Move cors directives to DriverApp and get rid of custom rejection handler

2 files changed, 85 insertions, 46 deletions

diff --git a/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala b/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala
new file mode 100644
index 0000000..eda6a8c
--- /dev/null
+++ b/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala
@@ -0,0 +1,84 @@
+package xyz.driver.core.rest
+
+import akka.http.scaladsl.model.{HttpMethod, StatusCodes}
+import akka.http.scaladsl.model.headers._
+import akka.http.scaladsl.server.{Directives, Route}
+import akka.http.scaladsl.testkit.ScalatestRouteTest
+import com.typesafe.config.ConfigFactory
+import org.scalatest.{AsyncFlatSpec, Matchers}
+import xyz.driver.core.app.{DriverApp, SimpleModule}
+
+class DriverAppTest extends AsyncFlatSpec with ScalatestRouteTest with Matchers with Directives {
+  val config = ConfigFactory.parseString("""
+                                           |application {
+                                           |   cors {
+                                           |     allowedMethods: ["GET", "PUT", "POST", "PATCH", "DELETE", "OPTIONS"]
+                                           |     allowedOrigins: [{scheme: https, hostSuffix: example.com}]
+                                           |   }
+                                           |}
+                                         """.stripMargin).withFallback(ConfigFactory.load)
+
+  val allowedOrigins = Set(HttpOrigin("https", Host("example.com")))
+  val allowedMethods: collection.immutable.Seq[HttpMethod] = {
+    import akka.http.scaladsl.model.HttpMethods._
+    collection.immutable.Seq(GET, PUT, POST, PATCH, DELETE, OPTIONS)
+  }
+
+  import scala.reflect.runtime.universe.typeOf
+  class TestApp(testRoute: Route)
+      extends DriverApp(
+        appName = "test-app",
+        version = "0.0.1",
+        gitHash = "deadb33f",
+        modules = Seq(new SimpleModule("test-module", theRoute = testRoute, routeType = typeOf[DriverApp])),
+        config = config,
+        log = xyz.driver.core.logging.NoLogger
+      )
+
+  it should "respond with the correct CORS headers for the swagger OPTIONS route" in {
+    val route = new TestApp(get(complete(StatusCodes.OK)))
+    Options(s"/api-docs/swagger.json") ~> route.appRoute ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+
+  it should "respond with the correct CORS headers for the test route" in {
+    val route = new TestApp(get(complete(StatusCodes.OK)))
+    Get(s"/api/v1/test") ~> route.appRoute ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+
+  it should "respond with the correct CORS headers for a concatenated route" in {
+    val route = new TestApp(get(complete(StatusCodes.OK)) ~ post(complete(StatusCodes.OK)))
+    Post(s"/api/v1/test") ~> route.appRoute ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+
+  it should "allow subdomains of allowed origin suffixes" in {
+    val route = new TestApp(get(complete(StatusCodes.OK)))
+    Get(s"/api/v1/test")
+      .withHeaders(Origin(HttpOrigin("https", Host("foo.example.com")))) ~> route.appRoute ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOrigin("https", Host("foo.example.com"))))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+
+  it should "respond with default domains for invalid origins" in {
+    val route = new TestApp(get(complete(StatusCodes.OK)))
+    Get(s"/api/v1/test")
+      .withHeaders(Origin(HttpOrigin("https", Host("invalid.foo.bar.com")))) ~> route.appRoute ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+}
diff --git a/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala b/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala
index 60056b7..ce3daa8 100644
--- a/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala
+++ b/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala
@@ -1,7 +1,6 @@
 package xyz.driver.core.rest
 
-import akka.http.scaladsl.model.{HttpMethod, StatusCodes}
-import akka.http.scaladsl.model.headers._
+import akka.http.scaladsl.model.StatusCodes
 import akka.http.scaladsl.server.Directives.{complete => akkaComplete}
 import akka.http.scaladsl.server.{Directives, Route}
 import akka.http.scaladsl.testkit.ScalatestRouteTest
@@ -27,12 +26,6 @@ class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matcher
       """.stripMargin)
   }
 
-  val allowedOrigins = Set(HttpOrigin("https", Host("example.com")))
-  val allowedMethods: collection.immutable.Seq[HttpMethod] = {
-    import akka.http.scaladsl.model.HttpMethods._
-    collection.immutable.Seq(GET, PUT, POST, PATCH, DELETE, OPTIONS)
-  }
-
   "DriverRoute" should "respond with 200 OK for a basic route" in {
     val route = new TestRoute(akkaComplete(StatusCodes.OK))
 
@@ -103,42 +96,4 @@ class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matcher
       responseAs[String] shouldBe "Database access error"
     }
   }
-
-  it should "respond with the correct CORS headers for the swagger OPTIONS route" in {
-    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
-    Options(s"/api-docs/swagger.json") ~> route.routeWithDefaults ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
-
-  it should "respond with the correct CORS headers for the test route" in {
-    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
-    Options(s"/api/v1/test") ~> route.routeWithDefaults ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
-
-  it should "allow subdomains of allowed origin suffixes" in {
-    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
-    Options(s"/api/v1/test")
-      .withHeaders(Origin(HttpOrigin("https", Host("foo.example.com")))) ~> route.routeWithDefaults ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOrigin("https", Host("foo.example.com"))))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
-
-  it should "respond with default domains for invalid origins" in {
-    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
-    Options(s"/api/v1/test")
-      .withHeaders(Origin(HttpOrigin("https", Host("invalid.foo.bar.com")))) ~> route.routeWithDefaults ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
 }