);
51 }
52 }