[#141] bug fix SecurityConfig and CustomOAuth2UserServiceTest + add A…

…ppUserTests

src/main/java/de/bonndan/nivio/Application.java

@@ -1,12 +1,7 @@
 package de.bonndan.nivio;
 
-import de.bonndan.nivio.appuser.AppUser;
-import de.bonndan.nivio.appuser.AppUserRole;
-import de.bonndan.nivio.appuser.AppUserRepository;
-import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.context.annotation.Bean;
 import org.springframework.scheduling.annotation.EnableScheduling;
 
 @SpringBootApplication
@@ -17,11 +12,4 @@ public static void main(String[] args) {
         SpringApplication.run(Application.class, args);
     }
 
-//    @Bean
-//    CommandLineRunner commandLineRunner(AppUserRepository userRepository) {
-//        return args -> {
-//            AppUser mary = new AppUser("123","Mary", "Mary88", "[email protected]", "avatarUrl", AppUserRole.USER);
-//            userRepository.save(mary);
-//        };
-//    }
 }

src/main/java/de/bonndan/nivio/appuser/AppUser.java

@@ -131,9 +131,7 @@ public Long getId() {
         return id;
     }
 
-    public String getName() {
-        return name;
-    }
+    public String getName() { return name; }
 
     public String getAlias() {
         return alias;

src/main/java/de/bonndan/nivio/security/CustomOAuth2User.java

@@ -14,10 +14,10 @@
  */
 public class CustomOAuth2User implements OAuth2User {
 
-    private final String alias;
     private final String name;
     private final String avatarUrl;
     @NonNull
+    private final String alias;
     private final String externalId;
     private final String idp;
     private final Map<String, Object> attributes;
@@ -32,10 +32,10 @@ public CustomOAuth2User(@NonNull final String externalId,
                             @NonNull final String idp
     ) {
         this.externalId = Objects.requireNonNull(externalId, "id must not be null");
-        this.name = Objects.requireNonNull(name, "name must not be null");
         this.alias = Objects.requireNonNull(alias, "alias must not be null");
         this.attributes = Objects.requireNonNull(attributes, "attributes must not be null");
         this.authorities = Objects.requireNonNull(authorities, "authorities must not be null");
+        this.name = name;
         this.avatarUrl = avatarUrl;
         this.idp = idp;
     }

src/main/java/de/bonndan/nivio/security/CustomOAuth2UserService.java

@@ -65,7 +65,7 @@ public static CustomOAuth2User fromGitHubUser(@NonNull final OAuth2User user,
         if (StringUtils.hasLength(nameAttribute)) {
             Object val = user.getAttribute(nameAttribute);
             if (val == null) {
-                Object login = Objects.requireNonNull(user.getAttribute("login"));
+                Object login = Objects.requireNonNull(user.getAttribute(aliasAttribute));
                 name = String.valueOf(login);
             } else {
                 name = String.valueOf(val);

src/main/java/de/bonndan/nivio/security/SecurityConfig.java

@@ -1,6 +1,5 @@
 package de.bonndan.nivio.security;
 
-import de.bonndan.nivio.appuser.AppUserService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.context.annotation.Configuration;
@@ -24,8 +23,6 @@
 @EnableWebSecurity
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
-    private final AppUserService appUserService;
-
     public static final String LOGIN_MODE_REQUIRED = "required";
     public static final String LOGIN_MODE_OPTIONAL = "optional";
     public static final String LOGIN_MODE_NONE = "none";
@@ -38,8 +35,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
     private final AuthConfigProperties properties;
 
-    public SecurityConfig(AppUserService appUserService, AuthConfigProperties properties) {
-        this.appUserService = appUserService;
+    public SecurityConfig(AuthConfigProperties properties) {
         this.properties = properties;
     }
 
@@ -96,7 +92,6 @@ private void configureForRequired(HttpSecurity http) throws Exception {
                 .authorizeRequests()
                 .antMatchers(LOGIN_PATH + "/**", "/icons/**", "/css/**").permitAll()
                 .anyRequest().authenticated()
-                .antMatchers("/registration/**").permitAll()
                 .and()
                 .oauth2Login()
                 //.clientRegistrationRepository(clientRegistrationRepository())
@@ -155,6 +150,4 @@ public void writeHeaders(HttpServletRequest request, HttpServletResponse respons
         }
 
     }
-
-
 }

src/test/java/de/bonndan/nivio/appuser/AppUserTest.java

@@ -1,6 +1,5 @@
 package de.bonndan.nivio.appuser;
 
-import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
 import static org.junit.jupiter.api.Assertions.*;
@@ -143,4 +142,25 @@ void setIdp() {
         appUser.setIdp(idp);
         assertEquals(idp, appUser.getIdp());
     }
+
+    @Test
+    void getPassword() { assertNull(appUser.getPassword()); }
+
+    @Test
+    void getUsername() { assertNull(appUser.getUsername()); }
+
+    @Test
+    void isAccountNonExpired() { assertTrue(appUser.isAccountNonExpired()); }
+
+    @Test
+    void isAccountNonLocked() {
+        Boolean locked = false;
+        appUser.setLocked(locked);
+        assertEquals(!locked, appUser.isAccountNonLocked()); }
+
+    @Test
+    void isCredentialsNonExpired() { assertTrue(appUser.isCredentialsNonExpired()); }
+
+    @Test
+    void testIsEnabled() { assertTrue(appUser.isEnabled()); }
 }

src/test/java/de/bonndan/nivio/security/CustomOAuth2UserServiceTest.java

@@ -46,14 +46,14 @@ public void setup() {
         authorities = List.of(grantedAuthority);
         doReturn(authorities).when(oAuth2User).getAuthorities();
 
-        customOAuth2User = CustomOAuth2UserService.fromGitHubUser(oAuth2User, "login", "name");
     }
 
     @Test
     void fromGitHubUser() {
 
         //given
         when(oAuth2User.getAttribute("name")).thenReturn(name);
+        customOAuth2User = CustomOAuth2UserService.fromGitHubUser(oAuth2User, "login", "name");
 
         //then
         assertThat(customOAuth2User).isNotNull();
@@ -67,6 +67,7 @@ void fromGitHubUserWithMissingNameFallsBackToLogin() {
 
         //given
         when(oAuth2User.getAttribute("name")).thenReturn(null);
+        customOAuth2User = CustomOAuth2UserService.fromGitHubUser(oAuth2User, "login", "name");
 
         //then
         assertThat(customOAuth2User.getName()).isEqualTo(login);
@@ -76,6 +77,7 @@ void fromGitHubUserWithMissingNameFallsBackToLogin() {
     void saveUser() {
 
         // given
+        customOAuth2User = CustomOAuth2UserService.fromGitHubUser(oAuth2User, "login", "name");
         AppUser appUser = new AppUser();
         appUser.setName(customOAuth2User.getName());
         appUser.setAlias(customOAuth2User.getAlias());
@@ -97,4 +99,5 @@ void saveUser() {
         assertThat(appUser.getIdp()).isEqualTo(idp);
 
     }
+
 }

src/test/java/de/bonndan/nivio/security/LoginControllerCaseRequiredTest.java

@@ -88,4 +88,4 @@ void securedSockets() {
                     .get(1, SECONDS);
         }).isInstanceOf(ExecutionException.class).hasCauseExactlyInstanceOf(DeploymentException.class);
     }
-}
+}