Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-02-22 06:26:56 +01:00
Code Issues Packages Projects Releases Activity

Create and read tokens for api keys

Browse Source
This commit is contained in:
René Pfeuffer
2020-09-29 13:31:07 +02:00
parent 905fc4158a
commit 2f96ec0d21
2 changed files with 149 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
scm-webapp/src/test/java/sonia/scm/security/ApiKeyTokenHandlerTest.java Normal file
View File

@@ -0,0 +1,65 @@
/*
* MIT License
*
* Copyright (c) 2020-present Cloudogu GmbH and Contributors
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
package sonia.scm.security;
import io.jsonwebtoken.io.Encoders;
import org.junit.jupiter.api.Test;
import java.util.Optional;
import static org.assertj.core.api.Assertions.assertThat;
class ApiKeyTokenHandlerTest {
ApiKeyTokenHandler handler = new ApiKeyTokenHandler();
@Test
void shouldSerializeAndDeserializeToken() {
final String tokenString = handler.createToken("dent", new ApiKey("42", "hg2g", "READ"), "some secret");
System.out.println(tokenString);
final Optional<ApiKeyTokenHandler.Token> token = handler.readToken(tokenString);
assertThat(token).isNotEmpty();
assertThat(token).get().extracting("user").isEqualTo("dent");
assertThat(token).get().extracting("apiKeyId").isEqualTo("42");
assertThat(token).get().extracting("passphrase").isEqualTo("some secret");
}
@Test
void shouldNotFailWithInvalidTokenEncoding() {
final Optional<ApiKeyTokenHandler.Token> token = handler.readToken("invalid token");
assertThat(token).isEmpty();
}
@Test
void shouldNotFailWithInvalidTokenContent() {
final Optional<ApiKeyTokenHandler.Token> token = handler.readToken(Encoders.BASE64URL.encode("{\"invalid\":\"token\"}".getBytes()));
assertThat(token).isEmpty();
}
}