Add test cases for obo authenticator

Signed-off-by: Ryan Liang <[email protected]>
opensearch-project · Jul 24, 2023 · 6d3a168 · 6d3a168
1 parent 48d1caa
commit 6d3a168
Showing 1 changed file with 26 additions and 4 deletions.
diff --git a/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java b/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java
@@ -125,10 +125,28 @@ public void testDisabled() throws Exception {
             .signWith(Keys.hmacShaKeyFor(Base64.getDecoder().decode(signingKeyB64Encoded)), SignatureAlgorithm.HS512)
             .compact();
 
-        Assert.assertThrows(RuntimeException.class, () -> {
-            OnBehalfOfAuthenticator jwtAuth = new OnBehalfOfAuthenticator(disableOBOSettings());
-            // any usage of jwtAuth here would also be part of the lambda if needed
-        });
+        OnBehalfOfAuthenticator jwtAuth = new OnBehalfOfAuthenticator(disableOBOSettings());
+        Map<String, String> headers = new HashMap<String, String>();
+        headers.put("Authorization", "Bearer " + jwsToken);
+
+        AuthCredentials credentials = jwtAuth.extractCredentials(new FakeRestRequest(headers, new HashMap<String, String>()), null);
+        Assert.assertNull(credentials);
+    }
+
+    @Test
+    public void testNonSpecifyOBOSetting() throws Exception {
+        String jwsToken = Jwts.builder()
+                .setSubject("Leonard McCoy")
+                .setAudience("ext_0")
+                .signWith(Keys.hmacShaKeyFor(Base64.getDecoder().decode(signingKeyB64Encoded)), SignatureAlgorithm.HS512)
+                .compact();
+
+        OnBehalfOfAuthenticator jwtAuth = new OnBehalfOfAuthenticator(nonSpecifyOBOSetting());
+        Map<String, String> headers = new HashMap<String, String>();
+        headers.put("Authorization", "Bearer " + jwsToken);
+
+        AuthCredentials credentials = jwtAuth.extractCredentials(new FakeRestRequest(headers, new HashMap<String, String>()), null);
+        Assert.assertNotNull(credentials);
     }
 
     @Test
@@ -343,4 +361,8 @@ private Settings disableOBOSettings() {
             .put("encryption_key", claimsEncryptionKey)
             .build();
     }
+
+    private Settings nonSpecifyOBOSetting() {
+        return Settings.builder().put("signing_key", signingKeyB64Encoded).put("encryption_key", claimsEncryptionKey).build();
+    }
 }