From b2906d09f4fa4c8d13e3bb06a9cb3fde01c7b66e Mon Sep 17 00:00:00 2001 From: Fabio Formosa Date: Sat, 15 Oct 2022 18:03:53 +0200 Subject: [PATCH] #77 added a validation test on the in-memory user props and renamed the username field --- .../configuration/SecurityDiscoverConfig.java | 2 +- .../properties/InMemoryAccountProperties.java | 17 +++- .../api/security/SecurityControllerTest.java | 2 +- .../security/SecurityLoginViaCookieTest.java | 2 +- .../SecurityLoginViaDefaultStrategyTest.java | 2 +- ...urityLoginViaHeaderAndLoginFilterTest.java | 2 +- .../security/SecurityLoginViaHeaderTest.java | 2 +- ...InMemoryUsersValidationControllerTest.java | 79 +++++++++++++++++++ .../src/main/resources/application.yml | 2 +- 9 files changed, 101 insertions(+), 9 deletions(-) create mode 100644 quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryUsersValidationControllerTest.java diff --git a/quartz-manager-parent/quartz-manager-starter-api/src/main/java/it/fabioformosa/quartzmanager/api/configuration/SecurityDiscoverConfig.java b/quartz-manager-parent/quartz-manager-starter-api/src/main/java/it/fabioformosa/quartzmanager/api/configuration/SecurityDiscoverConfig.java index 7261f66..cb65838 100644 --- a/quartz-manager-parent/quartz-manager-starter-api/src/main/java/it/fabioformosa/quartzmanager/api/configuration/SecurityDiscoverConfig.java +++ b/quartz-manager-parent/quartz-manager-starter-api/src/main/java/it/fabioformosa/quartzmanager/api/configuration/SecurityDiscoverConfig.java @@ -6,7 +6,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Slf4j -@ConditionalOnClass(name = {"it.fabioformosa.quartzmanager.security.WebSecurityConfigJWT"}) +@ConditionalOnClass(name = {"it.fabioformosa.quartzmanager.api.security.QuartzManagerSecurityConfig"}) @Configuration public class SecurityDiscoverConfig { diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryAccountProperties.java b/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryAccountProperties.java index 4265194..326aaa9 100644 --- a/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryAccountProperties.java +++ b/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryAccountProperties.java @@ -4,21 +4,34 @@ import lombok.Getter; import lombok.Setter; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; +import org.springframework.validation.annotation.Validated; +import javax.validation.Valid; +import javax.validation.constraints.NotBlank; +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.NotNull; import java.util.ArrayList; import java.util.List; +@Validated @Configuration @ConfigurationProperties(prefix = "quartz-manager.security.accounts.in-memory") @Getter @Setter public class InMemoryAccountProperties { - private boolean enabled; + private boolean enabled = true; + + @Valid + @NotNull + @NotEmpty private List users; @Getter @Setter public static class User { - private String name; + @NotBlank + private String username; + @NotBlank private String password; + @NotEmpty private List roles = new ArrayList<>(); } } diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityControllerTest.java b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityControllerTest.java index 15af31f..c6caf93 100644 --- a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityControllerTest.java +++ b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityControllerTest.java @@ -27,7 +27,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers. "quartz-manager.security.jwt.cookie-strategy.enabled=true", "quartz-manager.security.jwt.cookie-strategy.cookie=AUTH-TOKEN", "quartz-manager.security.accounts.in-memory.enabled=true", - "quartz-manager.security.accounts.in-memory.users[0].name=foo", + "quartz-manager.security.accounts.in-memory.users[0].username=foo", "quartz-manager.security.accounts.in-memory.users[0].password=bar", "quartz-manager.security.accounts.in-memory.users[0].roles[0]=admin", }) diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaCookieTest.java b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaCookieTest.java index a482a53..3119432 100644 --- a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaCookieTest.java +++ b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaCookieTest.java @@ -21,7 +21,7 @@ import org.springframework.test.context.TestPropertySource; "quartz-manager.security.jwt.cookie-strategy.enabled=true", "quartz-manager.security.jwt.cookie-strategy.cookie=AUTH-TOKEN", "quartz-manager.security.accounts.in-memory.enabled=true", - "quartz-manager.security.accounts.in-memory.users[0].name=foo", + "quartz-manager.security.accounts.in-memory.users[0].username=foo", "quartz-manager.security.accounts.in-memory.users[0].password=bar", "quartz-manager.security.accounts.in-memory.users[0].roles[0]=admin", }) diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaDefaultStrategyTest.java b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaDefaultStrategyTest.java index f7f4c1b..864ccd1 100644 --- a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaDefaultStrategyTest.java +++ b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaDefaultStrategyTest.java @@ -12,7 +12,7 @@ import org.springframework.test.context.TestPropertySource; @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @TestPropertySource(properties = { "quartz-manager.security.accounts.in-memory.enabled=true", - "quartz-manager.security.accounts.in-memory.users[0].name=foo", + "quartz-manager.security.accounts.in-memory.users[0].username=foo", "quartz-manager.security.accounts.in-memory.users[0].password=bar", "quartz-manager.security.accounts.in-memory.users[0].roles[0]=admin", }) diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderAndLoginFilterTest.java b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderAndLoginFilterTest.java index 0be0a7a..076fcdb 100644 --- a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderAndLoginFilterTest.java +++ b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderAndLoginFilterTest.java @@ -20,7 +20,7 @@ import org.springframework.test.context.TestPropertySource; "quartz-manager.security.jwt.header-strategy.header=Authorization", "quartz-manager.security.jwt.cookie-strategy.enabled=false", "quartz-manager.security.accounts.in-memory.enabled=true", - "quartz-manager.security.accounts.in-memory.users[0].name=foo", + "quartz-manager.security.accounts.in-memory.users[0].username=foo", "quartz-manager.security.accounts.in-memory.users[0].password=bar", "quartz-manager.security.accounts.in-memory.users[0].roles[0]=admin", }) diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderTest.java b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderTest.java index 0e5a793..eb61e55 100644 --- a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderTest.java +++ b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/SecurityLoginViaHeaderTest.java @@ -19,7 +19,7 @@ import org.springframework.test.context.TestPropertySource; "quartz-manager.security.jwt.header-strategy.header=Authorization", "quartz-manager.security.jwt.cookie-strategy.enabled=false", "quartz-manager.security.accounts.in-memory.enabled=true", - "quartz-manager.security.accounts.in-memory.users[0].name=foo", + "quartz-manager.security.accounts.in-memory.users[0].username=foo", "quartz-manager.security.accounts.in-memory.users[0].password=bar", "quartz-manager.security.accounts.in-memory.users[0].roles[0]=admin", }) diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryUsersValidationControllerTest.java b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryUsersValidationControllerTest.java new file mode 100644 index 0000000..60c9397 --- /dev/null +++ b/quartz-manager-parent/quartz-manager-starter-security/src/test/java/it/fabioformosa/quartzmanager/api/security/properties/InMemoryUsersValidationControllerTest.java @@ -0,0 +1,79 @@ +package it.fabioformosa.quartzmanager.api.security.properties; + +import org.assertj.core.api.Assertions; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; +import org.springframework.boot.context.properties.bind.BindResult; +import org.springframework.boot.context.properties.bind.Binder; +import org.springframework.boot.context.properties.source.ConfigurationPropertySource; +import org.springframework.boot.context.properties.source.MapConfigurationPropertySource; + +import javax.validation.Validation; +import javax.validation.Validator; +import java.util.HashMap; +import java.util.Map; +import java.util.stream.Stream; + +public class InMemoryUsersValidationControllerTest { + + private static Validator propertyValidator; + + static Stream notValidInMemoryProps = Stream.of( + Arguments.of( + Map.of("quartz-manager.security.accounts.in-memory.users[0].password", "bar"), + Map.of("quartz-manager.security.accounts.in-memory.users[0].roles[0]", "admin")), + Arguments.of( + Map.of("quartz-manager.security.accounts.in-memory.users[0].username", "foo"), + Map.of("quartz-manager.security.accounts.in-memory.users[0].roles[0]", "admin")), + Arguments.of( + Map.of("quartz-manager.security.accounts.in-memory.users[0].username", "foo"), + Map.of("quartz-manager.security.accounts.in-memory.users[0].password", "bar")) + ); + + + @BeforeAll + public static void setup() { + propertyValidator = Validation.buildDefaultValidatorFactory().getValidator(); + } + + static Stream getNotValidInMemoryProps(){ + return notValidInMemoryProps; + } + + @ParameterizedTest + @MethodSource("it.fabioformosa.quartzmanager.api.security.properties.InMemoryUsersValidationControllerTest#getNotValidInMemoryProps") + void givenAMissingUsername_whenThePropertyValidationIsApplied_thenShouldRaiseValidationError(Map properties) throws Exception { + ConfigurationPropertySource source = new MapConfigurationPropertySource(properties); + + Binder binder = new Binder(source); + BindResult result = binder.bind("quartz-manager.security.accounts.in-memory", InMemoryAccountProperties.class); + + Assertions.assertThat(result.isBound()).isTrue(); + + InMemoryAccountProperties inMemoryAccountProperties = result.get(); + Assertions.assertThat(propertyValidator.validate(inMemoryAccountProperties).size()).isGreaterThan(0); + + } + + @Test + void givenAllInMemoryPropsAreSet_whenThePropertyValidationIsApplied_thenShouldRaiseValidationError() throws Exception { + Map properties = new HashMap<>(); + properties.put("quartz-manager.security.accounts.in-memory.users[0].username", "foo"); + properties.put("quartz-manager.security.accounts.in-memory.users[0].password", "bar"); + properties.put("quartz-manager.security.accounts.in-memory.users[0].roles[0]", "admin"); + + ConfigurationPropertySource source = new MapConfigurationPropertySource(properties); + + Binder binder = new Binder(source); + BindResult result = binder.bind("quartz-manager.security.accounts.in-memory", InMemoryAccountProperties.class); + + Assertions.assertThat(result.isBound()).isTrue(); + + InMemoryAccountProperties inMemoryAccountProperties = result.get(); + Assertions.assertThat(propertyValidator.validate(inMemoryAccountProperties).size()).isEqualTo(0); + } + +} diff --git a/quartz-manager-parent/quartz-manager-web-showcase/src/main/resources/application.yml b/quartz-manager-parent/quartz-manager-web-showcase/src/main/resources/application.yml index 0d642cb..854aa83 100644 --- a/quartz-manager-parent/quartz-manager-web-showcase/src/main/resources/application.yml +++ b/quartz-manager-parent/quartz-manager-web-showcase/src/main/resources/application.yml @@ -8,7 +8,7 @@ quartz-manager: in-memory: enabled: true users: - - name: admin + - username: admin password: admin roles: - ADMIN