Skip to content

Commit 9e816f8

Browse files
committed
test(internal): Cover useExternalAuthentication bypass in SecurityFilter
1 parent 8e82dcc commit 9e816f8

1 file changed

Lines changed: 29 additions & 0 deletions

File tree

src/test/java/com/retailsvc/http/internal/SecurityFilterTest.java

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -319,6 +319,35 @@ void orFallsBackToSecondGroupWhenFirstDenied() throws Exception {
319319
assertThat(captured).containsEntry("bearerAuth", "bearer-ok").doesNotContainKey("apiKeyAuth");
320320
}
321321

322+
@Test
323+
void externalAuthBypassesEverything() throws Exception {
324+
// Operation requires bearerAuth, but externalAuth=true should short-circuit.
325+
Operation op =
326+
new Operation(
327+
"getX",
328+
HttpMethod.GET,
329+
null,
330+
Optional.empty(),
331+
List.of(),
332+
Map.of(),
333+
Map.of(),
334+
Optional.of(List.of(new SecurityRequirement(Map.of("bearerAuth", List.of())))));
335+
336+
SecurityFilter filter =
337+
new SecurityFilter(
338+
Map.of("getX", op),
339+
Map.of("bearerAuth", new HttpBearer(Optional.empty())),
340+
List.of(),
341+
Map.of(), // NO validators
342+
/* externalAuth= */ true);
343+
344+
HttpExchange ex = mock(HttpExchange.class);
345+
Chain chain = mock(Chain.class);
346+
ScopedValueHarness.runWith(newMinimalRequest("getX"), () -> filter.doFilter(ex, chain));
347+
348+
verify(chain).doFilter(ex);
349+
}
350+
322351
private static Request newMinimalRequest(String operationId) {
323352
return new Request(new byte[0], null, null, operationId, Map.of(), null, h -> null);
324353
}

0 commit comments

Comments
 (0)