API tools faq
paste
Guest User

Untitled

a guest
Sep 12th, 2018
353
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.13 KB | None | 0 0
raw download clone embed print report
  1. <parent>
  2. <groupId>org.springframework.boot</groupId>
  3. <artifactId>spring-boot-starter-parent</artifactId>
  4. <version>2.0.2.RELEASE</version>
  5. </parent>
  6. <properties>
  7. <jacoco.version>0.7.8</jacoco.version>
  8. <java.version>1.8</java.version>
  9. <mockito.version>2.7.22</mockito.version>
  10. <mybatis.version>3.4.4</mybatis.version>
  11. <mybatis.spring.version>1.3.1</mybatis.spring.version>
  12. </properties>
  13. <build>
  14. <finalName>${project.artifactId}</finalName>
  15. <resources>
  16. <resource>
  17. <filtering>true</filtering>
  18. <directory>src/main/resources</directory>
  19. </resource>
  20. </resources>
  21. <plugins>
  22. <plugin>
  23. <groupId>org.apache.maven.plugins</groupId>
  24. <artifactId>maven-failsafe-plugin</artifactId>
  25. <executions>
  26. <execution>
  27. <goals>
  28. <goal>integration-test</goal>
  29. <goal>verify</goal>
  30. </goals>
  31. </execution>
  32. </executions>
  33. </plugin>
  34. <!-- Uncomment this plugin after you have initialized the git repo. -->
  35. <!--
  36. <plugin>
  37. <groupId>pl.project13.maven</groupId>
  38. <artifactId>git-commit-id-plugin</artifactId>
  39. </plugin>
  40. -->
  41. <plugin>
  42. <groupId>org.jacoco</groupId>
  43. <artifactId>jacoco-maven-plugin</artifactId>
  44. <version>${jacoco.version}</version>
  45. <executions>
  46. <execution>
  47. <goals>
  48. <goal>prepare-agent</goal>
  49. <goal>check</goal>
  50. <goal>report</goal>
  51. </goals>
  52. </execution>
  53. </executions>
  54. <configuration>
  55. <rules>
  56. <rule>
  57. <element>CLASS</element>
  58.  
  59. <limits>
  60. <limit>
  61. <counter>LINE</counter>
  62. <value>COVEREDRATIO</value>
  63. <minimum>1.00</minimum>
  64. </limit>
  65. <limit>
  66. <counter>BRANCH</counter>
  67. <value>COVEREDRATIO</value>
  68. <minimum>1.00</minimum>
  69. </limit>
  70. </limits>
  71. </rule>
  72. </rules>
  73. </configuration>
  74. </plugin>
  75. </plugins>
  76. </build>
  77. <reporting>
  78. <plugins>
  79. <plugin>
  80. <groupId>org.jacoco</groupId>
  81. <artifactId>jacoco-maven-plugin</artifactId>
  82. <version>${jacoco.version}</version>
  83. <reportSets>
  84. <reportSet>
  85. <reports>
  86. <report>report</report>
  87. </reports>
  88. </reportSet>
  89. </reportSets>
  90. </plugin>
  91. </plugins>
  92. </reporting>
  93. <dependencies>
  94. <dependency>
  95. <groupId>com.auth0</groupId>
  96. <artifactId>java-jwt</artifactId>
  97. <version>3.2.0</version>
  98. </dependency>
  99. <dependency>
  100. <groupId>com.fasterxml.jackson.core</groupId>
  101. <artifactId>jackson-core</artifactId>
  102. </dependency>
  103. <dependency>
  104. <groupId>com.fasterxml.jackson.core</groupId>
  105. <artifactId>jackson-databind</artifactId>
  106. </dependency>
  107. <dependency>
  108. <groupId>com.ibm.db2.jcc</groupId>
  109. <artifactId>db2jcc_license_cisuz</artifactId>
  110. <version>DB2V11</version>
  111. </dependency>
  112. <dependency>
  113. <groupId>com.ibm.db2.jcc</groupId>
  114. <artifactId>db2jcc4</artifactId>
  115. <version>4.19.26</version>
  116. </dependency>
  117. <dependency>
  118. <groupId>com.jayway.jsonpath</groupId>
  119. <artifactId>json-path</artifactId>
  120. <scope>test</scope>
  121. </dependency>
  122. <dependency>
  123. <groupId>org.skyscreamer</groupId>
  124. <artifactId>jsonassert</artifactId>
  125. <scope>test</scope>
  126. </dependency>
  127. <dependency>
  128. <groupId>javax.inject</groupId>
  129. <artifactId>javax.inject</artifactId>
  130. <version>1</version>
  131. </dependency>
  132. <dependency>
  133. <groupId>org.hamcrest</groupId>
  134. <artifactId>hamcrest-library</artifactId>
  135. <scope>test</scope>
  136. </dependency>
  137. <dependency>
  138. <groupId>org.mockito</groupId>
  139. <artifactId>mockito-core</artifactId>
  140. <version>${mockito.version}</version>
  141. <scope>test</scope>
  142. </dependency>
  143. <dependency>
  144. <groupId>org.mybatis</groupId>
  145. <artifactId>mybatis</artifactId>
  146. <version>${mybatis.version}</version>
  147. </dependency>
  148. <dependency>
  149. <groupId>org.mybatis</groupId>
  150. <artifactId>mybatis-spring</artifactId>
  151. <version>${mybatis.spring.version}</version>
  152. </dependency>
  153. <dependency>
  154. <groupId>org.mybatis.spring.boot</groupId>
  155. <artifactId>mybatis-spring-boot-starter</artifactId>
  156. <version>1.3.0</version>
  157. </dependency>
  158. <dependency>
  159. <groupId>org.springframework.boot</groupId>
  160. <artifactId>spring-boot-devtools</artifactId>
  161. <optional>true</optional>
  162. </dependency>
  163. <dependency>
  164. <groupId>org.springframework.boot</groupId>
  165. <artifactId>spring-boot-starter</artifactId>
  166. <exclusions>
  167. <exclusion>
  168. <groupId>org.springframework.boot</groupId>
  169. <artifactId>spring-boot-starter-logging</artifactId>
  170. </exclusion>
  171. </exclusions>
  172. </dependency>
  173. <dependency>
  174. <groupId>org.springframework.boot</groupId>
  175. <artifactId>spring-boot-starter-actuator</artifactId>
  176. </dependency>
  177. <dependency>
  178. <groupId>org.springframework.boot</groupId>
  179. <artifactId>spring-boot-starter-security</artifactId>
  180. </dependency>
  181. <dependency>
  182. <groupId>org.springframework.boot</groupId>
  183. <artifactId>spring-boot-starter-tomcat</artifactId>
  184. <scope>provided</scope>
  185. </dependency>
  186. <dependency>
  187. <groupId>org.springframework.boot</groupId>
  188. <artifactId>spring-boot-starter-log4j2</artifactId>
  189. </dependency>
  190. <dependency>
  191. <groupId>org.springframework.boot</groupId>
  192. <artifactId>spring-boot-starter-web</artifactId>
  193. </dependency>
  194. <dependency>
  195. <groupId>org.springframework.boot</groupId>
  196. <artifactId>spring-boot-starter-test</artifactId>
  197. <scope>test</scope>
  198. </dependency>
  199. <dependency>
  200. <groupId>org.springframework.security.oauth.boot</groupId>
  201. <artifactId>spring-security-oauth2-autoconfigure</artifactId>
  202. <version>2.0.0.RELEASE</version>
  203. </dependency>
  204. <dependency>
  205. <groupId>org.springframework.security</groupId>
  206. <artifactId>spring-security-test</artifactId>
  207. </dependency>
  208. <dependency>
  209. <groupId>org.springframework.boot</groupId>
  210. <artifactId>spring-boot-properties-migrator</artifactId>
  211. <scope>runtime</scope>
  212. </dependency>
  213. </dependencies>
  214.  
  215. mybatis:
  216. configuration-properties:
  217. schema: abcd
  218.  
  219. spring:
  220. datasource:
  221. url:
  222. username:
  223. password:
  224.  
  225. management:
  226. endpoints:
  227. web:
  228. exposure:
  229. include: "*"
  230.  
  231. @Configuration
  232. @EnableResourceServer
  233. public class SecurityConfiguration implements
  234. JwtAccessTokenConverterConfigurer {
  235.  
  236. @Inject
  237. public void configureGlobal(AuthenticationManagerBuilder auth) throws
  238. Exception {
  239. auth.inMemoryAuthentication().withUser("management").password("provider-
  240. medical-necessity-ws-M@n@g3m3nt").roles("ACTUATOR");
  241. }
  242.  
  243.  
  244. @Bean
  245. public FilterRegistrationBean corsFilter() {
  246. // Set CORS configuration to allow cross-origin requests by default.
  247. // Addtionally add the HTTP OPTIONS method for pre-flight requests.
  248. CorsConfiguration corsConfiguration = new CorsConfiguration();
  249. corsConfiguration.applyPermitDefaultValues();
  250. corsConfiguration.setAllowCredentials(true);
  251. corsConfiguration.addAllowedMethod(HttpMethod.GET);
  252. corsConfiguration.addAllowedMethod(HttpMethod.POST);
  253. corsConfiguration.addAllowedMethod(HttpMethod.PUT);
  254. corsConfiguration.addAllowedMethod(HttpMethod.OPTIONS);
  255.  
  256. UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
  257. urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
  258.  
  259. FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(
  260. new CorsFilter(urlBasedCorsConfigurationSource));
  261. filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
  262.  
  263. return filterRegistrationBean;
  264. }
  265.  
  266.  
  267. @Override
  268. public void configure(JwtAccessTokenConverter converter) {
  269. converter.setAccessTokenConverter(new DefaultAccessTokenConverter() {
  270.  
  271.  
  272. @Override
  273. public OAuth2Authentication extractAuthentication(Map<String, ?>
  274. map) {
  275. Object i = map.get();
  276. Object e = map.get();
  277.  
  278. if (issuerClaim == null || !issuer.equals(issuerClaim) || expirationClaim == null) {
  279. throw new InvalidTokenException("");
  280. }
  281.  
  282. return super.extractAuthentication(map);
  283. }
  284. });
  285. }
  286.  
  287. @RunWith(SpringRunner.class)
  288. @SpringBootTest(webEnvironment = WebEnvironment.MOCK)
  289. @AutoConfigureMockMvc
  290. @ActiveProfiles("it")
  291. @DirtiesContext
  292. public class SecurityConfigurationIT {
  293.  
  294. @Test
  295. @WithMockUser(roles = VALID_ACTUATOR_ROLE)
  296. public void should_be_authorized_for_actuator() throws Exception {
  297. mockMvc.perform(get(LOGGERS).header(HttpHeaders.ORIGIN,
  298. ORIGIN)).andExpect(status().isOk())
  299. .andExpect(header().string(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN,
  300. ORIGIN));
  301. }
  302.  
  303. @Test
  304. @WithMockUser(roles = INVALID_ACTUATOR_ROLE)
  305. public void should_fail_as_forbidden_for_actuator() throws Exception {
  306. mockMvc.perform(get(LOGGERS).header(HttpHeaders.ORIGIN,
  307. ORIGIN)).andExpect(status().isForbidden())
  308.  
  309. .andExpect(header().string(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN,
  310. ORIGIN));
  311. }
  312.  
  313. MockHttpServletRequest:
  314. HTTP Method = GET
  315. Request URI = /actuator/info
  316. Parameters = {}
  317. Headers = {Origin=[test.com]}
  318. Body = null
  319. Session Attrs = {}
  320.  
  321. Async:
  322. Async started = false
  323. Async result = null
  324.  
  325. Resolved Exception:
  326. Type = null
  327.  
  328. ModelAndView:
  329. View name = null
  330. View = null
  331. Model = null
  332.  
  333. FlashMap:
  334. Attributes = null
  335.  
  336. MockHttpServletResponse:
  337. Status = 401
  338. Error message = null
  339. Headers = {Vary=[Origin, Access-Control-Request-Method, Access-
  340. Control-Request-Headers], Access-Control-Allow-Origin=[test.com],
  341. Access-Control-Allow-Credentials=[true], Cache-Control=[no-store],
  342. Pragma=[no-cache], WWW-Authenticate=[Bearer realm="provider-medical-
  343. necessity-ws", error="unauthorized", error_description="Full
  344. authentication is required to access this resource"], Content-Type=
  345. [application/json;charset=UTF-8], X-Content-Type-Options=[nosniff], X-
  346. XSS-Protection=[1; mode=block], X-Frame-Options=[DENY]}
  347. Content type = application/json;charset=UTF-8
  348. Body = {"error":"**unauthorized","error_description":"Full
  349. authentication is required to access this resource"**}
  350. Forwarded URL = null
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!