-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d0f0ce3
commit f09cffc
Showing
2 changed files
with
112 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
100 changes: 100 additions & 0 deletions
100
src/test/kotlin/com/restaurant/be/common/jwt/JwtFilterTest.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,100 @@ | ||
| package com.restaurant.be.common.jwt | ||
|
|
||
| import com.restaurant.be.common.response.Token | ||
| import io.kotest.core.spec.style.DescribeSpec | ||
| import io.mockk.clearAllMocks | ||
| import io.mockk.every | ||
| import io.mockk.mockk | ||
| import io.mockk.verify | ||
| import java.security.SignatureException | ||
| import java.util.Date | ||
| import javax.servlet.FilterChain | ||
| import javax.servlet.http.HttpServletRequest | ||
| import javax.servlet.http.HttpServletResponse | ||
| import org.springframework.security.core.Authentication | ||
| import org.springframework.security.core.context.SecurityContext | ||
| import org.springframework.security.core.context.SecurityContextHolder | ||
|
|
||
| class JwtFilterTest : DescribeSpec({ | ||
|
|
||
| val tokenProvider = mockk<TokenProvider>() | ||
| val jwtUserRepository = mockk<JwtUserRepository>() | ||
| val request = mockk<HttpServletRequest>(relaxed = true) | ||
| val response = mockk<HttpServletResponse>(relaxed = true) | ||
| val filterChain = mockk<FilterChain>(relaxed = true) | ||
| val jwtFilter = JwtFilter(tokenProvider, jwtUserRepository) | ||
|
|
||
| beforeEach { | ||
| clearAllMocks() | ||
| val securityContext = mockk<SecurityContext>() | ||
| SecurityContextHolder.setContext(securityContext) | ||
| } | ||
|
|
||
| describe("doFilterInternal") { | ||
|
|
||
| it("should set authentication when access token is valid and user is valid") { | ||
| val accessToken = "validAccessToken" | ||
| every { request.getHeader(JwtFilter.AUTHORIZATION_HEADER) } returns accessToken | ||
| every { request.getHeader(JwtFilter.REFRESH_TOKEN_HEADER) } returns null | ||
| every { tokenProvider.resolveToken(accessToken) } returns accessToken | ||
| every { tokenProvider.validateToken(accessToken) } returns true | ||
| every { tokenProvider.getEmailFromToken(accessToken) } returns "[email protected]" | ||
| every { jwtUserRepository.validTokenByEmail("[email protected]") } returns true | ||
| val authentication = mockk<Authentication>() | ||
| every { tokenProvider.getAuthentication(accessToken) } returns authentication | ||
|
|
||
| jwtFilter.doFilterInternal(request, response, filterChain) | ||
|
|
||
| verify { SecurityContextHolder.getContext().authentication = authentication } | ||
| verify { filterChain.doFilter(request, response) } | ||
| } | ||
|
|
||
| it("should not set authentication when access token is invalid") { | ||
| val accessToken = "invalidAccessToken" | ||
| every { request.getHeader(JwtFilter.AUTHORIZATION_HEADER) } returns accessToken | ||
| every { request.getHeader(JwtFilter.REFRESH_TOKEN_HEADER) } returns null | ||
| every { tokenProvider.resolveToken(accessToken) } returns accessToken | ||
| every { tokenProvider.validateToken(accessToken) } returns false | ||
|
|
||
| jwtFilter.doFilterInternal(request, response, filterChain) | ||
|
|
||
| verify { request.setAttribute("exception", any<SignatureException>()) } | ||
| verify { filterChain.doFilter(request, response) } | ||
| } | ||
|
|
||
| it("should reissue token when refresh token is present") { | ||
| val refreshToken = "validRefreshToken" | ||
| val accessToken = "oldAccessToken" | ||
| every { request.getHeader(JwtFilter.AUTHORIZATION_HEADER) } returns accessToken | ||
| every { request.getHeader(JwtFilter.REFRESH_TOKEN_HEADER) } returns refreshToken | ||
| every { tokenProvider.resolveToken(accessToken) } returns accessToken | ||
| every { tokenProvider.resolveToken(refreshToken) } returns refreshToken | ||
| every { tokenProvider.validateToken(refreshToken) } returns true | ||
| every { tokenProvider.tokenReissue(accessToken, refreshToken) } returns Token( | ||
| "newAccessToken", | ||
| "newRefreshToken", | ||
| "Bearer", | ||
| 1000, | ||
| Date.from(Date().toInstant()) | ||
| ) | ||
| every { response.getHeader(JwtFilter.AUTHORIZATION_HEADER) } returns null | ||
|
|
||
| jwtFilter.doFilterInternal(request, response, filterChain) | ||
|
|
||
| verify { response.addHeader(JwtFilter.AUTHORIZATION_HEADER, "newAccessToken") } | ||
| verify { filterChain.doFilter(request, response) } | ||
| } | ||
|
|
||
| it("should log and return when access token is missing but refresh token is present") { | ||
| val refreshToken = "validRefreshToken" | ||
| every { request.getHeader(JwtFilter.AUTHORIZATION_HEADER) } returns null | ||
| every { request.getHeader(JwtFilter.REFRESH_TOKEN_HEADER) } returns refreshToken | ||
| every { tokenProvider.resolveToken(refreshToken) } returns refreshToken | ||
| every { tokenProvider.validateToken(refreshToken) } returns true | ||
|
|
||
| jwtFilter.doFilterInternal(request, response, filterChain) | ||
|
|
||
| verify(exactly = 0) { filterChain.doFilter(request, response) } | ||
| } | ||
| } | ||
| }) |