diff --git a/util/src/test/java/care/smith/fts/util/auth/HttpClientAuthTest.java b/util/src/test/java/care/smith/fts/util/auth/HttpClientAuthTest.java
new file mode 100644
index 00000000..4dd903c8
--- /dev/null
+++ b/util/src/test/java/care/smith/fts/util/auth/HttpClientAuthTest.java
@@ -0,0 +1,69 @@
+package care.smith.fts.util.auth;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import care.smith.fts.util.auth.HttpClientAuth.Config;
+import org.junit.jupiter.api.Test;
+
+class HttpClientAuthTest {
+
+  HttpClientBasicAuth.Config basic = new HttpClientBasicAuth.Config("username", "password");
+  HttpClientOAuth2Auth.Config oauth2 = new HttpClientOAuth2Auth.Config("registration");
+  HttpClientCookieTokenAuth.Config cookieToken = new HttpClientCookieTokenAuth.Config("cookie");
+
+  @Test
+  void full_constructor() {
+    var config = new Config(basic, oauth2, cookieToken);
+    assertThat(config.basic()).isNotNull();
+    assertThat(config.oauth2()).isNotNull();
+    assertThat(config.cookieToken()).isNotNull();
+  }
+
+  @Test
+  void basic_constructor() {
+    var config = new Config(basic);
+    assertThat(config.basic()).isNotNull();
+    assertThat(config.oauth2()).isNull();
+    assertThat(config.cookieToken()).isNull();
+  }
+
+  @Test
+  void oauth2_constructor() {
+    var config = new Config(oauth2);
+    assertThat(config.basic()).isNull();
+    assertThat(config.oauth2()).isNotNull();
+    assertThat(config.cookieToken()).isNull();
+  }
+
+  @Test
+  void cookie_constructor() {
+    var config = new Config(cookieToken);
+    assertThat(config.basic()).isNull();
+    assertThat(config.oauth2()).isNull();
+    assertThat(config.cookieToken()).isNotNull();
+  }
+
+  @Test
+  void basic_oauth2_constructor() {
+    var config = new Config(basic, oauth2);
+    assertThat(config.basic()).isNotNull();
+    assertThat(config.oauth2()).isNotNull();
+    assertThat(config.cookieToken()).isNull();
+  }
+
+  @Test
+  void basic_cookie_constructor() {
+    var config = new Config(basic, cookieToken);
+    assertThat(config.basic()).isNotNull();
+    assertThat(config.oauth2()).isNull();
+    assertThat(config.cookieToken()).isNotNull();
+  }
+
+  @Test
+  void oauth2_cookie_constructor() {
+    var config = new Config(oauth2, cookieToken);
+    assertThat(config.basic()).isNull();
+    assertThat(config.oauth2()).isNotNull();
+    assertThat(config.cookieToken()).isNotNull();
+  }
+}
diff --git a/util/src/test/java/care/smith/fts/util/auth/HttpServerOAuth2AuthTest.java b/util/src/test/java/care/smith/fts/util/auth/HttpServerOAuth2AuthTest.java
new file mode 100644
index 00000000..aa00ba7e
--- /dev/null
+++ b/util/src/test/java/care/smith/fts/util/auth/HttpServerOAuth2AuthTest.java
@@ -0,0 +1,35 @@
+package care.smith.fts.util.auth;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.*;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.security.access.SecurityConfig;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.web.server.SecurityWebFilterChain;
+import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
+import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
+
+class HttpServerOAuth2AuthTest {
+  HttpServerOAuth2Auth auth = new HttpServerOAuth2Auth("issuer", "clientId");
+
+  @Test
+  void configure() {
+    var security = ServerHttpSecurity.http();
+    var result = auth.configure(security).build();
+
+    assertThat(result.getWebFilters().collectList().block())
+        .filteredOn(filter -> filter instanceof AuthenticationWebFilter)
+        .hasSize(1);
+  }
+
+  @Test
+  void configureUsers() {
+    assertThat(auth.configureUsers()).isNull();
+  }
+
+  @Test
+  void testToString() {
+    assertThat(auth.toString()).isEqualTo("OAuth2");
+  }
+}