View Javadoc

1   package com.atlassian.asap.core.server.springsecurity;
2   
3   import com.atlassian.asap.api.Jwt;
4   import com.atlassian.asap.api.JwtBuilder;
5   import com.atlassian.asap.core.validator.JwtValidator;
6   import org.junit.Before;
7   import org.junit.Test;
8   import org.junit.runner.RunWith;
9   import org.mockito.Mock;
10  import org.mockito.runners.MockitoJUnitRunner;
11  import org.springframework.security.core.GrantedAuthority;
12  import org.springframework.security.core.authority.SimpleGrantedAuthority;
13  
14  import java.util.Collection;
15  import java.util.Collections;
16  import java.util.Optional;
17  
18  import static org.hamcrest.MatcherAssert.assertThat;
19  import static org.hamcrest.Matchers.emptyCollectionOf;
20  import static org.hamcrest.Matchers.equalTo;
21  
22  @RunWith(MockitoJUnitRunner.class)
23  public class IssuerAndSubjectWhitelistAsapAuthenticationProviderTest {
24      private static final Collection<String> VALID_ISSUERS = Collections.singleton("valid-issuer");
25      private static final Collection<String> VALID_SUBJECTS = Collections.singleton("valid-subject");
26      private static final Collection<GrantedAuthority> AUTHORITIES =
27              Collections.singleton(new SimpleGrantedAuthority("auth"));
28      private static final Jwt VALID_TOKEN = JwtBuilder.newJwt()
29              .issuer("valid-issuer").subject(Optional.of("valid-subject")).audience("aud").keyId("valid-issuer/key1")
30              .build();
31  
32      @Mock
33      private JwtValidator jwtValidator;
34  
35      private IssuerAndSubjectWhitelistAsapAuthenticationProvider sut;
36  
37      @Before
38      public void createSut() {
39          sut = new IssuerAndSubjectWhitelistAsapAuthenticationProvider(jwtValidator, VALID_ISSUERS, VALID_SUBJECTS, AUTHORITIES);
40      }
41  
42      @Test
43      public void shouldGrantAuthoritiesIfIssuerAndSubjectAreWhitelisted() {
44          assertThat(sut.getGrantedAuthorities(VALID_TOKEN), equalTo(AUTHORITIES));
45      }
46  
47      @Test
48      public void shouldGrantNoAuthoritiesIfIssuerIsNotWhitelisted() {
49          Jwt jwt = JwtBuilder.copyJwt(VALID_TOKEN).issuer("not-valid-issuer").build();
50          assertThat(sut.getGrantedAuthorities(jwt), emptyCollectionOf(GrantedAuthority.class));
51      }
52  
53      @Test
54      public void shouldGrantNoAuthoritiesIfSubjectIsNotWhitelisted() {
55          Jwt jwt = JwtBuilder.copyJwt(VALID_TOKEN).subject(Optional.of("not-valid-subject")).build();
56          assertThat(sut.getGrantedAuthorities(jwt), emptyCollectionOf(GrantedAuthority.class));
57      }
58  }