forked from line/line-fido2-server
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add unit tests for Bean validation (line#22)
* Add unit tests for Bean validation
- Loading branch information
Showing
19 changed files
with
739 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
...ne/auth/fido/fido2/common/server/bean/validation/AuthOptionRequestBeanValidationTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; | ||
|
||
import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionRequest; | ||
import org.junit.jupiter.api.BeforeAll; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import javax.validation.ConstraintViolation; | ||
import java.io.IOException; | ||
import java.util.Set; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
|
||
class AuthOptionRequestBeanValidationTest extends BeanValidationTestSupport { | ||
|
||
private static AuthOptionRequest origin; | ||
private AuthOptionRequest authOptionRequest; | ||
|
||
@BeforeAll | ||
static void initGlobal() throws IOException { | ||
origin = objectMapper.readValue(AuthOptionRequest.class.getResourceAsStream("/json/auth/auth-challenge-req.json"), AuthOptionRequest.class); | ||
} | ||
|
||
@BeforeEach | ||
void setUp() throws IOException { | ||
//Deep copy | ||
authOptionRequest = objectMapper.readValue(objectMapper.writeValueAsString(origin), AuthOptionRequest.class); | ||
} | ||
|
||
@Test | ||
void validateSuccessfulRequest() { | ||
final Set<ConstraintViolation<AuthOptionRequest>> constraintViolations = validator.validate(authOptionRequest); | ||
assertThat(constraintViolations).isEmpty(); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithBlank() { | ||
|
||
authOptionRequest.setRpId(""); | ||
|
||
final Set<ConstraintViolation<AuthOptionRequest>> constraintViolations = validator.validate(authOptionRequest); | ||
|
||
assertThat(constraintViolations).hasSize(1); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_NOT_BE_BLANK); | ||
} | ||
} |
26 changes: 26 additions & 0 deletions
26
...inecorp/line/auth/fido/fido2/common/server/bean/validation/BeanValidationTestSupport.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; | ||
|
||
import com.fasterxml.jackson.databind.ObjectMapper; | ||
import org.junit.jupiter.api.BeforeAll; | ||
|
||
import javax.validation.Validation; | ||
import javax.validation.Validator; | ||
import java.util.Locale; | ||
|
||
public class BeanValidationTestSupport { | ||
|
||
protected static final String MUST_NOT_BE_NULL = "must not be null"; | ||
protected static final String MUST_NOT_BE_BLANK = "must not be blank"; | ||
protected static final String MUST_BE_A_WELL_FORMED_BASE_64 = "must be a well-formed base64"; | ||
protected static final String LENGTH_MUST_BE_BETWEEN_1_AND_64 = "length must be between 1 and 64"; | ||
protected static final String NOT_VALID_BASE64_URL_STRING = "!@=/+"; | ||
|
||
protected static final ObjectMapper objectMapper = new ObjectMapper(); | ||
protected static Validator validator; | ||
|
||
@BeforeAll | ||
static void init() { | ||
Locale.setDefault(Locale.ENGLISH); | ||
validator = Validation.buildDefaultValidatorFactory().getValidator(); | ||
} | ||
} |
48 changes: 48 additions & 0 deletions
48
...ine/auth/fido/fido2/common/server/bean/validation/RegOptionRequestBeanValidationTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; | ||
|
||
import com.linecorp.line.auth.fido.fido2.common.server.RegOptionRequest; | ||
import org.junit.jupiter.api.BeforeAll; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import javax.validation.ConstraintViolation; | ||
import java.io.IOException; | ||
import java.util.Set; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
|
||
class RegOptionRequestBeanValidationTest extends BeanValidationTestSupport { | ||
|
||
private static RegOptionRequest origin; | ||
private RegOptionRequest regOptionRequest; | ||
|
||
@BeforeAll | ||
static void initGlobal() throws IOException { | ||
origin = objectMapper.readValue(RegOptionRequest.class.getResourceAsStream("/json/reg/reg-challenge-req.json"), RegOptionRequest.class); | ||
} | ||
|
||
@BeforeEach | ||
void setUp() throws IOException { | ||
//Deep copy | ||
regOptionRequest = objectMapper.readValue(objectMapper.writeValueAsString(origin), RegOptionRequest.class); | ||
} | ||
|
||
@Test | ||
void validateSuccessfulRequest() { | ||
final Set<ConstraintViolation<RegOptionRequest>> constraintViolations = validator.validate(regOptionRequest); | ||
assertThat(constraintViolations).isEmpty(); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithNull() { | ||
|
||
regOptionRequest.setRp(null); | ||
regOptionRequest.setUser(null); | ||
|
||
final Set<ConstraintViolation<RegOptionRequest>> constraintViolations = validator.validate(regOptionRequest); | ||
|
||
assertThat(constraintViolations).hasSize(2); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_NOT_BE_NULL); | ||
} | ||
} |
61 changes: 61 additions & 0 deletions
61
...e/auth/fido/fido2/common/server/bean/validation/RegisterCredentialBeanValidationTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; | ||
|
||
import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredential; | ||
import org.junit.jupiter.api.BeforeAll; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import javax.validation.ConstraintViolation; | ||
import java.io.IOException; | ||
import java.util.Set; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
|
||
class RegisterCredentialBeanValidationTest extends BeanValidationTestSupport { | ||
|
||
private static RegisterCredential origin; | ||
private RegisterCredential registerCredential; | ||
|
||
@BeforeAll | ||
static void initGlobal() throws IOException { | ||
origin = objectMapper.readValue(RegisterCredential.class.getResourceAsStream("/json/reg/reg-response-req.json"), RegisterCredential.class); | ||
} | ||
|
||
@BeforeEach | ||
void setUp() throws IOException { | ||
//Deep copy | ||
registerCredential = objectMapper.readValue(objectMapper.writeValueAsString(origin), RegisterCredential.class); | ||
} | ||
|
||
@Test | ||
void validateSuccessfulRequest() { | ||
final Set<ConstraintViolation<RegisterCredential>> constraintViolations = validator.validate(registerCredential); | ||
assertThat(constraintViolations).isEmpty(); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithNull() { | ||
|
||
registerCredential.setServerPublicKeyCredential(null); | ||
|
||
final Set<ConstraintViolation<RegisterCredential>> constraintViolations = validator.validate(registerCredential); | ||
|
||
assertThat(constraintViolations).hasSize(1); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_NOT_BE_NULL); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithBlank() { | ||
|
||
registerCredential.setOrigin(""); | ||
registerCredential.setRpId(""); | ||
registerCredential.setSessionId(""); | ||
|
||
final Set<ConstraintViolation<RegisterCredential>> constraintViolations = validator.validate(registerCredential); | ||
|
||
assertThat(constraintViolations).hasSize(3); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_NOT_BE_BLANK); | ||
} | ||
} |
74 changes: 74 additions & 0 deletions
74
.../fido2/common/server/bean/validation/ServerAuthPublicKeyCredentialBeanValidationTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; | ||
|
||
import com.linecorp.line.auth.fido.fido2.common.server.ServerAuthPublicKeyCredential; | ||
import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredential; | ||
import org.junit.jupiter.api.BeforeAll; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import javax.validation.ConstraintViolation; | ||
import java.io.IOException; | ||
import java.util.Set; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
|
||
class ServerAuthPublicKeyCredentialBeanValidationTest extends BeanValidationTestSupport { | ||
|
||
private static ServerAuthPublicKeyCredential origin; | ||
private ServerAuthPublicKeyCredential serverAuthPublicKeyCredential; | ||
|
||
@BeforeAll | ||
static void initGlobal() throws IOException { | ||
origin = objectMapper.readValue(VerifyCredential.class.getResourceAsStream("/json/auth/auth-response-req.json"), VerifyCredential.class).getServerPublicKeyCredential(); | ||
} | ||
|
||
@BeforeEach | ||
void setUp() throws IOException { | ||
//Deep copy | ||
serverAuthPublicKeyCredential = objectMapper.readValue(objectMapper.writeValueAsString(origin), ServerAuthPublicKeyCredential.class); | ||
} | ||
|
||
@Test | ||
void validateSuccessfulRequest() { | ||
final Set<ConstraintViolation<ServerAuthPublicKeyCredential>> constraintViolations = validator.validate(serverAuthPublicKeyCredential); | ||
assertThat(constraintViolations).isEmpty(); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithNull() { | ||
|
||
serverAuthPublicKeyCredential.setResponse(null); | ||
serverAuthPublicKeyCredential.setType(null); | ||
|
||
final Set<ConstraintViolation<ServerAuthPublicKeyCredential>> constraintViolations = validator.validate(serverAuthPublicKeyCredential); | ||
|
||
assertThat(constraintViolations).hasSize(2); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_NOT_BE_NULL); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithBlank() { | ||
|
||
serverAuthPublicKeyCredential.setId(""); | ||
|
||
final Set<ConstraintViolation<ServerAuthPublicKeyCredential>> constraintViolations = validator.validate(serverAuthPublicKeyCredential); | ||
|
||
assertThat(constraintViolations).hasSize(1); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_NOT_BE_BLANK); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithInvalidBase64Url() { | ||
|
||
final String id = serverAuthPublicKeyCredential.getId() + NOT_VALID_BASE64_URL_STRING; | ||
serverAuthPublicKeyCredential.setId(id); | ||
|
||
final Set<ConstraintViolation<ServerAuthPublicKeyCredential>> constraintViolations = validator.validate(serverAuthPublicKeyCredential); | ||
|
||
assertThat(constraintViolations).hasSize(1); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_BE_A_WELL_FORMED_BASE_64); | ||
} | ||
} |
68 changes: 68 additions & 0 deletions
68
...common/server/bean/validation/ServerAuthenticatorAssertionResponseBeanValidationTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; | ||
|
||
import com.linecorp.line.auth.fido.fido2.common.server.ServerAuthenticatorAssertionResponse; | ||
import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredential; | ||
import org.junit.jupiter.api.BeforeAll; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import javax.validation.ConstraintViolation; | ||
import java.io.IOException; | ||
import java.util.Set; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
|
||
class ServerAuthenticatorAssertionResponseBeanValidationTest extends BeanValidationTestSupport { | ||
private static ServerAuthenticatorAssertionResponse origin; | ||
private ServerAuthenticatorAssertionResponse serverAuthenticatorAssertionResponse; | ||
|
||
@BeforeAll | ||
static void initGlobal() throws IOException { | ||
origin = objectMapper.readValue(VerifyCredential.class.getResourceAsStream("/json/auth/auth-response-req.json"), VerifyCredential.class).getServerPublicKeyCredential().getResponse(); | ||
} | ||
|
||
@BeforeEach | ||
void setUp() throws IOException { | ||
//Deep copy | ||
serverAuthenticatorAssertionResponse = objectMapper.readValue(objectMapper.writeValueAsString(origin), ServerAuthenticatorAssertionResponse.class); | ||
} | ||
|
||
@Test | ||
void validateSuccessfulRequest() { | ||
final Set<ConstraintViolation<ServerAuthenticatorAssertionResponse>> constraintViolations = validator.validate(serverAuthenticatorAssertionResponse); | ||
assertThat(constraintViolations).isEmpty(); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithBlank() { | ||
|
||
serverAuthenticatorAssertionResponse.setAuthenticatorData(""); | ||
serverAuthenticatorAssertionResponse.setClientDataJSON(""); | ||
serverAuthenticatorAssertionResponse.setSignature(""); | ||
|
||
final Set<ConstraintViolation<ServerAuthenticatorAssertionResponse>> constraintViolations = validator.validate(serverAuthenticatorAssertionResponse); | ||
|
||
assertThat(constraintViolations).hasSize(3); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_NOT_BE_BLANK); | ||
} | ||
|
||
@Test | ||
void validateIncompleteRequestWithInvalidBase64Url() { | ||
|
||
final String authenticatorData = serverAuthenticatorAssertionResponse.getAuthenticatorData() + NOT_VALID_BASE64_URL_STRING; | ||
serverAuthenticatorAssertionResponse.setAuthenticatorData(authenticatorData); | ||
|
||
final String clientDataJSON = serverAuthenticatorAssertionResponse.getClientDataJSON() + NOT_VALID_BASE64_URL_STRING; | ||
serverAuthenticatorAssertionResponse.setClientDataJSON(clientDataJSON); | ||
|
||
final String signature = serverAuthenticatorAssertionResponse.getSignature() + NOT_VALID_BASE64_URL_STRING; | ||
serverAuthenticatorAssertionResponse.setSignature(signature); | ||
|
||
final Set<ConstraintViolation<ServerAuthenticatorAssertionResponse>> constraintViolations = validator.validate(serverAuthenticatorAssertionResponse); | ||
|
||
assertThat(constraintViolations).hasSize(3); | ||
assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) | ||
.containsOnly(MUST_BE_A_WELL_FORMED_BASE_64); | ||
} | ||
} |
Oops, something went wrong.