Skip to content

Commit e3836c1

Browse files
arcuri82arcuri82
committed
dynamic calls for tokens
1 parent 366aef4 commit e3836c1

1 file changed

Lines changed: 130 additions & 48 deletions

File tree

jdk_17_maven/em/embedded/rest/familie-ba-sak/src/main/java/em/embedded/familie/ba/sak/EmbeddedEvoMasterController.java

Lines changed: 130 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,18 @@
22

33
import com.nimbusds.jose.JOSEObjectType;
44
import no.nav.security.mock.oauth2.MockOAuth2Server;
5+
import no.nav.security.mock.oauth2.OAuth2Config;
56
import no.nav.security.mock.oauth2.token.DefaultOAuth2TokenCallback;
7+
import no.nav.security.mock.oauth2.token.RequestMapping;
8+
import no.nav.security.mock.oauth2.token.RequestMappingTokenCallback;
69
import org.evomaster.client.java.controller.AuthUtils;
710
import org.evomaster.client.java.controller.EmbeddedSutController;
811
import org.evomaster.client.java.controller.InstrumentedSutStarter;
912
import org.evomaster.client.java.controller.api.dto.SutInfoDto;
1013
import org.evomaster.client.java.controller.api.dto.auth.AuthenticationDto;
14+
import org.evomaster.client.java.controller.api.dto.auth.HttpVerb;
15+
import org.evomaster.client.java.controller.api.dto.auth.LoginEndpointDto;
16+
import org.evomaster.client.java.controller.api.dto.auth.TokenHandlingDto;
1117
import org.evomaster.client.java.controller.api.dto.database.schema.DatabaseType;
1218
import org.evomaster.client.java.controller.problem.ProblemInfo;
1319
import org.evomaster.client.java.controller.problem.RestProblem;
@@ -47,6 +53,17 @@ public class EmbeddedEvoMasterController extends EmbeddedSutController {
4753

4854
private final String PROSESSERING_ROLLE = "928636f4-fd0d-4149-978e-a6fb68bb19de";
4955

56+
private final String TOKEN_PARAM = "name";
57+
58+
private static final String A0 = "TaskRunner";
59+
private static final String A1 = "Veileder";
60+
private static final String A2 = "Saksbehandler";
61+
private static final String A3 = "Beslutter";
62+
private static final String A4 = "Forvalter";
63+
private static final String A5 = "Kode6";
64+
private static final String A6 = "Kode7";
65+
66+
5067
private Connection sqlConnection;
5168
private List<DbSpecification> dbSpecification;
5269

@@ -81,68 +98,133 @@ public String getPackagePrefixesToCover() {
8198
return "no.nav.familie.ba.sak.";
8299
}
83100

101+
84102
@Override
85103
public List<AuthenticationDto> getInfoForAuthentication() {
86104

87-
//see RolletilgangTest
88-
String token_task = getToken(Arrays.asList(PROSESSERING_ROLLE),"Z0042", "Task Runner");
89-
String token_veileder = getToken(Arrays.asList("VEILEDER"),"Z0000", "Mock McMockface");
90-
String token_saksbehandler = getToken(Arrays.asList("SAKSBEHANDLER"),"Z0001", "Foo Bar");
91-
String token_beslutter = getToken(Arrays.asList("BESLUTTER"),"Z0002", "John Smith");
92-
String token_forvalter = getToken(Arrays.asList("FORVALTER"),"Z0003", "Mario Rossi");
93-
String token_kode6 = getToken(Arrays.asList("KODE6"),"Z0004", "Kode Six");
94-
String token_kode7 = getToken(Arrays.asList("KODE7"),"Z0005", "Kode Seven");
95-
96-
/*
97-
TODO check
98-
enum class BehandlerRolle(val nivå: Int) {
99-
SYSTEM(4),
100-
BESLUTTER(3),
101-
SAKSBEHANDLER(2),
102-
VEILEDER(1),
103-
UKJENT(0),
104-
}
105-
*/
106-
107-
/*
108-
FIXME
109-
prosessering_rolle is only for endpoints under:
110-
"/api/task"
111-
TODO need to check how others are validated...
112-
*/
105+
String url = oAuth2Server.baseUrl() + ISSUER_ID + "/token";
113106

114107
return Arrays.asList(
115-
AuthUtils.getForAuthorizationHeader("TaskRunner", "Bearer " + token_task),
116-
AuthUtils.getForAuthorizationHeader("Veileder", "Bearer " + token_veileder),
117-
AuthUtils.getForAuthorizationHeader("Saksbehandler", "Bearer " + token_saksbehandler),
118-
AuthUtils.getForAuthorizationHeader("Beslutter", "Bearer " + token_beslutter),
119-
AuthUtils.getForAuthorizationHeader("Forvalter", "Bearer " + token_forvalter),
120-
AuthUtils.getForAuthorizationHeader("Kode6", "Bearer " + token_kode6),
121-
AuthUtils.getForAuthorizationHeader("Kode7", "Bearer " + token_kode7)
108+
getAuthenticationDto(A0,url),
109+
getAuthenticationDto(A1,url),
110+
getAuthenticationDto(A2,url),
111+
getAuthenticationDto(A3,url),
112+
getAuthenticationDto(A4,url),
113+
getAuthenticationDto(A5,url),
114+
getAuthenticationDto(A6,url)
122115
);
123116
}
124117

125-
private String getToken(List<String> groups, String id, String name) {
118+
private RequestMappingTokenCallback getTokenCallback(String label, List<String> groups, String id, String name) {
126119
Map<String,Object> claims = new HashMap<>();
127120
claims.put("groups",groups);
128121
claims.put("name",name);
129122
claims.put("NAVident", id);
130123

131-
String token = oAuth2Server.issueToken(
124+
Set<RequestMapping> mappings = new HashSet<>();
125+
RequestMapping rm = new RequestMapping(TOKEN_PARAM,label,claims,JOSEObjectType.JWT.getType());
126+
mappings.add(rm);
127+
128+
RequestMappingTokenCallback callback = new RequestMappingTokenCallback(
132129
ISSUER_ID,
133-
id,
134-
new DefaultOAuth2TokenCallback(
135-
ISSUER_ID,
136-
"subject",
137-
JOSEObjectType.JWT.getType(),
138-
Arrays.asList(DEFAULT_AUDIENCE),
139-
claims,
140-
360000
141-
)
142-
).serialize();
143-
return token;
130+
mappings,
131+
360000
132+
);
133+
134+
return callback;
144135
}
145136

137+
private OAuth2Config getOAuth2Config(){
138+
139+
Set<RequestMappingTokenCallback> callbacks = Set.of(
140+
getTokenCallback(A0, Arrays.asList(PROSESSERING_ROLLE),"Z0042", "Task Runner"),
141+
getTokenCallback(A1, Arrays.asList("VEILEDER"),"Z0000", "Mock McMockface"),
142+
getTokenCallback(A2, Arrays.asList("SAKSBEHANDLER"),"Z0001", "Foo Bar"),
143+
getTokenCallback(A3, Arrays.asList("BESLUTTER"),"Z0002", "John Smith"),
144+
getTokenCallback(A4, Arrays.asList("FORVALTER"),"Z0003", "Mario Rossi"),
145+
getTokenCallback(A5, Arrays.asList("KODE6"),"Z0004", "Kode Six"),
146+
getTokenCallback(A6, Arrays.asList("KODE7"),"Z0005", "Kode Seven")
147+
);
148+
149+
OAuth2Config config = new OAuth2Config(
150+
false,
151+
null,
152+
null,
153+
new no.nav.security.mock.oauth2.token.OAuth2TokenProvider(),
154+
callbacks
155+
);
156+
157+
return config;
158+
}
159+
160+
private AuthenticationDto getAuthenticationDto(String label, String oauth2Url){
161+
162+
AuthenticationDto dto = new AuthenticationDto(label);
163+
LoginEndpointDto x = new LoginEndpointDto();
164+
dto.loginEndpointAuth = x;
165+
166+
x.externalEndpointURL = oauth2Url;
167+
x.payloadRaw = "name="+label+"&grant_type=authorization_code&code=foo&client_id=foo";
168+
x.verb = HttpVerb.POST;
169+
x.contentType = "application/x-www-form-urlencoded";
170+
x.expectCookies = false;
171+
172+
TokenHandlingDto token = new TokenHandlingDto();
173+
token.headerPrefix = "Bearer ";
174+
token.httpHeaderName = "Authorization";
175+
token.extractFromField = "/access_token";
176+
x.token = token;
177+
178+
return dto;
179+
}
180+
181+
182+
183+
184+
// @Override
185+
// public List<AuthenticationDto> getInfoForAuthentication() {
186+
//
187+
// //see RolletilgangTest
188+
// String token_task = getToken(Arrays.asList(PROSESSERING_ROLLE),"Z0042", "Task Runner");
189+
// String token_veileder = getToken(Arrays.asList("VEILEDER"),"Z0000", "Mock McMockface");
190+
// String token_saksbehandler = getToken(Arrays.asList("SAKSBEHANDLER"),"Z0001", "Foo Bar");
191+
// String token_beslutter = getToken(Arrays.asList("BESLUTTER"),"Z0002", "John Smith");
192+
// String token_forvalter = getToken(Arrays.asList("FORVALTER"),"Z0003", "Mario Rossi");
193+
// String token_kode6 = getToken(Arrays.asList("KODE6"),"Z0004", "Kode Six");
194+
// String token_kode7 = getToken(Arrays.asList("KODE7"),"Z0005", "Kode Seven");
195+
//
196+
// return Arrays.asList(
197+
// AuthUtils.getForAuthorizationHeader("TaskRunner", "Bearer " + token_task),
198+
// AuthUtils.getForAuthorizationHeader("Veileder", "Bearer " + token_veileder),
199+
// AuthUtils.getForAuthorizationHeader("Saksbehandler", "Bearer " + token_saksbehandler),
200+
// AuthUtils.getForAuthorizationHeader("Beslutter", "Bearer " + token_beslutter),
201+
// AuthUtils.getForAuthorizationHeader("Forvalter", "Bearer " + token_forvalter),
202+
// AuthUtils.getForAuthorizationHeader("Kode6", "Bearer " + token_kode6),
203+
// AuthUtils.getForAuthorizationHeader("Kode7", "Bearer " + token_kode7)
204+
// );
205+
// }
206+
//
207+
// private String getToken(List<String> groups, String id, String name) {
208+
// Map<String,Object> claims = new HashMap<>();
209+
// claims.put("groups",groups);
210+
// claims.put("name",name);
211+
// claims.put("NAVident", id);
212+
//
213+
// String token = oAuth2Server.issueToken(
214+
// ISSUER_ID,
215+
// id,
216+
// new DefaultOAuth2TokenCallback(
217+
// ISSUER_ID,
218+
// "subject",
219+
// JOSEObjectType.JWT.getType(),
220+
// Arrays.asList(DEFAULT_AUDIENCE),
221+
// claims,
222+
// 360000
223+
// )
224+
// ).serialize();
225+
// return token;
226+
// }
227+
146228

147229
@Override
148230
public ProblemInfo getProblemInfo() {
@@ -161,8 +243,8 @@ public SutInfoDto.OutputFormat getPreferredOutputFormat() {
161243
public String startSut() {
162244
postgresContainer.start();
163245

164-
oAuth2Server = new MockOAuth2Server();
165-
oAuth2Server.start(8081); //TODO fixed until we handle dynamic headers in generated tests
246+
oAuth2Server = new MockOAuth2Server(getOAuth2Config());
247+
oAuth2Server.start();
166248

167249
String wellKnownUrl = oAuth2Server.wellKnownUrl(ISSUER_ID).toString();
168250

0 commit comments

Comments
 (0)