Example 1 with SecurityResponse
use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.SecurityResponse in project spring-boot by spring-projects.
the class CloudFoundrySecurityInterceptorTests method preHandleWhenCloudFoundrySecurityServiceIsNullShouldReturnFalse.
@Test
void preHandleWhenCloudFoundrySecurityServiceIsNullShouldReturnFalse() {
this.interceptor = new CloudFoundrySecurityInterceptor(this.tokenValidator, null, "my-app-id");
this.request.addHeader("Authorization", "bearer " + mockAccessToken());
SecurityResponse response = this.interceptor.preHandle(this.request, EndpointId.of("test"));
assertThat(response.getStatus()).isEqualTo(Reason.SERVICE_UNAVAILABLE.getStatus());
}Example 2 with SecurityResponse
use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.SecurityResponse in project spring-boot by spring-projects.
the class CloudFoundrySecurityInterceptorTests method preHandleSuccessfulWithFullAccess.
@Test
void preHandleSuccessfulWithFullAccess() {
String accessToken = mockAccessToken();
this.request.addHeader("Authorization", "Bearer " + accessToken);
given(this.securityService.getAccessLevel(accessToken, "my-app-id")).willReturn(AccessLevel.FULL);
SecurityResponse response = this.interceptor.preHandle(this.request, EndpointId.of("test"));
ArgumentCaptor<Token> tokenArgumentCaptor = ArgumentCaptor.forClass(Token.class);
then(this.tokenValidator).should().validate(tokenArgumentCaptor.capture());
Token token = tokenArgumentCaptor.getValue();
assertThat(token.toString()).isEqualTo(accessToken);
assertThat(response.getStatus()).isEqualTo(HttpStatus.OK);
assertThat(this.request.getAttribute("cloudFoundryAccessLevel")).isEqualTo(AccessLevel.FULL);
}Example 3 with SecurityResponse
use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.SecurityResponse in project spring-boot by spring-projects.
the class CloudFoundrySecurityInterceptorTests method preHandleWhenTokenIsMissingShouldReturnFalse.
@Test
void preHandleWhenTokenIsMissingShouldReturnFalse() {
SecurityResponse response = this.interceptor.preHandle(this.request, EndpointId.of("test"));
assertThat(response.getStatus()).isEqualTo(Reason.MISSING_AUTHORIZATION.getStatus());
}Example 4 with SecurityResponse
use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.SecurityResponse in project spring-boot by spring-projects.
the class CloudFoundrySecurityInterceptorTests method preHandleSuccessfulWithRestrictedAccess.
@Test
void preHandleSuccessfulWithRestrictedAccess() {
String accessToken = mockAccessToken();
this.request.addHeader("Authorization", "Bearer " + accessToken);
given(this.securityService.getAccessLevel(accessToken, "my-app-id")).willReturn(AccessLevel.RESTRICTED);
SecurityResponse response = this.interceptor.preHandle(this.request, EndpointId.of("info"));
ArgumentCaptor<Token> tokenArgumentCaptor = ArgumentCaptor.forClass(Token.class);
then(this.tokenValidator).should().validate(tokenArgumentCaptor.capture());
Token token = tokenArgumentCaptor.getValue();
assertThat(token.toString()).isEqualTo(accessToken);
assertThat(response.getStatus()).isEqualTo(HttpStatus.OK);
assertThat(this.request.getAttribute("cloudFoundryAccessLevel")).isEqualTo(AccessLevel.RESTRICTED);
}Example 5 with SecurityResponse
use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.SecurityResponse in project spring-boot by spring-projects.
the class CloudFoundrySecurityInterceptorTests method preHandleWhenApplicationIdIsNullShouldReturnFalse.
@Test
void preHandleWhenApplicationIdIsNullShouldReturnFalse() {
this.interceptor = new CloudFoundrySecurityInterceptor(this.tokenValidator, this.securityService, null);
this.request.addHeader("Authorization", "bearer " + mockAccessToken());
SecurityResponse response = this.interceptor.preHandle(this.request, EndpointId.of("test"));
assertThat(response.getStatus()).isEqualTo(Reason.SERVICE_UNAVAILABLE.getStatus());
}Aggregations
