From b1b993116f5a96a124ea93abad74c23aa95cdacd Mon Sep 17 00:00:00 2001
From: Alex Kemp <alexander.kemp@stfc.ac.uk>
Date: Thu, 5 Sep 2024 10:20:42 +0100
Subject: [PATCH] Reworked tests to be integration tests

---
 .../icatproject/authn_db/AuthenticateIT.java  | 56 +++++++++++++++++
 .../icatproject/authn_db/DescriptionIT.java   | 20 ++++++
 .../icatproject/authn_db/IPTestProfile.java   |  2 +-
 .../org/icatproject/authn_db/IPTests.java     | 49 ---------------
 .../org/icatproject/authn_db/IPTestsIT.java   | 61 +++++++++++++++++++
 .../authn_db/TestAuthenticate.java            | 50 ---------------
 .../authn_db/TestGetDescription.java          | 21 -------
 .../{TestGetVersion.java => VersionIT.java}   | 29 +++++----
 8 files changed, 152 insertions(+), 136 deletions(-)
 create mode 100644 src/test/java/org/icatproject/authn_db/AuthenticateIT.java
 create mode 100644 src/test/java/org/icatproject/authn_db/DescriptionIT.java
 delete mode 100644 src/test/java/org/icatproject/authn_db/IPTests.java
 create mode 100644 src/test/java/org/icatproject/authn_db/IPTestsIT.java
 delete mode 100644 src/test/java/org/icatproject/authn_db/TestAuthenticate.java
 delete mode 100644 src/test/java/org/icatproject/authn_db/TestGetDescription.java
 rename src/test/java/org/icatproject/authn_db/{TestGetVersion.java => VersionIT.java} (72%)

diff --git a/src/test/java/org/icatproject/authn_db/AuthenticateIT.java b/src/test/java/org/icatproject/authn_db/AuthenticateIT.java
new file mode 100644
index 0000000..1a35e26
--- /dev/null
+++ b/src/test/java/org/icatproject/authn_db/AuthenticateIT.java
@@ -0,0 +1,56 @@
+package org.icatproject.authn_db;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+import jakarta.ws.rs.core.Response;
+import org.junit.jupiter.api.Test;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.Matchers.equalTo;
+
+@QuarkusIntegrationTest
+public class AuthenticateIT {
+
+	@Test
+	public void testValidLoginUser() {
+		// JSON string to be sent as form data
+		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}]}";
+
+		given()
+				.header("Content-Type", "application/x-www-form-urlencoded")
+				.formParam("json", jsonString)
+				.when()
+				.post("/authn.db/authenticate")
+				.then()
+				.statusCode(Response.Status.OK.getStatusCode())  // Expect a 200 OK status
+				.body("username", equalTo("user1"))  // Validate the response body
+				.body("mechanism", equalTo("db"));  // Validate the response body
+	}
+	@Test
+	public void testInvalidUsername() {
+		String jsonString = "{\"credentials\":[{\"username\":\"invaliduser\"},{\"password\":\"sunshine\"}]}";
+
+		// Perform an HTTP POST with invalid username, sending the JSON as a form parameter
+		given()
+				.header("Content-Type", "application/x-www-form-urlencoded")  // Set Content-Type for form-urlencoded
+				.formParam("json", jsonString)  // Send the JSON string as a form parameter with the key 'json'
+				.when()
+				.post("/authn.db/authenticate")  // Ensure the path is correct
+				.then()
+				.statusCode(Response.Status.FORBIDDEN.getStatusCode())  // Expect 403 Forbidden
+				.body("message", equalTo("The username and password do not match"));
+	}
+	@Test
+	public void testInvalidPassword() {
+		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"trainspotting\"}]}";
+
+		// Perform an HTTP POST with invalid password, sending the JSON as a form parameter
+		given()
+				.header("Content-Type", "application/x-www-form-urlencoded")  // Set Content-Type for form-urlencoded
+				.formParam("json", jsonString)  // Send the JSON string as a form parameter with the key 'json'
+				.when()
+				.post("/authn.db/authenticate")  // Ensure the path is correct
+				.then()
+				.statusCode(Response.Status.FORBIDDEN.getStatusCode())  // Expect 403 Forbidden
+				.body("message", equalTo("The username and password do not match"));
+	}
+}
diff --git a/src/test/java/org/icatproject/authn_db/DescriptionIT.java b/src/test/java/org/icatproject/authn_db/DescriptionIT.java
new file mode 100644
index 0000000..38f134c
--- /dev/null
+++ b/src/test/java/org/icatproject/authn_db/DescriptionIT.java
@@ -0,0 +1,20 @@
+package org.icatproject.authn_db;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+import io.restassured.RestAssured;
+import org.junit.jupiter.api.Test;
+
+import static org.hamcrest.Matchers.equalTo;
+
+@QuarkusIntegrationTest
+public class DescriptionIT {
+
+	@Test
+	public void getDescription() {
+		RestAssured.given()
+				.when().get("/authn.db/description")
+				.then()
+				.statusCode(200)
+				.body(equalTo("{\"keys\":[{\"name\":\"username\"},{\"name\":\"password\",\"hide\":true}]}"));
+	}
+}
\ No newline at end of file
diff --git a/src/test/java/org/icatproject/authn_db/IPTestProfile.java b/src/test/java/org/icatproject/authn_db/IPTestProfile.java
index d75e79c..aee40cc 100644
--- a/src/test/java/org/icatproject/authn_db/IPTestProfile.java
+++ b/src/test/java/org/icatproject/authn_db/IPTestProfile.java
@@ -8,7 +8,7 @@ public class IPTestProfile implements QuarkusTestProfile {
 	@Override
 	public Map<String, String> getConfigOverrides() {
 		return Map.of(
-				"ip", "192.168.0.1/24 130.10.0.1/24" // Override config property
+				"ip", "192.168.0.1/24 130.10.0.1/24" // Override config property and add ips
 		);
 	}
 }
diff --git a/src/test/java/org/icatproject/authn_db/IPTests.java b/src/test/java/org/icatproject/authn_db/IPTests.java
deleted file mode 100644
index a7585ca..0000000
--- a/src/test/java/org/icatproject/authn_db/IPTests.java
+++ /dev/null
@@ -1,49 +0,0 @@
-package org.icatproject.authn_db;
-
-import io.quarkus.test.junit.QuarkusTest;
-import io.quarkus.test.junit.TestProfile;
-import jakarta.inject.Inject;
-import jakarta.ws.rs.core.Response;
-import org.eclipse.microprofile.config.inject.ConfigProperty;
-import org.icatproject.authentication.AuthnException;
-import org.junit.jupiter.api.Test;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-
-@QuarkusTest
-@TestProfile(IPTestProfile.class)
-public class IPTests {
-
-	@Inject
-	DB_Authenticator authn;
-
-	@Inject
-	@ConfigProperty(name = "mechanism", defaultValue = "db")
-	String mechanism;
-
-	@Test
-	public void testNoIpInRequest() {
-		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}]}";
-		AuthnException exception = assertThrows(AuthnException.class, () -> authn.authenticate(jsonString));
-		assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), exception.getHttpStatusCode());
-		assertEquals("(400) : An Ip address must be provided", exception.getMessage());
-	}
-
-	@Test
-	public void badIpInRequest() {
-		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}], \"ip\":\"192.167.0.125\"}";
-		AuthnException exception = assertThrows(AuthnException.class, () -> authn.authenticate(jsonString));
-		assertEquals(Response.Status.FORBIDDEN.getStatusCode(), exception.getHttpStatusCode());
-		assertEquals("(403) : authn_db does not allow log in from your IP address 192.167.0.125", exception.getMessage());
-	}
-
-	@Test
-	public void goodIpInRequest() throws AuthnException {
-		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}], \"ip\":\"192.168.0.125\"}";
-		String result = authn.authenticate(jsonString);
-		assertEquals(Response.Status.OK.getStatusCode(), 200);
-		String expectedResponse = String.format("{\"username\":\"user1\",\"mechanism\":\"%s\"}", mechanism);
-		assertEquals(expectedResponse, result);
-	}
-}
diff --git a/src/test/java/org/icatproject/authn_db/IPTestsIT.java b/src/test/java/org/icatproject/authn_db/IPTestsIT.java
new file mode 100644
index 0000000..4eb7327
--- /dev/null
+++ b/src/test/java/org/icatproject/authn_db/IPTestsIT.java
@@ -0,0 +1,61 @@
+package org.icatproject.authn_db;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+import io.quarkus.test.junit.TestProfile;
+import jakarta.ws.rs.core.Response;
+import org.junit.jupiter.api.Test;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.Matchers.equalTo;
+
+@QuarkusIntegrationTest
+@TestProfile(IPTestProfile.class)
+public class IPTestsIT {
+
+	@Test
+	public void testNoIpInRequest() {
+		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}]}";
+
+		// Perform an HTTP POST request without IP in the request body
+		given()
+				.header("Content-Type", "application/x-www-form-urlencoded")  // Set Content-Type for form-urlencoded
+				.formParam("json", jsonString)  // Send the JSON string as a form parameter with the key 'json'
+				.when()
+				.post("/authn.db/authenticate")
+				.then()
+				.statusCode(Response.Status.BAD_REQUEST.getStatusCode())  // Expect 400 Bad Request
+				.body("message", equalTo("An Ip address must be provided"));
+	}
+
+	@Test
+	public void badIpInRequest() {
+		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}], \"ip\":\"192.167.0.125\"}";
+
+		// Perform an HTTP POST request with a bad IP address
+		given()
+				.header("Content-Type", "application/x-www-form-urlencoded")  // Set Content-Type for form-urlencoded
+				.formParam("json", jsonString)  // Send the JSON string as a form parameter with the key 'json'
+				.when()
+				.post("/authn.db/authenticate")
+				.then()
+				.statusCode(Response.Status.FORBIDDEN.getStatusCode())  // Expect 403 Forbidden
+				.body("message", equalTo("authn_db does not allow log in from your IP address 192.167.0.125"));
+	}
+
+	@Test
+	public void goodIpInRequest() {
+		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}], \"ip\":\"192.168.0.125\"}";
+
+		// Perform an HTTP POST request with a valid IP address
+		given()
+				.header("Content-Type", "application/x-www-form-urlencoded")  // Set Content-Type for form-urlencoded
+				.formParam("json", jsonString)  // Send the JSON string as a form parameter with the key 'json'
+				.when()
+				.post("/authn.db/authenticate")
+				.then()
+				.statusCode(Response.Status.OK.getStatusCode())  // Expect 200 OK
+				.body("username", equalTo("user1"))
+				.body("mechanism", equalTo("db"));  // Adjust this based on your actual mechanism
+	}
+
+}
diff --git a/src/test/java/org/icatproject/authn_db/TestAuthenticate.java b/src/test/java/org/icatproject/authn_db/TestAuthenticate.java
deleted file mode 100644
index 7c7e13b..0000000
--- a/src/test/java/org/icatproject/authn_db/TestAuthenticate.java
+++ /dev/null
@@ -1,50 +0,0 @@
-package org.icatproject.authn_db;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertThrows;
-
-import io.quarkus.test.junit.QuarkusTest;
-import jakarta.inject.Inject;
-import jakarta.ws.rs.core.Response;
-import org.eclipse.microprofile.config.inject.ConfigProperty;
-import org.icatproject.authentication.AuthnException;
-import org.junit.jupiter.api.Test;
-
-@QuarkusTest
-public class TestAuthenticate {
-
-	@Inject
-	DB_Authenticator authn;
-
-	@Inject
-	@ConfigProperty(name = "mechanism", defaultValue = "db")
-	String mechanism;
-
-	@Test
-	public void testValidLoginUser() throws AuthnException {
-		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"sunshine\"}]}";
-		String result = authn.authenticate(jsonString);
-		assertEquals(Response.Status.OK.getStatusCode(), 200);
-		// the test should return whatever mechanism is in the config
-		String expectedResponse = String.format("{\"username\":\"user1\",\"mechanism\":\"%s\"}", mechanism);
-		assertEquals(expectedResponse, result);
-	}
-
-	@Test
-	public void testInvalidUsername() {
-		String jsonString = "{\"credentials\":[{\"username\":\"invaliduser\"},{\"password\":\"sunshine\"}]}";
-		AuthnException exception = assertThrows(AuthnException.class, () -> authn.authenticate(jsonString));
-		assertEquals(Response.Status.FORBIDDEN.getStatusCode(), exception.getHttpStatusCode());
-		assertEquals("(403) : The username and password do not match", exception.getMessage());
-	}
-
-	@Test
-	public void testInvalidPassword() {
-		String jsonString = "{\"credentials\":[{\"username\":\"user1\"},{\"password\":\"trainspotting\"}]}";
-		AuthnException exception = assertThrows(AuthnException.class, () -> authn.authenticate(jsonString));
-		assertEquals(Response.Status.FORBIDDEN.getStatusCode(), exception.getHttpStatusCode());
-		assertEquals("(403) : The username and password do not match", exception.getMessage());
-	}
-
-}
-
diff --git a/src/test/java/org/icatproject/authn_db/TestGetDescription.java b/src/test/java/org/icatproject/authn_db/TestGetDescription.java
deleted file mode 100644
index dfd3c09..0000000
--- a/src/test/java/org/icatproject/authn_db/TestGetDescription.java
+++ /dev/null
@@ -1,21 +0,0 @@
-package org.icatproject.authn_db;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-
-import io.quarkus.test.junit.QuarkusTest;
-import jakarta.inject.Inject;
-import org.junit.jupiter.api.Test;
-
-@QuarkusTest
-public class TestGetDescription {
-
-	@Inject
-	DB_Authenticator authn;
-
-	@Test
-	public void getDescription() {
-		assertEquals("{\"keys\":[{\"name\":\"username\"},{\"name\":\"password\",\"hide\":true}]}",
-				authn.getDescription());
-	}
-
-}
\ No newline at end of file
diff --git a/src/test/java/org/icatproject/authn_db/TestGetVersion.java b/src/test/java/org/icatproject/authn_db/VersionIT.java
similarity index 72%
rename from src/test/java/org/icatproject/authn_db/TestGetVersion.java
rename to src/test/java/org/icatproject/authn_db/VersionIT.java
index 06c17a7..ec98168 100644
--- a/src/test/java/org/icatproject/authn_db/TestGetVersion.java
+++ b/src/test/java/org/icatproject/authn_db/VersionIT.java
@@ -2,11 +2,11 @@
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
-import jakarta.inject.Inject;
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+import io.restassured.RestAssured;
 import jakarta.json.Json;
 import jakarta.json.JsonObject;
 import jakarta.json.JsonReader;
-import io.quarkus.test.junit.QuarkusTest;
 import org.junit.jupiter.api.Test;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -14,27 +14,26 @@
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import java.io.File;
+import java.io.StringReader;
 
-@QuarkusTest
-public class TestGetVersion {
-
-    @Inject
-    DB_Authenticator authn;
+@QuarkusIntegrationTest
+public class VersionIT {
 
     @Test
     public void testVersion() throws Exception {
-        // Get the version from the pom file
+        // Get the version from the pom.xml
         String expectedVersion = getVersionFromPom();
 
-        // Set the projectVersion field to simulate injection (if needed)
-        authn.projectVersion = expectedVersion;
-
-        // Call the getVersion method
-        String versionResponse = authn.getVersion();
+        // Send a request to the version endpoint
+        String versionResponse = RestAssured.given()
+                .when().get("/authn.db/version")
+                .then()
+                .statusCode(200)
+                .extract().asString();
 
         // Parse the JSON response
         JsonObject versionJson;
-        try (JsonReader jsonReader = Json.createReader(new java.io.StringReader(versionResponse))) {
+        try (JsonReader jsonReader = Json.createReader(new StringReader(versionResponse))) {
             versionJson = jsonReader.readObject();
         }
 
@@ -55,4 +54,4 @@ private String getVersionFromPom() throws Exception {
         Element versionElement = (Element) doc.getElementsByTagName("version").item(0);
         return versionElement.getTextContent();
     }
-}
\ No newline at end of file
+}