add tests

Vladimir Kotal · Vladimir Kotal · commit 0a2645ef5026 · 2020-11-24T10:28:18.000+01:00
diff --git a/opengrok-web/src/main/java/org/opengrok/web/api/v1/filter/IncomingFilter.java b/opengrok-web/src/main/java/org/opengrok/web/api/v1/filter/IncomingFilter.java
@@ -99,7 +99,7 @@ public void filter(final ContainerRequestContext context) {
         if (request.isSecure()) {
             String authHeader;
             if ((authHeader = request.getHeader(HttpHeaders.AUTHORIZATION)) != null) {
-                if (RuntimeEnvironment.getInstance().getTokens().contains(authHeader)) {
+                if (RuntimeEnvironment.getInstance().getAuthenticationTokens().contains(authHeader)) {
                     logger.log(Level.FINEST, "allowing request to {0} based on authentication header", path);
                     return;
                 }
diff --git a/opengrok-web/src/test/java/org/opengrok/web/api/v1/filter/IncomingFilterTest.java b/opengrok-web/src/test/java/org/opengrok/web/api/v1/filter/IncomingFilterTest.java
@@ -24,24 +24,63 @@
 
 import org.junit.Test;
 import org.mockito.ArgumentCaptor;
+import org.opengrok.indexer.configuration.RuntimeEnvironment;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriInfo;
 
 import java.lang.reflect.Field;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeMap;
 
 import static org.junit.Assert.assertEquals;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
-public class LocalhostFilterTest {
+public class IncomingFilterTest {
+    @Test
+    public void nonLocalhostTestWithValidToken() throws Exception {
+        nonLocalhostTestWithToken(true);
+    }
+
+    @Test
+    public void nonLocalhostTestWithInvalidToken() throws Exception {
+        nonLocalhostTestWithToken(false);
+    }
+
+    private void nonLocalhostTestWithToken(boolean allowed) throws Exception {
+        String allowedToken = "foo";
+
+        Set<String> tokens = new HashSet<>();
+        tokens.add(allowedToken);
+        RuntimeEnvironment.getInstance().setAuthenticationTokens(tokens);
+
+        Map<String, String> headers = new TreeMap<>();
+        headers.put(HttpHeaders.AUTHORIZATION, allowed ? allowedToken : allowedToken + "_");
+        IncomingFilter filter = mockWithRemoteAddress("192.168.1.1", headers, true);
+
+        ContainerRequestContext context = mockContainerRequestContext("test");
+
+        ArgumentCaptor<Response> captor = ArgumentCaptor.forClass(Response.class);
+
+        filter.filter(context);
+
+        if (allowed) {
+            verify(context, never()).abortWith(captor.capture());
+        } else {
+            verify(context).abortWith(captor.capture());
+        }
+    }
 
     @Test
-    public void nonLocalhostTest() throws Exception {
+    public void nonLocalhostTestWithoutToken() throws Exception {
         IncomingFilter filter = mockWithRemoteAddress("192.168.1.1");
 
         ContainerRequestContext context = mockContainerRequestContext("test");
@@ -55,18 +94,27 @@ public void nonLocalhostTest() throws Exception {
         assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), captor.getValue().getStatus());
     }
 
-    private IncomingFilter mockWithRemoteAddress(final String remoteAddr) throws Exception {
+    private IncomingFilter mockWithRemoteAddress(final String remoteAddr, Map<String, String> headers, boolean secure)
+            throws Exception {
         IncomingFilter filter = new IncomingFilter();
         filter.init();
 
         HttpServletRequest request = mock(HttpServletRequest.class);
+        for (String name : headers.keySet()) {
+            when(request.getHeader(name)).thenReturn(headers.get(name));
+        }
+        when(request.isSecure()).thenReturn(secure);
         when(request.getRemoteAddr()).thenReturn(remoteAddr);
 
         setHttpRequest(filter, request);
 
         return filter;
     }
 
+    private IncomingFilter mockWithRemoteAddress(final String remoteAddr) throws Exception {
+        return mockWithRemoteAddress(remoteAddr, new TreeMap<>(), false);
+    }
+
     private void setHttpRequest(final IncomingFilter filter, final HttpServletRequest request) throws Exception {
         Field f = IncomingFilter.class.getDeclaredField("request");
         f.setAccessible(true);

Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,7 @@ public void filter(final ContainerRequestContext context) {`
`99`	`99`	`if (request.isSecure()) {`
`100`	`100`	`String authHeader;`
`101`	`101`	`if ((authHeader = request.getHeader(HttpHeaders.AUTHORIZATION)) != null) {`
`102`		`- if (RuntimeEnvironment.getInstance().getTokens().contains(authHeader)) {`
	`102`	`+ if (RuntimeEnvironment.getInstance().getAuthenticationTokens().contains(authHeader)) {`
`103`	`103`	`logger.log(Level.FINEST, "allowing request to {0} based on authentication header", path);`
`104`	`104`	`return;`
`105`	`105`	`}`