From c705cef1f988159a10b8c695ac43864568dd6b5e Mon Sep 17 00:00:00 2001 From: Simon Hirtreiter Date: Tue, 30 Jul 2024 10:31:06 +0200 Subject: [PATCH] :white_check_mark: gateway add SecurityConfiguration test --- .../SecurityConfigurationTest.java | 57 +++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 refarch-gateway/src/test/java/de.muenchen.oss.refarch.gateway/configuration/SecurityConfigurationTest.java diff --git a/refarch-gateway/src/test/java/de.muenchen.oss.refarch.gateway/configuration/SecurityConfigurationTest.java b/refarch-gateway/src/test/java/de.muenchen.oss.refarch.gateway/configuration/SecurityConfigurationTest.java new file mode 100644 index 00000000..983a11e9 --- /dev/null +++ b/refarch-gateway/src/test/java/de.muenchen.oss.refarch.gateway/configuration/SecurityConfigurationTest.java @@ -0,0 +1,57 @@ +package de.muenchen.oss.refarch.gateway.configuration; + +import static de.muenchen.oss.refarch.gateway.TestConstants.SPRING_TEST_PROFILE; + +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.autoconfigure.actuate.observability.AutoConfigureObservability; +import org.springframework.boot.test.autoconfigure.web.reactive.AutoConfigureWebTestClient; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.web.reactive.server.WebTestClient; + +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@AutoConfigureWebTestClient +@AutoConfigureObservability +@ActiveProfiles(profiles = { SPRING_TEST_PROFILE }) +public class SecurityConfigurationTest { + @Autowired + WebTestClient api; + + @Test + void accessSecuredResourceRootThenUnauthorized() { + // api.get().uri("/").exchange().expectStatus().isUnauthorized(); + // 302 is returned instead of 401 because auf cookie session + api.get().uri("/").exchange().expectStatus().isFound(); + } + + @Test + void accessSecuredResourceClientsThenUnauthorized() { + api.get().uri("/clients/test").exchange().expectStatus().isUnauthorized(); + } + + @Test + void accessUnsecuredResourceActuatorHealthThenOk() { + api.get().uri("/actuator/health").exchange().expectStatus().isOk(); + } + + @Test + void accessUnsecuredResourceActuatorHealthLivenessThenOk() { + api.get().uri("/actuator/health/liveness").exchange().expectStatus().isOk(); + } + + @Test + void accessUnsecuredResourceActuatorHealthReadinessThenOk() { + api.get().uri("/actuator/health/readiness").exchange().expectStatus().isOk(); + } + + @Test + void accessUnsecuredResourceActuatorInfoThenOk() { + api.get().uri("/actuator/info").exchange().expectStatus().isOk(); + } + + @Test + void accessUnsecuredResourceActuatorMetricsThenOk() { + api.get().uri("/actuator/metrics").exchange().expectStatus().isOk(); + } +}