mirror of https://github.com/usbharu/Hideout.git
test: WithMockHttpSignatureを追加
This commit is contained in:
parent
59298f77c2
commit
87d6b61b25
|
@ -18,7 +18,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders
|
|||
import org.springframework.transaction.annotation.Transactional
|
||||
import org.springframework.web.context.WebApplicationContext
|
||||
import util.TestTransaction
|
||||
import util.WithHttpSignature
|
||||
import util.WithMockHttpSignature
|
||||
|
||||
@SpringBootTest(classes = [SpringApplication::class])
|
||||
@AutoConfigureMockMvc
|
||||
|
@ -49,7 +49,7 @@ class InboxTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@WithHttpSignature
|
||||
@WithMockHttpSignature
|
||||
fun 有効なHttpSignatureでPOSTしたら202() {
|
||||
mockMvc
|
||||
.post("/inbox") {
|
||||
|
@ -72,7 +72,7 @@ class InboxTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@WithHttpSignature
|
||||
@WithMockHttpSignature
|
||||
fun 有効なHttpSignaturesでPOSTしたら202() {
|
||||
mockMvc
|
||||
.post("/users/hoge/inbox") {
|
||||
|
|
|
@ -13,5 +13,8 @@ import java.lang.annotation.Inherited
|
|||
annotation class WithHttpSignature(
|
||||
@get:AliasFor(
|
||||
annotation = WithSecurityContext::class
|
||||
) val setupBefore: TestExecutionEvent = TestExecutionEvent.TEST_METHOD
|
||||
) val setupBefore: TestExecutionEvent = TestExecutionEvent.TEST_METHOD,
|
||||
val keyId: String = "https://example.com/users/test-user#pubkey",
|
||||
val url: String = "https://example.com/inbox",
|
||||
val method: String = "GET"
|
||||
)
|
||||
|
|
|
@ -1,34 +1,42 @@
|
|||
package util
|
||||
|
||||
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUser
|
||||
import dev.usbharu.hideout.application.external.Transaction
|
||||
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService
|
||||
import dev.usbharu.hideout.core.query.UserQueryService
|
||||
import dev.usbharu.httpsignature.common.HttpHeaders
|
||||
import dev.usbharu.httpsignature.common.HttpMethod
|
||||
import dev.usbharu.httpsignature.common.HttpRequest
|
||||
import dev.usbharu.httpsignature.sign.RsaSha256HttpSignatureSigner
|
||||
import dev.usbharu.httpsignature.verify.DefaultSignatureHeaderParser
|
||||
import dev.usbharu.httpsignature.verify.RsaSha256HttpSignatureVerifier
|
||||
import org.springframework.security.core.context.SecurityContext
|
||||
import org.springframework.security.core.context.SecurityContextHolder
|
||||
import org.springframework.security.test.context.support.WithSecurityContextFactory
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
|
||||
import java.net.URL
|
||||
|
||||
class WithHttpSignatureSecurityContextFactory : WithSecurityContextFactory<WithHttpSignature> {
|
||||
class WithHttpSignatureSecurityContextFactory(
|
||||
userQueryService: UserQueryService,
|
||||
transaction: Transaction
|
||||
) : WithSecurityContextFactory<WithHttpSignature> {
|
||||
|
||||
private val securityContextStrategy = SecurityContextHolder.getContextHolderStrategy()
|
||||
|
||||
private val httpSignatureUserDetailsService: HttpSignatureUserDetailsService = HttpSignatureUserDetailsService(
|
||||
userQueryService,
|
||||
RsaSha256HttpSignatureVerifier(DefaultSignatureHeaderParser(), RsaSha256HttpSignatureSigner()),
|
||||
transaction
|
||||
)
|
||||
|
||||
|
||||
override fun createSecurityContext(annotation: WithHttpSignature): SecurityContext {
|
||||
val httpSignatureUser = HttpSignatureUser(
|
||||
"user",
|
||||
"example.com",
|
||||
12345,
|
||||
true,
|
||||
true,
|
||||
mutableListOf()
|
||||
)
|
||||
val preAuthenticatedAuthenticationToken = PreAuthenticatedAuthenticationToken(
|
||||
"user", HttpRequest(
|
||||
annotation.keyId, HttpRequest(
|
||||
URL("https://example.com/inbox"),
|
||||
HttpHeaders(mapOf()), HttpMethod.GET
|
||||
)
|
||||
)
|
||||
val httpSignatureUser = httpSignatureUserDetailsService.loadUserDetails(preAuthenticatedAuthenticationToken)
|
||||
preAuthenticatedAuthenticationToken.details = httpSignatureUser
|
||||
preAuthenticatedAuthenticationToken.isAuthenticated = true
|
||||
val emptyContext = securityContextStrategy.createEmptyContext()
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
package util
|
||||
|
||||
import org.springframework.core.annotation.AliasFor
|
||||
import org.springframework.security.test.context.support.TestExecutionEvent
|
||||
import org.springframework.security.test.context.support.WithSecurityContext
|
||||
import java.lang.annotation.Inherited
|
||||
|
||||
@Target(AnnotationTarget.FUNCTION, AnnotationTarget.TYPE)
|
||||
@Retention(AnnotationRetention.RUNTIME)
|
||||
@Inherited
|
||||
@MustBeDocumented
|
||||
@WithSecurityContext(factory = WithMockHttpSignatureSecurityContextFactory::class)
|
||||
annotation class WithMockHttpSignature(
|
||||
@get:AliasFor(
|
||||
annotation = WithSecurityContext::class
|
||||
) val setupBefore: TestExecutionEvent = TestExecutionEvent.TEST_METHOD,
|
||||
val username: String = "test-user",
|
||||
val domain: String = "example.com",
|
||||
val keyId: String = "https://example.com/users/test-user#pubkey",
|
||||
val id: Long = 1234L,
|
||||
val url: String = "https://example.com/inbox",
|
||||
val method: String = "GET"
|
||||
)
|
|
@ -0,0 +1,39 @@
|
|||
package util
|
||||
|
||||
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUser
|
||||
import dev.usbharu.httpsignature.common.HttpHeaders
|
||||
import dev.usbharu.httpsignature.common.HttpMethod
|
||||
import dev.usbharu.httpsignature.common.HttpRequest
|
||||
import org.springframework.security.core.context.SecurityContext
|
||||
import org.springframework.security.core.context.SecurityContextHolder
|
||||
import org.springframework.security.test.context.support.WithSecurityContextFactory
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
|
||||
import java.net.URL
|
||||
|
||||
class WithMockHttpSignatureSecurityContextFactory :
|
||||
WithSecurityContextFactory<WithMockHttpSignature> {
|
||||
|
||||
private val securityContextStrategy = SecurityContextHolder.getContextHolderStrategy()
|
||||
|
||||
override fun createSecurityContext(annotation: WithMockHttpSignature): SecurityContext {
|
||||
val preAuthenticatedAuthenticationToken = PreAuthenticatedAuthenticationToken(
|
||||
annotation.keyId, HttpRequest(
|
||||
URL(annotation.url),
|
||||
HttpHeaders(mapOf()), HttpMethod.valueOf(annotation.method.uppercase())
|
||||
)
|
||||
)
|
||||
val httpSignatureUser = HttpSignatureUser(
|
||||
annotation.username,
|
||||
annotation.domain,
|
||||
annotation.id,
|
||||
true,
|
||||
true,
|
||||
mutableListOf()
|
||||
)
|
||||
preAuthenticatedAuthenticationToken.details = httpSignatureUser
|
||||
preAuthenticatedAuthenticationToken.isAuthenticated = true
|
||||
val emptyContext = securityContextStrategy.createEmptyContext()
|
||||
emptyContext.authentication = preAuthenticatedAuthenticationToken
|
||||
return emptyContext
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue