/
AuthSpec.scala
86 lines (74 loc) · 2.34 KB
/
AuthSpec.scala
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package com.azavea.rf.api.auth
import com.azavea.rf.datamodel._
import org.scalatest.{Matchers, WordSpec}
import akka.http.scaladsl.testkit.{RouteTestTimeout, ScalatestRouteTest}
import akka.http.scaladsl.model.StatusCodes
import akka.actor.ActorSystem
import concurrent.duration._
import akka.http.scaladsl.server.Route
import com.azavea.rf.api.user._
import com.azavea.rf.api.utils.Config
import com.azavea.rf.api._
import com.azavea.rf.common._
import io.circe._
import de.heikoseeberger.akkahttpcirce.ErrorAccumulatingCirceSupport._
class AuthSpec extends WordSpec
with Matchers
with ScalatestRouteTest
with Config
with Router
with DBSpec {
implicit val ec = system.dispatcher
implicit def database = db
implicit def default(implicit system: ActorSystem) = RouteTestTimeout(DurationInt(5).second)
val newUserId = "NewUser"
val token = AuthUtils.generateToken(newUserId)
val authorization = AuthUtils.generateAuthHeader(newUserId)
// Alias to baseRoutes to be explicit
val baseRoutes = routes
/** Route for testing the authenticate directive.
*
* If authenticate provides a user, a get request to "/" will return a 202 Accepted
*/
def authenticateDirectiveTestRoute: Route = {
authenticate { user =>
get {
complete(StatusCodes.Accepted)
}
}
}
def authenticateQueryParameterTestRoute: Route = {
authenticateWithParameter { token =>
get {
complete(StatusCodes.Accepted)
}
}
}
"authenticate directive" should {
"Reject anonymous users" in {
Get("/") ~> authenticateDirectiveTestRoute ~> check {
rejection
}
}
"create a new user then authenticate using it if a user which matches the JWT token doesn't exist" ignore {
Get("/").addHeader(authorization) ~> authenticateDirectiveTestRoute ~> check {
Get(s"/api/users/$newUserId")
.addHeader(authorization) ~> baseRoutes ~> check {
responseAs[User]
}
}
}
}
"authenticate query parameters" should {
"Reject no query parameters" in {
Get("/") ~> authenticateQueryParameterTestRoute ~> check {
rejection
}
}
"Accept with token query parameters" ignore {
Get(s"/?token=${token}") ~> authenticateQueryParameterTestRoute ~> check {
status shouldEqual StatusCodes.Accepted
}
}
}
}