zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-14 08:27:14 +02:00
Code Issues Projects Releases Packages Wiki Activity

Enable authentication/authorization checks

Browse source 
The code to authenticate and authorize incoming requests (including via OAuth) has been in the system. This CL actually turns it on, since we are satisfied from logging information that it is not unjustly denying access.

Auth settings are also updated on a few commands missed earlier.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=152381820
This commit is contained in:
mountford 2017-04-06 07:59:15 -07:00 committed by Ben McIlwain
parent bd696b4b92
commit 5127aeafb5
7 changed files with 40 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

36
javatests/google/registry/request/RequestHandlerTest.java
View file

@ -48,7 +48,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.After;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
@ -458,8 +457,6 @@ public final class RequestHandlerTest {
assertThat(providedAuthResult.userAuthInfo()).isAbsent();
}
// TODO(b/28219927): turn this on once we actually do authorization
@Ignore
@Test
public void testAuthNeeded_notLoggedIn() throws Exception {
when(req.getMethod()).thenReturn("GET");
@ -467,26 +464,11 @@ public final class RequestHandlerTest {
handler.handleRequest(req, rsp);
verify(rsp).sendError(403);
verify(rsp).sendError(403, "Not authorized");
assertThat(providedAuthResult).isNull();
assertThat(providedAuthResult).isNull();
}
// TODO(b/28219927): remove this once we actually do authorization
@Test
public void testAuthNeeded_notLoggedIn_interim() throws Exception {
when(req.getMethod()).thenReturn("GET");
when(req.getRequestURI()).thenReturn("/auth/adminUserAnyMethod");
handler.handleRequest(req, rsp);
assertThat(providedAuthResult).isNotNull();
assertThat(providedAuthResult.authLevel()).isEqualTo(AuthLevel.NONE);
assertThat(providedAuthResult.userAuthInfo()).isAbsent();
}
// TODO(b/28219927): turn this on once we actually do authorization
@Ignore
@Test
public void testAuthNeeded_notAuthorized() throws Exception {
userService.setUser(testUser, false);
@ -495,24 +477,10 @@ public final class RequestHandlerTest {
handler.handleRequest(req, rsp);
verify(rsp).sendError(403);
verify(rsp).sendError(403, "Not authorized");
assertThat(providedAuthResult).isNull();
}
// TODO(b/28219927): remove this once we actually do authorization
@Test
public void testAuthNeeded_notAuthorized_interim() throws Exception {
userService.setUser(testUser, false);
when(req.getMethod()).thenReturn("GET");
when(req.getRequestURI()).thenReturn("/auth/adminUserAnyMethod");
handler.handleRequest(req, rsp);
assertThat(providedAuthResult).isNotNull();
assertThat(providedAuthResult.authLevel()).isEqualTo(AuthLevel.NONE);
assertThat(providedAuthResult.userAuthInfo()).isAbsent();
}
@Test
public void testAuthNeeded_success() throws Exception {
userService.setUser(testUser, true);