FF-465 - Added Cookie auth to fs item info (#122)

open-schnick · web-flow · commit b8d111cd4cce · 2021-05-28T18:56:46.000+02:00
* implemented cookie auth in file info endpoint

* made code style more uniform
diff --git a/src/main/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestController.java b/src/main/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestController.java
@@ -42,11 +42,13 @@ public ResponseEntity<List<FileSystemItem>> getContentsOfFolder(
     @GetMapping(FS_BASE_URI + "{fsItemId}/info")
     public ResponseEntity<FileSystemItem> getFileOrFolderInfo(
             @PathVariable long fsItemId,
-            @RequestHeader(value = "Authorization") String accessToken
+            @CookieValue(name = AUTHORIZATION_ACCESS_TOKEN_COOKIE, required = false) String cookieValue,
+            @RequestHeader(value = "Authorization", required = false) String accessToken
     ) {
 
         log.info("Requested information about FileSystemItem with id {}.", fsItemId);
-        return fileSystemRestService.getInfoAboutFileOrFolderByIdAndAccessToken(fsItemId, accessToken);
+        log.debug("Header was {}, Cookie was {}", accessToken, cookieValue);
+        return fileSystemRestService.getInfoAboutFileOrFolderByIdAndAccessToken(fsItemId, new Pair<>(cookieValue, accessToken));
     }
 
     @GetMapping(FS_BASE_URI + "search")
@@ -63,17 +65,20 @@ public ResponseEntity<List<FileSystemItem>> searchFileOrFolderByName(
     public ResponseEntity<List<FileSystemItem>> downloadFileOrFolder(
             @RequestParam(name = "ids") List<Long> ids,
             @CookieValue(name = AUTHORIZATION_ACCESS_TOKEN_COOKIE, required = false) String cookieValue,
-            @RequestHeader(value = "Authorization", required = false) String accessToken) {
+            @RequestHeader(value = "Authorization", required = false) String accessToken
+    ) {
 
         log.info("Tried downloading FileSystemEntities with the ids {}", ids);
+        log.debug("Header was {}, Cookie was {}", accessToken, cookieValue);
         return fileSystemRestService.downloadFileSystemEntity(ids, new Pair<>(cookieValue, accessToken));
     }
 
     @PostMapping(FS_BASE_URI + "{fsItemId}/folder/create")
     public ResponseEntity<FileSystemItem> createNewFolder(
             @PathVariable long fsItemId,
             @RequestBody CreateNewFolder newFolder,
-            @RequestHeader(value = "Authorization") String accessToken) {
+            @RequestHeader(value = "Authorization") String accessToken
+    ) {
 
         log.info("Tried creating new Folder {}", newFolder);
         return fileSystemRestService.createNewFolder(fsItemId, newFolder, accessToken);
@@ -83,7 +88,8 @@ public ResponseEntity<FileSystemItem> createNewFolder(
     public ResponseEntity<List<FileSystemItem>> uploadFileOrFolder(
             @PathVariable long fsItemId,
             @RequestBody FileSystemUpload fileSystemUpload,
-            @RequestHeader(value = "Authorization") String accessToken) {
+            @RequestHeader(value = "Authorization") String accessToken
+    ) {
 
         log.info("Tried uploading new FileSystemUpload {}", fileSystemUpload);
         return fileSystemRestService.uploadFileSystemItemWithAccessToken(fsItemId, fileSystemUpload, accessToken);
@@ -93,7 +99,8 @@ public ResponseEntity<List<FileSystemItem>> uploadFileOrFolder(
     public ResponseEntity<List<FileSystemUploadPreflightResponse>> preflightUploadFileOrFolder(
             @PathVariable long fsItemId,
             @RequestBody List<FileSystemUpload> fileSystemUpload,
-            @RequestHeader(value = "Authorization") String accessToken) {
+            @RequestHeader(value = "Authorization") String accessToken
+    ) {
 
         log.info("Preflight for {} in id {}.", fileSystemUpload, fsItemId);
         return fileSystemRestService.preflightUploadOfFileSystemItem(fsItemId, fileSystemUpload, accessToken);
diff --git a/src/main/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestService.java b/src/main/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestService.java
@@ -49,8 +49,8 @@ public ResponseEntity<List<FileSystemItem>> getContentsOfFolderByPathAndAccessTo
     }
 
     @Override
-    public ResponseEntity<FileSystemItem> getInfoAboutFileOrFolderByIdAndAccessToken(long fsItemId, String accessTokenValue) {
-        User authenticatedUser = authenticationService.bearerAuthenticationWithAccessToken(accessTokenValue);
+    public ResponseEntity<FileSystemItem> getInfoAboutFileOrFolderByIdAndAccessToken(long fsItemId, Pair<String, String> accessTokenValueOrHeader) {
+        User authenticatedUser = authenticationService.authenticateUserWithCookieOrHeader(accessTokenValueOrHeader);
         return new ResponseEntity<>(fileSystemBusinessService.getFileSystemItemInfo(fsItemId, authenticatedUser), HttpStatus.OK);
     }
 
diff --git a/src/main/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestServiceInterface.java b/src/main/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestServiceInterface.java
@@ -13,7 +13,7 @@
 public interface FileSystemRestServiceInterface {
     ResponseEntity<List<FileSystemItem>> getContentsOfFolderByPathAndAccessToken(String path, String accessToken);
 
-    ResponseEntity<FileSystemItem> getInfoAboutFileOrFolderByIdAndAccessToken(long fsItemId, String accessToken);
+    ResponseEntity<FileSystemItem> getInfoAboutFileOrFolderByIdAndAccessToken(long fsItemId, Pair<String, String> authPair);
 
     ResponseEntity<List<FileSystemItem>> findFileOrFolderByNameAndAccessToken(String name, String accessToken);
 
diff --git a/src/test/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestControllerUnitTest.java b/src/test/java/de/filefighter/rest/domain/filesystem/rest/FileSystemRestControllerUnitTest.java
@@ -13,6 +13,8 @@
 import java.util.List;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 import static org.springframework.http.HttpStatus.OK;
@@ -49,10 +51,11 @@ void getFileOrFolderInfo() {
 
         long id = 420;
         String token = "token";
+        String cookieValue = null;
 
-        when(fileSystemRestServiceMock.getInfoAboutFileOrFolderByIdAndAccessToken(id, token)).thenReturn(expectedModel);
+        when(fileSystemRestServiceMock.getInfoAboutFileOrFolderByIdAndAccessToken(eq(id), any())).thenReturn(expectedModel);
 
-        ResponseEntity<FileSystemItem> actualModel = fileSystemRestController.getFileOrFolderInfo(id, token);
+        ResponseEntity<FileSystemItem> actualModel = fileSystemRestController.getFileOrFolderInfo(id, cookieValue, token);
         assertEquals(expectedModel, actualModel);
     }
 

Original file line number	Diff line number	Diff line change
`@@ -49,8 +49,8 @@ public ResponseEntity<List<FileSystemItem>> getContentsOfFolderByPathAndAccessTo`
`49`	`49`	`}`
`50`	`50`
`51`	`51`	`@Override`
`52`		`- public ResponseEntity<FileSystemItem> getInfoAboutFileOrFolderByIdAndAccessToken(long fsItemId, String accessTokenValue) {`
`53`		`- User authenticatedUser = authenticationService.bearerAuthenticationWithAccessToken(accessTokenValue);`
	`52`	`+ public ResponseEntity<FileSystemItem> getInfoAboutFileOrFolderByIdAndAccessToken(long fsItemId, Pair<String, String> accessTokenValueOrHeader) {`
	`53`	`+ User authenticatedUser = authenticationService.authenticateUserWithCookieOrHeader(accessTokenValueOrHeader);`
`54`	`54`	`return new ResponseEntity<>(fileSystemBusinessService.getFileSystemItemInfo(fsItemId, authenticatedUser), HttpStatus.OK);`
`55`	`55`	`}`
`56`	`56`