From 2b6200e040ef74741e4e4d59608b442a57f34b29 Mon Sep 17 00:00:00 2001 From: Tang Cheng Date: Wed, 24 Apr 2019 13:12:48 +0800 Subject: [PATCH] =?utf8?q?=E4=BC=98=E5=8C=96=E6=B5=8B=E8=AF=95=E4=BB=A3?= =?utf8?q?=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- .../controller/security_controller_test.kt | 74 ++++++++++++------- 1 file changed, 46 insertions(+), 28 deletions(-) diff --git a/src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt b/src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt index 372a67a8..24853dbe 100644 --- a/src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt +++ b/src/test/kotlin/com/supwisdom/dlpay/controller/security_controller_test.kt @@ -5,14 +5,18 @@ import com.supwisdom.dlpay.framework.core.JwtConfig import com.supwisdom.dlpay.framework.util.HmacUtil import io.restassured.RestAssured import io.restassured.RestAssured.* +import io.restassured.http.ContentType import io.restassured.path.json.JsonPath.from -import org.hamcrest.Matchers.notNullValue +import org.hamcrest.MatcherAssert.assertThat +import org.hamcrest.Matchers.* import org.junit.Before import org.junit.Test import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.test.context.SpringBootTest import org.springframework.boot.web.server.LocalServerPort import org.springframework.test.context.ActiveProfiles +import java.text.SimpleDateFormat +import java.util.* @ActiveProfiles("devel-pg-local") @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @@ -31,24 +35,39 @@ class SecurityControllerTest : MvcBaseTest() { RestAssured.port = port } - @Test - fun testGetJwt() { - val response = given().param("appid", appid) + fun getJwt(id: String, secret: String): String { + val token = given().param("appid", id) .`when`() .get("/api/auth/gettoken") .then() + .contentType(ContentType.JSON) + .statusCode(200) .body("token", notNullValue()) - .extract() + .extract().path("token") - val token = from(response.body().asString()).getString("token") - val secret = HmacUtil.HMACSHA256(token, appsecret) + val tokenCrypt = HmacUtil.HMACSHA256(token, secret) - given().param("appid", appid) - .param("secret", secret) + return given().param("appid", id) + .param("secret", tokenCrypt) .`when`() .get("/api/auth/authentication") .then() + .statusCode(200) + .contentType(ContentType.JSON) .body("jwt", notNullValue()) + .extract().response().let { + val exp = it.path("expiredAt").run { + SimpleDateFormat("yyyy-MM-dd HH:mm:ss z").parse(this) + } + val now = Calendar.getInstance() + assertThat(now.time, lessThanOrEqualTo(exp)) + it.path("jwt") + } + } + + @Test + fun testGetJwt() { + getJwt(appid, appsecret) } @Test @@ -76,32 +95,31 @@ class SecurityControllerTest : MvcBaseTest() { @Test fun testJwtRefresh() { - val response = given().param("appid", appid) + getJwt(appid, appsecret).also { jwt -> + given().header(jwtConfig.header, "${jwtConfig.tokenHeader}$jwt") + .`when`() + .get("/api/auth/refresh") + .then() + .statusCode(200) + .body("jwt", notNullValue()) + } + } + + @Test + fun testAuthencationFail() { + given().param("appid", appid) .`when`() .get("/api/auth/gettoken") .then() - .statusCode(200) .body("token", notNullValue()) .extract() - - val token = from(response.body().asString()).getString("token") - val secret = HmacUtil.HMACSHA256(token, appsecret) - - given().param("appid", appid) - .param("secret", secret) - .`when`() - .get("/api/auth/authentication") - .then() - .statusCode(200) - .body("jwt", notNullValue()) - .extract().also { - val jwt = from(it.body().asString()).getString("jwt") - given().header(jwtConfig.header, "Bearer $jwt") + .path("token").also { token -> + given().param("appid", appid) + .param("secret", token) .`when`() - .get("/api/auth/refresh") + .get("/api/auth/authentication") .then() - .statusCode(200) - .body("jwt", notNullValue()) + .statusCode(401) } } -- 2.17.1