Add unit tests for auth feature (#259)

* refactor: move auth feature, remove unnecessary class * test: add unit tests for auth feature * fix: suppress unsafe cast in order to avoid build errors * fix: fix changes after review comment
Samsung · Oct 24, 2023 · 79eb5c6 · 79eb5c6
1 parent b290f94
commit 79eb5c6
Show file tree

Hide file tree

Showing 8 changed files with 195 additions and 47 deletions.
diff --git a/src/main/java/com/lpvs/auth/MyAuthenticationSuccessHandler.java b/src/main/java/com/lpvs/auth/MyAuthenticationSuccessHandler.java
diff --git a/...ain/java/com/lpvs/auth/MemberProfile.java → ...a/com/lpvs/entity/auth/MemberProfile.java b/...ain/java/com/lpvs/auth/MemberProfile.java → ...a/com/lpvs/entity/auth/MemberProfile.java
@@ -5,7 +5,7 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import com.lpvs.entity.LPVSMember;
 import lombok.Getter;

diff --git a/...n/java/com/lpvs/auth/OAuthAttributes.java → ...com/lpvs/entity/auth/OAuthAttributes.java b/...n/java/com/lpvs/auth/OAuthAttributes.java → ...com/lpvs/entity/auth/OAuthAttributes.java
@@ -5,12 +5,13 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import java.util.Arrays;
 import java.util.Map;
 import java.util.function.Function;
 
+@SuppressWarnings("unchecked")
 public enum OAuthAttributes {
     GOOGLE("google", (attributes) -> {
         MemberProfile memberProfile = new MemberProfile();

diff --git a/...main/java/com/lpvs/auth/OAuthService.java → ...va/com/lpvs/entity/auth/OAuthService.java b/...main/java/com/lpvs/auth/OAuthService.java → ...va/com/lpvs/entity/auth/OAuthService.java
@@ -5,11 +5,13 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import com.lpvs.entity.LPVSMember;
 import com.lpvs.repository.LPVSMemberRepository;
 import lombok.RequiredArgsConstructor;
+
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
@@ -28,10 +30,18 @@
 public class OAuthService implements OAuth2UserService<OAuth2UserRequest, OAuth2User> {
 
     private final LPVSMemberRepository lpvsMemberRepository;
+
+    private DefaultOAuth2UserService oAuth2UserService = null;
+
+    @Autowired
+    public OAuthService(LPVSMemberRepository lpvsMemberRepository, DefaultOAuth2UserService oAuth2UserService) {
+        this.lpvsMemberRepository = lpvsMemberRepository;
+        this.oAuth2UserService = oAuth2UserService;
+    }   
 
     @Override
     public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
-        OAuth2UserService delegate = new DefaultOAuth2UserService();
+        OAuth2UserService <OAuth2UserRequest, OAuth2User> delegate = (null != oAuth2UserService)? oAuth2UserService : new DefaultOAuth2UserService();
         OAuth2User oAuth2User = delegate.loadUser(userRequest);
 
         String registrationId = userRequest.getClientRegistration().getRegistrationId();
@@ -49,6 +59,7 @@ public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2Authentic
 
         Map<String, Object> customAttribute = customAttribute(attributes, userNameAttributeName,
                 memberProfile, registrationId);
+
 
         return new DefaultOAuth2User(Collections.singleton(new SimpleGrantedAuthority("USER")),
                 customAttribute,

diff --git a/...in/java/com/lpvs/auth/SecurityConfig.java → .../com/lpvs/entity/auth/SecurityConfig.java b/...in/java/com/lpvs/auth/SecurityConfig.java → .../com/lpvs/entity/auth/SecurityConfig.java
@@ -5,18 +5,30 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import lombok.RequiredArgsConstructor;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.util.UriComponentsBuilder;
 
 @EnableWebSecurity
 @RequiredArgsConstructor
@@ -48,7 +60,23 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .anyRequest().permitAll()
                 .and()
                 .oauth2Login()
-                .successHandler(new MyAuthenticationSuccessHandler())
+                .successHandler(new AuthenticationSuccessHandler() {
+                    @Value("${frontend.main-page.url:}")
+                    private String frontendMainPageUrl;
+
+                    private String REDIRECT_URI = frontendMainPageUrl+"/login/callback";
+
+                    @Override
+                    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+                        OAuth2User oAuth2User = (OAuth2User) authentication.getPrincipal();
+                        System.out.println("oAuth2User = " + oAuth2User);
+
+                        response.sendRedirect(UriComponentsBuilder.fromUriString(REDIRECT_URI)
+                                .queryParam("accessToken", "accessToken")
+                                .queryParam("refreshToken", "refreshToken")
+                                .build().encode(StandardCharsets.UTF_8).toUriString());
+                    }
+                })
                 .defaultSuccessUrl(frontendMainPageUrl, true)
                 .userInfoEndpoint()
                 .userService(oAuthService);

diff --git a/src/test/java/com/lpvs/entity/auth/MemberProfileTest.java b/src/test/java/com/lpvs/entity/auth/MemberProfileTest.java
@@ -0,0 +1,41 @@
+/**
+ * Copyright (c) 2023, Samsung Electronics Co., Ltd. All rights reserved.
+ * <p>
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.entity.auth;
+
+import org.junit.jupiter.api.Test;
+
+import com.lpvs.entity.LPVSMember;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
+
+public class MemberProfileTest {
+
+    @Test
+    public void testConstructor() {
+        MemberProfile profile = new MemberProfile();
+        assertNull(profile.getName());
+        assertNull(profile.getEmail());
+        assertNull(profile.getProvider());
+        assertNull(profile.getNickname());
+    }
+
+    @Test
+    public void testToMember() {
+        MemberProfile profile = new MemberProfile();
+        profile.setName("John");
+        profile.setEmail("[email protected]");
+        profile.setProvider("OAuth2");
+        LPVSMember member = profile.toMember();
+
+        assertEquals("John", member.getName());
+        assertEquals("[email protected]", member.getEmail());
+        assertEquals("OAuth2", member.getProvider());
+    }
+}
diff --git a/src/test/java/com/lpvs/entity/auth/OAuthAttributesTest.java b/src/test/java/com/lpvs/entity/auth/OAuthAttributesTest.java
@@ -0,0 +1,40 @@
+/**
+ * Copyright (c) 2023, Samsung Electronics Co., Ltd. All rights reserved.
+ * <p>
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.entity.auth;
+
+import org.junit.jupiter.api.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class OAuthAttributesTest {
+
+    @Test
+    public void testExtractOAuthAttributes() {
+        Map<String, Object> attributes = new HashMap<String, Object>() {{
+            put("name", "testName");
+            put("email", "testEmail");
+        }};;
+        MemberProfile profile = OAuthAttributes.extract("google", attributes);
+        assertEquals("testName", profile.getName());
+        assertEquals("testEmail", profile.getEmail());
+    }
+
+    @Test
+    public void testExtractOAuthAttributesUnknownProvider() {
+        Map<String, Object> attributes = new HashMap<String, Object>() {{
+            put("name", "testName");
+            put("email", "testEmail");
+        }};;
+        assertThrows(IllegalArgumentException.class, () -> {
+            OAuthAttributes.extract("unknown", attributes);
+        });
+    }
+}
diff --git a/src/test/java/com/lpvs/entity/auth/OAuthServiceTest.java b/src/test/java/com/lpvs/entity/auth/OAuthServiceTest.java
@@ -0,0 +1,68 @@
+/**
+ * Copyright (c) 2023, Samsung Electronics Co., Ltd. All rights reserved.
+ * <p>
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.entity.auth;
+
+import com.lpvs.repository.LPVSMemberRepository;
+
+import org.junit.jupiter.api.Test;
+import org.mockito.Mockito;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
+import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import static org.mockito.Mockito.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+public class OAuthServiceTest {
+
+    @Test
+    public void testLoadUser() throws OAuth2AuthenticationException {
+
+        // Create a mock LPVSMemberRepository
+        LPVSMemberRepository lpvsMemberRepository = mock(LPVSMemberRepository.class);
+
+        // Create a sample OAuth2UserRequest
+        ClientRegistration clientRegistration = ClientRegistration
+                .withRegistrationId("google")
+                .userInfoUri("https://example.com/userinfo")
+                .userNameAttributeName("email")
+                .authorizationGrantType(AuthorizationGrantType.PASSWORD)
+                .clientId("id")
+                .tokenUri("https://example.com/tokenuri")
+                .build();
+        OAuth2UserRequest userRequest = new OAuth2UserRequest(
+                clientRegistration,
+                new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", null, null));
+
+        Map<String, Object> attributes = new LinkedHashMap<>();
+        attributes.put("email", "testEmail");
+        attributes.put("name", "testName");
+        OAuth2User oAuth2User = new DefaultOAuth2User(Collections.singleton(new SimpleGrantedAuthority("USER")), attributes, "email");
+
+        // Mock the behavior of DefaultOAuth2UserService
+        DefaultOAuth2UserService defaultUserService = Mockito.mock(DefaultOAuth2UserService.class);
+        when(defaultUserService.loadUser(userRequest)).thenReturn(oAuth2User);
+
+        // Create an instance of your OAuthService with the mocked DefaultOAuth2UserService
+        OAuthService oAuthService = new OAuthService(lpvsMemberRepository, defaultUserService);
+
+        OAuth2User loadedUser = oAuthService.loadUser(userRequest);
+
+        assertEquals("testEmail", loadedUser.getAttribute("email"));
+        assertEquals("testName", loadedUser.getAttribute("name"));
+        assertEquals("google", loadedUser.getAttribute("provider"));
+    }
+}