Refactor REST Admin interface security integration test

Signed-off-by: Alexander Pinchuk <alexander.v.pinchuk@gmail.com>
eclipse-ee4j · Mar 16, 2023 · 847614e · 847614e
1 parent 28c0e8c
commit 847614e
Show file tree

Hide file tree

Showing 5 changed files with 191 additions and 119 deletions.
diff --git a/...erver/itest-tools/src/main/java/org/glassfish/main/itest/tools/DomainAdminRestClient.java b/...erver/itest-tools/src/main/java/org/glassfish/main/itest/tools/DomainAdminRestClient.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 Eclipse Foundation and/or its affiliates. All rights reserved.
+ * Copyright (c) 2022, 2023 Eclipse Foundation and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -19,14 +19,12 @@
 import jakarta.ws.rs.client.Entity;
 import jakarta.ws.rs.client.Invocation.Builder;
 import jakarta.ws.rs.client.WebTarget;
-import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.MultivaluedHashMap;
 import jakarta.ws.rs.core.MultivaluedMap;
 import jakarta.ws.rs.core.Response;
 
 import java.io.Closeable;
 import java.io.File;
-import java.util.HashMap;
 import java.util.Map;
 import java.util.Map.Entry;
 
@@ -35,6 +33,10 @@
 import org.glassfish.jersey.media.multipart.file.FileDataBodyPart;
 
 import static jakarta.ws.rs.core.MediaType.APPLICATION_FORM_URLENCODED;
+import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
+import static jakarta.ws.rs.core.MediaType.MULTIPART_FORM_DATA;
+import static jakarta.ws.rs.core.MediaType.TEXT_PLAIN_TYPE;
+import static org.glassfish.main.itest.tools.GlassFishTestEnvironment.createClient;
 
 /**
  * @author David Matejcek
@@ -46,12 +48,11 @@ public class DomainAdminRestClient implements Closeable {
     private final String responseType;
 
     public DomainAdminRestClient(final String baseUrl) {
-        this(baseUrl, MediaType.APPLICATION_JSON);
+        this(baseUrl, APPLICATION_JSON);
     }
 
-
     public DomainAdminRestClient(final String baseUrl, final String responseType) {
-        this(GlassFishTestEnvironment.createClient(), baseUrl, responseType);
+        this(createClient(), baseUrl, responseType);
     }
 
 
@@ -63,7 +64,7 @@ public DomainAdminRestClient(final ClientWrapper client, final String baseUrl, f
 
 
     /**
-     * @return http://localhost:4848/management or something else, see constructor.
+     * @return {@code http://localhost:4848/management} or something else, see constructor.
      */
     public final String getBaseUrl() {
         return baseUrl;
@@ -76,7 +77,7 @@ public Response options(final String relativePath) {
 
 
     public Response get(final String relativePath) {
-        return get(relativePath, new HashMap<String, String>());
+        return get(relativePath, null);
     }
 
 
@@ -115,15 +116,15 @@ public Response postWithUpload(final String relativePath, final Map<String, Obje
             if (entry.getValue() instanceof File) {
                 form.getBodyParts().add((new FileDataBodyPart(entry.getKey(), (File) entry.getValue())));
             } else {
-                form.field(entry.getKey(), entry.getValue(), MediaType.TEXT_PLAIN_TYPE);
+                form.field(entry.getKey(), entry.getValue(), TEXT_PLAIN_TYPE);
             }
         }
-        return getRequestBuilder(relativePath).post(Entity.entity(form, MediaType.MULTIPART_FORM_DATA), Response.class);
+        return getRequestBuilder(relativePath).post(Entity.entity(form, MULTIPART_FORM_DATA), Response.class);
     }
 
 
     public Response delete(final String relativePath) {
-        return delete(relativePath, new HashMap<String, String>());
+        return delete(relativePath, null);
     }
 
     public Response delete(final String relativePath, final Map<String, String> queryParams) {
@@ -133,9 +134,12 @@ public Response delete(final String relativePath, final Map<String, String> quer
 
 
     public Builder getRequestBuilder(final String relativePath) {
-        return getTarget(relativePath, null).request(responseType);
+        return getRequestBuilder(relativePath, null);
     }
 
+    public Builder getRequestBuilder(final  String relativePath, Map<String, String> queryParams) {
+        return getTarget(relativePath, queryParams).request(responseType);
+    }
 
     public WebTarget getTarget(final String relativePath, final Map<String, String> queryParams) {
         WebTarget target = client.target(baseUrl + relativePath);

diff --git a/...dmin/tests/src/test/java/org/glassfish/main/admin/test/rest/BasicAuthenticationITest.java b/...dmin/tests/src/test/java/org/glassfish/main/admin/test/rest/BasicAuthenticationITest.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2023 Contributors to the Eclipse Foundation.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v. 2.0, which is available at
+ * http://www.eclipse.org/legal/epl-2.0.
+ *
+ * This Source Code may also be made available under the following Secondary
+ * Licenses when the conditions for such availability set forth in the
+ * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
+ * version 2 with the GNU Classpath Exception, which is available at
+ * https://www.gnu.org/software/classpath/license.html.
+ *
+ * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
+ */
+
+package org.glassfish.main.admin.test.rest;
+
+import jakarta.ws.rs.core.Response;
+
+import org.glassfish.admin.rest.client.ClientWrapper;
+import org.glassfish.main.itest.tools.DomainAdminRestClient;
+import org.junit.jupiter.api.Test;
+
+import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+public class BasicAuthenticationITest extends SecuredRestTestBase {
+
+    private static final String INVALID_USER_NAME = "invaliduser";
+
+    private static final String INVALID_PASSWORD = "invalidpass";
+
+    @Test
+    public void testAuthRequired() {
+        // Invalid credentials
+        try (BasicClient basicClient = new BasicClient(INVALID_USER_NAME, INVALID_PASSWORD)) {
+            Response response = basicClient.get(URL_DOMAIN);
+            assertThat(response.getStatus(), equalTo(401));
+        }
+
+        // Anonymous access
+        try (AnonymousClient anonymousClient = new AnonymousClient()) {
+            Response response = anonymousClient.get(URL_DOMAIN);
+            assertThat(response.getStatus(), equalTo(401));
+        }
+
+        // Valid credentials
+        try (BasicClient basicClient = new BasicClient(AUTH_USER_NAME, AUTH_PASSWORD)) {
+            Response response = basicClient.get(URL_DOMAIN);
+            assertThat(response.getStatus(), equalTo(200));
+        }
+    }
+
+    private static final class AnonymousClient extends DomainAdminRestClient {
+
+        public AnonymousClient() {
+            super(new ClientWrapper(), managementClient.getBaseUrl(), APPLICATION_JSON);
+        }
+    }
+}
diff --git a/...rver/tests/admin/tests/src/test/java/org/glassfish/main/admin/test/rest/RestTestBase.java b/...rver/tests/admin/tests/src/test/java/org/glassfish/main/admin/test/rest/RestTestBase.java
@@ -59,6 +59,7 @@ public class RestTestBase {
 
     protected static final String CONTEXT_ROOT_MANAGEMENT = "/management";
 
+    protected static final String URL_DOMAIN = "/domain";
     protected static final String URL_CLUSTER = "/domain/clusters/cluster";
     protected static final String URL_APPLICATION_DEPLOY = "/domain/applications/application";
     protected static final String URL_CREATE_INSTANCE = "/domain/create-instance";

diff --git a/...sts/admin/tests/src/test/java/org/glassfish/main/admin/test/rest/SecuredRestTestBase.java b/...sts/admin/tests/src/test/java/org/glassfish/main/admin/test/rest/SecuredRestTestBase.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2023 Contributors to the Eclipse Foundation.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v. 2.0, which is available at
+ * http://www.eclipse.org/legal/epl-2.0.
+ *
+ * This Source Code may also be made available under the following Secondary
+ * Licenses when the conditions for such availability set forth in the
+ * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
+ * version 2 with the GNU Classpath Exception, which is available at
+ * https://www.gnu.org/software/classpath/license.html.
+ *
+ * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
+ */
+
+package org.glassfish.main.admin.test.rest;
+
+import jakarta.ws.rs.core.Response;
+
+import org.glassfish.admin.rest.client.ClientWrapper;
+import org.glassfish.main.itest.tools.DomainAdminRestClient;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+
+import java.util.Map;
+
+import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
+import static org.glassfish.jersey.client.authentication.HttpAuthenticationFeature.basic;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.CoreMatchers.equalTo;
+
+public class SecuredRestTestBase extends RestTestBase {
+
+    private static final String URL_CREATE_USER = "/domain/configs/config/server-config/security-service/auth-realm/admin-realm/create-user";
+
+    private static final String URL_DELETE_USER = "/domain/configs/config/server-config/security-service/auth-realm/admin-realm/delete-user";
+
+    protected static final String AUTH_USER_NAME = "dummyuser";
+
+    protected static final String AUTH_PASSWORD = "dummypass";
+
+    @BeforeAll
+    public static void createUser() {
+        // Create the new user
+        Map<String, String> newUser = Map.of(
+            "id", AUTH_USER_NAME,
+            "groups", "asadmin",
+            "authrealmname", "admin-realm",
+            "AS_ADMIN_USERPASSWORD", AUTH_PASSWORD
+        );
+        Response response = managementClient.post(URL_CREATE_USER, newUser);
+        assertThat(response.getStatus(), equalTo(200));
+    }
+
+    @AfterAll
+    public static void deleteUser() {
+        Response response = managementClient.delete(URL_DELETE_USER, Map.of("id", AUTH_USER_NAME));
+        assertThat(response.getStatus(), equalTo(200));
+    }
+
+    protected static final class BasicClient extends DomainAdminRestClient {
+
+        public BasicClient(String userName, String password) {
+            super(createClient(userName, password), managementClient.getBaseUrl(), APPLICATION_JSON);
+        }
+
+        private static ClientWrapper createClient(String userName, String password) {
+            ClientWrapper client = new ClientWrapper();
+            client.register(basic(userName, password));
+            return client;
+        }
+    }
+}