diff --git a/src/test/java/org/dhatim/dropwizard/jwt/cookie/authentication/JwtCookieAuthenticationTest.java b/src/test/java/org/dhatim/dropwizard/jwt/cookie/authentication/JwtCookieAuthenticationTest.java index d1eb784..138c910 100644 --- a/src/test/java/org/dhatim/dropwizard/jwt/cookie/authentication/JwtCookieAuthenticationTest.java +++ b/src/test/java/org/dhatim/dropwizard/jwt/cookie/authentication/JwtCookieAuthenticationTest.java @@ -1,5 +1,5 @@ /** - * Copyright 2020 Dhatim + * Copyright 2023 Dhatim *

* Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy of @@ -19,11 +19,10 @@ import io.dropwizard.testing.junit5.DropwizardAppExtension; import io.dropwizard.testing.junit5.DropwizardExtensionsSupport; import io.jsonwebtoken.lang.Strings; -import org.junit.Assert; +import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import javax.ws.rs.client.Client; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.MediaType; @@ -47,11 +46,12 @@ public class JwtCookieAuthenticationTest { private WebTarget getTarget() { return EXT.client().target("http://localhost:" + EXT.getLocalPort() + "/application").path("principal"); } + @Test public void testUnauthorized() { //calls to APIs with the @Auth annotation without prior authentication should result in HTTP 401 Response response = getTarget().request(MediaType.APPLICATION_JSON).get(); - Assert.assertEquals(401, response.getStatus()); + Assertions.assertEquals(401, response.getStatus()); } @Test @@ -59,25 +59,25 @@ public void testCookieSetting() throws IOException { String principalName = UUID.randomUUID().toString(); //a POST will set the principal Response response = getTarget().request(MediaType.APPLICATION_JSON).post(Entity.json(new DefaultJwtCookiePrincipal(principalName))); - Assert.assertEquals(200, response.getStatus()); + Assertions.assertEquals(200, response.getStatus()); DefaultJwtCookiePrincipal principal = getPrincipal(response); - Assert.assertEquals(principalName, principal.getName()); + Assertions.assertEquals(principalName, principal.getName()); //check that a session cookie has been set NewCookie cookie1 = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie1); - Assert.assertTrue(Strings.hasText(cookie1.getValue())); - Assert.assertTrue(cookie1.isHttpOnly()); + Assertions.assertNotNull(cookie1); + Assertions.assertTrue(Strings.hasText(cookie1.getValue())); + Assertions.assertTrue(cookie1.isHttpOnly()); //a GET with this cookie should return the Principal and refresh the cookie response = getTarget().request(MediaType.APPLICATION_JSON).cookie(cookie1).get(); - Assert.assertEquals(200, response.getStatus()); + Assertions.assertEquals(200, response.getStatus()); principal = getPrincipal(response); - Assert.assertEquals(principalName, principal.getName()); + Assertions.assertEquals(principalName, principal.getName()); NewCookie cookie2 = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie2); - Assert.assertTrue(Strings.hasText(cookie1.getValue())); - Assert.assertNotSame(cookie1.getValue(), cookie2.getValue()); + Assertions.assertNotNull(cookie2); + Assertions.assertTrue(Strings.hasText(cookie1.getValue())); + Assertions.assertNotSame(cookie1.getValue(), cookie2.getValue()); } @Test @@ -88,9 +88,9 @@ public void testDontRefreshSession() throws IOException { NewCookie cookie = response.getCookies().get(COOKIE_NAME); response = getTarget().path("idempotent").request(MediaType.APPLICATION_JSON).cookie(cookie).get(); - Assert.assertEquals(200, response.getStatus()); - Assert.assertEquals(principalName, getPrincipal(response).getName()); - Assert.assertNull(response.getCookies().get(COOKIE_NAME)); + Assertions.assertEquals(200, response.getStatus()); + Assertions.assertEquals(principalName, getPrincipal(response).getName()); + Assertions.assertNull(response.getCookies().get(COOKIE_NAME)); } @Test @@ -101,8 +101,8 @@ public void testPublicEndpoint() { //request made to public methods should not refresh the cookie response = getTarget().path("public").request(MediaType.APPLICATION_JSON).cookie(cookie).get(); - Assert.assertEquals(200, response.getStatus()); - Assert.assertNull(response.getCookies().get(COOKIE_NAME)); + Assertions.assertEquals(200, response.getStatus()); + Assertions.assertNull(response.getCookies().get(COOKIE_NAME)); } @Test @@ -111,16 +111,16 @@ public void testRememberMe() { DefaultJwtCookiePrincipal principal = new DefaultJwtCookiePrincipal(UUID.randomUUID().toString()); Response response = getTarget().request(MediaType.APPLICATION_JSON).post(Entity.json(principal)); NewCookie cookie = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie); - Assert.assertEquals(-1, cookie.getMaxAge()); + Assertions.assertNotNull(cookie); + Assertions.assertEquals(-1, cookie.getMaxAge()); //a long term principal should set a persistent cookie principal.setPersistent(true); response = getTarget().request(MediaType.APPLICATION_JSON).post(Entity.json(principal)); cookie = response.getCookies().get(COOKIE_NAME); //default maxAge is 604800s (7 days) - Assert.assertNotNull(cookie); - Assert.assertEquals(604800, cookie.getMaxAge()); + Assertions.assertNotNull(cookie); + Assertions.assertEquals(604800, cookie.getMaxAge()); } @Test @@ -128,38 +128,38 @@ public void testRoles() { WebTarget restrictedTarget = getTarget().path("restricted"); //try to access the resource without cookie (-> 401 UNAUTHORIZED) Response response = restrictedTarget.request().get(); - Assert.assertEquals(401, response.getStatus()); + Assertions.assertEquals(401, response.getStatus()); //set a principal without the admin role (-> 403 FORBIDDEN) DefaultJwtCookiePrincipal principal = new DefaultJwtCookiePrincipal(UUID.randomUUID().toString()); response = getTarget().request(MediaType.APPLICATION_JSON).post(Entity.json(principal)); NewCookie cookie = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie); + Assertions.assertNotNull(cookie); response = restrictedTarget.request().cookie(cookie).get(); - Assert.assertEquals(403, response.getStatus()); + Assertions.assertEquals(403, response.getStatus()); //set a principal with the admin role (-> 200 OK) principal.setRoles(Collections.singleton("admin")); response = getTarget().request(MediaType.APPLICATION_JSON).post(Entity.json(principal)); cookie = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie); + Assertions.assertNotNull(cookie); response = restrictedTarget.request().cookie(cookie).get(); - Assert.assertEquals(200, response.getStatus()); + Assertions.assertEquals(200, response.getStatus()); } @Test public void testDeleteCookie() { Response response = getTarget().request(MediaType.APPLICATION_JSON).post(Entity.json(new DefaultJwtCookiePrincipal(UUID.randomUUID().toString()))); NewCookie cookie = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie); + Assertions.assertNotNull(cookie); //removing the principal should produce a cookie with empty contenant and a past expiration date response = getTarget().path("unset").request().cookie(cookie).get(); - Assert.assertEquals(204, response.getStatus()); + Assertions.assertEquals(204, response.getStatus()); cookie = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie); - Assert.assertEquals("", cookie.getValue()); - Assert.assertEquals(Date.from(Instant.EPOCH), cookie.getExpiry()); + Assertions.assertNotNull(cookie); + Assertions.assertEquals("", cookie.getValue()); + Assertions.assertEquals(Date.from(Instant.EPOCH), cookie.getExpiry()); } @Test @@ -168,11 +168,11 @@ public void testGetCurrentPrincipal() throws IOException { String principalName = UUID.randomUUID().toString(); Response response = getTarget().request(MediaType.APPLICATION_JSON).post(Entity.json(new DefaultJwtCookiePrincipal(principalName))); NewCookie cookie = response.getCookies().get(COOKIE_NAME); - Assert.assertNotNull(cookie); + Assertions.assertNotNull(cookie); response = getTarget().path("current").request(MediaType.APPLICATION_JSON).cookie(cookie).get(); - Assert.assertEquals(200, response.getStatus()); - Assert.assertEquals(principalName, getPrincipal(response).getName()); + Assertions.assertEquals(200, response.getStatus()); + Assertions.assertEquals(principalName, getPrincipal(response).getName()); } private DefaultJwtCookiePrincipal getPrincipal(Response response) throws IOException {