- Added error response if login info is false
- Added simple token validation (DOES NOT CHECK IF TOKEN IS EXPIRED YET) - Added Softwaretest for AuthenticationService.java
This commit is contained in:
parent
33d2f28222
commit
278b613230
@ -32,6 +32,11 @@ public class AuthenticationController {
|
|||||||
response.put("token", token);
|
response.put("token", token);
|
||||||
response.put("success", token != null);
|
response.put("success", token != null);
|
||||||
|
|
||||||
|
if(token == null) {
|
||||||
|
log.debug("Authentication failed for username: " + authenticationRequest.getUsername());
|
||||||
|
return new ResponseEntity<>(response, HttpStatus.UNAUTHORIZED);
|
||||||
|
}
|
||||||
|
|
||||||
return new ResponseEntity<>(response, HttpStatus.OK);
|
return new ResponseEntity<>(response, HttpStatus.OK);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -2,7 +2,7 @@ package de.w665.sharepulse.service;
|
|||||||
|
|
||||||
import de.w665.sharepulse.db.repo.UserRepository;
|
import de.w665.sharepulse.db.repo.UserRepository;
|
||||||
import de.w665.sharepulse.model.User;
|
import de.w665.sharepulse.model.User;
|
||||||
import io.jsonwebtoken.Jwts;
|
import io.jsonwebtoken.*;
|
||||||
import io.jsonwebtoken.security.Keys;
|
import io.jsonwebtoken.security.Keys;
|
||||||
import jakarta.annotation.PostConstruct;
|
import jakarta.annotation.PostConstruct;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
@ -60,4 +60,14 @@ public class AuthenticationService {
|
|||||||
.signWith(secretKey)
|
.signWith(secretKey)
|
||||||
.compact();
|
.compact();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public boolean validateToken(String token) {
|
||||||
|
try {
|
||||||
|
Jwt<?,?> jwt = Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token);
|
||||||
|
// TODO: Check if token is expired
|
||||||
|
return true;
|
||||||
|
} catch (Exception e) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -0,0 +1,58 @@
|
|||||||
|
package de.w665.sharepulse;
|
||||||
|
|
||||||
|
import de.w665.sharepulse.db.repo.UserRepository;
|
||||||
|
import de.w665.sharepulse.model.User;
|
||||||
|
import de.w665.sharepulse.service.AuthenticationService;
|
||||||
|
import org.junit.jupiter.api.BeforeEach;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
|
import org.springframework.boot.test.mock.mockito.MockBean;
|
||||||
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
|
||||||
|
import java.util.Optional;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.*;
|
||||||
|
import static org.mockito.ArgumentMatchers.anyString;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
|
||||||
|
@SpringBootTest
|
||||||
|
public class AuthenticationServiceTest {
|
||||||
|
|
||||||
|
@MockBean
|
||||||
|
private UserRepository userRepository;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private AuthenticationService authenticationService;
|
||||||
|
|
||||||
|
private User mockUser;
|
||||||
|
private String username = "testUser";
|
||||||
|
private String password = "testPass";
|
||||||
|
|
||||||
|
@BeforeEach
|
||||||
|
public void setup() {
|
||||||
|
mockUser = new User();
|
||||||
|
mockUser.setUsername(username);
|
||||||
|
mockUser.setPassword(new BCryptPasswordEncoder().encode(password));
|
||||||
|
when(userRepository.retrieveUserByUsername(anyString())).thenReturn(Optional.of(mockUser));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void whenValidUsernameAndPassword_thenAuthenticateShouldReturnToken() {
|
||||||
|
String token = authenticationService.authenticate(username, password);
|
||||||
|
assertNotNull(token, "Token should not be null for valid credentials");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void whenValidToken_thenValidateTokenShouldReturnTrue() {
|
||||||
|
String token = authenticationService.authenticate(username, password);
|
||||||
|
assertTrue(authenticationService.validateToken(token), "Token validation should return true for a valid token");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void whenInvalidToken_thenValidateTokenShouldReturnFalse() {
|
||||||
|
String invalidToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ0ZXN0VXNlciJ9.WrongSignature";
|
||||||
|
assertFalse(authenticationService.validateToken(invalidToken), "Token validation should return false for an invalid token");
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user