use of io.gravitee.gateway.api.Request in project gravitee-gateway by gravitee-io.
the class SecurityProviderManagerTest method shouldResolveSecurityPolicy2.
@Test
public void shouldResolveSecurityPolicy2() {
Request request = mock(Request.class);
AuthenticationHandler securityProvider1 = mock(AuthenticationHandler.class);
when(securityProvider1.name()).thenReturn("keyless");
when(securityProvider1.order()).thenReturn(1000);
AuthenticationHandler securityProvider2 = mock(AuthenticationHandler.class);
when(securityProvider2.name()).thenReturn("apikey");
when(securityProvider2.canHandle(request)).thenReturn(true);
when(securityProvider2.order()).thenReturn(500);
when(securityProviderLoader.getSecurityProviders()).thenReturn(Arrays.asList(securityProvider1, securityProvider2));
securityManager.initializeSecurityProviders();
AuthenticationHandler securityProvider = securityManager.resolve(request);
assertEquals(securityProvider2, securityProvider);
}
use of io.gravitee.gateway.api.Request in project gravitee-gateway by gravitee-io.
the class JWTAuthenticationHandlerTest method shouldNotHandleRequest_noBearerAuthorizationHeader.
@Test
public void shouldNotHandleRequest_noBearerAuthorizationHeader() {
HttpHeaders headers = new HttpHeaders();
Request request = mock(Request.class);
when(request.headers()).thenReturn(headers);
headers.add(HttpHeaders.AUTHORIZATION, "Basic xxx-xx-xxx-xx-xx");
boolean handle = authenticationHandler.canHandle(request);
Assert.assertFalse(handle);
}
use of io.gravitee.gateway.api.Request in project gravitee-gateway by gravitee-io.
the class JWTAuthenticationHandlerTest method shouldNotHandleRequest_noAuthorizationHeader.
@Test
public void shouldNotHandleRequest_noAuthorizationHeader() {
Request request = mock(Request.class);
when(request.headers()).thenReturn(new HttpHeaders());
boolean handle = authenticationHandler.canHandle(request);
Assert.assertFalse(handle);
}
use of io.gravitee.gateway.api.Request in project gravitee-gateway by gravitee-io.
the class CheckSubscriptionPolicyTest method shouldReturnUnauthorized_onException.
@Test
public void shouldReturnUnauthorized_onException() throws PolicyException, TechnicalException {
CheckSubscriptionPolicy policy = new CheckSubscriptionPolicy();
Request request = mock(Request.class);
Response response = mock(Response.class);
PolicyChain policyChain = mock(PolicyChain.class);
ExecutionContext executionContext = mock(ExecutionContext.class);
SubscriptionRepository subscriptionRepository = mock(SubscriptionRepository.class);
when(executionContext.getComponent(SubscriptionRepository.class)).thenReturn(subscriptionRepository);
when(subscriptionRepository.search(any(SubscriptionCriteria.class))).thenThrow(TechnicalException.class);
policy.onRequest(request, response, policyChain, executionContext);
verify(policyChain, times(1)).failWith(argThat(statusCode(HttpStatusCode.UNAUTHORIZED_401)));
}
use of io.gravitee.gateway.api.Request in project gravitee-gateway by gravitee-io.
the class CheckSubscriptionPolicyTest method shouldReturnUnauthorized_badClient.
@Test
public void shouldReturnUnauthorized_badClient() throws PolicyException, TechnicalException {
CheckSubscriptionPolicy policy = new CheckSubscriptionPolicy();
Request request = mock(Request.class);
Response response = mock(Response.class);
PolicyChain policyChain = mock(PolicyChain.class);
ExecutionContext executionContext = mock(ExecutionContext.class);
when(executionContext.getAttribute(CheckSubscriptionPolicy.CONTEXT_ATTRIBUTE_CLIENT_ID)).thenReturn("my-client-id");
SubscriptionRepository subscriptionRepository = mock(SubscriptionRepository.class);
when(executionContext.getComponent(SubscriptionRepository.class)).thenReturn(subscriptionRepository);
Subscription subscription = mock(Subscription.class);
when(subscription.getClientId()).thenReturn("my-bad-client-id");
when(subscriptionRepository.search(any(SubscriptionCriteria.class))).thenReturn(Collections.singletonList(subscription));
policy.onRequest(request, response, policyChain, executionContext);
verify(policyChain, times(1)).failWith(argThat(statusCode(HttpStatusCode.UNAUTHORIZED_401)));
}
Aggregations