Issue in UserControllerTest : givenValidToken_whenGetAuthentication_thenReturnAuthentication() is throwing 401 error and we expect 200

Question

Issue in UserControllerTest : givenValidToken_whenGetAuthentication_thenReturnAuthentication() is throwing 401 error and we expect 200

madaffrager opened this issue a year ago · 2 comments

This issue happens due to the SecurityConfig :
.authorizeHttpRequests(customizer-> customizer
.requestMatchers(HttpMethod.POST, "/api/v1/users/**").permitAll()
.anyRequest().authenticated()
We permit POST requests on /api/v1/users although /api/v1/users/authenticate expects GET request with token in Param

Possible fix :

Add to the SecurityConfig:
.requestMatchers(HttpMethod.GET, "/api/v1/users/authenticate").permitAll()
Add A valid AUTH header to the test:
.header(HttpHeaders.AUTHORIZATION, "Bearer " + mockUserToken.getAccessToken())

FYI : this second fix means that we need to add an AUTHORIZATION HEADER to product-service in authenticate endpoint for UserServiceClient as well.

Answer 1 · 2024-12-09T21:15:50.000Z

@madaffrager This test already works as you can see. That's why I close the issue.

Answer 2 · 2024-12-09T21:27:05.000Z

Thanks for the review