Ejemplo n.º 1
0
  @Test
  public void shouldGoThrough() {
    UserRegData anotherUserData = RandomUtils.randomUser();
    UserDTO anotherUser = AuthEndPointsHandler.registerNewUser(anotherUserData);

    UserRegData userData = RandomUtils.randomUser();

    // register new user
    UserDTO registeredUser = AuthEndPointsHandler.registerNewUser(userData);

    // registration of new user is not a authentication - non public resources are not available
    Response userDataResponse2 =
        RequestHelper.doGet(
            UserRoutes.USER_GET,
            Collections.singletonMap(RestTestConstants.USER_ID, registeredUser.getUserId()),
            HttpStatus.SC_UNAUTHORIZED);
    AuthResponse userDataResponse2AuthResponse = userDataResponse2.as(AuthResponse.class);
    assertThat(
        userDataResponse2AuthResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED));

    // login as earlie registered user
    AuthResponse authResponse2 =
        AuthEndPointsHandler.login(userData.getLogin(), userData.getPassword());

    // non public resources should be available now
    UserEditDTO ownData = UserEndPointsHandler.getUserEditData(registeredUser.getUserId());
    Response anotherUserDataResponse =
        RequestHelper.doGet(
            UserRoutes.USER_GET,
            Collections.singletonMap(RestTestConstants.USER_ID, anotherUser.getUserId()),
            HttpStatus.SC_UNPROCESSABLE_ENTITY);
    Response nonExistingUserDataResponse =
        RequestHelper.doGet(
            UserRoutes.USER_GET,
            Collections.singletonMap(RestTestConstants.USER_ID, 1024),
            HttpStatus.SC_UNPROCESSABLE_ENTITY);

    // log out
    AuthResponse logoutAuthResponse = AuthEndPointsHandler.logout();
    assertThat(logoutAuthResponse.getResponseCode(), is(HttpStatus.SC_OK));

    // non public resources are not available again
    Response userDataResponse4 =
        RequestHelper.doGet(
            UserRoutes.USER_GET,
            Collections.singletonMap(RestTestConstants.USER_ID, registeredUser.getUserId()),
            HttpStatus.SC_UNAUTHORIZED);
    AuthResponse taskList4AuthResponse = userDataResponse4.as(AuthResponse.class);
    assertThat(taskList4AuthResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED));
  }
Ejemplo n.º 2
0
  @Test
  public void shouldFailNonPublicResourcesGettingIfUnauthorized() {
    Response response =
        RequestHelper.doGet(
            UserRoutes.USER_GET, UserEndPointsHandler.getParams(123), HttpStatus.SC_UNAUTHORIZED);
    AuthResponse authResponse = response.as(AuthResponse.class);

    assertThat(authResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED));
    assertThat(
        authResponse.getDetails().get(AuthResponse.ERROR),
        is(FULL_AUTHENTICATION_IS_REQUIRED_TO_ACCESS_THIS_RESOURCE));
  }