@Test public void filterShouldReturnUnauthorizedWhenNoStrategy() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Before public void setup() throws Exception { mockedRequest = mock(HttpServletRequest.class); mockedResponse = mock(HttpServletResponse.class); accessTokenRepository = new MemoryAccessTokenRepository(TimeUnit.MILLISECONDS.convert(1, TimeUnit.HOURS)); when(mockedRequest.getMethod()).thenReturn("POST"); List<AuthenticationStrategy> fakeAuthenticationStrategies = ImmutableList.of(new FakeAuthenticationStrategy(false)); testee = new AuthenticationFilter(fakeAuthenticationStrategies, new NoopMetricFactory()); filterChain = mock(FilterChain.class); }
@Test public void filterShouldChainOnValidAuthorizationHeader() throws Exception { AccessToken token = AccessToken.fromString(TOKEN); when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); accessTokenRepository.addToken("user@domain.tld", token).join(); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(true)), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(filterChain).doFilter(any(ServletRequest.class), eq(mockedResponse)); }
@Test public void filterShouldChainAuthorizationStrategy() throws Exception { AccessToken token = AccessToken.fromString(TOKEN); when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); accessTokenRepository.addToken("user@domain.tld", token).join(); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(false), new FakeAuthenticationStrategy(true)), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(filterChain).doFilter(any(ServletRequest.class), eq(mockedResponse)); }