-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSecurityBootValidationTest.java
More file actions
119 lines (105 loc) · 3.58 KB
/
Copy pathSecurityBootValidationTest.java
File metadata and controls
119 lines (105 loc) · 3.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package com.retailsvc.http;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import com.retailsvc.http.spec.Spec;
import java.util.List;
import java.util.Map;
import org.junit.jupiter.api.Test;
class SecurityBootValidationTest {
private static Map<String, Object> raw(
Map<String, Object> securitySchemes, List<Object> rootSecurity, List<Object> opSecurity) {
return Map.of(
"openapi",
"3.1.0",
"info",
Map.of("title", "T", "version", "1"),
"servers",
List.of(Map.of("url", "/v1")),
"security",
rootSecurity == null ? List.of() : rootSecurity,
"components",
securitySchemes == null ? Map.of() : Map.of("securitySchemes", securitySchemes),
"paths",
Map.of(
"/x",
Map.of(
"get",
opSecurity == null
? Map.of(
"operationId",
"getX",
"responses",
Map.of("200", Map.of("description", "ok")))
: Map.of(
"operationId",
"getX",
"security",
opSecurity,
"responses",
Map.of("200", Map.of("description", "ok"))))));
}
@Test
void missingValidatorThrows() {
Map<String, Object> r =
raw(
Map.of("bearerAuth", Map.of("type", "http", "scheme", "bearer")),
List.of(),
List.of(Map.of("bearerAuth", List.of())));
Spec spec = Spec.from(r);
OpenApiServer.Builder builder = handlerBuilder(spec);
assertThatThrownBy(builder::build)
.isInstanceOf(IllegalStateException.class)
.hasMessageContaining("bearerAuth");
}
@Test
void unsupportedSchemeThrowsWhenReferenced() {
Map<String, Object> r =
raw(
Map.of("oauth", Map.of("type", "oauth2")),
List.of(),
List.of(Map.of("oauth", List.of())));
Spec spec = Spec.from(r);
OpenApiServer.Builder builder = handlerBuilder(spec);
assertThatThrownBy(builder::build)
.isInstanceOf(IllegalStateException.class)
.hasMessageContaining("unsupported");
}
@Test
void unknownSchemeReferenceThrows() {
Map<String, Object> r =
raw(
Map.of(), // no schemes defined
List.of(),
List.of(Map.of("missingScheme", List.of())));
Spec spec = Spec.from(r);
OpenApiServer.Builder builder = handlerBuilder(spec);
assertThatThrownBy(builder::build)
.isInstanceOf(IllegalStateException.class)
.hasMessageContaining("missingScheme");
}
private static OpenApiServer.Builder handlerBuilder(Spec spec) {
return OpenApiServer.builder()
.spec(spec)
.handlers(Map.of("getX", req -> Response.ok(Map.of())))
.port(0);
}
@Test
void externalAuthSkipsAllChecks() throws Exception {
Map<String, Object> r =
raw(
Map.of("bearerAuth", Map.of("type", "http", "scheme", "bearer")),
List.of(),
List.of(Map.of("bearerAuth", List.of())));
Spec spec = Spec.from(r);
// No validator registered, but externalAuth → must succeed.
OpenApiServer server =
OpenApiServer.builder()
.spec(spec)
.useExternalAuthentication()
.handlers(Map.of("getX", req -> Response.ok(Map.of())))
.port(0)
.build();
assertThat(server).isNotNull();
server.close();
}
}