Examples with EchoResponse io.apiman.test.common.mock.EchoResponse used on opensource projects

Example 1 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class JWTPolicyTest method signedValidTokenStripAuth.

@Test
@Configuration("{\n" + "  \"requireJWT\": true,\n" + "  \"requireSigned\": true,\n" + "  \"requireTransportSecurity\": true,\n" + "  \"stripTokens\": true,\n" + "  \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + "  \"allowedClockSkew\": 0,\n" + "  \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }]\n" + "}")
public void signedValidTokenStripAuth() throws Throwable {
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, "Bearer " + signedToken(PRIVATE_KEY_PEM));
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
    Assert.assertNull(echo.getHeaders().get(AUTHORIZATION));
}

Example 2 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class JWTPolicyTest method unsignedValidTokenHeader.

@Test
@Configuration("{\n" + "  \"requireJWT\": true,\n" + "  \"requireSigned\": false,\n" + "  \"requireTransportSecurity\": true,\n" + "  \"stripTokens\": true,\n" + "  \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + "  \"allowedClockSkew\": 0,\n" + "  \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }]\n" + "}")
public void unsignedValidTokenHeader() throws Throwable {
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, "Bearer " + unsignedToken());
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
}

Example 3 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class JWTPolicyTest method shouldForwardAccessTokenAsHeader.

@Test
@Configuration("{\n" + "  \"requireJWT\": true,\n" + "  \"requireSigned\": false,\n" + "  \"requireTransportSecurity\": true,\n" + "  \"stripTokens\": true,\n" + "  \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + "  \"allowedClockSkew\": 0,\n" + "  \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }],\n" + "  \"forwardAuthInfo\": [{ \"header\": \"X-Foo\", \"field\": \"access_token\" }]\n" + "}")
public void shouldForwardAccessTokenAsHeader() throws Throwable {
    String token = unsignedToken();
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, "Bearer " + token);
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
    Assert.assertEquals(token, echo.getHeaders().get("X-Foo"));
}

Example 4 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class TestPolicyTest method testApplyApiRequestIPolicyContextObjectIPolicyChainOfApiRequest.

/**
 * Test method for {@link io.apiman.plugins.test_policy.TestPolicy#apply(io.apiman.gateway.engine.beans.ApiRequest, io.apiman.gateway.engine.policy.IPolicyContext, java.lang.Object, io.apiman.gateway.engine.policy.IPolicyChain)}.
 */
@Test
@Configuration("{}")
public void testApplyApiRequestIPolicyContextObjectIPolicyChainOfApiRequest() throws Throwable {
    PolicyTestResponse response = send(PolicyTestRequest.build(PolicyTestRequestType.GET, "/some/resource"));
    Assert.assertEquals(200, response.code());
    EchoResponse entity = response.entity(EchoResponse.class);
    Assert.assertEquals("true", entity.getHeaders().get("Test-Policy"));
}

Example 5 with EchoResponse

use of io.apiman.test.common.mock.EchoResponse in project apiman-plugins by apiman.

the class SoapAuthorizationPolicyTest method testAction.

@Test
@Configuration("{\r\n" + " \"requestUnmatched\" : \"pass\"," + "  \"rules\" : [\r\n" + "    { \"action\" : \"reportIncident\", \"role\" : \"the-role\" }\r\n" + "  ]\r\n" + "}")
public void testAction() throws Throwable {
    HashSet<String> userRoles = new HashSet<>();
    userRoles.add("other-role");
    // Should Succeed
    PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/auth/my-items");
    request.header("SOAPAction", "closeIncident");
    request.contextAttribute(SoapAuthorizationPolicy.AUTHENTICATED_USER_ROLES, userRoles);
    PolicyTestResponse response = send(request);
    EchoResponse echo = response.entity(EchoResponse.class);
    Assert.assertNotNull(echo);
    // Should Fail
    request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/auth/my-items");
    try {
        request.header("SOAPAction", "reportIncident");
        request.contextAttribute(SoapAuthorizationPolicy.AUTHENTICATED_USER_ROLES, userRoles);
        send(request);
        Assert.fail("Expected a failure response!");
    } catch (PolicyFailureError failure) {
        PolicyFailure policyFailure = failure.getFailure();
        Assert.assertNotNull(policyFailure);
        Assert.assertEquals(PolicyFailureType.Authorization, policyFailure.getType());
    }
}