This repository has been archived by the owner on May 16, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 55
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
create VerificationPortalErrorControllerTest (#102)
Co-authored-by: Michael Schulte <65006436+mschulte-tsi@users.noreply.github.com>
- Loading branch information
1 parent
7be97f1
commit 641ce49
Showing
1 changed file
with
121 additions
and
0 deletions.
There are no files selected for viewing
121 changes: 121 additions & 0 deletions
121
.../app/coronawarn/verification/portal/controller/VerificationPortalErrorControllerTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,121 @@ | ||
| package app.coronawarn.verification.portal.controller; | ||
|
|
||
| import com.c4_soft.springaddons.security.oauth2.test.annotations.keycloak.WithMockKeycloakAuth; | ||
| import com.c4_soft.springaddons.security.oauth2.test.mockmvc.ServletUnitTestingSupport; | ||
| import lombok.extern.slf4j.Slf4j; | ||
| import static org.hamcrest.Matchers.equalTo; | ||
| import org.junit.Before; | ||
| import org.junit.Test; | ||
| import org.junit.runner.RunWith; | ||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.beans.factory.annotation.Value; | ||
| import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; | ||
| import org.springframework.mock.web.MockHttpServletRequest; | ||
| import org.springframework.security.web.csrf.CsrfToken; | ||
| import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository; | ||
| import org.springframework.test.context.ContextConfiguration; | ||
| import org.springframework.test.context.TestPropertySource; | ||
| import org.springframework.test.context.junit4.SpringRunner; | ||
| import org.springframework.test.web.servlet.MockMvc; | ||
| import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; | ||
| import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; | ||
|
|
||
| import org.springframework.http.HttpStatus; | ||
| import javax.servlet.RequestDispatcher; | ||
|
|
||
| @Slf4j | ||
| @RunWith(SpringRunner.class) | ||
| @WebMvcTest(VerificationPortalController.class) | ||
| @TestPropertySource(properties = {"rateLimiting.enabled=true", "rateLimiting.seconds=30"}) | ||
| @ContextConfiguration(classes = VerificationPortalErrorController.class) | ||
| public class VerificationPortalErrorControllerTest extends ServletUnitTestingSupport { | ||
|
|
||
| private static final String TOKEN_ATTR_NAME = "org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository.CSRF_TOKEN"; | ||
| private static final String ATTR_ERROR_MSG = "message"; | ||
| private static final String SERVER_RATE_LIMIT_ERROR_REASON = "ServerRateLimit"; | ||
|
|
||
| private static final String EXPECTED_ERROR_404_MESSAGE = "Die aufgerufene Seite konnte nicht gefunden werden."; | ||
| private static final String EXPECTED_ERROR_403_MESSAGE = "Der Benutzer kann nicht authentifiziert werden."; | ||
| private static final String EXPECTED_ERROR_429_MESSAGE = "Die Zeitlimitierung für TeleTAN Anfragen ist aktiv, bitte warten Sie "; | ||
| private static final String EXPECTED_SECONDS_MESSAGE = " Sekunden."; | ||
| private static final String EXPECTED_RATE_LIMIT_SERVER_TEXT_MESSAGE = "einen Moment."; | ||
| private static final String EXPECTED_ERROR_MESSAGE = "Es kann keine TeleTAN aufgrund eines internen Fehlers generiert werden."; | ||
|
|
||
| @Value("${rateLimiting.seconds}") | ||
| private long rateLimitingSeconds; | ||
|
|
||
| private HttpSessionCsrfTokenRepository httpSessionCsrfTokenRepository; | ||
| private CsrfToken csrfToken; | ||
|
|
||
| @Autowired | ||
| private MockMvc mockMvc; | ||
|
|
||
| @Before | ||
| public void setup() { | ||
| httpSessionCsrfTokenRepository = new HttpSessionCsrfTokenRepository(); | ||
| csrfToken = httpSessionCsrfTokenRepository.generateToken(new MockHttpServletRequest()); | ||
| } | ||
|
|
||
| @Test | ||
| @WithMockKeycloakAuth(name = "tester", value = "Role_Test") | ||
| public void handleErrorHandlesNotFoundCorrectly() throws Exception { | ||
| log.info("process handleErrorHandlesNotFoundCorrectly() RequestMethod.POST"); | ||
| mockMvc.perform(post("/error") | ||
| .sessionAttr(TOKEN_ATTR_NAME, csrfToken).param(csrfToken.getParameterName(), csrfToken.getToken()) | ||
| .requestAttr(RequestDispatcher.ERROR_STATUS_CODE, HttpStatus.NOT_FOUND.value())) | ||
| .andExpect(status().isOk()) | ||
| .andExpect(view().name("error")) | ||
| .andExpect(model().attribute(ATTR_ERROR_MSG, equalTo(EXPECTED_ERROR_404_MESSAGE))); | ||
| } | ||
|
|
||
| @Test | ||
| @WithMockKeycloakAuth(name = "tester", value = "Role_Test") | ||
| public void handleErrorHandlesForbiddenCorrectly() throws Exception { | ||
| log.info("process handleErrorHandlesForbiddenCorrectly() RequestMethod.POST"); | ||
| mockMvc.perform(post("/error") | ||
| .sessionAttr(TOKEN_ATTR_NAME, csrfToken).param(csrfToken.getParameterName(), csrfToken.getToken()) | ||
| .requestAttr(RequestDispatcher.ERROR_STATUS_CODE, HttpStatus.FORBIDDEN.value())) | ||
| .andExpect(status().isOk()) | ||
| .andExpect(view().name("error")) | ||
| .andExpect(model().attribute(ATTR_ERROR_MSG, equalTo(EXPECTED_ERROR_403_MESSAGE))); | ||
| } | ||
|
|
||
| @Test | ||
| @WithMockKeycloakAuth(name = "tester", value = "Role_Test") | ||
| public void handleErrorHandlesTooManyRequestsWithRateLimitCorrectly() throws Exception { | ||
| log.info("process handleErrorHandlesTooManyRequestsWithRateLimitCorrectly() RequestMethod.POST"); | ||
| mockMvc.perform(post("/error") | ||
| .sessionAttr(TOKEN_ATTR_NAME, csrfToken).param(csrfToken.getParameterName(), csrfToken.getToken()) | ||
| .requestAttr(RequestDispatcher.ERROR_STATUS_CODE, HttpStatus.TOO_MANY_REQUESTS.value()) | ||
| .requestAttr(RequestDispatcher.ERROR_MESSAGE, SERVER_RATE_LIMIT_ERROR_REASON)) | ||
| .andExpect(status().isOk()) | ||
| .andExpect(view().name("error")) | ||
| .andExpect(model().attribute(ATTR_ERROR_MSG, equalTo(EXPECTED_ERROR_429_MESSAGE + EXPECTED_RATE_LIMIT_SERVER_TEXT_MESSAGE))); | ||
| } | ||
|
|
||
| @Test | ||
| @WithMockKeycloakAuth(name = "tester", value = "Role_Test") | ||
| public void handleErrorHandlesTooManyRequestsCorrectly() throws Exception { | ||
| log.info("process handleErrorHandlesTooManyRequestsCorrectly() RequestMethod.POST"); | ||
| mockMvc.perform(post("/error") | ||
| .sessionAttr(TOKEN_ATTR_NAME, csrfToken).param(csrfToken.getParameterName(), csrfToken.getToken()) | ||
| .requestAttr(RequestDispatcher.ERROR_STATUS_CODE, HttpStatus.TOO_MANY_REQUESTS.value()) | ||
| .requestAttr(RequestDispatcher.ERROR_MESSAGE, "")) | ||
| .andExpect(status().isOk()) | ||
| .andExpect(view().name("error")) | ||
| .andExpect(model().attribute(ATTR_ERROR_MSG, equalTo(EXPECTED_ERROR_429_MESSAGE + rateLimitingSeconds + EXPECTED_SECONDS_MESSAGE))); | ||
| } | ||
|
|
||
| @Test | ||
| @WithMockKeycloakAuth(name = "tester", value = "Role_Test") | ||
| public void handleErrorHandlesDefaultCorrectly() throws Exception { | ||
| log.info("process handleErrorHandlesDefaultCorrectly() RequestMethod.POST"); | ||
| mockMvc.perform(post("/error") | ||
| .sessionAttr(TOKEN_ATTR_NAME, csrfToken).param(csrfToken.getParameterName(), csrfToken.getToken()) | ||
| .requestAttr(RequestDispatcher.ERROR_STATUS_CODE, HttpStatus.I_AM_A_TEAPOT.value())) | ||
| .andExpect(status().isOk()) | ||
| .andExpect(view().name("error")) | ||
| .andExpect(model().attribute(ATTR_ERROR_MSG, equalTo(EXPECTED_ERROR_MESSAGE))); | ||
| } | ||
|
|
||
| } |