11package com .uid2 .shared .middleware ;
22
3- import com .uid2 .shared .audit .AuditParams ;
3+ import com .uid2 .shared .audit .Audit ;
44import com .uid2 .shared .auth .IAuthorizableProvider ;
55import com .uid2 .shared .auth .IRoleAuthorizable ;
6+ import com .uid2 .shared .auth .OperatorKey ;
7+ import com .uid2 .shared .auth .OperatorType ;
68import com .uid2 .shared .auth .Role ;
79import io .vertx .core .Handler ;
810import io .vertx .core .http .HttpServerRequest ;
11+ import io .vertx .core .json .JsonObject ;
912import io .vertx .ext .web .RoutingContext ;
13+ import org .junit .jupiter .api .Assertions ;
1014import org .junit .jupiter .api .BeforeEach ;
1115import org .junit .jupiter .api .Test ;
1216import org .junit .jupiter .api .extension .ExtendWith ;
17+ import org .mockito .ArgumentCaptor ;
1318import org .mockito .ArgumentMatchers ;
1419import org .mockito .Mock ;
1520import org .mockito .junit .jupiter .MockitoExtension ;
1621import org .mockito .junit .jupiter .MockitoSettings ;
1722import org .mockito .quality .Strictness ;
1823
24+ import java .util .List ;
25+ import java .util .Set ;
26+
1927import static org .mockito .Mockito .*;
2028
2129@ ExtendWith (MockitoExtension .class )
@@ -31,8 +39,10 @@ public class AuthMiddlewareTest {
3139 private Handler <RoutingContext > nextHandler ;
3240 @ Mock
3341 private IRoleAuthorizable <Role > profile ;
42+ private OperatorKey operatorKey = new OperatorKey (null , null , "operator-key" , "contact" , "trusted" , 1000 , false , 999 , Set .of (Role .OPERATOR ), OperatorType .PUBLIC , "test-key-id" );
3443 private AuthMiddleware auth ;
3544
45+
3646 @ BeforeEach
3747 public void setup () {
3848 auth = new AuthMiddleware (authProvider , "app" );
@@ -92,11 +102,46 @@ public void authHandlerKeyWithFirstRoleAudit() {
92102 when (request .getHeader ("Authorization" )).thenReturn ("Bearer some-key" );
93103 when (authProvider .get ("some-key" )).thenReturn (profile );
94104 when (profile .hasRole (Role .MAPPER )).thenReturn (true );
95- Handler <RoutingContext > handler = auth .handleWithAudit (nextHandler , new AuditParams (), true , Role .MAPPER , Role .ID_READER );
105+ Handler <RoutingContext > handler = auth .handleWithAudit (nextHandler , List .of (Role .MAPPER , Role .ID_READER ));
106+ handler .handle (routingContext );
107+ verify (nextHandler ).handle (routingContext );
108+ verify (routingContext , times (0 )).fail (any ());
109+ verify (routingContext , times (1 )).addBodyEndHandler (ArgumentMatchers .<Handler <Void >>any ());
110+ }
111+
112+ private void verifyAuditLogFilled () {
113+ ArgumentCaptor <String > keyArgumentCaptor = ArgumentCaptor .forClass (String .class );
114+ ArgumentCaptor <JsonObject > jsonObjectArgumentCaptor = ArgumentCaptor .forClass (JsonObject .class );
115+ verify (routingContext ).put (keyArgumentCaptor .capture (), jsonObjectArgumentCaptor .capture ());
116+ JsonObject auditLogUserDetailsActual = jsonObjectArgumentCaptor .getValue ();
117+ Assertions .assertEquals (Audit .USER_DETAILS , keyArgumentCaptor .getValue ());
118+ Assertions .assertEquals (operatorKey .getName (), auditLogUserDetailsActual .getString ("operator_key_name" ));
119+ Assertions .assertEquals (operatorKey .getContact (), auditLogUserDetailsActual .getString ("operator_key_contact" ));
120+ Assertions .assertEquals (operatorKey .getSiteId ().toString (), auditLogUserDetailsActual .getString ("operator_key_site_id" ));
121+ }
122+
123+ @ Test
124+ public void authHandlerOperatorKeyWithFirstRoleAudit () {
125+ when (request .getHeader ("Authorization" )).thenReturn ("Bearer operator-key" );
126+ when (authProvider .get (operatorKey .getName ())).thenReturn (operatorKey );
127+ Handler <RoutingContext > handler = auth .handleWithAudit (nextHandler , List .of (Role .OPERATOR ));
96128 handler .handle (routingContext );
97129 verify (nextHandler ).handle (routingContext );
98130 verify (routingContext , times (0 )).fail (any ());
99131 verify (routingContext , times (1 )).addBodyEndHandler (ArgumentMatchers .<Handler <Void >>any ());
132+ verifyAuditLogFilled ();
133+ }
134+
135+ @ Test
136+ public void authHandlerOperatorKeyWithUnauthorizedRoleAudit () {
137+ when (request .getHeader ("Authorization" )).thenReturn ("Bearer operator-key" );
138+ when (authProvider .get (operatorKey .getName ())).thenReturn (operatorKey );
139+ Handler <RoutingContext > handler = auth .handleWithAudit (nextHandler , List .of (Role .OPTOUT ));
140+ handler .handle (routingContext );
141+ verifyNoInteractions (nextHandler );
142+ verify (routingContext ).fail (401 );
143+ verify (routingContext , times (0 )).addBodyEndHandler (ArgumentMatchers .<Handler <Void >>any ());
144+ verifyAuditLogFilled ();
100145 }
101146
102147 @ Test public void authHandlerKeyWithSecondRole () {
@@ -115,7 +160,7 @@ public void authHandlerKeyWithSecondRoleAudit() {
115160 when (request .getHeader ("Authorization" )).thenReturn ("Bearer some-key" );
116161 when (authProvider .get ("some-key" )).thenReturn (profile );
117162 when (profile .hasRole (Role .ID_READER )).thenReturn (true );
118- Handler <RoutingContext > handler = auth .handleWithAudit (nextHandler , new AuditParams (), true , Role .MAPPER , Role .ID_READER );
163+ Handler <RoutingContext > handler = auth .handleWithAudit (nextHandler , List . of ( Role .MAPPER , Role .ID_READER ) );
119164 handler .handle (routingContext );
120165 verify (nextHandler ).handle (routingContext );
121166 verify (routingContext , times (0 )).fail (any ());
0 commit comments