View Javadoc

1   package com.atlassian.asap.service.core.service;
2   
3   import com.atlassian.asap.api.client.http.AuthorizationHeaderGenerator;
4   import com.atlassian.asap.core.keys.KeyProvider;
5   import com.atlassian.asap.core.validator.JwtClaimsValidator;
6   import com.atlassian.asap.service.api.AsapAuth;
7   import com.atlassian.asap.service.api.TokenValidator;
8   import com.atlassian.asap.service.api.ValidationResult;
9   import com.atlassian.asap.service.core.spi.AsapConfiguration;
10  import org.junit.Before;
11  import org.junit.Rule;
12  import org.junit.Test;
13  import org.junit.rules.TestName;
14  import org.mockito.Mock;
15  import org.mockito.junit.MockitoJUnit;
16  import org.mockito.junit.MockitoRule;
17  
18  import java.lang.reflect.Method;
19  import java.security.PublicKey;
20  import java.util.Optional;
21  
22  import static com.atlassian.asap.service.api.TokenValidator.Policy.OPTIONAL;
23  import static org.hamcrest.Matchers.sameInstance;
24  import static org.junit.Assert.assertNotNull;
25  import static org.junit.Assert.assertThat;
26  import static org.mockito.Mockito.doReturn;
27  import static org.mockito.Mockito.spy;
28  import static org.mockito.Mockito.verify;
29  import static org.mockito.Mockito.when;
30  
31  @SuppressWarnings("NullableProblems")
32  public class DefaultAsapServiceTest {
33      private static final String ISSUER1 = "ron";
34      private static final String ISSUER2 = "hermione";
35      private static final String KEY_ID = "ron/key1";
36      private static final String AUDIENCE1 = "harry";
37      private static final String AUDIENCE2 = "george";
38      private static final String TOKEN = "token";
39      private static final Optional<String> HEADER = Optional.of("Bearer " + TOKEN);
40  
41      @Rule
42      public final MockitoRule mockitoRule = MockitoJUnit.rule();
43      @Rule
44      public final TestName testName = new TestName();
45  
46      @Mock
47      private AsapConfiguration config;
48      @Mock
49      private JwtClaimsValidator jwtClaimsValidator;
50      @Mock
51      private KeyProvider<PublicKey> publicKeyProvider;
52      @Mock
53      private AuthorizationHeaderGenerator authorizationHeaderGenerator;
54      @Mock
55      private ValidationResult validationResult;
56  
57      private TokenValidator tokenValidator;
58      private DefaultAsapService asapService;
59  
60      @Before
61      public void setUp() {
62          when(config.issuer()).thenReturn(ISSUER1);
63          when(config.keyId()).thenReturn(KEY_ID);
64          when(config.audience()).thenReturn(AUDIENCE1);
65  
66          this.asapService = new DefaultAsapService(config, jwtClaimsValidator, publicKeyProvider, authorizationHeaderGenerator) {
67              @Override
68              public TokenValidator tokenValidator() {
69                  tokenValidator = spy(super.tokenValidator());
70                  doReturn(validationResult).when(tokenValidator).validate(HEADER);
71                  return tokenValidator;
72              }
73          };
74      }
75  
76      @AsapAuth
77      @Test
78      public void defaultAnnotationSettingsAreAppliedToValidator() {
79          callValidate();
80  
81          verify(tokenValidator).issuer();
82          verify(tokenValidator).impersonationIssuer();
83          verify(tokenValidator).subject();
84          //remove as soon as deprecated com.atlassian.asap.service.api.AsapAuth.subjectImpersonation is removed
85          verify(tokenValidator).subjectImpersonation(false);
86          verify(tokenValidator).audience();
87          verify(tokenValidator).policy(TokenValidator.Policy.REQUIRE);
88      }
89  
90      @AsapAuth(issuer = {ISSUER1, ISSUER2},
91              subject = {ISSUER2, ISSUER1},
92              subjectImpersonation = true,
93              audience = {AUDIENCE2},
94              policy = OPTIONAL)
95      @Test
96      //remove as soon as deprecated com.atlassian.asap.service.api.AsapAuth.subjectImpersonation is removed
97      public void customAnnotationSettingsAreAppliedToValidator() {
98          callValidate();
99  
100         verify(tokenValidator).issuer(ISSUER1, ISSUER2);
101         verify(tokenValidator).subject(ISSUER2, ISSUER1);
102         verify(tokenValidator).subjectImpersonation(true);
103         verify(tokenValidator).audience(AUDIENCE2);
104         verify(tokenValidator).policy(TokenValidator.Policy.OPTIONAL);
105     }
106 
107 
108     @AsapAuth(issuer = {ISSUER1, ISSUER2},
109             subject = {ISSUER2, ISSUER1},
110             impersonationIssuer = {ISSUER2},
111             audience = {AUDIENCE2},
112             policy = OPTIONAL)
113     @Test
114     public void impersonationAnnotationSettingsAreAppliedToValidator() {
115         callValidate();
116 
117         verify(tokenValidator).issuer(ISSUER1, ISSUER2);
118         verify(tokenValidator).impersonationIssuer(ISSUER2);
119         verify(tokenValidator).subject(ISSUER2, ISSUER1);
120         verify(tokenValidator).audience(AUDIENCE2);
121         verify(tokenValidator).policy(TokenValidator.Policy.OPTIONAL);
122     }
123 
124     private void callValidate() {
125         try {
126             final Method method = getClass().getMethod(testName.getMethodName());
127             final AsapAuth annotation = method.getAnnotation(AsapAuth.class);
128             assertNotNull("Test method wasn't annotated?", annotation);
129             assertThat(asapService.validate(annotation, HEADER), sameInstance(validationResult));
130         } catch (NoSuchMethodException e) {
131             throw new AssertionError(e);
132         }
133     }
134 }