Merge pull request #378 from overture-stack/develop

New stable
overture-stack · Aug 7, 2019 · ec6a7a0 · ec6a7a0
2 parents 2bde14e + d842b4e
commit ec6a7a0
Show file tree

Hide file tree

Showing 8 changed files with 123 additions and 116 deletions.
diff --git a/src/main/java/bio/overture/ego/service/ApplicationService.java b/src/main/java/bio/overture/ego/service/ApplicationService.java
@@ -231,13 +231,8 @@ public Application getByClientId(@NonNull String clientId) {
   }
 
   public Application findByBasicToken(@NonNull String token) {
-    log.info(format("Looking for token '%s'", token));
     val base64encoding = removeAppTokenPrefix(token);
-    log.info(format("Decoding '%s'", base64encoding));
-
     val contents = new String(Base64.getDecoder().decode(base64encoding));
-    log.info(format("Decoded to '%s'", contents));
-
     val parts = COLON_SPLITTER.splitToList(contents);
     val clientId = parts.get(0);
     log.info(format("Extracted client id '%s'", clientId));

diff --git a/src/test/java/bio/overture/ego/controller/TokenControllerTest.java b/src/test/java/bio/overture/ego/controller/TokenControllerTest.java
@@ -6,7 +6,7 @@
 import static java.util.Arrays.asList;
 import static net.javacrumbs.jsonunit.core.Option.IGNORING_ARRAY_ORDER;
 import static net.javacrumbs.jsonunit.fluent.JsonFluentAssert.assertThatJson;
-import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.Assert.*;
 
 import bio.overture.ego.AuthorizationServiceMain;
 import bio.overture.ego.model.dto.PermissionRequest;
@@ -98,9 +98,9 @@ public void issueTokenShouldRevokeRedundantTokens() {
             "",
             entityGenerator.getScopes("collab.READ"));
 
-    assertThat(tokenService.getById(tokenRevoke.getId()).isRevoked()).isFalse();
-    assertThat(tokenService.getById(otherToken.getId()).isRevoked()).isFalse();
-    assertThat(tokenService.getById(otherToken2.getId()).isRevoked()).isFalse();
+    assertFalse(tokenService.getById(tokenRevoke.getId()).isRevoked());
+    assertFalse(tokenService.getById(otherToken.getId()).isRevoked());
+    assertFalse(tokenService.getById(otherToken2.getId()).isRevoked());
 
     val scopes = "collab.READ,aws.READ";
     val params = new LinkedMultiValueMap<String, Object>();
@@ -112,10 +112,10 @@ public void issueTokenShouldRevokeRedundantTokens() {
     val response = initStringRequest().endpoint("o/token").body(params).post();
     val responseStatus = response.getStatusCode();
 
-    assertThat(responseStatus).isEqualTo(HttpStatus.OK);
-    assertThat(tokenService.getById(tokenRevoke.getId()).isRevoked()).isTrue();
-    assertThat(tokenService.getById(otherToken.getId()).isRevoked()).isFalse();
-    assertThat(tokenService.getById(otherToken2.getId()).isRevoked()).isFalse();
+    assertEquals(responseStatus, HttpStatus.OK);
+    assertTrue(tokenService.getById(tokenRevoke.getId()).isRevoked());
+    assertFalse(tokenService.getById(otherToken.getId()).isRevoked());
+    assertFalse(tokenService.getById(otherToken2.getId()).isRevoked());
   }
 
   @SneakyThrows
@@ -151,7 +151,7 @@ public void issueTokenExactScope() {
     val response = initStringRequest().endpoint("o/token").body(params).post();
     val statusCode = response.getStatusCode();
 
-    assertThat(statusCode).isEqualTo(HttpStatus.OK);
+    assertEquals(statusCode, HttpStatus.OK);
     assertThatJson(response.getBody())
         .when(IGNORING_ARRAY_ORDER)
         .node("scope")
@@ -187,11 +187,11 @@ public void issueTokenWithExcessiveScope() {
 
     val response = initStringRequest().endpoint("o/token").body(params).post();
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR);
+    assertEquals(statusCode, HttpStatus.INTERNAL_SERVER_ERROR);
 
     val jsonResponse = MAPPER.readTree(response.getBody());
-    assertThat(jsonResponse.get("error").asText())
-        .isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
+    assertEquals(
+        jsonResponse.get("error").asText(), HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
   }
 
   @SneakyThrows
@@ -230,7 +230,7 @@ public void issueTokenForLimitedScopes() {
     val response = initStringRequest().endpoint("o/token").body(params).post();
     val statusCode = response.getStatusCode();
 
-    assertThat(statusCode).isEqualTo(HttpStatus.OK);
+    assertEquals(statusCode, HttpStatus.OK);
     assertThatJson(response.getBody())
         .when(IGNORING_ARRAY_ORDER)
         .node("scope")
@@ -275,10 +275,9 @@ public void issueTokenForInvalidScope() {
     val response = initStringRequest().endpoint("o/token").body(params).post();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.NOT_FOUND);
+    assertEquals(statusCode, HttpStatus.NOT_FOUND);
     val jsonResponse = MAPPER.readTree(response.getBody());
-    assertThat(jsonResponse.get("error").asText())
-        .isEqualTo(HttpStatus.NOT_FOUND.getReasonPhrase());
+    assertEquals(jsonResponse.get("error").asText(), HttpStatus.NOT_FOUND.getReasonPhrase());
   }
 
   @SneakyThrows
@@ -296,11 +295,11 @@ public void issueTokenForInvalidUser() {
     val response = initStringRequest().endpoint("o/token").body(params).post();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR);
+    assertEquals(statusCode, HttpStatus.INTERNAL_SERVER_ERROR);
 
     val jsonResponse = MAPPER.readTree(response.getBody());
-    assertThat(jsonResponse.get("error").asText())
-        .isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
+    assertEquals(
+        jsonResponse.get("error").asText(), HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
   }
 
   @SneakyThrows
@@ -319,7 +318,7 @@ public void checkRevokedToken() {
     val response = initStringRequest().endpoint("o/check_token").body(params).post();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.UNAUTHORIZED);
+    assertEquals(statusCode, HttpStatus.UNAUTHORIZED);
   }
 
   @SneakyThrows
@@ -338,7 +337,7 @@ public void checkValidToken() {
     val response = initStringRequest().endpoint("o/check_token").body(params).post();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.MULTI_STATUS);
+    assertEquals(statusCode, HttpStatus.MULTI_STATUS);
   }
 
   @SneakyThrows
@@ -354,7 +353,7 @@ public void checkInvalidToken() {
     val response = initStringRequest().endpoint("o/check_token").body(params).post();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.UNAUTHORIZED);
+    assertEquals(statusCode, HttpStatus.UNAUTHORIZED);
   }
 
   @SneakyThrows
@@ -383,7 +382,7 @@ public void getUserScope() {
     val response = initStringRequest().endpoint("o/scopes?userName=%s", userName).get();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.OK);
+    assertEquals(statusCode, HttpStatus.OK);
     assertThatJson(response.getBody())
         .when(IGNORING_ARRAY_ORDER)
         .node("scopes")
@@ -397,7 +396,7 @@ public void getUserScopeInvalidUserName() {
     val response = initStringRequest().endpoint("o/scopes?userName=%s", userName).get();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.NOT_FOUND);
+    assertEquals(statusCode, HttpStatus.NOT_FOUND);
   }
 
   @SneakyThrows
@@ -421,7 +420,7 @@ public void listToken() {
     val response = initStringRequest().endpoint("o/token?user_id=%s", userId).get();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.OK);
+    assertEquals(statusCode, HttpStatus.OK);
 
     // Result should only have unrevoked tokens, ignoring the "exp" field.
     val expected =
@@ -443,8 +442,8 @@ public void listTokenEmptyToken() {
     val response = initStringRequest().endpoint("o/token?user_id=%s", userId).get();
 
     val statusCode = response.getStatusCode();
-    assertThat(statusCode).isEqualTo(HttpStatus.OK);
-    assertThat(response.getBody()).isEqualTo("[]");
+    assertEquals(statusCode, HttpStatus.OK);
+    assertEquals(response.getBody(), "[]");
   }
 
   @SneakyThrows
@@ -464,17 +463,17 @@ public void tokenShouldHaveNonZeroExpiry() {
     val response = initStringRequest().endpoint("o/token").body(params).post();
     val responseStatus = response.getStatusCode();
 
-    assertThat(responseStatus).isEqualTo(HttpStatus.OK);
+    assertEquals(responseStatus, HttpStatus.OK);
 
     val listResponse =
         initStringRequest().endpoint("o/token?user_id=%s", user.getId().toString()).get();
     val listStatusCode = listResponse.getStatusCode();
-    assertThat(listStatusCode).isEqualTo(HttpStatus.OK);
+    assertEquals(listStatusCode, HttpStatus.OK);
 
     log.info(listResponse.getBody());
     val responseJson = MAPPER.readTree(listResponse.getBody());
     val exp = responseJson.get(0).get("exp").asInt();
-    assertThat(exp).isNotZero();
-    assertThat(exp).isPositive();
+    assertTrue(exp != 0);
+    assertTrue(exp > 0);
   }
 }
diff --git a/src/test/java/bio/overture/ego/controller/TokensOnUserAndPolicyDeletes.java b/src/test/java/bio/overture/ego/controller/TokensOnUserAndPolicyDeletes.java
@@ -17,7 +17,8 @@
 
 package bio.overture.ego.controller;
 
-import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
 import static org.springframework.http.HttpHeaders.AUTHORIZATION;
 import static org.springframework.http.MediaType.APPLICATION_JSON;
 
@@ -88,16 +89,15 @@ public void deleteUser_ExistingTokens_TokensDeletedSuccess() {
     val deleteUserResponse = initStringRequest().endpoint("/users/%s", userDelete.getId()).delete();
 
     val deleteStatusCode = deleteUserResponse.getStatusCode();
-    assertThat(deleteStatusCode).isEqualTo(HttpStatus.OK);
+    assertEquals(deleteStatusCode, HttpStatus.OK);
 
     val checkTokenAfterDeleteResponse = checkToken(tokenToDelete);
     // Should be revoked
-    assertThat(checkTokenAfterDeleteResponse.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
+    assertEquals(checkTokenAfterDeleteResponse.getStatusCode(), HttpStatus.UNAUTHORIZED);
 
     val checkTokenRemainedAfterDeleteResponse = checkToken(tokenToKeep);
     // Should be valid
-    assertThat(checkTokenRemainedAfterDeleteResponse.getStatusCode())
-        .isEqualTo(HttpStatus.MULTI_STATUS);
+    assertEquals(checkTokenRemainedAfterDeleteResponse.getStatusCode(), HttpStatus.MULTI_STATUS);
   }
 
   /**
@@ -117,16 +117,15 @@ public void deletePolicy_ExistingTokens_TokensDeletedSuccess() {
     val deletePolicyResponse =
         initStringRequest().endpoint("/policies/%s", policy1.getId()).delete();
     val deleteStatusCode = deletePolicyResponse.getStatusCode();
-    assertThat(deleteStatusCode).isEqualTo(HttpStatus.OK);
+    assertEquals(deleteStatusCode, HttpStatus.OK);
 
     val checkTokenAfterDeleteResponse = checkToken(tokenToDelete);
     // Should be revoked
-    assertThat(checkTokenAfterDeleteResponse.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
+    assertEquals(checkTokenAfterDeleteResponse.getStatusCode(), HttpStatus.UNAUTHORIZED);
 
     val checkTokenRemainedAfterDeleteResponse = checkToken(tokenToKeep);
     // Should be valid
-    assertThat(checkTokenRemainedAfterDeleteResponse.getStatusCode())
-        .isEqualTo(HttpStatus.MULTI_STATUS);
+    assertEquals(checkTokenRemainedAfterDeleteResponse.getStatusCode(), HttpStatus.MULTI_STATUS);
   }
 
   /**
@@ -160,8 +159,8 @@ private String setupUserWithToken(User user, Policy policy) {
     val checkTokenResponse = checkToken(accessToken);
 
     val checkStatusCode = checkTokenResponse.getStatusCode();
-    assertThat(checkStatusCode).isEqualTo(HttpStatus.MULTI_STATUS);
-    assertThat(checkTokenResponse.getBody()).contains(policy.getName() + "." + "WRITE");
+    assertEquals(checkStatusCode, HttpStatus.MULTI_STATUS);
+    assertTrue(checkTokenResponse.getBody().contains(policy.getName() + "." + "WRITE"));
 
     return accessToken;
   }

diff --git a/src/test/java/bio/overture/ego/grpc/service/UserServiceGrpcAuthTest.java b/src/test/java/bio/overture/ego/grpc/service/UserServiceGrpcAuthTest.java
@@ -2,8 +2,7 @@
 
 import static bio.overture.ego.utils.EntityGenerator.generateNonExistentId;
 import static io.grpc.Metadata.ASCII_STRING_MARSHALLER;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
+import static org.junit.Assert.*;
 
 import bio.overture.ego.grpc.GetUserRequest;
 import bio.overture.ego.grpc.ListUsersRequest;
@@ -133,18 +132,20 @@ public void testDataSetup() {
     }
   }
 
-  @Test
+  @Test()
   public void getUser_noAuth_rejected() {
 
     val noAuthStub = MetadataUtils.attachHeaders(stub, emptyAuthMeta);
 
     // Test that the interceptor rejects this request
-    assertThatExceptionOfType(StatusRuntimeException.class)
-        .as("Request should be rejected due to missing JWT")
-        .isThrownBy(
-            () ->
-                noAuthStub.getUser(
-                    GetUserRequest.newBuilder().setId(UUID.randomUUID().toString()).build()));
+    try {
+      noAuthStub.getUser(GetUserRequest.newBuilder().setId(UUID.randomUUID().toString()).build());
+    } catch (Exception e) {
+      assertEquals(
+          "Request should be rejected due to missing JWT",
+          StatusRuntimeException.class,
+          e.getClass());
+    }
   }
 
   @Test
@@ -155,7 +156,7 @@ public void getUser_userAuth_success() {
     // Test that the interceptor rejects this request
     val reply =
         authStub.getUser(GetUserRequest.newBuilder().setId(testUser.getId().toString()).build());
-    assertThat(reply.getId().getValue()).isEqualTo(testUser.getId().toString());
+    assertEquals(reply.getId().getValue(), testUser.getId().toString());
   }
 
   @Test
@@ -164,11 +165,14 @@ public void getUser_userAuth_rejectedForWrongUser() {
     val authStub = MetadataUtils.attachHeaders(stub, userAuthMeta);
     UUID randomId = generateNonExistentId(userService);
 
-    // Test that the interceptor rejects this request
-    assertThatExceptionOfType(StatusRuntimeException.class)
-        .as("User should not be allowed to access data of a different user.")
-        .isThrownBy(
-            () -> authStub.getUser(GetUserRequest.newBuilder().setId(randomId.toString()).build()));
+    try {
+      authStub.getUser(GetUserRequest.newBuilder().setId(randomId.toString()).build());
+    } catch (Exception e) {
+      assertEquals(
+          "User should not be allowed to access data of a different user.",
+          StatusRuntimeException.class,
+          e.getClass());
+    }
   }
 
   @Test
@@ -178,7 +182,7 @@ public void getUser_adminAuth_success() {
     // Test that the interceptor rejects this request
     val reply =
         authStub.getUser(GetUserRequest.newBuilder().setId(testUser.getId().toString()).build());
-    assertThat(reply.getId().getValue()).isEqualTo(testUser.getId().toString());
+    assertEquals(reply.getId().getValue(), testUser.getId().toString());
   }
 
   @Test
@@ -188,17 +192,22 @@ public void getUser_appAuth_success() {
     // Test that the interceptor rejects this request
     val reply =
         authStub.getUser(GetUserRequest.newBuilder().setId(testUser.getId().toString()).build());
-    assertThat(reply.getId().getValue()).isEqualTo(testUser.getId().toString());
+    assertEquals(reply.getId().getValue(), (testUser.getId().toString()));
   }
 
   @Test
   public void listUsers_noAuth_rejected() {
     val authStub = MetadataUtils.attachHeaders(stub, emptyAuthMeta);
 
     // Test that the interceptor rejects this request
-    assertThatExceptionOfType(StatusRuntimeException.class)
-        .as("Request should be rejected due to missing JWT")
-        .isThrownBy(() -> authStub.listUsers(ListUsersRequest.newBuilder().build()));
+    try {
+      authStub.listUsers(ListUsersRequest.newBuilder().build());
+    } catch (Exception e) {
+      assertEquals(
+          "Request should be rejected due to missing JWT",
+          StatusRuntimeException.class,
+          e.getClass());
+    }
   }
 
   @Test
@@ -207,9 +216,14 @@ public void listUsers_userAuth_rejected() {
     val authStub = MetadataUtils.attachHeaders(stub, userAuthMeta);
 
     // Test that the interceptor rejects this request
-    assertThatExceptionOfType(StatusRuntimeException.class)
-        .as("Request should be rejected due to missing JWT")
-        .isThrownBy(() -> authStub.listUsers(ListUsersRequest.newBuilder().build()));
+    try {
+      authStub.listUsers(ListUsersRequest.newBuilder().build());
+    } catch (Exception e) {
+      assertEquals(
+          "Request should be rejected due to missing JWT",
+          StatusRuntimeException.class,
+          e.getClass());
+    }
   }
 
   @Test
@@ -218,7 +232,7 @@ public void listUsers_adminAuth_success() {
 
     // Test that the interceptor rejects this request
     val reply = authStub.listUsers(ListUsersRequest.newBuilder().build());
-    assertThat(reply.getUsersCount()).isGreaterThanOrEqualTo(2);
+    assertTrue(reply.getUsersCount() >= 2);
   }
 
   @Test
@@ -227,6 +241,6 @@ public void listUsers_appAuth_success() {
 
     // Test that the interceptor rejects this request
     val reply = authStub.listUsers(ListUsersRequest.newBuilder().build());
-    assertThat(reply.getUsersCount()).isGreaterThanOrEqualTo(2);
+    assertTrue(reply.getUsersCount() >= 2);
   }
 }