services/self-service/src/test/java/com/epam/datalab/backendapi/service/SecurityServiceImplTest.java - incubator-datalab - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 package com.epam.datalab.backendapi.service;

 import com.epam.datalab.auth.UserInfo;
 import com.epam.datalab.backendapi.dao.SecurityDAO;
 import com.epam.datalab.backendapi.domain.AuditActionEnum;
 import com.epam.datalab.backendapi.domain.AuditDTO;
 import com.epam.datalab.exceptions.DatalabException;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.keycloak.representations.AccessTokenResponse;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.runners.MockitoJUnitRunner;

 import java.util.Optional;

 import static org.junit.Assert.assertEquals;
 import static org.mockito.Matchers.anyString;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.verifyNoMoreInteractions;
 import static org.mockito.Mockito.when;

 @RunWith(MockitoJUnitRunner.class)
 public class SecurityServiceImplTest {

     private static final String CODE = "code";
     private static final String TOKEN = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJNUC15QVpENFdJRzloanp3R0RqQjdCeW9aNGpaV05QTjJ3X25uS1BkTnQ4In0.eyJqdGkiOiJkN2U0MDk3Yi1hNjdlLTQxYWUtYjBiNC05MzE1YWFmOGZkMDciLCJleHAiOjE1OTkwNDI1ODgsIm5iZiI6MCwiaWF0IjoxNTk5MDM4OTg4LCJpc3MiOiJodHRwOi8vNTIuMTEuNDUuMTE6ODA4MC9hdXRoL3JlYWxtcy9ETEFCX2JobGl2YSIsImF1ZCI6WyJwcm92aXNpb25pbmciLCJhY2NvdW50Il0sInN1YiI6ImRjNzczMThkLWYzN2UtNGNmOS1iMDgwLTU2ZTRjMWUwNDVhNSIsInR5cCI6IkJlYXJlciIsImF6cCI6InNzcyIsImF1dGhfdGltZSI6MTU5OTAzODk4Nywic2Vzc2lvbl9zdGF0ZSI6Ijg2Njg3NzQ3LTNlOGUtNDhhYy1iMTE1LWM4ZDRmNzQ5M2M1ZSIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7InNzcyI6eyJyb2xlcyI6WyJ0ZXN0Il19LCJwcm92aXNpb25pbmciOnsicm9sZXMiOlsidGVzdCJdfSwiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJvcGVuaWQgZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoidGVzdCIsImVtYWlsIjoidGVzdEBlcGFtLmNvbSJ9.cYXGXjHGOg2XKADNGuQSykb6aUc-_CC4cUaTJ9qVml0IZDPYcUF9H_iTB-vL67k5MpuM4mVpZWHYT9oJYuFKZoR5lPUmiHG3A8LWxZq4ALeTEqWzOdOn2hUsoPSVoaTG8nLqgOQFHAV8G66dD-0zy-8QheGwZznXZ2_lRvSIg-IYRj_vhv91AItNQQ2eXho7zAic_QiLQHo5vUIEOGcVQdRkiVXe-CZ9pe8lHw8tlKwLlHJj7ldv1YVi0m8f9Tztn2ylSoETwSXdmk09pLxzoFG1EP-EU5cDE5l_MDJIVdhGFJR8eLd8dyzFjThupSMwgWEr_iDmbZ4Q116sv8g4jw";
     private static final String REFRESH_TOKEN = "refreshToken";
     private static final String USERNAME = "test";

     @Mock
     private KeycloakService keycloakService;
     @Mock
     private SecurityDAO securityDAO;
     @Mock
     private AuditService auditService;

     @InjectMocks
     private SecurityServiceImpl securityService;

     @Test
     public void testGetUserInfo() {
         AccessTokenResponse tokenResponse = mock(AccessTokenResponse.class);
         when(tokenResponse.getToken()).thenReturn(TOKEN);
         when(tokenResponse.getRefreshToken()).thenReturn(REFRESH_TOKEN);
         when(keycloakService.getToken(anyString())).thenReturn(tokenResponse);

         UserInfo actualUserInfo = securityService.getUserInfo(CODE);

         assertEquals("UserInfo should be equal", getUserInfoWithRefreshToken(), actualUserInfo);
         verify(keycloakService).getToken(CODE);
         verify(securityDAO).saveUser(USERNAME, tokenResponse);
         verify(auditService).save(getAuditDTO());
         verifyNoMoreInteractions(keycloakService, securityDAO, auditService);
     }

     @Test
     public void getUserInfoOffline() {
         AccessTokenResponse tokenResponseFromDB = mock(AccessTokenResponse.class);
         when(tokenResponseFromDB.getRefreshToken()).thenReturn(REFRESH_TOKEN);
         when(securityDAO.getTokenResponse(anyString())).thenReturn(Optional.of(tokenResponseFromDB));
         AccessTokenResponse tokenResponse = mock(AccessTokenResponse.class);
         when(tokenResponse.getToken()).thenReturn(TOKEN);
         when(keycloakService.refreshToken(anyString())).thenReturn(tokenResponse);

         UserInfo actualUserInfoOffline = securityService.getUserInfoOffline(USERNAME);

         assertEquals("UserInfo should be equal", getUserInfo(), actualUserInfoOffline);
         verify(securityDAO).getTokenResponse(USERNAME);
         verify(keycloakService).refreshToken(REFRESH_TOKEN);
         verifyNoMoreInteractions(securityDAO, keycloakService);
     }

     @Test(expected = DatalabException.class)
     public void getUserInfoOfflineWithException() {
         when(securityDAO.getTokenResponse(anyString())).thenReturn(Optional.empty());

         securityService.getUserInfoOffline(USERNAME);

         verify(securityDAO).getTokenResponse(USERNAME);
         verifyNoMoreInteractions(securityDAO, keycloakService);
     }

     @Test
     public void getServiceAccountInfo() {
         AccessTokenResponse tokenResponse = mock(AccessTokenResponse.class);
         when(tokenResponse.getToken()).thenReturn(TOKEN);
         when(keycloakService.generateServiceAccountToken()).thenReturn(tokenResponse);

         UserInfo actualUserInfo = securityService.getServiceAccountInfo(USERNAME);

         assertEquals("UserInfo should be equal", getUserInfo(), actualUserInfo);
         verify(keycloakService).generateServiceAccountToken();
         verifyNoMoreInteractions(keycloakService);
     }


     private UserInfo getUserInfo() {
         return new UserInfo(USERNAME, TOKEN);
     }

     private UserInfo getUserInfoWithRefreshToken() {
         UserInfo userInfo = new UserInfo(USERNAME, TOKEN);
         userInfo.setRefreshToken(REFRESH_TOKEN);
         return userInfo;
     }

     private AuditDTO getAuditDTO() {
         return AuditDTO.builder()
                 .user(USERNAME)
                 .action(AuditActionEnum.LOG_IN)
                 .build();
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	package com.epam.datalab.backendapi.service;

	import com.epam.datalab.auth.UserInfo;
	import com.epam.datalab.backendapi.dao.SecurityDAO;
	import com.epam.datalab.backendapi.domain.AuditActionEnum;
	import com.epam.datalab.backendapi.domain.AuditDTO;
	import com.epam.datalab.exceptions.DatalabException;
	import org.junit.Test;
	import org.junit.runner.RunWith;
	import org.keycloak.representations.AccessTokenResponse;
	import org.mockito.InjectMocks;
	import org.mockito.Mock;
	import org.mockito.runners.MockitoJUnitRunner;

	import java.util.Optional;

	import static org.junit.Assert.assertEquals;
	import static org.mockito.Matchers.anyString;
	import static org.mockito.Mockito.mock;
	import static org.mockito.Mockito.verify;
	import static org.mockito.Mockito.verifyNoMoreInteractions;
	import static org.mockito.Mockito.when;

	@RunWith(MockitoJUnitRunner.class)
	public class SecurityServiceImplTest {

	private static final String CODE = "code";
	private static final String TOKEN = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJNUC15QVpENFdJRzloanp3R0RqQjdCeW9aNGpaV05QTjJ3X25uS1BkTnQ4In0.eyJqdGkiOiJkN2U0MDk3Yi1hNjdlLTQxYWUtYjBiNC05MzE1YWFmOGZkMDciLCJleHAiOjE1OTkwNDI1ODgsIm5iZiI6MCwiaWF0IjoxNTk5MDM4OTg4LCJpc3MiOiJodHRwOi8vNTIuMTEuNDUuMTE6ODA4MC9hdXRoL3JlYWxtcy9ETEFCX2JobGl2YSIsImF1ZCI6WyJwcm92aXNpb25pbmciLCJhY2NvdW50Il0sInN1YiI6ImRjNzczMThkLWYzN2UtNGNmOS1iMDgwLTU2ZTRjMWUwNDVhNSIsInR5cCI6IkJlYXJlciIsImF6cCI6InNzcyIsImF1dGhfdGltZSI6MTU5OTAzODk4Nywic2Vzc2lvbl9zdGF0ZSI6Ijg2Njg3NzQ3LTNlOGUtNDhhYy1iMTE1LWM4ZDRmNzQ5M2M1ZSIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7InNzcyI6eyJyb2xlcyI6WyJ0ZXN0Il19LCJwcm92aXNpb25pbmciOnsicm9sZXMiOlsidGVzdCJdfSwiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJvcGVuaWQgZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoidGVzdCIsImVtYWlsIjoidGVzdEBlcGFtLmNvbSJ9.cYXGXjHGOg2XKADNGuQSykb6aUc-_CC4cUaTJ9qVml0IZDPYcUF9H_iTB-vL67k5MpuM4mVpZWHYT9oJYuFKZoR5lPUmiHG3A8LWxZq4ALeTEqWzOdOn2hUsoPSVoaTG8nLqgOQFHAV8G66dD-0zy-8QheGwZznXZ2_lRvSIg-IYRj_vhv91AItNQQ2eXho7zAic_QiLQHo5vUIEOGcVQdRkiVXe-CZ9pe8lHw8tlKwLlHJj7ldv1YVi0m8f9Tztn2ylSoETwSXdmk09pLxzoFG1EP-EU5cDE5l_MDJIVdhGFJR8eLd8dyzFjThupSMwgWEr_iDmbZ4Q116sv8g4jw";
	private static final String REFRESH_TOKEN = "refreshToken";
	private static final String USERNAME = "test";

	@Mock
	private KeycloakService keycloakService;
	@Mock
	private SecurityDAO securityDAO;
	@Mock
	private AuditService auditService;

	@InjectMocks
	private SecurityServiceImpl securityService;

	@Test
	public void testGetUserInfo() {
	AccessTokenResponse tokenResponse = mock(AccessTokenResponse.class);
	when(tokenResponse.getToken()).thenReturn(TOKEN);
	when(tokenResponse.getRefreshToken()).thenReturn(REFRESH_TOKEN);
	when(keycloakService.getToken(anyString())).thenReturn(tokenResponse);

	UserInfo actualUserInfo = securityService.getUserInfo(CODE);

	assertEquals("UserInfo should be equal", getUserInfoWithRefreshToken(), actualUserInfo);
	verify(keycloakService).getToken(CODE);
	verify(securityDAO).saveUser(USERNAME, tokenResponse);
	verify(auditService).save(getAuditDTO());
	verifyNoMoreInteractions(keycloakService, securityDAO, auditService);
	}

	@Test
	public void getUserInfoOffline() {
	AccessTokenResponse tokenResponseFromDB = mock(AccessTokenResponse.class);
	when(tokenResponseFromDB.getRefreshToken()).thenReturn(REFRESH_TOKEN);
	when(securityDAO.getTokenResponse(anyString())).thenReturn(Optional.of(tokenResponseFromDB));
	AccessTokenResponse tokenResponse = mock(AccessTokenResponse.class);
	when(tokenResponse.getToken()).thenReturn(TOKEN);
	when(keycloakService.refreshToken(anyString())).thenReturn(tokenResponse);

	UserInfo actualUserInfoOffline = securityService.getUserInfoOffline(USERNAME);

	assertEquals("UserInfo should be equal", getUserInfo(), actualUserInfoOffline);
	verify(securityDAO).getTokenResponse(USERNAME);
	verify(keycloakService).refreshToken(REFRESH_TOKEN);
	verifyNoMoreInteractions(securityDAO, keycloakService);
	}

	@Test(expected = DatalabException.class)
	public void getUserInfoOfflineWithException() {
	when(securityDAO.getTokenResponse(anyString())).thenReturn(Optional.empty());

	securityService.getUserInfoOffline(USERNAME);

	verify(securityDAO).getTokenResponse(USERNAME);
	verifyNoMoreInteractions(securityDAO, keycloakService);
	}

	@Test
	public void getServiceAccountInfo() {
	AccessTokenResponse tokenResponse = mock(AccessTokenResponse.class);
	when(tokenResponse.getToken()).thenReturn(TOKEN);
	when(keycloakService.generateServiceAccountToken()).thenReturn(tokenResponse);

	UserInfo actualUserInfo = securityService.getServiceAccountInfo(USERNAME);

	assertEquals("UserInfo should be equal", getUserInfo(), actualUserInfo);
	verify(keycloakService).generateServiceAccountToken();
	verifyNoMoreInteractions(keycloakService);
	}


	private UserInfo getUserInfo() {
	return new UserInfo(USERNAME, TOKEN);
	}

	private UserInfo getUserInfoWithRefreshToken() {
	UserInfo userInfo = new UserInfo(USERNAME, TOKEN);
	userInfo.setRefreshToken(REFRESH_TOKEN);
	return userInfo;
	}

	private AuditDTO getAuditDTO() {
	return AuditDTO.builder()
	.user(USERNAME)
	.action(AuditActionEnum.LOG_IN)
	.build();
	}
	}