add tests

Real-Dev-Squad · Mar 3, 2024 · d5d7060 · d5d7060
1 parent 08440d1
commit d5d7060
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 9 deletions.
diff --git a/skill-tree/src/main/java/com/RDS/skilltree/utils/GlobalExceptionHandler.java b/skill-tree/src/main/java/com/RDS/skilltree/utils/GlobalExceptionHandler.java
@@ -8,8 +8,7 @@
 import org.apache.tomcat.websocket.AuthenticationException;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
-import org.springframework.security.web.authentication.rememberme.InvalidCookieException;
+import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.validation.FieldError;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
@@ -29,13 +28,8 @@ public ResponseEntity<GenericResponse<Object>> handleNoEntityException(NoEntityE
                 .body(new GenericResponse<>(null, ex.getMessage()));
     }
 
-    @ExceptionHandler({SignatureException.class })
-    public ResponseEntity<GenericResponse<Object>> handleInvalidBearerTokenException(SignatureException ex) {
-        return ResponseEntity.status( HttpStatus.UNAUTHORIZED).body(new GenericResponse<>(null,  ex.getMessage()));
-    }
-
-    @ExceptionHandler({AuthenticationException.class})
-    public ResponseEntity<GenericResponse<Object>> handleInvalidBearerTokenException(AuthenticationException ex) {
+    @ExceptionHandler({AuthenticationException.class, InsufficientAuthenticationException.class})
+    public ResponseEntity<GenericResponse<Object>> handleInvalidBearerTokenException(Exception ex) {
         return ResponseEntity.status( HttpStatus.UNAUTHORIZED).body(new GenericResponse<>(null, "The access token provided is expired, revoked, malformed, or invalid for other reasons."+ ex.getMessage()));
     }
     @ExceptionHandler({AccessDeniedException.class})

diff --git a/skill-tree/src/test/java/com/RDS/skilltree/SecurityContextIntegrationTest.java b/skill-tree/src/test/java/com/RDS/skilltree/SecurityContextIntegrationTest.java
@@ -0,0 +1,36 @@
+package com.RDS.skilltree;
+
+import io.restassured.response.Response;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.TestInstance;
+import org.springframework.boot.test.context.SpringBootTest;
+import utils.RestAPIHelper;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.Matchers.*;
+
+@TestInstance(TestInstance.Lifecycle.PER_CLASS)
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
+public class SecurityContextIntegrationTest extends TestContainerManager {
+
+    @Test
+    public void testTokenIsNotPresent() {
+
+        Response response = given().get("/v1/health");
+        response.then().statusCode(401).body("message", equalTo("The access token provided is expired, revoked, malformed, or invalid for other reasons.Full authentication is required to access this resource"));
+    }
+
+    @Test
+    public void testInvalidToken() {
+
+        Response response = given().cookie("rds-session-v2", "invalidtoken").get("/v1/health");
+        response.then().statusCode(401).body("message", equalTo("The access token provided is expired, revoked, malformed, or invalid for other reasons.Full authentication is required to access this resource"));
+    }
+
+    @Test
+    public void testValidToken() {
+
+        Response response = given().cookies(RestAPIHelper.getUserCookie()).get("/v1/health");
+        response.then().statusCode(200);
+    }
+}