Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BE] AesTokenProvider 관련 SpringBootTest를 POJO 테스트로 변경 #745

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
public class AuthInterceptor implements HandlerInterceptor {

private final AuthService authService;
private final BearerAuthorizationParser bearerAuthorizationParser;

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Expand All @@ -24,7 +23,7 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
return true;
}
String authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
String accessToken = bearerAuthorizationParser.parse(authorizationHeader);
String accessToken = BearerAuthorizationParser.parse(authorizationHeader);
Long memberId = authService.parseMemberId(accessToken);
request.setAttribute("memberId", memberId);
return HandlerInterceptor.super.preHandle(request, response, handler);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,9 @@
import harustudy.backend.auth.exception.InvalidAccessTokenException;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
import lombok.NoArgsConstructor;

public class AccessTokenUtils {

Expand Down Expand Up @@ -47,11 +48,12 @@ private static void validateExpiration(RawToken rawToken) {
}

@Getter
@RequiredArgsConstructor
@NoArgsConstructor
@AllArgsConstructor
private static class RawToken {

private final Long subject;
private Long subject;

private final Date expireAt;
private Date expireAt;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,14 @@
import java.util.Objects;
import org.springframework.stereotype.Component;

@Component
public class BearerAuthorizationParser {

private static final String TOKEN_TYPE = "Bearer";
private static final int TOKEN_TYPE_LOCATION = 0;
private static final int ACCESS_TOKEN_LOCATION = 1;
private static final int HEADER_SIZE = 2;

public String parse(String authorizationHeader) {
public static String parse(String authorizationHeader) {
validateIsNonNull(authorizationHeader);
String[] split = authorizationHeader.split(" ");
if (split.length != HEADER_SIZE || !split[TOKEN_TYPE_LOCATION].equals(TOKEN_TYPE)) {
Expand All @@ -21,7 +20,7 @@ public String parse(String authorizationHeader) {
return split[ACCESS_TOKEN_LOCATION];
}

private void validateIsNonNull(String authorizationHeader) {
private static void validateIsNonNull(String authorizationHeader) {
if (Objects.isNull(authorizationHeader)) {
throw new InvalidAuthorizationHeaderException();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,39 +2,34 @@

import static org.assertj.core.api.AssertionsForClassTypes.assertThatThrownBy;

import harustudy.backend.auth.config.TokenConfig;
import com.fasterxml.jackson.databind.ObjectMapper;
import harustudy.backend.auth.exception.InvalidAccessTokenException;
import org.assertj.core.api.SoftAssertions;
import org.junit.jupiter.api.DisplayNameGeneration;
import org.junit.jupiter.api.DisplayNameGenerator.ReplaceUnderscores;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;

@SuppressWarnings("NonAsciiCharacters")
@DisplayNameGeneration(ReplaceUnderscores.class)
@SpringBootTest
class AesTokenProviderTest {

@Autowired
private AesTokenProvider aesTokenProvider;

@Autowired
private TokenConfig tokenConfig;
private final AesTokenProvider aesTokenProvider = new AesTokenProvider(new ObjectMapper());

@Test
void 액세스_토큰을_생성한다() {
// given
Long memberId = 1L;
String secretKey = "12345678901234567890123456789012";
Long accessTokenExpireLength = 12345L;

// when
String accessToken = aesTokenProvider.createAccessToken(memberId,
tokenConfig.accessTokenExpireLength(), tokenConfig.secretKey());
accessTokenExpireLength, secretKey);

// then
SoftAssertions.assertSoftly(softly -> {
softly.assertThat(accessToken.length()).isGreaterThan(0);
softly.assertThat(aesTokenProvider.parseSubject(accessToken, tokenConfig.secretKey()))
softly.assertThat(aesTokenProvider.parseSubject(accessToken, secretKey))
.isEqualTo(memberId);
});
}
Expand All @@ -43,23 +38,23 @@ class AesTokenProviderTest {
void 복호화되지_않는_액세스_토큰을_검증하면_예외를_던진다() {
// given
String invalidAccessToken = "invalid-access-token";
String secretKey = "12345678901234567890123456789012";

// when, then
assertThatThrownBy(() -> aesTokenProvider.parseSubject(invalidAccessToken,
tokenConfig.secretKey()))
assertThatThrownBy(() -> aesTokenProvider.parseSubject(invalidAccessToken, secretKey))
.isInstanceOf(InvalidAccessTokenException.class);
}

@Test
void 만료된_액세스_토큰을_검증하면_예외를_던진다() {
// given
Long memberId = 1L;
String secretKey = "12345678901234567890123456789012";
String expiredAccessToken = aesTokenProvider.createAccessToken(memberId, -1L,
tokenConfig.secretKey());
secretKey);

// when, then
assertThatThrownBy(() -> aesTokenProvider.parseSubject(expiredAccessToken,
tokenConfig.secretKey()))
assertThatThrownBy(() -> aesTokenProvider.parseSubject(expiredAccessToken, secretKey))
.isInstanceOf(InvalidAccessTokenException.class);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,8 @@

@SuppressWarnings("NonAsciiCharacters")
@DisplayNameGeneration(ReplaceUnderscores.class)
@SpringBootTest
class BearerAuthorizationParserTest {

@Autowired
private BearerAuthorizationParser bearerAuthorizationParser;

@Test
void 인증_헤더에서_액세스_토큰을_파싱한다() {
// given
Expand All @@ -26,7 +22,7 @@ class BearerAuthorizationParserTest {
String authorizationHeader = tokenType + " " + accessToken;

// when
String parsed = bearerAuthorizationParser.parse(authorizationHeader);
String parsed = BearerAuthorizationParser.parse(authorizationHeader);

// then
assertThat(parsed).isEqualTo(accessToken);
Expand All @@ -35,7 +31,7 @@ class BearerAuthorizationParserTest {
@Test
void 인증_헤더가_없으면_예외를_던진다() {
// given, when, then
assertThatThrownBy(() -> bearerAuthorizationParser.parse(null))
assertThatThrownBy(() -> BearerAuthorizationParser.parse(null))
.isInstanceOf(InvalidAuthorizationHeaderException.class);
}

Expand All @@ -47,7 +43,7 @@ class BearerAuthorizationParserTest {
String authorizationHeader = tokenType + " " + email;

// when, then
assertThatThrownBy(() -> bearerAuthorizationParser.parse(authorizationHeader))
assertThatThrownBy(() -> BearerAuthorizationParser.parse(authorizationHeader))
.isInstanceOf(InvalidAuthorizationHeaderException.class);
}
}