Skip to content

Commit 6ee6910

Browse files
committed
test: Add /api/v1/secure/* operations and securitySchemes fixture
Add four secured paths under /secure/* to openapi.json and openapi.yaml, plus a securitySchemes block (apiKeyAuth, bearerAuth, basicAuth). Wire deny-all SchemeValidator stubs and no-op handlers into ServerBaseTest (via newBuilder helper) and ServerLauncher so existing tests keep booting.
1 parent 9e816f8 commit 6ee6910

8 files changed

Lines changed: 124 additions & 18 deletions

File tree

src/test/java/com/retailsvc/http/DecoratorAndInterceptorIT.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ class DecoratorAndInterceptorIT extends ServerBaseTest {
2121
void responseDecoratorAddsHeadersOnEveryResponse() throws Exception {
2222
RequestHandler ok = req -> Response.text(HTTP_OK, "ok");
2323
server =
24-
OpenApiServer.builder()
24+
newBuilder()
2525
.spec(spec)
2626
.handlers(Map.of("get-data", ok, "post-data", ok))
2727
.responseDecorator((req, resp) -> resp.withHeader("X-Correlation-Id", "decorator-cid"))
@@ -40,7 +40,7 @@ void responseDecoratorAddsHeadersOnEveryResponse() throws Exception {
4040
void decoratorHeaderOverridesHandlerHeader() throws Exception {
4141
RequestHandler ok = req -> Response.text(HTTP_OK, "ok").withHeader("X-Op", "handler-set");
4242
server =
43-
OpenApiServer.builder()
43+
newBuilder()
4444
.spec(spec)
4545
.handlers(Map.of("get-data", ok, "post-data", ok))
4646
.responseDecorator((req, resp) -> resp.withHeader("X-Op", "decorator-wins"))
@@ -56,7 +56,7 @@ void decoratorHeaderOverridesHandlerHeader() throws Exception {
5656
void interceptorBindsScopedValueVisibleToHandler() throws Exception {
5757
RequestHandler echoTenant = req -> Response.text(HTTP_OK, TENANT.get());
5858
server =
59-
OpenApiServer.builder()
59+
newBuilder()
6060
.spec(spec)
6161
.handlers(Map.of("get-data", echoTenant, "post-data", echoTenant))
6262
.interceptor((request, next) -> ScopedValue.where(TENANT, "acme").call(next::proceed))
@@ -75,7 +75,7 @@ void interceptorsRunInRegistrationOrder() throws Exception {
7575
return Response.status(HTTP_OK);
7676
};
7777
server =
78-
OpenApiServer.builder()
78+
newBuilder()
7979
.spec(spec)
8080
.handlers(Map.of("get-data", ok, "post-data", ok))
8181
.interceptor(

src/test/java/com/retailsvc/http/ExtraHandlersIT.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ class ExtraHandlersIT extends ServerBaseTest {
1414
@Test
1515
void aliveExtraReturns204AndBypassesValidation() throws Exception {
1616
try (var s =
17-
OpenApiServer.builder()
17+
newBuilder()
1818
.spec(spec)
1919
.handlers(Map.of())
2020
.exceptionHandler(defaultExceptionHandler())
@@ -38,7 +38,7 @@ void aliveExtraReturns204AndBypassesValidation() throws Exception {
3838
@Test
3939
void specHandlerServesClasspathResource() throws Exception {
4040
try (var s =
41-
OpenApiServer.builder()
41+
newBuilder()
4242
.spec(spec)
4343
.handlers(Map.of())
4444
.exceptionHandler(defaultExceptionHandler())
@@ -68,7 +68,7 @@ void extraHandlerExceptionFlowsThroughExceptionHandler() throws Exception {
6868
};
6969

7070
try (var s =
71-
OpenApiServer.builder()
71+
newBuilder()
7272
.spec(spec)
7373
.handlers(Map.of())
7474
.exceptionHandler(defaultExceptionHandler())

src/test/java/com/retailsvc/http/RequestResponseGatewayTest.java

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ class RequestResponseGatewayTest extends ServerBaseTest {
2020
void respondJsonWritesBodyAndContentType() throws Exception {
2121
RequestHandler echo = req -> Response.ok(Map.of("op", req.operationId()));
2222
server =
23-
OpenApiServer.builder()
23+
newBuilder()
2424
.spec(spec)
2525
.handlers(Map.of("get-data", echo, "post-data", echo))
2626
.port(0)
@@ -47,11 +47,7 @@ void respondJsonWritesBodyAndContentType() throws Exception {
4747
void respondEmptyUses204Style() throws Exception {
4848
RequestHandler ok = req -> Response.status(HTTP_NO_CONTENT);
4949
server =
50-
OpenApiServer.builder()
51-
.spec(spec)
52-
.handlers(Map.of("get-data", ok, "post-data", ok))
53-
.port(0)
54-
.build();
50+
newBuilder().spec(spec).handlers(Map.of("get-data", ok, "post-data", ok)).port(0).build();
5551
var resp =
5652
HttpClient.newHttpClient()
5753
.send(
@@ -78,7 +74,7 @@ void respondStreamUsesChunkedEncoding() throws Exception {
7874
out.write("world".getBytes());
7975
});
8076
server =
81-
OpenApiServer.builder()
77+
newBuilder()
8278
.spec(spec)
8379
.handlers(Map.of("get-data", streamer, "post-data", streamer))
8480
.port(0)

src/test/java/com/retailsvc/http/ServerBaseTest.java

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
import java.net.http.HttpRequest;
1313
import java.net.http.HttpRequest.BodyPublisher;
1414
import java.nio.charset.StandardCharsets;
15+
import java.util.HashMap;
1516
import java.util.Map;
1617
import java.util.Objects;
1718
import java.util.Optional;
@@ -43,9 +44,29 @@ void tearDown() {
4344
Optional.ofNullable(server).ifPresent(OpenApiServer::close);
4445
}
4546

47+
protected OpenApiServer.Builder newBuilder() {
48+
return OpenApiServer.builder()
49+
.securityValidator("apiKeyAuth", (req, cred) -> Optional.empty())
50+
.securityValidator("bearerAuth", (req, cred) -> Optional.empty())
51+
.securityValidator("basicAuth", (req, cred) -> Optional.empty());
52+
}
53+
4654
protected OpenApiServer newServer(Map<String, RequestHandler> handlers) {
55+
Map<String, RequestHandler> all = new HashMap<>(handlers);
56+
all.putIfAbsent("secureApiKey", req -> Response.status(200));
57+
all.putIfAbsent("secureBearer", req -> Response.status(200));
58+
all.putIfAbsent("secureBasic", req -> Response.status(200));
59+
all.putIfAbsent("secureOpen", req -> Response.status(200));
4760
try {
48-
server = OpenApiServer.builder().spec(spec).handlers(handlers).port(0).build();
61+
server =
62+
OpenApiServer.builder()
63+
.spec(spec)
64+
.handlers(all)
65+
.securityValidator("apiKeyAuth", (req, cred) -> Optional.empty())
66+
.securityValidator("bearerAuth", (req, cred) -> Optional.empty())
67+
.securityValidator("basicAuth", (req, cred) -> Optional.empty())
68+
.port(0)
69+
.build();
4970
return server;
5071
} catch (Exception e) {
5172
fail(e);

src/test/java/com/retailsvc/http/TypeMapperRegistrationTest.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ void gsonFallbackIsAutoRegisteredWhenNoJsonMapperConfigured() throws Exception {
3030
gson.toJson(req.parsed()).getBytes(StandardCharsets.UTF_8),
3131
"application/json");
3232
server =
33-
OpenApiServer.builder()
33+
newBuilder()
3434
.spec(spec)
3535
.handlers(Map.of("get-data", echo, "post-data", echo))
3636
.port(0)
@@ -70,7 +70,7 @@ public byte[] writeTo(Object v) {
7070
};
7171
RequestHandler echo = req -> Response.status(200);
7272
server =
73-
OpenApiServer.builder()
73+
newBuilder()
7474
.spec(spec)
7575
.bodyMapper("application/json", marker)
7676
.handlers(Map.of("get-data", echo, "post-data", echo))
@@ -106,7 +106,7 @@ public byte[] writeTo(Object v) {
106106
};
107107
RequestHandler echo = req -> Response.status(200);
108108
server =
109-
OpenApiServer.builder()
109+
newBuilder()
110110
.spec(spec)
111111
.jsonMapper(marker)
112112
.handlers(Map.of("get-data", echo, "post-data", echo))

src/test/java/com/retailsvc/http/start/ServerLauncher.java

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,13 @@
44
import com.retailsvc.http.Handlers;
55
import com.retailsvc.http.OpenApiServer;
66
import com.retailsvc.http.RequestHandler;
7+
import com.retailsvc.http.Response;
78
import com.retailsvc.http.spec.Spec;
89
import java.io.IOException;
910
import java.io.InputStream;
1011
import java.util.HashMap;
1112
import java.util.Map;
13+
import java.util.Optional;
1214
import org.slf4j.Logger;
1315
import org.slf4j.LoggerFactory;
1416
import org.yaml.snakeyaml.Yaml;
@@ -37,13 +39,20 @@ public ServerLauncher() throws IOException {
3739
handlers.put("query-params", new ParamHandler());
3840
handlers.put("path-params", new ParamHandler());
3941
handlers.put("path-params-multi", new ParamHandler());
42+
handlers.put("secureApiKey", req -> Response.status(200));
43+
handlers.put("secureBearer", req -> Response.status(200));
44+
handlers.put("secureBasic", req -> Response.status(200));
45+
handlers.put("secureOpen", req -> Response.status(200));
4046

4147
ExceptionHandler exceptionHandler = Handlers.defaultExceptionHandler();
4248

4349
OpenApiServer.builder()
4450
.spec(spec)
4551
.handlers(handlers)
4652
.exceptionHandler(exceptionHandler)
53+
.securityValidator("apiKeyAuth", (req, cred) -> Optional.empty())
54+
.securityValidator("bearerAuth", (req, cred) -> Optional.empty())
55+
.securityValidator("basicAuth", (req, cred) -> Optional.empty())
4756
.build();
4857
LOG.info("Application started in {}ms", System.currentTimeMillis() - t0);
4958
}

src/test/resources/openapi.json

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -377,6 +377,34 @@
377377
"200": { "description": "ok" }
378378
}
379379
}
380+
},
381+
"/secure/api-key": {
382+
"get": {
383+
"operationId": "secureApiKey",
384+
"security": [{"apiKeyAuth": []}],
385+
"responses": {"200": {"description": "ok"}}
386+
}
387+
},
388+
"/secure/bearer": {
389+
"get": {
390+
"operationId": "secureBearer",
391+
"security": [{"bearerAuth": []}],
392+
"responses": {"200": {"description": "ok"}}
393+
}
394+
},
395+
"/secure/basic": {
396+
"get": {
397+
"operationId": "secureBasic",
398+
"security": [{"basicAuth": []}],
399+
"responses": {"200": {"description": "ok"}}
400+
}
401+
},
402+
"/secure/open": {
403+
"get": {
404+
"operationId": "secureOpen",
405+
"security": [],
406+
"responses": {"200": {"description": "ok"}}
407+
}
380408
}
381409
},
382410
"components": {
@@ -390,6 +418,11 @@
390418
}
391419
}
392420
},
421+
"securitySchemes": {
422+
"apiKeyAuth": {"type": "apiKey", "name": "X-API-Key", "in": "header"},
423+
"bearerAuth": {"type": "http", "scheme": "bearer"},
424+
"basicAuth": {"type": "http", "scheme": "basic"}
425+
},
393426
"schemas": {
394427
"GetDataResponse": {
395428
"type": "object",

src/test/resources/openapi.yaml

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -265,7 +265,54 @@ paths:
265265
responses:
266266
"200": { description: ok }
267267

268+
/secure/api-key:
269+
get:
270+
operationId: secureApiKey
271+
security:
272+
- apiKeyAuth: []
273+
responses:
274+
"200":
275+
description: ok
276+
277+
/secure/bearer:
278+
get:
279+
operationId: secureBearer
280+
security:
281+
- bearerAuth: []
282+
responses:
283+
"200":
284+
description: ok
285+
286+
/secure/basic:
287+
get:
288+
operationId: secureBasic
289+
security:
290+
- basicAuth: []
291+
responses:
292+
"200":
293+
description: ok
294+
295+
/secure/open:
296+
get:
297+
operationId: secureOpen
298+
security: []
299+
responses:
300+
"200":
301+
description: ok
302+
268303
components:
304+
securitySchemes:
305+
apiKeyAuth:
306+
type: apiKey
307+
name: X-API-Key
308+
in: header
309+
bearerAuth:
310+
type: http
311+
scheme: bearer
312+
basicAuth:
313+
type: http
314+
scheme: basic
315+
269316
parameters:
270317
Name-Header:
271318
in: header

0 commit comments

Comments
 (0)