#13 add tests for untested new code

aws/core/jrestless-aws-core/src/main/java/com/jrestless/aws/security/CognitoUserPoolAuthorizerClaims.java

@@ -35,9 +35,7 @@
  *
  */
 public interface CognitoUserPoolAuthorizerClaims extends OpenIdIdTokenClaims, OpenIdStandardClaims {
-	String OPEN_ID_CLAIM_CUSTOM_COGNITO_USER_NAME = "cognito:username";
-
 	default String getCognitoUserName() {
-		return (String) getClaim(OPEN_ID_CLAIM_CUSTOM_COGNITO_USER_NAME);
+		return (String) getClaim("cognito:username");
 	}
 }

aws/core/jrestless-aws-core/src/test/java/com/jrestless/aws/security/CognitoUserPoolAuthorizerClaimsTest.java

@@ -0,0 +1,18 @@
+package com.jrestless.aws.security;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.junit.Test;
+
+public class CognitoUserPoolAuthorizerClaimsTest {
+
+	@Test
+	public void getName_PrincipalIdInClaimsGiven_ShouldReturnPrincipalIdFromClaims() {
+		CognitoUserPoolAuthorizerClaims claims = mock(CognitoUserPoolAuthorizerClaims.class);
+		when(claims.getClaim("cognito:username")).thenReturn("someCognitoUsernameValue");
+		when(claims.getCognitoUserName()).thenCallRealMethod();
+		assertEquals("someCognitoUsernameValue", claims.getCognitoUserName());
+	}
+}

aws/core/jrestless-aws-core/src/test/java/com/jrestless/aws/security/CognitoUserPoolAuthorizerPrincipalTest.java

@@ -0,0 +1,21 @@
+package com.jrestless.aws.security;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.junit.Test;
+
+public class CognitoUserPoolAuthorizerPrincipalTest {
+
+	@Test
+	public void getName_SubInClaimsGiven_ShouldReturnSubFromClaims() {
+		CognitoUserPoolAuthorizerPrincipal principal = mock(CognitoUserPoolAuthorizerPrincipal.class);
+		CognitoUserPoolAuthorizerClaims claims = mock(CognitoUserPoolAuthorizerClaims.class);
+		when(claims.getSub()).thenReturn("someSubValue");
+		when(principal.getClaims()).thenReturn(claims);
+		when(principal.getName()).thenCallRealMethod();
+		assertEquals("someSubValue", principal.getName());
+	}
+
+}

aws/core/jrestless-aws-core/src/test/java/com/jrestless/aws/security/CustomAuthorizerPrincipalTest.java

@@ -0,0 +1,19 @@
+package com.jrestless.aws.security;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.junit.Test;
+
+public class CustomAuthorizerPrincipalTest {
+	@Test
+	public void getName_PrincipalIdInClaimsGiven_ShouldReturnPrincipalIdFromClaims() {
+		CustomAuthorizerPrincipal principal = mock(CustomAuthorizerPrincipal.class);
+		CustomAuthorizerClaims claims = mock(CustomAuthorizerClaims.class);
+		when(claims.getPrincipalId()).thenReturn("somePrincipalId");
+		when(principal.getClaims()).thenReturn(claims);
+		when(principal.getName()).thenCallRealMethod();
+		assertEquals("somePrincipalId", principal.getName());
+	}
+}

aws/gateway/jrestless-aws-gateway-handler/src/main/java/com/jrestless/aws/gateway/security/CustomAuthorizerFilter.java

@@ -59,7 +59,7 @@ public class CustomAuthorizerFilter extends AuthorizerFilter {
 	 * @return security context using the passed principal
 	 */
 	protected SecurityContext createSecurityContext(@Nonnull CustomAuthorizerPrincipal principal) {
-		return new AuthorizerSecurityContext("cognito_custom_authorizer", principal);
+		return new AuthorizerSecurityContext("custom_authorizer", principal);
 	}
 
 	@Override

aws/gateway/jrestless-aws-gateway-handler/src/test/java/com/jrestless/aws/gateway/handler/GatewayRequestObjectHandlerIntTest.java

@@ -30,6 +30,8 @@
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
@@ -83,8 +85,8 @@
 import com.jrestless.aws.gateway.io.GatewayRequest;
 import com.jrestless.aws.gateway.io.GatewayRequestContext;
 import com.jrestless.aws.gateway.io.GatewayResponse;
-import com.jrestless.aws.security.CustomAuthorizerPrincipal;
 import com.jrestless.aws.security.CognitoUserPoolAuthorizerPrincipal;
+import com.jrestless.aws.security.CustomAuthorizerPrincipal;
 import com.jrestless.core.container.dpi.InstanceBinder;
 
 public class GatewayRequestObjectHandlerIntTest {
@@ -208,6 +210,11 @@ public void testBase64EncodingOfByteArray() {
 		testBase64Encoding("/byte-array");
 	}
 
+	@Test
+	public void testBase64EncodingOfFile() {
+		testBase64Encoding("/file");
+	}
+
 	@Test
 	public void testBase64EncodingOfDataSource() {
 		testBase64Encoding("/data-source");
@@ -413,6 +420,16 @@ public byte[] getByteArray() {
 			return "test".getBytes();
 		}
 
+		@Path("/file")
+		@GET
+		public File getFile() throws IOException {
+			File file = File.createTempFile("some-test-file", ".test");
+			try (OutputStream os = new FileOutputStream(file)) {
+				os.write("test".getBytes());
+			}
+			return file;
+		}
+
 		@Path("/data-source")
 		@GET
 		public DataSource getDataSrouce() {

aws/gateway/jrestless-aws-gateway-handler/src/test/java/com/jrestless/aws/gateway/security/CognitoUserPoolAuthorizerFilterTest.java

@@ -1,6 +1,7 @@
 package com.jrestless.aws.gateway.security;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
@@ -70,6 +71,27 @@ public void subClaimGiven_ShouldSetSecurityContext() {
 		assertNotNull(sc);
 	}
 
+	@Test
+	public void validRequestGiven_ShouldSetSecurityContextThatIsSecure() {
+		SecurityContext sc = filterWithClaimsAndReturnSecurityContext(Collections.singletonMap("sub", "123"));
+		assertTrue(sc.isSecure());
+	}
+
+	@Test
+	public void validRequestGiven_ShouldSetSecurityContextWithUserCognitoPoolAuthorizerAuthenticationScheme() {
+		SecurityContext sc = filterWithClaimsAndReturnSecurityContext(Collections.singletonMap("sub", "123"));
+		assertEquals("cognito_user_pool_authorizer", sc.getAuthenticationScheme());
+	}
+
+	@Test
+	public void validRequestGiven_ShouldSetSecurityContextWithUserNeverInAnyRole() {
+		SecurityContext sc = filterWithClaimsAndReturnSecurityContext(Collections.singletonMap("sub", "123"));
+		assertFalse(sc.isUserInRole(null));
+		assertFalse(sc.isUserInRole(""));
+		assertFalse(sc.isUserInRole("user"));
+		assertFalse(sc.isUserInRole("USER"));
+	}
+
 	@Test
 	public void subClaimGiven_ShouldSetCognitoUserPoolAuthorizerPrincipalSecurityContext() {
 		SecurityContext sc = filterWithClaimsAndReturnSecurityContext(Collections.singletonMap("sub", "123"));

aws/gateway/jrestless-aws-gateway-handler/src/test/java/com/jrestless/aws/gateway/security/CustomAuthorizerFilterTest.java

@@ -1,6 +1,7 @@
 package com.jrestless.aws.gateway.security;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
@@ -57,6 +58,27 @@ public void principalIdGiven_ShouldSetSecurityContext() {
 		assertNotNull(sc);
 	}
 
+	@Test
+	public void validRequestGiven_ShouldSetSecurityContextThatIsSecure() {
+		SecurityContext sc = filterAndReturnSetSecurityContext(Collections.singletonMap("principalId", "123"));
+		assertTrue(sc.isSecure());
+	}
+
+	@Test
+	public void validRequestGiven_ShouldSetSecurityContextWithUserCognitoPoolAuthorizerAuthenticationScheme() {
+		SecurityContext sc = filterAndReturnSetSecurityContext(Collections.singletonMap("principalId", "123"));
+		assertEquals("custom_authorizer", sc.getAuthenticationScheme());
+	}
+
+	@Test
+	public void validRequestGiven_ShouldSetSecurityContextWithUserNeverInAnyRole() {
+		SecurityContext sc = filterAndReturnSetSecurityContext(Collections.singletonMap("principalId", "123"));
+		assertFalse(sc.isUserInRole(null));
+		assertFalse(sc.isUserInRole(""));
+		assertFalse(sc.isUserInRole("user"));
+		assertFalse(sc.isUserInRole("USER"));
+	}
+
 	@Test
 	public void principalIdGiven_ShouldSetCognitoCustomAuthorizerPrincipalSecurityContext() {
 		SecurityContext sc = filterAndReturnSetSecurityContext(Collections.singletonMap("principalId", "123"));

core/jrestless-core/src/main/java/com/jrestless/security/OpenIdClaimFieldNames.java

@@ -23,9 +23,6 @@
  */
 public final class OpenIdClaimFieldNames {
 
-	private OpenIdClaimFieldNames() {
-	}
-
 	static final String CLAIM_SUB = "sub";
 
 	public static final String ID_TOKEN_CLAIM_ISS = "iss";
@@ -66,4 +63,7 @@ private OpenIdClaimFieldNames() {
 	public static final String ADDRESS_CLAIM_REGION = "region";
 	public static final String ADDRESS_CLAIM_POSTAL_CODE = "postal_code";
 	public static final String ADDRESS_CLAIM_COUNTRY = "country";
+
+	private OpenIdClaimFieldNames() {
+	}
 }

core/jrestless-core/src/test/java/com/jrestless/security/OpenIdStandardClaimsTest.java

@@ -16,6 +16,7 @@ public static Collection<Object[]> data() {
         return Arrays.asList(new Object[][] {
                  { "getSub", "sub", "someSubValue" },
                  { "getName", "name", "someNameValue" },
+                 { "getGivenName", "given_name", "someGivenNameValue" },
                  { "getFamilyName", "family_name", "someFamilyNameValue" },
                  { "getMiddleName", "middle_name", "someMiddleNameValue" },
                  { "getNickname", "nickname", "someNicknameValue" },
@@ -28,6 +29,7 @@ public static Collection<Object[]> data() {
                  { "getGender", "gender", "someGenderValue" },
                  { "getBirthdate", "birthdate", "someBirthdateValue" },
                  { "getZoneinfo", "zoneinfo", "someZoneinfoValue" },
+                 { "getLocale", "locale", "someLocaleValue" },
                  { "getPhoneNumber", "phone_number", "somePhoneNumberValue" },
                  { "getPhoneNumberVerified", "phone_number_verified", true },
                  { "getUpdatedAt", "updated_at", 123L }