Added S3 tests

Author: oharsta

server/src/test/java/access/AbstractTest.java

@@ -163,7 +163,7 @@ public abstract class AbstractTest {
     protected final Map<String, Long> seedIdentifiers = new HashMap<>();
 
     @RegisterExtension
-    static CustomWireMockExtension mockServer = new CustomWireMockExtension(8081);
+    protected static CustomWireMockExtension mockServer = new CustomWireMockExtension(8081);
 
     @LocalServerPort
     protected int port;

server/src/test/java/access/api/ApplicationS3ControllerTest.java

@@ -3,7 +3,6 @@
 import access.AbstractTest;
 import access.AccessCookieFilter;
 import access.model.Application;
-import access.model.Connection;
 import access.model.Organization;
 import com.fasterxml.jackson.core.type.TypeReference;
 import io.restassured.http.ContentType;

server/src/test/java/access/api/ManageControllerTest.java

@@ -5,6 +5,7 @@
 import access.model.EntityType;
 import access.model.Environment;
 import access.security.InstitutionAdmin;
+import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.nimbusds.jose.util.IOUtils;
 import io.restassured.common.mapper.TypeRef;
@@ -124,6 +125,31 @@ void policyByServiceProvider() {
         assertEquals(1, policies.size());
     }
 
+    @SneakyThrows
+    @Test
+    void policyByServiceProviderNotAllowed() {
+        Map<String, Object> identityProvider = super.stubForIdentityProviderByEntityId("http://mock-idp");
+        Map<String, Object> attributes = Map.of(
+                "sub", INSTITUTION_ADMIN,
+                InstitutionAdmin.IDENTITY_PROVIDER, identityProvider);
+        AccessCookieFilter accessCookieFilter = mockLoginFlow(attributes);
+
+        String serviceProviderEntityId = "nope";
+        //The IdP is fetched to check the allowed entities
+        this.stubForGetProvider(EntityType.saml20_idp, "7", Environment.PROD);
+
+        given()
+                .when()
+                .filter(accessCookieFilter.cookieFilter())
+                .header(csrfHeader(accessCookieFilter))
+                .accept(ContentType.JSON)
+                .contentType(ContentType.JSON)
+                .queryParam("entityId", serviceProviderEntityId)
+                .get("/api/v1/manage/policies")
+                .then()
+                .statusCode(HttpStatus.FORBIDDEN.value());
+    }
+
     @SneakyThrows
     @Test
     void uniqueEntityId() {
@@ -182,6 +208,25 @@ void arpInfo() {
         assertTrue(allAttributesPresent);
     }
 
+    @Test
+    void allowedAttributes() throws JsonProcessingException {
+        List<Map<String, Object>> allowedAttributes  = localManage.allowedAttributes();
+        String body = objectMapper.writeValueAsString(allowedAttributes);
+        stubFor(get("/manage/api/internal/protected/allowed-attributes")
+                .willReturn(aResponse().withHeader("Content-Type", "application/json")
+                        .withBody(body)
+                        .withStatus(200)));
+
+        allowedAttributes = given()
+                .when()
+                .accept(ContentType.JSON)
+                .contentType(ContentType.JSON)
+                .get("/api/v1/manage/allowed-attributes")
+                .as(new TypeRef<>() {
+                });
+        assertEquals(9, allowedAttributes.size());
+    }
+
     @Test
     void createPolicy() throws Exception {
         AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/me", ADMIN_SUB);
@@ -214,13 +259,13 @@ void uniquePolicyName() throws Exception {
                         .withBody("[]")
                         .withStatus(200)));
 
-        List<Map<String, Object>> policies =given()
+        List<Map<String, Object>> policies = given()
                 .when()
                 .filter(accessCookieFilter.cookieFilter())
                 .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
                 .accept(ContentType.JSON)
                 .contentType(ContentType.JSON)
-                .body(Map.of("name","policyName"))
+                .body(Map.of("name", "policyName"))
                 .post("/api/v1/manage/unique-policy-name")
                 .as(new TypeRef<>() {
                 });

server/src/test/java/access/api/S3StorageTest.java

@@ -0,0 +1,45 @@
+package access.api;
+
+import access.AbstractTest;
+import org.apache.commons.io.IOUtils;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.ClassPathResource;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Base64;
+
+import static com.github.tomakehurst.wiremock.client.WireMock.*;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class S3StorageTest extends AbstractTest {
+
+    @Autowired
+    private S3Storage s3Storage;
+
+
+    @Test
+    void uploadFile() throws IOException {
+        stubFor(head(urlPathMatching("/s3-images"))
+                .willReturn(aResponse()
+                        .withStatus(404)
+                        .withHeader("Content-Type", "application/xml")
+                        .withBody("<Error><Code>NoSuchBucket</Code><Message>The specified bucket does not exist</Message></Error>")));
+
+        stubFor(put(urlPathMatching("/s3-images"))
+                .willReturn(aResponse()
+                        .withStatus(200)));
+
+        stubFor(put(urlPathMatching("/s3-images/.*"))
+                .willReturn(aResponse()
+                        .withStatus(201)));
+
+        InputStream inputStream = new ClassPathResource("/s3/squirl.jpg").getInputStream();
+        byte[] byteArray = IOUtils.toByteArray(inputStream);
+        String base64Encoded = Base64.getEncoder().encodeToString(byteArray);
+
+        String url = s3Storage.uploadFile(base64Encoded);
+        assertTrue(url.startsWith("http://localhost:8081/s3-images/"));
+    }
+}