使用JWT身份验证多重服务的Micronaut测试

时间:2020-02-09 19:44:54

标签: micronaut

我有多个服务:ServiceAServiceBServiceC,并且启用了JWT身份验证和传播。负责验证用户身份的服务为ServiceA

那么,如果启用了身份验证并且该服务不知道如何进行身份验证,该如何测试(JUnit5)我的服务BC

[main] INFO  i.m.context.env.DefaultEnvironment - Established active environments: [test]
[nioEventLoopGroup-1-3] DEBUG i.m.http.client.DefaultHttpClient - Sending HTTP Request: POST /serviceB/order/item
[nioEventLoopGroup-1-3] DEBUG i.m.http.client.DefaultHttpClient - Chosen Server: localhost(33006)
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJzaGVybG9jayIsIm5iZiI6MTU4MTI3NjA2NSwicm9sZXMiOltdLCJpc3MiOiJ1c2VyIiwiZXhwIjoxNTgxMjc5NjY1LCJpYXQiOjE1ODEyNzYwNjV9.yrVqAluyZvKIGjtu4tDVSnZZiZ8kdhduN20n1xd1z6U
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - host: localhost:33006
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - connection: close
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - content-type: application/json
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - content-length: 2
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - Request Body
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - HTTP Client Response Received for Request: POST http://localhost:33006/serviceB/order/item
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - Status Code: 403 Forbidden
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - Date: Sun, 9 Feb 2020 19:23:08 GMT
[nioEventLoopGroup-1-3] TRACE i.m.http.client.DefaultHttpClient - connection: close

使用:Micronaut 1.3.0JDK 1.8

2 个答案:

答案 0 :(得分:0)

gitter.im/micronautfw中,有一个答案是使用MockAuthenticationProvider implements AuthenticationProviderSecurityBypassFilter implements HttpClientFilter模拟身份验证逻辑。

    package demo

    import io.micronaut.context.annotation.Requires
    import io.micronaut.context.env.Environment
    import io.micronaut.security.authentication.AuthenticationFailed
    import io.micronaut.security.authentication.AuthenticationProvider
    import io.micronaut.security.authentication.AuthenticationRequest
    import io.micronaut.security.authentication.AuthenticationResponse
    import io.micronaut.security.authentication.UserDetails
    import io.reactivex.Flowable
    import org.reactivestreams.Publisher

    import javax.inject.Singleton

    @Requires(env = Environment.TEST)
    @Requires(property = 'spec.name', notEquals = 'SecuritySpec')
    @Singleton
    class MockAuthenticationProvider implements AuthenticationProvider {

        @Override
        Publisher<AuthenticationResponse> authenticate(AuthenticationRequest authenticationRequest) {
            if ( authenticationRequest.identity == 'user' && authenticationRequest.secret == 'password' ) {
                return Flowable.just(new UserDetails('user', []))
            }
            return Flowable.just(new AuthenticationFailed())
        }
    }


    package groovycalamari.bookmark

    import io.micronaut.context.annotation.Requires
    import io.micronaut.context.env.Environment
    import io.micronaut.http.HttpResponse
    import io.micronaut.http.MutableHttpRequest
    import io.micronaut.http.annotation.Filter
    import io.micronaut.http.filter.ClientFilterChain
    import io.micronaut.http.filter.HttpClientFilter
    import org.reactivestreams.Publisher

    @Filter('/**')
    @Requires(env = Environment.TEST)
    @Requires(property = 'spec.name', notEquals = 'SecuritySpec')
    class SecurityBypassFilter implements HttpClientFilter {

        @Override
        Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain) {
            request.basicAuth('user', 'password')
            return chain.proceed(request)
        }
    }

答案 1 :(得分:0)

这是使用JWT令牌的一种方式:

@Filter("/**")
@Requires(env = Environment.TEST)
@Requires(property = "spec.name", notEquals = "SecuritySpec")
public class MockSecurityBypassFilter implements HttpClientFilter
{
    private final static Logger LOG = LoggerFactory.getLogger(MockSecurityBypassFilter.class);
    
    @Override
    public Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain)
    {
        LOG.info(">>> Mock Security Filter automatic sign in");
        // token expire at -> Saturday, April 20, 2030 9:39:44 PM GMT-03:00
        final String JWT_TOKEN = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJzdXBlcmFkbWluQG5vaG9tZS5jb20iLCJyb2xlcyI6WyJST09UIiwiU1VQRVJfQURNSU4iLCJVU0VSU19BRE1JTiIsIlVTRVJTX1JFQUQiLCJVU0VSU19XUklURSIsIkFDQ1RTX0FETUlOIiwiQUNDVFNfUkVBRCIsIkFDQ1RTX1dSSVRFIiwiQ1VTVFNfQURNSU4iLCJDVVNUU19SRUFEIiwiQ1VTVFNfV1JJVEUiLCJMQUJPUl9BRE1JTiIsIkxBQk9SX1JFQUQiLCJMQUJPUl9XUklURSIsIlNBTEVTUkVQIl0sImlzcyI6InVzZXJzIiwiYWNjdElkIjoiQWNjdFZwVWdxSzBOIiwib3duZXJJZCI6Ik93bmN5YWZ0Q2giLCJsb2NhbGUiOiJwdCIsIm1vZHVsZXMiOlsiU0FMRVNfUkVQIl0sInNpZCI6ImplczV3U2doemNodiIsIm5iZiI6MTU5NDI3MTEzOCwic2VyaWFsIjoiNTY3ODkiLCJhY2Nlc3NDb2RlIjoiUjEwMCIsIm5hbWUiOiJMdWtlIFNreXdhbGtlciIsInpvbmVJZCI6IlVUQy0zIiwiZXhwIjoxOTA5NjMxMTM4LCJpYXQiOjE1OTQyNzExMzh9.-MXKLJe7iqpAcdViFtcHFg2Yvcypf9E3KVLyxc";
        request.bearerAuth(JWT_TOKEN);
        return chain.proceed(request);
    }
}
相关问题
最新问题