-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added the junit test cases for CustomAuthorizationInterceptor #71
base: master
Are you sure you want to change the base?
Conversation
@@ -87,7 +87,7 @@ private List<IAuthRule> unauthorizedRule() { | |||
.build(); | |||
} | |||
|
|||
private List<IAuthRule> authorizeOAuth(RequestDetails theRequest) throws AuthenticationException { | |||
protected List<IAuthRule> authorizeOAuth(RequestDetails theRequest) throws AuthenticationException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No - tests shouldn't require changes to the underlying methods.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you review the built-in AuthorizationInterceptor tests to see how this should be implemented?
…r-jpaserver-starter into junit-tests-for-CustomAuthorizationInterceptor
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you review how the upstream repos implement interceptor tests?
Please, do the following:
- Remove the tests for API_KEY. We'll deprecate that very soon.
- Separate the tests into different ones for remaining authorization methods.
private static final String ROLE_INVALID_USER = "invalid-user"; | ||
|
||
@BeforeEach | ||
public void before() throws IOException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why would a before()
throw an exception?
private static Server ourServer; | ||
private static final FhirContext ourCtx = FhirContext.forR4(); | ||
|
||
private static final String TOKEN = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.NHVaYe26MbtOYhSKkoKYdFVomg4i8ZJd8_-RU8VNbftc4TSMb4bXP3l3YlNWACwyXPGffz5aXHc6lty1Y2t4SWRqGteragsVdZufDn5BlnJl9pdR_kdVFUsra2rWKEofkZeIC4yWytE58sMIihvo9H1ScmmVwBcQP6XETqYd0aSHp1gOa9RdUPDvoXQ5oqygTqVtxaDr6wUFKrKItgBMzWIdNZ6y7O9E0DhEPTbE9rfBo6KTFsHAZnMg4k68CDp2woYIaXbmYTWcvbzIuHO7_37GT79XdIwkm95QJ7hYC9RiwrV7mesbY4PAahERJawntho0my942XheVLmGwLMBkQ"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is there a single hard-coded token?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is test token we have return below, as
DecodedJWT jwt = JWT.decode(token);
method in CustomAuthorizationInterceptor requires a valid JWT to decode or we should mock this method as well.
…r-jpaserver-starter into junit-tests-for-CustomAuthorizationInterceptor
Overview
How it was tested
Checklist