SecurityWebIT.java

/**
 * Copyright (c) 2013-2016, The SeedStack authors <http://seedstack.org>
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 */
package org.seedstack.seed.web.security;

import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.RunAsClient;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Test;
import org.seedstack.seed.it.AbstractSeedWebIT;

import java.net.URL;

import static com.jayway.restassured.RestAssured.expect;
import static com.jayway.restassured.RestAssured.given;

public class SecurityWebIT extends AbstractSeedWebIT {
    @Deployment
    public static WebArchive createDeployment() {
        return ShrinkWrap.create(WebArchive.class)
                .addAsWebResource("jediCouncil.html")
                .addAsWebResource("jediAcademy.html")
                .addAsResource("META-INF/resources/resources/image.jpg", "META-INF/resources/resources/image.jpg")
                .addAsResource("security.yaml", "META-INF/configuration/security.yaml");
    }

    @Test
    @RunAsClient
    public void request_on_secured_resource_should_send_401(@ArquillianResource URL baseURL) throws Exception {
        expect().statusCode(401).when().get(baseURL.toString() + "jediCouncil.html");
    }

    @Test
    @RunAsClient
    public void request_on_secured_resource_with_good_basicauth_should_send_200_on_authorized_resource(@ArquillianResource URL baseURL) throws Exception {
        given().auth().basic("Obiwan", "yodarulez").expect().statusCode(200).when().get(baseURL.toString() + "jediCouncil.html");
    }

    @Test
    @RunAsClient
    public void request_on_secured_resource_with_good_basicauth_should_send_401_on_forbidden_resource(@ArquillianResource URL baseURL) throws Exception {
        given().auth().basic("Anakin", "imsodark").expect().statusCode(401).when().get(baseURL.toString() + "jediCouncil.html");
    }

    @Test
    @RunAsClient
    public void request_on_anonymous_resource_should_send_200(@ArquillianResource URL baseURL) throws Exception {
        expect().statusCode(200).when().get(baseURL.toString() + "resources/image.jpg");
    }

    @Test
    @RunAsClient
    public void response_should_be_a_teapot_when_requesting_url_teapot(@ArquillianResource URL baseURL) throws Exception {
        expect().statusCode(418).when().get(baseURL.toString() + "teapot");
    }
}