package shop.mtcoding.bank.config.jwt;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.ResultActions;
import shop.mtcoding.bank.config.auth.LoginUser;
import shop.mtcoding.bank.domain.user.User;
import shop.mtcoding.bank.domain.user.UserEnum;
@ActiveProfiles("test")
@AutoConfigureMockMvc
@SpringBootTest(webEnvironment = WebEnvironment.MOCK)
public class JwtAuthorizationFilterTest {
@Autowired
private MockMvc mvc;
@Test // doFilterInternal
public void authorization_success_test() throws Exception {
// given
User user = User.builder().id(1L).role(UserEnum.CUSTOMER).build();
LoginUser loginUser = new LoginUser(user);
String jwtToken = JwtProcess.create(loginUser);
System.out.println("테스트 : " + jwtToken);
// when
ResultActions resultActions = mvc.perform(get("/api/s/hello/test").header(JwtValueObject.HEADER, jwtToken));
// then
resultActions.andExpect(status().isNotFound());
}
@Test
public void authorization_fail_test() throws Exception {
// given
// when
ResultActions resultActions = mvc.perform(get("/api/s/hello/test"));
// then
resultActions.andExpect(status().isUnauthorized());
}
@Test
public void authorization_admin_test() throws Exception {
// given
User user = User.builder().id(1L).role(UserEnum.ADMIN).build();
LoginUser loginUser = new LoginUser(user);
String jwtToken = JwtProcess.create(loginUser);
System.out.println("테스트 : " + jwtToken);
// when
ResultActions resultActions = mvc
.perform(get("/api/admin/hello/test").header(JwtValueObject.HEADER, jwtToken));
// then
resultActions.andExpect(status().isNotFound());
}
}
authorization_admin_test 실행하면, SecurityConfig 의 아래 부분에서 걸린다.
모든 인증과 인가에러의 제어를 우리가 했다.