Remove default config values

4 files changed, 62 insertions, 111 deletions

diff --git a/src/main/resources/reference.conf b/src/main/resources/reference.conf
index aed7b12..238ac68 100644
--- a/src/main/resources/reference.conf
+++ b/src/main/resources/reference.conf
@@ -13,16 +13,7 @@ application {
 
   cors {
     allowedMethods: ["GET", "PUT", "POST", "PATCH", "DELETE", "OPTIONS"]
-    allowedOrigins: [
-      {
-        scheme: http
-        hostSuffix: localhost
-      },
-      {
-        scheme: https
-        hostSuffix: example.com
-      }
-    ]
+    allowedOrigins: []
   }
 }
 
diff --git a/src/main/scala/xyz/driver/core/rest/DriverRoute.scala b/src/main/scala/xyz/driver/core/rest/DriverRoute.scala
index 5647818..1fe5e3f 100644
--- a/src/main/scala/xyz/driver/core/rest/DriverRoute.scala
+++ b/src/main/scala/xyz/driver/core/rest/DriverRoute.scala
@@ -42,8 +42,9 @@ trait DriverRoute {
     config.getStringList("application.cors.allowedMethods").asScala.toSet.flatMap(HttpMethods.getForKey)
   }
 
-  protected lazy val defaultCorsAllowedOrigin: Origin =
+  protected lazy val defaultCorsAllowedOrigin: Origin = {
     Origin(allowedCorsDomainSuffixes.to[collection.immutable.Seq])
+  }
 
   protected def corsAllowedOriginHeader(origin: Option[Origin]): HttpHeader = {
     val allowedOrigin =
diff --git a/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala b/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala
deleted file mode 100644
index 991d7c5..0000000
--- a/src/test/scala/xyz/driver/core/rest/DriverAppTest.scala
+++ /dev/null
@@ -1,94 +0,0 @@
-package xyz.driver.core.rest
-
-import akka.http.scaladsl.model.headers._
-import akka.http.scaladsl.model.{HttpMethod, HttpMethods, StatusCodes}
-import akka.http.scaladsl.server.Directives._
-import akka.http.scaladsl.server.Route
-import akka.http.scaladsl.settings.RoutingSettings
-import akka.http.scaladsl.testkit.ScalatestRouteTest
-import com.typesafe.config.Config
-import com.typesafe.scalalogging.Logger
-import org.scalatest.{FlatSpec, Matchers}
-import xyz.driver.core.app.{DriverApp, Module}
-
-import scala.reflect.runtime.universe._
-
-class DriverAppTest extends FlatSpec with ScalatestRouteTest with Matchers {
-  class TestRoute extends DriverRoute {
-    override def log: Logger    = xyz.driver.core.logging.NoLogger
-    override def config: Config = xyz.driver.core.config.loadDefaultConfig
-    override def route: Route   = path("api" / "v1" / "test")(post(complete("OK")))
-  }
-
-  val module: Module = new Module {
-    val testRoute                      = new TestRoute
-    override def route: Route          = testRoute.routeWithDefaults
-    override def routeTypes: Seq[Type] = Seq(typeOf[TestRoute])
-    override val name: String          = "test-module"
-  }
-
-  val app: DriverApp = new DriverApp(
-    appName = "test-app",
-    version = "0.1",
-    gitHash = "deadb33f",
-    modules = Seq(module),
-    log = xyz.driver.core.logging.NoLogger
-  )
-
-  val config: Config                   = xyz.driver.core.config.loadDefaultConfig
-  val routingSettings: RoutingSettings = RoutingSettings(config)
-  val appRoute: Route                  = Route.seal(app.appRoute)(routingSettings = routingSettings)
-
-  val allowedMethods: collection.immutable.Seq[HttpMethod] = {
-    import scala.collection.JavaConverters._
-    config
-      .getStringList("application.cors.allowedMethods")
-      .asScala
-      .flatMap(HttpMethods.getForKey)
-      .to[collection.immutable.Seq]
-  }
-
-  val allowedOrigin: Origin = {
-    import scala.collection.JavaConverters._
-    Origin(
-      config
-        .getConfigList("application.cors.allowedOrigins")
-        .asScala
-        .map { c =>
-          HttpOrigin(c.getString("scheme"), Host(c.getString("hostSuffix")))
-        }(scala.collection.breakOut): _*)
-  }
-
-  "DriverApp" should "respond with the correct CORS headers for the swagger OPTIONS route" in {
-    Options(s"/api-docs/swagger.json") ~> appRoute ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigin.origins: _*)))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
-
-  it should "respond with the correct CORS headers for the test route" in {
-    Options(s"/api/v1/test") ~> appRoute ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigin.origins: _*)))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
-
-  it should "allow subdomains of allowed origin suffixes" in {
-    Options(s"/api/v1/test").withHeaders(Origin(HttpOrigin("https", Host("foo.example.com")))) ~> appRoute ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOrigin("https", Host("foo.example.com"))))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
-
-  it should "respond with default domains for invalid origins" in {
-    Options(s"/api/v1/test")
-      .withHeaders(Origin(HttpOrigin("https", Host("invalid.foo.bar.com")))) ~> appRoute ~> check {
-      status shouldBe StatusCodes.OK
-      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigin.origins: _*)))
-      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
-    }
-  }
-}
diff --git a/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala b/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala
index c763dda..60056b7 100644
--- a/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala
+++ b/src/test/scala/xyz/driver/core/rest/DriverRouteTest.scala
@@ -1,10 +1,11 @@
 package xyz.driver.core.rest
 
-import akka.http.scaladsl.model.StatusCodes
+import akka.http.scaladsl.model.{HttpMethod, StatusCodes}
+import akka.http.scaladsl.model.headers._
 import akka.http.scaladsl.server.Directives.{complete => akkaComplete}
-import akka.http.scaladsl.server.Route
+import akka.http.scaladsl.server.{Directives, Route}
 import akka.http.scaladsl.testkit.ScalatestRouteTest
-import com.typesafe.config.Config
+import com.typesafe.config.{Config, ConfigFactory}
 import com.typesafe.scalalogging.Logger
 import org.scalatest.{AsyncFlatSpec, Matchers}
 import xyz.driver.core.logging.NoLogger
@@ -12,10 +13,24 @@ import xyz.driver.core.rest.errors._
 
 import scala.concurrent.Future
 
-class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matchers {
+class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matchers with Directives {
   class TestRoute(override val route: Route) extends DriverRoute {
-    override def log: Logger    = NoLogger
-    override def config: Config = xyz.driver.core.config.loadDefaultConfig
+    override def log: Logger = NoLogger
+    override def config: Config =
+      ConfigFactory.parseString("""
+                                  |application {
+                                  |   cors {
+                                  |     allowedMethods: ["GET", "PUT", "POST", "PATCH", "DELETE", "OPTIONS"]
+                                  |     allowedOrigins: [{scheme: https, hostSuffix: example.com}]
+                                  |   }
+                                  |}
+      """.stripMargin)
+  }
+
+  val allowedOrigins = Set(HttpOrigin("https", Host("example.com")))
+  val allowedMethods: collection.immutable.Seq[HttpMethod] = {
+    import akka.http.scaladsl.model.HttpMethods._
+    collection.immutable.Seq(GET, PUT, POST, PATCH, DELETE, OPTIONS)
   }
 
   "DriverRoute" should "respond with 200 OK for a basic route" in {
@@ -88,4 +103,42 @@ class DriverRouteTest extends AsyncFlatSpec with ScalatestRouteTest with Matcher
       responseAs[String] shouldBe "Database access error"
     }
   }
+
+  it should "respond with the correct CORS headers for the swagger OPTIONS route" in {
+    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
+    Options(s"/api-docs/swagger.json") ~> route.routeWithDefaults ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+
+  it should "respond with the correct CORS headers for the test route" in {
+    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
+    Options(s"/api/v1/test") ~> route.routeWithDefaults ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+
+  it should "allow subdomains of allowed origin suffixes" in {
+    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
+    Options(s"/api/v1/test")
+      .withHeaders(Origin(HttpOrigin("https", Host("foo.example.com")))) ~> route.routeWithDefaults ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOrigin("https", Host("foo.example.com"))))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
+
+  it should "respond with default domains for invalid origins" in {
+    val route = new TestRoute(get(akkaComplete(StatusCodes.OK)))
+    Options(s"/api/v1/test")
+      .withHeaders(Origin(HttpOrigin("https", Host("invalid.foo.bar.com")))) ~> route.routeWithDefaults ~> check {
+      status shouldBe StatusCodes.OK
+      headers should contain(`Access-Control-Allow-Origin`(HttpOriginRange(allowedOrigins.toSeq: _*)))
+      header[`Access-Control-Allow-Methods`].get.methods should contain theSameElementsAs allowedMethods
+    }
+  }
 }