This is an automated email from the ASF dual-hosted git repository. btellier pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 2ab513b7f4a8d3dcbb2ef0fc05506d5e1eedc6b9 Author: LanKhuat <[email protected]> AuthorDate: Tue Jul 28 14:24:37 2020 +0700 JAMES-3351 Adapt integration tests --- .../apache/james/jmap/JMAPAuthenticationTest.java | 54 +++++++++++++++------- .../rfc8621/contract/AuthenticationContract.scala | 45 ++---------------- 2 files changed, 40 insertions(+), 59 deletions(-) diff --git a/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/JMAPAuthenticationTest.java b/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/JMAPAuthenticationTest.java index 280d1b6..06e8b4d 100644 --- a/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/JMAPAuthenticationTest.java +++ b/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/JMAPAuthenticationTest.java @@ -165,7 +165,7 @@ public abstract class JMAPAuthenticationTest { } @Test - public void mustPositionCorsHeaders() throws Exception { + public void mustPositionCorsHeaders() { given() .contentType(ContentType.JSON) .accept(ContentType.JSON) @@ -179,7 +179,7 @@ public abstract class JMAPAuthenticationTest { } @Test - public void mustReturnJsonResponse() throws Exception { + public void mustReturnJsonResponse() { given() .contentType(ContentType.JSON) .accept(ContentType.JSON) @@ -357,11 +357,11 @@ public abstract class JMAPAuthenticationTest { "6vRqdEqx_F9OF3eWTe1giMp_JhQ7_l1OXXtbd4TndVvTeuVy4irPbsRc-M8x_-qTDpFp6saRRsyOcFspxPp5n3yIhEK7B3UZiseXw"; given() - .header("Authorization", "Bearer " + token) - .when() - .get("/authentication") - .then() - .statusCode(200); + .header("Authorization", "Bearer " + token) + .when() + .get("/authentication") + .then() + .statusCode(200); } @Test @@ -388,20 +388,20 @@ public abstract class JMAPAuthenticationTest { "qNOR8Q31ydinyqzXvCSzVJOf6T60-w"; given() - .header("Authorization", "Bearer " + token) - .when() - .get("/authentication") - .then() - .statusCode(401); + .header("Authorization", "Bearer " + token) + .when() + .get("/authentication") + .then() + .statusCode(401); } @Test public void optionsRequestsShouldNeverRequireAuthentication() { given() - .when() - .options("/authentication") - .then() - .statusCode(200); + .when() + .options("/authentication") + .then() + .statusCode(200); } @Test @@ -419,7 +419,27 @@ public abstract class JMAPAuthenticationTest { .statusCode(200) .body("api", isA(String.class)); } - + + @Category(BasicFeature.class) + @Test + public void getShouldReturn400WhenMultipleCredentials() { + String jwtToken = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyQGRvbWFpbi50bGQifQ.U-dUPv6OU6KO5N7CooHUfMkCd" + + "FJHx2F3H4fm7Q79g1BPfBSkifPj5xyVlZ0JwEGXypC4zBw9ay3l4DxzX7D_6p1Hx_ihXsoLx1Ca-WUo44x-XRSpPfgxiZjHCJkGBLMV3RZlA" + + "jip-d18mxkcX3JGplX_sCQkFisduAOAHuKSUg9wI6VBgUQi_0B35FYv6tP_bD6eFtvaAUN9QyXXh8UQjEp8CO12lRz6enfLx_V6BG_fEMkee" + + "6vRqdEqx_F9OF3eWTe1giMp_JhQ7_l1OXXtbd4TndVvTeuVy4irPbsRc-M8x_-qTDpFp6saRRsyOcFspxPp5n3yIhEK7B3UZiseXw"; + + String continuationToken = fromGoodContinuationTokenRequest(); + String accessToken = fromGoodAccessTokenRequest(continuationToken); + + given() + .header("Authorization", "Bearer " + jwtToken) + .header("Authorization", accessToken) + .when() + .get("/authentication") + .then() + .statusCode(400); + } + @Test public void deleteMustReturnUnauthenticatedWithoutAuthorizationHeader() { given() diff --git a/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/AuthenticationContract.scala b/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/AuthenticationContract.scala index c411c81..247ad48 100644 --- a/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/AuthenticationContract.scala +++ b/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/AuthenticationContract.scala @@ -23,7 +23,7 @@ import io.netty.handler.codec.http.HttpHeaderNames.ACCEPT import io.restassured.RestAssured.{`given`, requestSpecification} import io.restassured.authentication.NoAuthScheme import io.restassured.http.Header -import org.apache.http.HttpStatus.{SC_OK, SC_UNAUTHORIZED} +import org.apache.http.HttpStatus.{SC_BAD_REQUEST, SC_OK, SC_UNAUTHORIZED} import org.apache.james.GuiceJamesServer import org.apache.james.jmap.rfc8621.contract.Fixture.{ACCEPT_RFC8621_VERSION_HEADER, ALICE, ALICE_PASSWORD, AUTHORIZATION_HEADER, BOB, BOB_BASIC_AUTH_HEADER, BOB_PASSWORD, DOMAIN, DOMAIN_WITH_SPACE, ECHO_REQUEST_OBJECT, INVALID_JWT_TOKEN, UNKNOWN_USER_TOKEN, USER_TOKEN, getHeadersWith, toBase64, _} import org.apache.james.jmap.rfc8621.contract.tags.CategoryTags @@ -52,54 +52,15 @@ trait AuthenticationContract { class BothAuthenticationMechanisms { @Tag(CategoryTags.BASIC_FEATURE) @Test - def shouldRespond200WhenBasicAuthValidAndJWTInvalid(): Unit = { + def shouldRespond400WhenBothAuthentication(): Unit = { `given` .headers(getHeadersWith(BOB_BASIC_AUTH_HEADER)) - .header(new Header(AUTHORIZATION_HEADER, s"Bearer $UNKNOWN_USER_TOKEN")) - .body(ECHO_REQUEST_OBJECT) - .when - .post - .`then` - .statusCode(SC_OK) - } - - @Tag(CategoryTags.BASIC_FEATURE) - @Test - def shouldRespond200WhenJWTAuthValidAndBasicAuthInvalid(): Unit = { - `given` - .headers(getHeadersWith(new Header(AUTHORIZATION_HEADER, s"Basic ${toBase64(s"this-thing-wrong")}"))) .header(new Header(AUTHORIZATION_HEADER, s"Bearer $USER_TOKEN")) .body(ECHO_REQUEST_OBJECT) .when .post .`then` - .statusCode(SC_OK) - } - - @Tag(CategoryTags.BASIC_FEATURE) - @Test - def shouldRespond200WhenBothAuthenticationValid(): Unit = { - `given` - .headers(getHeadersWith(BOB_BASIC_AUTH_HEADER)) - .header(new Header(AUTHORIZATION_HEADER, s"Bearer $USER_TOKEN")) - .body(ECHO_REQUEST_OBJECT) - .when - .post - .`then` - .statusCode(SC_OK) - } - - @Tag(CategoryTags.BASIC_FEATURE) - @Test - def shouldRespond401WhenNoneAuthenticationValid(): Unit = { - `given` - .headers(getHeadersWith(new Header(AUTHORIZATION_HEADER, s"Basic ${toBase64(s"this-one-wrong")}"))) - .header(new Header(AUTHORIZATION_HEADER, s"Bearer $UNKNOWN_USER_TOKEN")) - .body(ECHO_REQUEST_OBJECT) - .when - .post - .`then` - .statusCode(SC_UNAUTHORIZED) + .statusCode(SC_BAD_REQUEST) } } --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
