Added: SignedUrlAuthMechanism IT

IQSS · Feb 22, 2023 · 5f52321 · 5f52321
1 parent 50934ce
commit 5f52321
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 0 deletions.
diff --git a/src/test/java/edu/harvard/iq/dataverse/api/SignedUrlAuthMechanismIT.java b/src/test/java/edu/harvard/iq/dataverse/api/SignedUrlAuthMechanismIT.java
@@ -0,0 +1,46 @@
+package edu.harvard.iq.dataverse.api;
+
+import com.jayway.restassured.RestAssured;
+import com.jayway.restassured.response.Response;
+import org.junit.BeforeClass;
+import org.junit.jupiter.api.Test;
+
+import static com.jayway.restassured.RestAssured.get;
+import static javax.ws.rs.core.Response.Status.OK;
+import static javax.ws.rs.core.Response.Status.UNAUTHORIZED;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+public class SignedUrlAuthMechanismIT {
+
+    @BeforeClass
+    public static void setUp() {
+        RestAssured.baseURI = UtilIT.getRestAssuredBaseUri();
+    }
+
+    @Test
+    public void testSignedUrlAuthMechanism() {
+        // Test user setup
+        Response createUserResponse = UtilIT.createRandomUser();
+        String username = UtilIT.getUsernameFromResponse(createUserResponse);
+        String apiToken = UtilIT.getApiTokenFromResponse(createUserResponse);
+        UtilIT.makeSuperUser(username);
+
+        // Test dataset setup
+        Response createDataverseResponse = UtilIT.createRandomDataverse(apiToken);
+        String dataverseAlias = UtilIT.getAliasFromResponse(createDataverseResponse);
+        Response createDatasetResponse = UtilIT.createRandomDatasetViaNativeApi(dataverseAlias, apiToken);
+        String datasetPersistentId = UtilIT.getDatasetPersistentIdFromResponse(createDatasetResponse);
+
+        // Valid Signed URL behavior
+        String apiPath = String.format("/api/v1/datasets/:persistentId/?persistentId=%s", datasetPersistentId);
+        Response createSignedUrlResponse = UtilIT.createSignedUrl(apiToken, apiPath, username);
+        String signedUrl = UtilIT.getSignedUrlFromResponse(createSignedUrlResponse);
+        Response signedUrlResponse = get(signedUrl);
+        assertEquals(OK.getStatusCode(), signedUrlResponse.getStatusCode());
+
+        // Invalid Signed URL behavior
+        String invalidSignedUrlPath = String.format("/api/v1/datasets/:persistentId/?persistentId=%s&until=2999-01-01T23:59:29.855&user=dataverseAdmin&method=GET&token=invalidToken", datasetPersistentId);
+        Response invalidSignedUrlResponse = get(invalidSignedUrlPath);
+        assertEquals(UNAUTHORIZED.getStatusCode(), invalidSignedUrlResponse.getStatusCode());
+    }
+}
diff --git a/src/test/java/edu/harvard/iq/dataverse/api/UtilIT.java b/src/test/java/edu/harvard/iq/dataverse/api/UtilIT.java
@@ -3149,4 +3149,19 @@ static Response retrieveMyDataAsJsonString(String apiToken, String userIdentifie
                 .get("/api/mydata/retrieve?userIdentifier=" + userIdentifier);
         return response;
     }
+
+    static Response createSignedUrl(String apiToken, String apiPath, String username) {
+        Response response = given()
+                .header(API_TOKEN_HTTP_HEADER, apiToken)
+                .body(String.format("{\"url\":\"%s\",\"timeOut\":35,\"user\":\"%s\"}", getRestAssuredBaseUri() + apiPath, username))
+                .contentType("application/json")
+                .post("/api/admin/requestSignedUrl");
+        return response;
+    }
+
+    static String getSignedUrlFromResponse(Response createSignedUrlResponse) {
+        JsonPath jsonPath = JsonPath.from(createSignedUrlResponse.body().asString());
+        String signedUrl = jsonPath.getString("data.signedUrl");
+        return signedUrl;
+    }
 }