forked from opensearch-project/security
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Craig Perkins <[email protected]>
- Loading branch information
Showing
1 changed file
with
63 additions
and
0 deletions.
There are no files selected for viewing
63 changes: 63 additions & 0 deletions
63
src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| package org.opensearch.security.filter; | ||
|
|
||
| import io.netty.handler.codec.http.DefaultFullHttpRequest; | ||
| import io.netty.handler.codec.http.FullHttpRequest; | ||
| import io.netty.handler.codec.http.HttpMethod; | ||
| import io.netty.handler.codec.http.HttpVersion; | ||
| import org.junit.Test; | ||
| import org.opensearch.http.netty4.Netty4HttpChannel; | ||
|
|
||
| import static org.junit.Assert.assertFalse; | ||
| import static org.junit.Assert.assertTrue; | ||
| import static org.mockito.Mockito.mock; | ||
|
|
||
| public class SecurityRestUtilsTests { | ||
|
|
||
| @Test | ||
| public void testShouldSkipAuthentication_positive() { | ||
| FullHttpRequest request1 = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.OPTIONS, "/"); | ||
| NettyRequestChannel requestChannel1 = new NettyRequestChannel(request1, mock(Netty4HttpChannel.class)); | ||
|
|
||
| assertTrue(SecurityRestUtils.shouldSkipAuthentication(requestChannel1)); | ||
|
|
||
| FullHttpRequest request2 = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, "/_plugins/_security/health"); | ||
| NettyRequestChannel requestChannel2 = new NettyRequestChannel(request2, mock(Netty4HttpChannel.class)); | ||
|
|
||
| assertTrue(SecurityRestUtils.shouldSkipAuthentication(requestChannel2)); | ||
|
|
||
| FullHttpRequest request3 = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, "/_plugins/_security/whoami"); | ||
| NettyRequestChannel requestChannel3 = new NettyRequestChannel(request3, mock(Netty4HttpChannel.class)); | ||
|
|
||
| assertTrue(SecurityRestUtils.shouldSkipAuthentication(requestChannel3)); | ||
| } | ||
|
|
||
| @Test | ||
| public void testShouldSkipAuthentication_negative() { | ||
| FullHttpRequest request1 = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, "/"); | ||
| NettyRequestChannel requestChannel1 = new NettyRequestChannel(request1, mock(Netty4HttpChannel.class)); | ||
|
|
||
| assertFalse(SecurityRestUtils.shouldSkipAuthentication(requestChannel1)); | ||
|
|
||
| FullHttpRequest request2 = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, "/_cluster/health"); | ||
| NettyRequestChannel requestChannel2 = new NettyRequestChannel(request2, mock(Netty4HttpChannel.class)); | ||
|
|
||
| assertFalse(SecurityRestUtils.shouldSkipAuthentication(requestChannel2)); | ||
|
|
||
| FullHttpRequest request3 = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, "/my-index/_search"); | ||
| NettyRequestChannel requestChannel3 = new NettyRequestChannel(request3, mock(Netty4HttpChannel.class)); | ||
|
|
||
| assertFalse(SecurityRestUtils.shouldSkipAuthentication(requestChannel3)); | ||
| } | ||
|
|
||
| @Test | ||
| public void testGetRawPath() { | ||
| String rawPathWithParams = "/_cluster/health?pretty"; | ||
| String rawPathWithoutParams = "/my-index/search"; | ||
|
|
||
| String path1 = SecurityRestUtils.path(rawPathWithParams); | ||
| String path2 = SecurityRestUtils.path(rawPathWithoutParams); | ||
|
|
||
| assertTrue("/_cluster/health".equals(path1)); | ||
| assertTrue("/my-index/search".equals(path2)); | ||
| } | ||
| } |