Package com.totvs.tjf.mock.test

Class JWTTestProvider

  • All Implemented Interfaces:
    org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
    @Configuration
@ConditionalOnResource(resources="classpath:com/totvs/tjf/autoconfigure/WebSecurityAutoConfiguration.class")
public class JWTTestProvider
extends org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter
    Configures the the application tests context to use a InMemoryTokenStore. This permits this class to generate authentication tokens for use with MockMvc tests. Just need put this project on Maven dependencies with test scope, and use MockMvc with() method to use the supplied oauth2JWT RequestPostProcessor to generate and add the authorization header. The token generated is automatically inserted on the InMemoryTokenStore, so in the authentication process the JWT token is accepted.
    Author:
    Mauricio Rogerio Obenaus

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      protected static class  JWTTestProvider.TestAuthentication
      Test class extending the AbstractAuthenticationToken to use with the generated token.

    • Constructor Summary

      Constructors 
      Constructor Description
      JWTTestProvider()  

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void configure​(org.springframework.security.config.annotation.web.builders.HttpSecurity http)  
      void configure​(org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer resources)
      Configure the Oauth2 Resource Server to use the InMemoryTokenStore
      String newRacJWT​(String username, String roles)
      Generate a JWT Token string.
      String newRacJWT​(String username, String roles, String tenantId)
      Generate a JWT Token string.
      static org.springframework.test.web.servlet.request.RequestPostProcessor oauth2JWT​(String username)
      Static method to use with MockMvc

      Will create a JWT Token, store on InMemoryTokenStore and add the Authorization header in MockHttpServletRequest.
      static org.springframework.test.web.servlet.request.RequestPostProcessor oauth2JWT​(String username, String roles)
      Static method to use with MockMvc

      Will create a JWT Token, store on InMemoryTokenStore and add the Authorization header in MockHttpServletRequest.
      static org.springframework.test.web.servlet.request.RequestPostProcessor oauth2JWT​(String username, String roles, String tenantId)
      Static method to use with MockMvc

      Will create a JWT Token, store on InMemoryTokenStore and add the Authorization header in MockHttpServletRequest.

    • Constructor Detail

      • JWTTestProvider

        public JWTTestProvider()

    • Method Detail

      • configure

        public void configure​(org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer resources)
               throws Exception
        Configure the Oauth2 Resource Server to use the InMemoryTokenStore
        Specified by:
        configure in interface org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
        Overrides:
        configure in class org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter
        Throws:
        Exception

      • configure

        public void configure​(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
               throws Exception
        Specified by:
        configure in interface org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
        Overrides:
        configure in class org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter
        Throws:
        Exception

      • oauth2JWT

        public static org.springframework.test.web.servlet.request.RequestPostProcessor oauth2JWT​(String username,
                                                                                          String roles,
                                                                                          String tenantId)
        Static method to use with MockMvc

        Will create a JWT Token, store on InMemoryTokenStore and add the Authorization header in MockHttpServletRequest.

        usage: 
         mockMvc.perform(MockMvcRequestBuilders.post("/api/v1/testapi").with(oauth2JWT("username", "ROLE1,ROLE2"))
                .contentType(MediaType.APPLICATION_JSON_VALUE).content("{}")).andExpect(status().is2xxSuccessful());
        Parameters:
        username - String of user name available on security context
        roles - String with a list of comma separated roles
        tenantId - String with the current tenant identifier
        Returns:
        RequestPostProcessor to be used with MockMvc object

      • oauth2JWT

        public static org.springframework.test.web.servlet.request.RequestPostProcessor oauth2JWT​(String username,
                                                                                          String roles)
        Static method to use with MockMvc

        Will create a JWT Token, store on InMemoryTokenStore and add the Authorization header in MockHttpServletRequest.

        usage: 
         mockMvc.perform(MockMvcRequestBuilders.post("/api/v1/testapi").with(oauth2JWT("username", "ROLE1,ROLE2"))
                .contentType(MediaType.APPLICATION_JSON_VALUE).content("{}")).andExpect(status().is2xxSuccessful());
        Parameters:
        username - String of user name available on security context
        roles - String with a list of comma separated roles
        Returns:
        RequestPostProcessor to be used with MockMvc object

      • oauth2JWT

        public static org.springframework.test.web.servlet.request.RequestPostProcessor oauth2JWT​(String username)
        Static method to use with MockMvc

        Will create a JWT Token, store on InMemoryTokenStore and add the Authorization header in MockHttpServletRequest.

        usage: 
         mockMvc.perform(MockMvcRequestBuilders.post("/api/v1/testapi").with(oauth2JWT("username"))
                .contentType(MediaType.APPLICATION_JSON_VALUE).content("{}")).andExpect(status().is2xxSuccessful());
        Parameters:
        username - String of user name available on security context
        Returns:
        RequestPostProcessor to be used with MockMvc object

      • newRacJWT

        public String newRacJWT​(String username,
                        String roles)
        Generate a JWT Token string.
        Will create a JWT Token, store on InMemoryTokenStore and return the JWT string.
        The token is not signed, no need because is not validated when using InMemoryTokenStore
        Parameters:
        username - String of user name available on security context
        roles - String with a list of comma separated roles
        Returns:
        String of the generated JWT

      • newRacJWT

        public String newRacJWT​(String username,
                        String roles,
                        String tenantId)
        Generate a JWT Token string.
        Will create a JWT Token, store on InMemoryTokenStore and return the JWT string.
        The token is not signed, no need because is not validated when using InMemoryTokenStore
        Parameters:
        username - String of user name available on security context
        roles - String with a list of comma separated roles
        tenantId - String with the current tenant identifier
        Returns:
        String of the generated JWT