OZG-4939 Added test for unauthorized response body

ce0552c9 · OZGCloud · 08eebf49 · ce0552c9 · ce0552c9
Commit ce0552c9 authored 1 year ago by OZGCloud
--- a/src/main/java/de/ozgcloud/admin/security/SecurityConfiguration.java
+++ b/src/main/java/de/ozgcloud/admin/security/SecurityConfiguration.java
@@ -87,9 +87,7 @@ public class SecurityConfiguration {
 	}

 	private String getProblemDetailAsString(String requestUri, AuthenticationException authException) throws JsonProcessingException {
-		var problemDetail = ErrorResponse.builder(authException,
-				HttpStatus.UNAUTHORIZED,
-				authException.getLocalizedMessage()).build().getBody();
+		var problemDetail = ErrorResponse.builder(authException, HttpStatus.UNAUTHORIZED, authException.getLocalizedMessage()).build().getBody();
 		problemDetail.setInstance(URI.create(requestUri));

 		ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter();

--- a/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationLocalITCase.java
+++ b/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationLocalITCase.java
@@ -25,16 +25,26 @@ import static org.junit.jupiter.api.Assertions.*;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;

+import java.net.URI;
+
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.ValueSource;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.web.ErrorResponse;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.ObjectWriter;

 import de.ozgcloud.common.test.DataITCase;
 import lombok.SneakyThrows;
@@ -88,6 +98,26 @@ public class SecurityConfigurationLocalITCase {
 			result.andExpect(status().isUnauthorized());
 		}

+		@Test
+		@SneakyThrows
+		void shouldHaveErrorInfoInBody() {
+			var ex = new AuthenticationException("Full authentication is required to access this resource") {
+			};
+			var expected = getExpectedProblemDetailsAsString("/api", ex);
+
+			var result = doPerform("/api");
+
+			result.andExpect(content().string(expected));
+		}
+
+		private String getExpectedProblemDetailsAsString(String requestUri, AuthenticationException authException) throws JsonProcessingException {
+			var problemDetail = ErrorResponse.builder(authException, HttpStatus.UNAUTHORIZED, authException.getLocalizedMessage()).build().getBody();
+			problemDetail.setInstance(URI.create(requestUri));
+
+			ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter();
+			return ow.writeValueAsString(problemDetail);
+		}
+
 		@SneakyThrows
 		private ResultActions doPerform(String path) {
 			return mockMvc.perform(get(path).header("Authorization", "invalid"));