1 package com.atlassian.asap.core.server.springsecurity;
2
3 import org.junit.Test;
4 import org.springframework.http.HttpHeaders;
5 import org.springframework.mock.web.MockHttpServletRequest;
6
7 import static org.junit.Assert.assertFalse;
8 import static org.junit.Assert.assertTrue;
9
10 public class BearerTokenRequestMatcherTest {
11 private MockHttpServletRequest requestMock = new MockHttpServletRequest();
12
13 @Test
14 public void shouldRejectRequestWithoutAuthorizationHeader() {
15 assertFalse(new BearerTokenRequestMatcher().matches(requestMock));
16 }
17
18 @Test
19 public void shouldRejectRequestWithAuthorizationThatIsNotABearerToken() {
20 requestMock.addHeader(HttpHeaders.AUTHORIZATION, "not-a-bearer-token");
21 assertFalse(new BearerTokenRequestMatcher().matches(requestMock));
22 }
23
24 @Test
25 public void shouldAcceptRequestWithBearerTokenInTheAuthorizationHeader() {
26 requestMock.addHeader(HttpHeaders.AUTHORIZATION, "Bearer some-token");
27 assertTrue(new BearerTokenRequestMatcher().matches(requestMock));
28 }
29 }