private void tryAuth(HttpServletRequest httpRequest, ServletResponse response, FilterChain chain) throws IOException, ServletException { authenticationFilter.doFilter(httpRequest, response, chain); }
@Test public void filterShouldReturnUnauthorizedOnNullAuthorizationHeader() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn(null); testee.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void filterShouldReturnUnauthorizedOnBadAuthorizationHeader() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn("bad"); testee.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void filterShouldReturnUnauthorizedOnInvalidAuthorizationHeader() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); testee.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void filterShouldNotCallNestedFilterOnOptions() throws Exception { when(mockedRequest.getMethod()) .thenReturn("OPTIONS"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter, never()).doFilter(mockedRequest, null, filterChain); }
@Test public void filterShouldNotCallNestedFilterOnPost() throws Exception { when(mockedRequest.getMethod()) .thenReturn("POST"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter, never()).doFilter(mockedRequest, null, filterChain); }
@Test public void filterShouldCallNestedFilterOnGet() throws Exception { when(mockedRequest.getMethod()) .thenReturn("GET"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter).doFilter(mockedRequest, null, filterChain); }
@Test public void filterShouldReturnUnauthorizedWhenNoStrategy() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void filterShouldChainOnValidAuthorizationHeader() throws Exception { AccessToken token = AccessToken.fromString(TOKEN); when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); accessTokenRepository.addToken("user@domain.tld", token).join(); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(true)), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(filterChain).doFilter(any(ServletRequest.class), eq(mockedResponse)); }
@Test public void filterShouldChainAuthorizationStrategy() throws Exception { AccessToken token = AccessToken.fromString(TOKEN); when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); accessTokenRepository.addToken("user@domain.tld", token).join(); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(false), new FakeAuthenticationStrategy(true)), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(filterChain).doFilter(any(ServletRequest.class), eq(mockedResponse)); }