Implemented requested changes by @qvalentin (#9)

Author: open-schnick

src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java

@@ -6,10 +6,7 @@
 import de.filefighter.rest.RestApplicationIntegrationTest;
 import de.filefighter.rest.domain.filesystem.data.persistance.FileSystemEntity;
 import de.filefighter.rest.domain.filesystem.data.persistance.FileSystemRepository;
-import de.filefighter.rest.domain.token.business.AccessTokenBusinessService;
-import de.filefighter.rest.domain.token.data.persistance.AccessTokenEntity;
 import de.filefighter.rest.domain.token.data.persistance.AccessTokenRepository;
-import de.filefighter.rest.domain.user.business.UserBusinessService;
 import de.filefighter.rest.domain.user.data.persistance.UserEntity;
 import de.filefighter.rest.domain.user.data.persistance.UserRepository;
 import io.cucumber.java.en.And;
@@ -18,11 +15,8 @@
 import org.springframework.beans.factory.annotation.Autowired;
 
 import java.io.IOException;
-import java.time.Instant;
 import java.util.Arrays;
-import java.util.UUID;
 
-import static de.filefighter.rest.domain.token.business.AccessTokenBusinessService.ACCESS_TOKEN_DURATION_IN_SECONDS;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
@@ -48,14 +42,6 @@ public void databaseIsEmpty() {
         fileSystemRepository.deleteAll();
     }
 
-    @Given("accessToken with value {string} exists for user {long}")
-    public void accessTokenWithValueExistsForUser(String tokenValue, long userId) {
-        accessTokenRepository.save(AccessTokenEntity.builder()
-                .userId(userId)
-                .value(tokenValue)
-                .validUntil(Instant.now().getEpochSecond()+ ACCESS_TOKEN_DURATION_IN_SECONDS).build());
-    }
-
     @And("user {long} exists")
     public void userExists(long userId) {
         userRepository.save(UserEntity

src/test/java/de/filefighter/rest/cucumber/UserAuthorizationSteps.java

@@ -4,9 +4,13 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import de.filefighter.rest.RestApplicationIntegrationTest;
+import de.filefighter.rest.domain.token.data.persistance.AccessTokenEntity;
+import de.filefighter.rest.domain.token.data.persistance.AccessTokenRepository;
 import io.cucumber.java.en.And;
+import io.cucumber.java.en.Given;
 import io.cucumber.java.en.When;
 import org.bson.internal.Base64;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpMethod;
 
 import java.time.Instant;
@@ -15,17 +19,44 @@
 
 import static com.mongodb.internal.connection.tlschannel.util.Util.assertTrue;
 import static de.filefighter.rest.configuration.RestConfiguration.*;
+import static de.filefighter.rest.domain.token.business.AccessTokenBusinessService.ACCESS_TOKEN_DURATION_IN_SECONDS;
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
 
 public class UserAuthorizationSteps extends RestApplicationIntegrationTest {
 
-    private final ObjectMapper objectMapper = new ObjectMapper();
+    private final ObjectMapper objectMapper;
+    private final AccessTokenRepository accessTokenRepository;
+
+    @Autowired
+    public UserAuthorizationSteps(AccessTokenRepository accessTokenRepository) {
+        this.objectMapper = new ObjectMapper();
+        this.accessTokenRepository = accessTokenRepository;
+    }
+
+
+    @Given("accessToken with value {string} exists for user {long} and is valid until {long}")
+    public void accessTokenWithValueExistsForUserAndIsValidUntil(String tokenValue, long userId, long validUntil) {
+        accessTokenRepository.save(AccessTokenEntity.builder()
+                .userId(userId)
+                .value(tokenValue)
+                .validUntil(validUntil)
+                .validUntil(Instant.now().getEpochSecond()+ ACCESS_TOKEN_DURATION_IN_SECONDS).build());
+    }
+
+    @Given("accessToken with value {string} exists for user {long}")
+    public void accessTokenWithValueExistsForUser(String tokenValue, long userId) {
+        accessTokenRepository.save(AccessTokenEntity.builder()
+                .userId(userId)
+                .value(tokenValue)
+                .validUntil(Instant.now().getEpochSecond()+ ACCESS_TOKEN_DURATION_IN_SECONDS).build());
+    }
 
     @When("user requests login with username {string} and password {string}")
     public void userRequestsLoginWithUsernameAndPassword(String username, String password) {
         String authString = username + ":" + password;
         String base64encoded = Base64.encode(authString.getBytes());
-        base64encoded = AUTHORIZATION_BASIC_PREFIX+ base64encoded;
+        base64encoded = AUTHORIZATION_BASIC_PREFIX + base64encoded;
 
         HashMap<String, String> authHeader = new HashMap<>();
         authHeader.put("Authorization", base64encoded);
@@ -83,4 +114,14 @@ public void responseContainsRefreshTokenAndTheUserWithId(String refreshToken, lo
         assertEquals(userId, actualUserId);
         assertEquals(refreshToken, actualRefreshToken);
     }
+
+    @And("response contains valid accessToken for user {long} with a different value than {string}")
+    public void responseContainsValidAccessTokenForUserWithADifferentValueThan(int userId, String differentTokenValue) throws JsonProcessingException {
+        JsonNode rootNode = objectMapper.readTree(latestResponse.getBody());
+        String actualTokenValue = rootNode.get("token").asText();
+        long actualUserId = rootNode.get("userId").asLong();
+
+        assertEquals(userId, actualUserId);
+        assertNotEquals(differentTokenValue, actualTokenValue);
+    }
 }

src/test/resources/UserAuthorization.feature

@@ -9,10 +9,10 @@ Background:
 
 Scenario: Successful login with username and password.
   When user requests login with username "user" and password "secure_password"
-  And response status code is 200
+  Then response status code is 200
   And response contains refreshToken "token" and the user with id 1234
 
-Scenario: Failed login with username and password.
+Scenario: Failed login with wrong username or password.
   When user requests login with username "user" and password "wrong_password"
   Then response contains key "message" and value "User could not be authenticated. No User found for username or password."
   And response contains key "status" and value "denied"
@@ -24,13 +24,21 @@ Scenario: Successful creation of new accessToken with refreshToken.
   And response contains valid accessToken for user 1234
   And response status code is 200
 
-Scenario: Successful request of existing accessToken with refreshToken.
+Scenario: Successful retrieval of existing accessToken with refreshToken.
   Given accessToken with value "6bb9cb4f-7b51-4c0a-8013-ed7a34e56282" exists for user 1234
   When user requests accessToken with refreshToken "token" and userId 1234
   Then response contains key "userId" and value "1234"
   And response contains valid accessToken for user 1234
   And response status code is 200
 
+Scenario: Successful retrieval of freshly created accessToken with refreshToken
+  Given accessToken with value "6bb9cb4f-7b51-4c0a-8013-ed7a34e56282" exists for user 1234 and is valid until 0
+  When user requests accessToken with refreshToken "token" and userId 1234
+  Then response contains key "userId" and value "1234"
+  And response contains valid accessToken for user 1234 with a different value than "6bb9cb4f-7b51-4c0a-8013-ed7a34e56282"
+  And response status code is 200
+
+
   Scenario: Failed retrieval of accessToken with wrong refreshToken.
   When user requests accessToken with refreshToken "not_the_token" and userId 1234
   Then response contains key "message" and value "User with the id 1234 could not be authenticated."