zervo/seb-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SEBSERV-8 #fixed db schemas for profiles and tests

Browse source
This commit is contained in:
anhefti 2018-11-29 11:14:56 +01:00
parent c2e4c1c57f
commit 63968c0b9c
10 changed files with 61 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/main/java/ch/ethz/seb/sebserver/gbl/model/user/UserInfo.java
View file

@ -8,6 +8,7 @@
package ch.ethz.seb.sebserver.gbl.model.user; package ch.ethz.seb.sebserver.gbl.model.user;
import java.io.Serializable;
import java.util.Collection; import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.Locale; import java.util.Locale;
@ -36,7 +37,9 @@ import ch.ethz.seb.sebserver.webservice.datalayer.batis.model.UserRecord;
* to and from JSON within the Jackson library. * to and from JSON within the Jackson library.
* *
* This domain model is immutable and thread-save */ * This domain model is immutable and thread-save */
public final class UserInfo { public final class UserInfo implements Serializable {
private static final long serialVersionUID = 2526446136264377808L;
/** The user's UUID */ /** The user's UUID */
@JsonProperty(USER.ATTR_UUID) @JsonProperty(USER.ATTR_UUID)

5
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/oauth/WebClientDetailsService.java
View file

@ -8,6 +8,8 @@
package ch.ethz.seb.sebserver.webservice.weblayer.oauth; package ch.ethz.seb.sebserver.webservice.weblayer.oauth;
import java.util.Collections;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -73,9 +75,10 @@ public class WebClientDetailsService implements ClientDetailsService {
final BaseClientDetails baseClientDetails = new BaseClientDetails( final BaseClientDetails baseClientDetails = new BaseClientDetails(
clientId, clientId,
WebResourceServerConfiguration.EXAM_API_RESOURCE_ID, WebResourceServerConfiguration.EXAM_API_RESOURCE_ID,
"exam-api-read,exam-api-write", null,
"client_credentials,refresh_token", "client_credentials,refresh_token",
""); "");
baseClientDetails.setScope(Collections.emptySet());
baseClientDetails.setClientSecret(this.clientPasswordEncoder.encode("test")); baseClientDetails.setClientSecret(this.clientPasswordEncoder.encode("test"));
return baseClientDetails; return baseClientDetails;
} }

3
src/main/resources/logback.xml
View file

@ -8,9 +8,8 @@
<Logger name="ch.ethz.seb.sebserver" level="DEBUG" additivity="true" /> <Logger name="ch.ethz.seb.sebserver" level="DEBUG" additivity="true" />
<Logger name="org.mybatis.generator" level="INFO" additivity="true" /> <Logger name="org.mybatis.generator" level="INFO" additivity="true" />
<Logger name="org.springframework.boot" level="INFO" additivity="true" />
<Logger name="org.springframework.security" level="DEBUG" additivity="true" /> <Logger name="org.springframework.security" level="DEBUG" additivity="true" />
<Logger name="org.springframework.web.socket.messaging" level="INFO" additivity="true" />
<Logger name="org.springframework.messaging" level="INFO" additivity="true" />
<Logger name="org.springframework.web" level="DEBUG" additivity="true" /> <Logger name="org.springframework.web" level="DEBUG" additivity="true" />
<Logger name="org.springframework.security.oauth2" level="DEBUG" additivity="true" /> <Logger name="org.springframework.security.oauth2" level="DEBUG" additivity="true" />

0
src/main/resources/config/schema.sql → src/main/resources/schema-dev.sql
View file

2
src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/AdministrationAPIIntegrationTest.java
View file

@ -95,7 +95,7 @@ public class AdministrationAPIIntegrationTest {
@Test @Test
public void getHello_givenToken_thenOK() { public void getHello_givenToken_thenOK() {
try { try {
final String accessToken = obtainAccessToken("user", "test"); final String accessToken = obtainAccessToken("admin", "admin");
final String contentAsString = this.mockMvc.perform(get(this.endpoint + "/hello") final String contentAsString = this.mockMvc.perform(get(this.endpoint + "/hello")
.header("Authorization", "Bearer " + accessToken)) .header("Authorization", "Bearer " + accessToken))
.andExpect(status().isOk()) .andExpect(status().isOk())

44
src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/ExamAPIIntegrationTest.java
View file

@ -9,12 +9,15 @@
package ch.ethz.seb.sebserver.webservice.integration.api; package ch.ethz.seb.sebserver.webservice.integration.api;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import java.io.UnsupportedEncodingException;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
@ -62,10 +65,15 @@ public class ExamAPIIntegrationTest {
.addFilter(this.springSecurityFilterChain).build(); .addFilter(this.springSecurityFilterChain).build();
} }
protected String obtainAccessToken(final String clientId, final String clientSecret) throws Exception { protected String obtainAccessToken(
final String clientId,
final String clientSecret,
final String scope) throws Exception {
final MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); final MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
params.add("grant_type", "client_credentials"); params.add("grant_type", "client_credentials");
params.add("client_id", clientId); params.add("client_id", clientId);
params.add("scope", scope);
final ResultActions result = this.mockMvc.perform(post("/oauth/token") final ResultActions result = this.mockMvc.perform(post("/oauth/token")
.params(params) .params(params)
@ -87,18 +95,30 @@ public class ExamAPIIntegrationTest {
} }
@Test @Test
public void getHello_givenToken_thenOK() { public void get_same_token_for_same_scope() throws Exception {
try { final String accessToken1 = obtainAccessToken("test", "test", "testScope");
final String accessToken = obtainAccessToken("test", "test"); final String accessToken2 = obtainAccessToken("test", "test", "testScope");
final String contentAsString = this.mockMvc.perform(get(this.endpoint + "/hello")
.header("Authorization", "Bearer " + accessToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString();
assertEquals("Hello From Exam-Web-Service", contentAsString); assertEquals(accessToken1, accessToken2);
} catch (final Exception e) { }
e.printStackTrace();
} @Test
public void get_different_tokens_for_different_scopes() throws Exception {
final String accessToken1 = obtainAccessToken("test", "test", "testScope1");
final String accessToken2 = obtainAccessToken("test", "test", "testScope2");
assertNotEquals(accessToken1, accessToken2);
}
@Test
public void getHello_givenToken_thenOK() throws UnsupportedEncodingException, Exception {
final String accessToken = obtainAccessToken("test", "test", "testScope");
final String contentAsString = this.mockMvc.perform(get(this.endpoint + "/hello")
.header("Authorization", "Bearer " + accessToken))
.andExpect(status().isOk())
.andReturn().getResponse().getContentAsString();
assertEquals("Hello From Exam-Web-Service", contentAsString);
} }
} }

7
src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/ExamAPITestController.java
View file

@ -8,8 +8,9 @@
package ch.ethz.seb.sebserver.webservice.integration.api; package ch.ethz.seb.sebserver.webservice.integration.api;
import java.security.Principal; import java.util.Set;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
@ -22,7 +23,9 @@ import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
public class ExamAPITestController { public class ExamAPITestController {
@RequestMapping(value = "/hello", method = RequestMethod.GET) @RequestMapping(value = "/hello", method = RequestMethod.GET)
public String helloFromWebService(final Principal principal) { public String helloFromWebService(final OAuth2Authentication principal) {
final Set<String> scope = principal.getOAuth2Request().getScope();
System.out.println("OAuth 2 exam client scope is: " + scope);
return "Hello From Exam-Web-Service"; return "Hello From Exam-Web-Service";
} }

1
src/test/resources/application-test.properties
View file

@ -6,6 +6,7 @@ spring.h2.console.enabled=true
spring.datasource.platform=h2 spring.datasource.platform=h2
spring.datasource.url=jdbc:h2:mem:test;MODE=MySQL;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE spring.datasource.url=jdbc:h2:mem:test;MODE=MySQL;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
spring.datasource.driver-class-name=org.h2.Driver spring.datasource.driver-class-name=org.h2.Driver
spring.datasource.platform=test
sebserver.webservice.api.admin.clientId=testClient sebserver.webservice.api.admin.clientId=testClient
sebserver.webservice.api.admin.clientSecret=testClient sebserver.webservice.api.admin.clientSecret=testClient

13
src/test/resources/data-test.sql Normal file
View file

@ -0,0 +1,13 @@
INSERT INTO institution VALUES
(1, 'ETH Zürich', 'INTERNAL')
;
INSERT INTO user VALUES
(1, 1, 'internalDemoAdmin', 'Admin1', 'admin', '$2a$08$c2GKYEYoUVXH1Yb8GXVXVu66ltPvbZgLMcVSXRH.LgZNF/YeaYB8m', 'admin@nomail.nomail', '2018-01-01 00:00:00', 1, 1, 'en', 'UTC')
;
INSERT INTO user_role VALUES
(1, 1, 'SEB_SERVER_ADMIN')
;

0
src/test/resources/schema-h2.sql → src/test/resources/schema-test.sql
View file