Example 11 with Headers
use of io.restassured.http.Headers in project okapi by folio-org.
the class ModuleTest method testSystemInterfaces.
/**
* Test system interfaces. Mostly about the system interfaces _tenant (on the
* module itself, to initialize stuff), and _tenantPermissions to pass its
* permissions to the permissions module.
*
* @param context
*/
@Test
public void testSystemInterfaces(TestContext context) {
async = context.async();
checkDbIsEmpty("testSystemInterfaces starting", context);
RestAssuredClient c;
Response r;
// Set up a tenant to test with
final String locTenant = createTenant();
// Enable the Okapi internal module for our tenant.
// This is not unlike what happens to the superTenant, who has the internal
// module enabled from the boot up, before anyone can provide the
// _tenantPermissions interface. Its permissions should be (re)loaded
// when our Hdr module gets enabled.
final String locInternal = enableModule("okapi-0.0.0");
// Set up a module that does the _tenantPermissions interface that will
// get called when sample gets enabled. We (ab)use the header module for
// this.
final String testHdrJar = "../okapi-test-header-module/target/okapi-test-header-module-fat.jar";
final String docHdrModule = "{" + LS + " \"id\" : \"header-1\"," + LS + " \"name\" : \"header-module\"," + LS + " \"provides\" : [ {" + LS + " \"id\" : \"_tenantPermissions\"," + LS + " \"version\" : \"1.0\"," + LS + " \"interfaceType\" : \"system\"," + LS + " \"handlers\" : [ {" + LS + " \"methods\" : [ \"POST\" ]," + LS + " \"path\" : \"/_/tenantPermissions\"," + LS + " \"level\" : \"20\"" + LS + " } ]" + LS + " } ]," + LS + " \"launchDescriptor\" : {" + LS + " \"exec\" : \"java -Dport=%p -jar " + testHdrJar + "\"" + LS + " }" + LS + "}";
// Create, deploy, and enable the header module
final String locHdrModule = createModule(docHdrModule);
locationHeaderDeployment = deployModule("header-1");
final String docEnableHdr = "{" + LS + " \"id\" : \"header-1\"" + LS + "}";
// Enable the header module. Check that tenantPermissions gets called
// both for header module, and the already-enabled okapi internal module.
Headers headers = given().header("Content-Type", "application/json").body(docEnableHdr).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().extract().headers();
final String locHdrEnable = headers.getValue("Location");
List<Header> list = headers.getList("X-Tenant-Perms-Result");
// one for okapi, one for header-1
Assert.assertEquals(2, list.size());
Assert.assertThat("okapi perm result", list.get(0).getValue(), containsString("okapi.all"));
Assert.assertThat("header-1perm result", list.get(1).getValue(), containsString("header-1"));
// Set up the test module
// It provides a _tenant interface, but no _tenantPermissions
// Enabling it will end up invoking the _tenantPermissions in header-module
final String testModJar = "../okapi-test-module/target/okapi-test-module-fat.jar";
final String docSampleModule = "{" + LS + " \"id\" : \"sample-module-1\"," + LS + " \"name\" : \"sample module\"," + LS + " \"provides\" : [ {" + LS + " \"id\" : \"sample\"," + LS + " \"version\" : \"1.0\"," + LS + " \"handlers\" : [ {" + LS + " \"methods\" : [ \"GET\", \"POST\" ]," + LS + " \"path\" : \"/testb\"," + LS + " \"level\" : \"30\"," + LS + " \"type\" : \"request-response\"," + LS + " \"permissionsRequired\" : [ \"sample.needed\" ]," + LS + " \"permissionsDesired\" : [ \"sample.extra\" ]," + LS + " \"modulePermissions\" : [ \"sample.modperm\" ]" + LS + " } ]" + LS + " }, {" + LS + " \"id\" : \"_tenant\"," + LS + " \"version\" : \"1.0\"," + LS + " \"interfaceType\" : \"system\"," + LS + " \"handlers\" : [ {" + LS + " \"methods\" : [ \"POST\", \"DELETE\" ]," + LS + " \"path\" : \"/_/tenant\"," + LS + " \"level\" : \"10\"," + LS + " \"type\" : \"system\"," + LS + " \"modulePermissions\" : [ \"sample.tenantperm\" ]" + LS + " } ]" + LS + " } ]," + LS + " \"permissionSets\" : [ {" + LS + " \"permissionName\" : \"everything\"," + LS + " \"displayName\" : \"every possible permission\"," + LS + " \"description\" : \"All permissions combined\"," + LS + " \"subPermissions\" : [ \"sample.needed\", \"sample.extra\" ]," + LS + " \"visible\" : true" + LS + " } ]," + LS + " \"launchDescriptor\" : {" + LS + " \"exec\" : \"java -Dport=%p -jar " + testModJar + "\"" + LS + " }" + LS + "}";
// Create and deploy the sample module
final String locSampleModule = createModule(docSampleModule);
locationSampleDeployment = deployModule("sample-module-1");
// Enable the sample module. Verify that the _tenantPermissions gets
// invoked.
final String docEnable = "{" + LS + " \"id\" : \"sample-module-1\"" + LS + "}";
final String expPerms = "{ " + "\"moduleId\" : \"sample-module-1\", " + "\"perms\" : [ { " + "\"permissionName\" : \"everything\", " + "\"displayName\" : \"every possible permission\", " + "\"description\" : \"All permissions combined\", " + "\"subPermissions\" : [ \"sample.needed\", \"sample.extra\" ], " + "\"visible\" : true " + "} ] }";
String locSampleEnable = given().header("Content-Type", "application/json").body(docEnable).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().header("X-Tenant-Perms-Result", expPerms).extract().header("Location");
// Try with a minimal MD, to see we don't have null pointers hanging around
final String docSampleModule2 = "{" + LS + " \"id\" : \"sample-module2-1\"," + LS + " \"name\" : \"sample module2\"," + LS + " \"launchDescriptor\" : {" + LS + " \"exec\" : \"java -Dport=%p -jar " + testModJar + "\"" + LS + " }" + LS + "}";
// Create the sample module
final String locSampleModule2 = createModule(docSampleModule2);
final String locationSampleDeployment2 = deployModule("sample-module2-1");
// Enable the small module. Verify that the _tenantPermissions gets
// invoked.
final String docEnable2 = "{" + LS + " \"id\" : \"sample-module2-1\"" + LS + "}";
final String expPerms2 = "{ " + "\"moduleId\" : \"sample-module2-1\", " + "\"perms\" : null }";
String locSampleEnable2 = given().header("Content-Type", "application/json").body(docEnable2).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().header("X-Tenant-Perms-Result", expPerms2).extract().header("Location");
// Tests to see that we get a new auth token for the system calls
// Disable sample, so we can re-enable it after we have established auth
given().delete(locSampleEnable).then().log().ifValidationFails().statusCode(204);
locSampleEnable = null;
// Declare and enable test-auth
final String testAuthJar = "../okapi-test-auth-module/target/okapi-test-auth-module-fat.jar";
final String docAuthModule = "{" + LS + " \"id\" : \"auth-1\"," + LS + " \"name\" : \"auth\"," + LS + " \"provides\" : [ {" + LS + " \"id\" : \"auth\"," + LS + " \"version\" : \"1.2\"," + LS + " \"handlers\" : [ {" + LS + " \"methods\" : [ \"POST\" ]," + LS + " \"path\" : \"/authn/login\"," + LS + " \"level\" : \"20\"," + LS + " \"type\" : \"request-response\"" + LS + " } ]" + LS + " } ]," + LS + " \"filters\" : [ {" + LS + " \"methods\" : [ \"*\" ]," + LS + " \"path\" : \"/\"," + LS + " \"phase\" : \"auth\"," + LS + " \"type\" : \"request-response\"," + // Headers-only ?
LS + " \"permissionsDesired\" : [ \"auth.extra\" ]" + LS + " } ]," + LS + " \"requires\" : [ ]," + LS + " \"launchDescriptor\" : {" + LS + " \"exec\" : \"java -Dport=%p -jar " + testAuthJar + "\"" + LS + " }" + LS + "}";
final String docEnableAuth = "{" + LS + " \"id\" : \"auth-1\"" + LS + "}";
final String locAuthModule = createModule(docAuthModule);
final String locAuthDeployment = deployModule("auth-1");
final String locAuthEnable = given().header("Content-Type", "application/json").body(docEnableAuth).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().extract().header("Location");
// Re-enable sample.
locSampleEnable = given().header("Content-Type", "application/json").body(docEnable).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().header("X-Tenant-Perms-Result", expPerms).extract().header("Location");
// Check that the tenant interface and the tenantpermission interfaces
// were called with proper auth tokens and with ModulePermissions
// Clean up, so the next test starts with a clean slate (in reverse order)
logger.debug("testSystemInterfaces cleaning up");
given().delete(locSampleEnable).then().log().ifValidationFails().statusCode(204);
given().delete(locAuthEnable).then().log().ifValidationFails().statusCode(204);
given().delete(locAuthDeployment).then().log().ifValidationFails().statusCode(204);
given().delete(locAuthModule).then().log().ifValidationFails().statusCode(204);
given().delete(locSampleEnable2).then().log().ifValidationFails().statusCode(204);
given().delete(locationSampleDeployment2).then().log().ifValidationFails().statusCode(204);
given().delete(locSampleModule2).then().log().ifValidationFails().statusCode(204);
// given().delete(locSampleEnable).then().log().ifValidationFails().statusCode(204);
given().delete(locationSampleDeployment).then().log().ifValidationFails().statusCode(204);
given().delete(locSampleModule).then().log().ifValidationFails().statusCode(204);
locationSampleDeployment = null;
given().delete(locHdrEnable).then().log().ifValidationFails().statusCode(204);
given().delete(locationHeaderDeployment).then().log().ifValidationFails().statusCode(204);
locationHeaderDeployment = null;
given().delete(locHdrModule).then().log().ifValidationFails().statusCode(204);
given().delete(locInternal).then().log().ifValidationFails().statusCode(204);
given().delete(locTenant).then().log().ifValidationFails().statusCode(204);
checkDbIsEmpty("testSystemInterfaces done", context);
async.complete();
}
Also used :
ValidatableResponse(io.restassured.response.ValidatableResponse)
Response(io.restassured.response.Response)
Header(io.restassured.http.Header)
Headers(io.restassured.http.Headers)
Matchers.containsString(org.hamcrest.Matchers.containsString)
RestAssuredClient(guru.nidi.ramltester.restassured3.RestAssuredClient)
Test(org.junit.Test)
Example 12 with Headers
use of io.restassured.http.Headers in project devonfw-testing by devonfw.
the class TokenValidTest method testNoneAlgorithmToken.
@Test
public void testNoneAlgorithmToken() {
Headers authHeaders = getSessionManager().getAuthHeaders(SessionEnum.WAITER);
String validToken = authHeaders.getValue(AUTH_HEADER);
String invalidToken = generateNoneAlgToken(validToken);
RequestSpecification rs = new RequestSpecBuilder().addHeader(AUTH_HEADER, invalidToken).setBaseUri(EnvironmentParam.SECURITY_SERVER_ORIGIN.getValue()).setBasePath(SubUrlEnum.ORDER_SEARCH.getValue()).addHeader("Content-Type", "application/json").setBody("{\"pagination\":{\"size\":8,\"page\":1,\"total\":1},\"sort\":[]}").build();
given(rs).when().post().then().statusCode(HttpStatus.SC_INTERNAL_SERVER_ERROR);
}
Also used :
Headers(io.restassured.http.Headers)
RequestSpecification(io.restassured.specification.RequestSpecification)
RequestSpecBuilder(io.restassured.builder.RequestSpecBuilder)
Test(org.junit.Test)
SecurityTest(com.capgemini.ntc.security.SecurityTest)
Aggregations
Headers (io.restassured.http.Headers)12
Test (org.junit.Test)8
Header (io.restassured.http.Header)6
ResponseBuilder (io.restassured.builder.ResponseBuilder)4
RequestSpecBuilder (io.restassured.builder.RequestSpecBuilder)2
Response (io.restassured.response.Response)2
RequestSpecification (io.restassured.specification.RequestSpecification)2
SecurityTest (com.capgemini.ntc.security.SecurityTest)1
RestAssuredClient (guru.nidi.ramltester.restassured3.RestAssuredClient)1
Cookies (io.restassured.http.Cookies)1
Prettifier (io.restassured.internal.support.Prettifier)1
ValidatableResponse (io.restassured.response.ValidatableResponse)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
ArrayList (java.util.ArrayList)1
Matchers.containsString (org.hamcrest.Matchers.containsString)1
JSONObject (org.json.JSONObject)1
