diff options
Diffstat (limited to 'src/test/scala/xyz/driver')
| -rw-r--r-- | src/test/scala/xyz/driver/core/rest/DriverAppTest.scala | 58 | ||||
| -rw-r--r-- | src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala | 61 |
2 files changed, 58 insertions, 61 deletions
diff --git a/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala b/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala deleted file mode 100644 index f5602be..0000000 --- a/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala +++ /dev/null @@ -1,58 +0,0 @@ -package xyz.driver.core.rest - -import akka.http.scaladsl.model.headers._ -import akka.http.scaladsl.model.{HttpMethods, StatusCodes} -import akka.http.scaladsl.server.Directives._ -import akka.http.scaladsl.server.Route -import akka.http.scaladsl.settings.RoutingSettings -import akka.http.scaladsl.testkit.ScalatestRouteTest -import com.typesafe.config.Config -import com.typesafe.scalalogging.Logger -import org.scalatest.{FlatSpec, Matchers} -import xyz.driver.core.app.{DriverApp, Module} - -import scala.reflect.runtime.universe._ - -class DriverAppTest extends FlatSpec with ScalatestRouteTest with Matchers { - class TestRoute extends DriverRoute { - override def log: Logger = xyz.driver.core.logging.NoLogger - override def route: Route = path("api" / "v1" / "test")(post(complete("OK"))) - } - - val module: Module = new Module { - val testRoute = new TestRoute - override def route: Route = testRoute.routeWithDefaults - override def routeTypes: Seq[Type] = Seq(typeOf[TestRoute]) - override val name: String = "test-module" - } - - val app: DriverApp = new DriverApp( - appName = "test-app", - version = "0.1", - gitHash = "deadb33f", - modules = Seq(module) - ) - - val config: Config = xyz.driver.core.config.loadDefaultConfig - val routingSettings: RoutingSettings = RoutingSettings(config) - val appRoute: Route = - Route.seal(app.appRoute)(routingSettings = routingSettings, rejectionHandler = DriverApp.rejectionHandler) - - "DriverApp" should "respond with the correct CORS headers for the swagger OPTIONS route" in { - Options(s"/api-docs/swagger.json") ~> appRoute ~> check { - status shouldBe StatusCodes.OK - info(response.toString()) - headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange.*)) - headers should contain(`Access-Control-Allow-Methods`(HttpMethods.GET)) - } - } - - it should "respond with the correct CORS headers for the test route" in { - Options(s"/api/v1/test") ~> appRoute ~> check { - status shouldBe StatusCodes.OK - info(response.toString()) - headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange.*)) - headers should contain(`Access-Control-Allow-Methods`(HttpMethods.GET, HttpMethods.POST)) - } - } -} diff --git a/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala b/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala index f402261..60056b7 100644 --- a/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala +++ b/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala @@ -1,9 +1,11 @@ package xyz.driver.core.rest -import akka.http.scaladsl.model.StatusCodes +import akka.http.scaladsl.model.{HttpMethod, StatusCodes} +import akka.http.scaladsl.model.headers._ import akka.http.scaladsl.server.Directives.{complete => akkaComplete} -import akka.http.scaladsl.server.Route +import akka.http.scaladsl.server.{Directives, Route} import akka.http.scaladsl.testkit.ScalatestRouteTest +import com.typesafe.config.{Config, ConfigFactory} import com.typesafe.scalalogging.Logger import org.scalatest.{AsyncFlatSpec, Matchers} import xyz.driver.core.logging.NoLogger @@ -11,9 +13,24 @@ import xyz.driver.core.rest.errors._ import scala.concurrent.Future -class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matchers { +class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matchers with Directives { class TestRoute(override val route: Route) extends DriverRoute { override def log: Logger = NoLogger + override def config: Config = + ConfigFactory.parseString(""" + |application { + | cors { + | allowedMethods: ["GET", "PUT", "POST", "PATCH", "DELETE", "OPTIONS"] + | allowedOrigins: [{scheme: https, hostSuffix: example.com}] + | } + |} + """.stripMargin) + } + + val allowedOrigins = Set(HttpOrigin("https", Host("example.com"))) + val allowedMethods: collection.immutable.Seq[HttpMethod] = { + import akka.http.scaladsl.model.HttpMethods._ + collection.immutable.Seq(GET, PUT, POST, PATCH, DELETE, OPTIONS) } "DriverRoute" should "respond with 200 OK for a basic route" in { @@ -86,4 +103,42 @@ class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matcher responseAs[String] shouldBe "Database access error" } } + + it should "respond with the correct CORS headers for the swagger OPTIONS route" in { + val route = new TestRoute(get(akkaComplete(StatusCodes.OK))) + Options(s"/api-docs/swagger.json") ~> route.routeWithDefaults ~> check { + status shouldBe StatusCodes.OK + headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*))) + header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods + } + } + + it should "respond with the correct CORS headers for the test route" in { + val route = new TestRoute(get(akkaComplete(StatusCodes.OK))) + Options(s"/api/v1/test") ~> route.routeWithDefaults ~> check { + status shouldBe StatusCodes.OK + headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*))) + header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods + } + } + + it should "allow subdomains of allowed origin suffixes" in { + val route = new TestRoute(get(akkaComplete(StatusCodes.OK))) + Options(s"/api/v1/test") + .withHeaders(Origin(HttpOrigin("https", Host("foo.example.com")))) ~> route.routeWithDefaults ~> check { + status shouldBe StatusCodes.OK + headers should contain(`Access-Control-Allow-Origin`(HttpOrigin("https", Host("foo.example.com")))) + header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods + } + } + + it should "respond with default domains for invalid origins" in { + val route = new TestRoute(get(akkaComplete(StatusCodes.OK))) + Options(s"/api/v1/test") + .withHeaders(Origin(HttpOrigin("https", Host("invalid.foo.bar.com")))) ~> route.routeWithDefaults ~> check { + status shouldBe StatusCodes.OK + headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*))) + header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods + } + } } |