MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Resolve warnings throughout `AccountControllerTest`

This commit is contained in:
Jon Chambers 2024-02-26 10:24:12 -05:00 committed by Jon Chambers
parent 436bd891bd
commit d1d03f45c5
1 changed files with 326 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

316
service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java
View File

@ -107,35 +107,32 @@ class AccountControllerTest {
private static final String BASE_64_URL_USERNAME_HASH_2 = "NLUom-CHwtemcdvOTTXdmXmzRIV7F05leS8lwkVK_vc"; private static final String BASE_64_URL_USERNAME_HASH_2 = "NLUom-CHwtemcdvOTTXdmXmzRIV7F05leS8lwkVK_vc";
private static final String BASE_64_URL_ENCRYPTED_USERNAME_1 = "md1votbj9r794DsqTNrBqA"; private static final String BASE_64_URL_ENCRYPTED_USERNAME_1 = "md1votbj9r794DsqTNrBqA";
private static final String INVALID_BASE_64_URL_USERNAME_HASH = "fA+VkNbvB6dVfx/6NpaRSK6mvhhAUBgDNWFaD7+7gvs=";
private static final String TOO_SHORT_BASE_64_URL_USERNAME_HASH = "P2oMuxx0xgGxSpTO0ACq3IztEOBDaV9t9YFu4bAGpQ"; private static final String TOO_SHORT_BASE_64_URL_USERNAME_HASH = "P2oMuxx0xgGxSpTO0ACq3IztEOBDaV9t9YFu4bAGpQ";
private static final byte[] USERNAME_HASH_1 = Base64.getUrlDecoder().decode(BASE_64_URL_USERNAME_HASH_1); private static final byte[] USERNAME_HASH_1 = Base64.getUrlDecoder().decode(BASE_64_URL_USERNAME_HASH_1);
private static final byte[] USERNAME_HASH_2 = Base64.getUrlDecoder().decode(BASE_64_URL_USERNAME_HASH_2); private static final byte[] USERNAME_HASH_2 = Base64.getUrlDecoder().decode(BASE_64_URL_USERNAME_HASH_2);
private static final byte[] ENCRYPTED_USERNAME_1 = Base64.getUrlDecoder().decode(BASE_64_URL_ENCRYPTED_USERNAME_1); private static final byte[] ENCRYPTED_USERNAME_1 = Base64.getUrlDecoder().decode(BASE_64_URL_ENCRYPTED_USERNAME_1);
private static final byte[] INVALID_USERNAME_HASH = Base64.getDecoder().decode(INVALID_BASE_64_URL_USERNAME_HASH);
private static final byte[] TOO_SHORT_USERNAME_HASH = Base64.getUrlDecoder().decode(TOO_SHORT_BASE_64_URL_USERNAME_HASH);
private static final String BASE_64_URL_ZK_PROOF = "2kambOgmdeeIO0faCMgR6HR4G2BQ5bnhXdIe9ZuZY0NmQXSra5BzDBQ7jzy1cvoEqUHYLpBYMrXudkYPJaWoQg"; private static final String BASE_64_URL_ZK_PROOF = "2kambOgmdeeIO0faCMgR6HR4G2BQ5bnhXdIe9ZuZY0NmQXSra5BzDBQ7jzy1cvoEqUHYLpBYMrXudkYPJaWoQg";
private static final byte[] ZK_PROOF = Base64.getUrlDecoder().decode(BASE_64_URL_ZK_PROOF); private static final byte[] ZK_PROOF = Base64.getUrlDecoder().decode(BASE_64_URL_ZK_PROOF);
private static final UUID SENDER_REG_LOCK_UUID = UUID.randomUUID(); private static final UUID SENDER_REG_LOCK_UUID = UUID.randomUUID();
private static final UUID SENDER_TRANSFER_UUID = UUID.randomUUID(); private static final UUID SENDER_TRANSFER_UUID = UUID.randomUUID();
private static AccountsManager accountsManager = mock(AccountsManager.class); private static final AccountsManager accountsManager = mock(AccountsManager.class);
private static RateLimiters rateLimiters = mock(RateLimiters.class); private static final RateLimiters rateLimiters = mock(RateLimiters.class);
private static RateLimiter rateLimiter = mock(RateLimiter.class); private static final RateLimiter rateLimiter = mock(RateLimiter.class);
private static RateLimiter usernameSetLimiter = mock(RateLimiter.class); private static final RateLimiter usernameSetLimiter = mock(RateLimiter.class);
private static RateLimiter usernameReserveLimiter = mock(RateLimiter.class); private static final RateLimiter usernameReserveLimiter = mock(RateLimiter.class);
private static RateLimiter usernameLookupLimiter = mock(RateLimiter.class); private static final RateLimiter usernameLookupLimiter = mock(RateLimiter.class);
private static RateLimiter checkAccountExistence = mock(RateLimiter.class); private static final RateLimiter checkAccountExistence = mock(RateLimiter.class);
private static TurnTokenGenerator turnTokenGenerator = mock(TurnTokenGenerator.class); private static final TurnTokenGenerator turnTokenGenerator = mock(TurnTokenGenerator.class);
private static Account senderPinAccount = mock(Account.class); private static final Account senderPinAccount = mock(Account.class);
private static Account senderRegLockAccount = mock(Account.class); private static final Account senderRegLockAccount = mock(Account.class);
private static Account senderHasStorage = mock(Account.class); private static final Account senderHasStorage = mock(Account.class);
private static Account senderTransfer = mock(Account.class); private static final Account senderTransfer = mock(Account.class);
private static RegistrationRecoveryPasswordsManager registrationRecoveryPasswordsManager = mock( private static final RegistrationRecoveryPasswordsManager registrationRecoveryPasswordsManager =
RegistrationRecoveryPasswordsManager.class); mock(RegistrationRecoveryPasswordsManager.class);
private static final UsernameHashZkProofVerifier usernameZkProofVerifier = mock(UsernameHashZkProofVerifier.class); private static final UsernameHashZkProofVerifier usernameZkProofVerifier = mock(UsernameHashZkProofVerifier.class);
private byte[] registration_lock_key = new byte[32]; private final byte[] registration_lock_key = new byte[32];
private static final TestRemoteAddressFilterProvider TEST_REMOTE_ADDRESS_FILTER_PROVIDER private static final TestRemoteAddressFilterProvider TEST_REMOTE_ADDRESS_FILTER_PROVIDER
= new TestRemoteAddressFilterProvider("127.0.0.1"); = new TestRemoteAddressFilterProvider("127.0.0.1");
@ -243,12 +240,11 @@ class AccountControllerTest {
@Test @Test
void testSetRegistrationLock() { void testSetRegistrationLock() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/registration_lock/") .target("/v1/accounts/registration_lock/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new RegistrationLock("1234567890123456789012345678901234567890123456789012345678901234"))); .put(Entity.json(new RegistrationLock("1234567890123456789012345678901234567890123456789012345678901234")))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
@ -262,58 +258,57 @@ class AccountControllerTest {
assertThat(pinCapture.getValue().length()).isEqualTo(66); assertThat(pinCapture.getValue().length()).isEqualTo(66);
} }
}
@Test @Test
void testSetShortRegistrationLock() throws Exception { void testSetShortRegistrationLock() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/registration_lock/") .target("/v1/accounts/registration_lock/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new RegistrationLock("313"))); .put(Entity.json(new RegistrationLock("313")))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
} }
}
@Test @Test
void testSetGcmId() { void testSetGcmId() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/gcm/") .target("/v1/accounts/gcm/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, .header(HttpHeaders.AUTHORIZATION,
AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY)) AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY))
.put(Entity.json(new GcmRegistrationId("z000"))); .put(Entity.json(new GcmRegistrationId("z000")))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
verify(AuthHelper.VALID_DEVICE_3_PRIMARY, times(1)).setGcmId(eq("z000")); verify(AuthHelper.VALID_DEVICE_3_PRIMARY, times(1)).setGcmId(eq("z000"));
verify(accountsManager, times(1)).updateDevice(eq(AuthHelper.VALID_ACCOUNT_3), anyByte(), any()); verify(accountsManager, times(1)).updateDevice(eq(AuthHelper.VALID_ACCOUNT_3), anyByte(), any());
} }
}
@Test @Test
void testSetGcmIdInvalidrequest() { void testSetGcmIdInvalidrequest() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/gcm/") .target("/v1/accounts/gcm/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, .header(HttpHeaders.AUTHORIZATION,
AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY)) AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY))
.put(Entity.json("{}")); .put(Entity.json("{}"))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
}
} }
@Test @Test
void testSetApnId() { void testSetApnId() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/apn/") .target("/v1/accounts/apn/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, .header(HttpHeaders.AUTHORIZATION,
AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY)) AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY))
.put(Entity.json(new ApnRegistrationId("first", "second"))); .put(Entity.json(new ApnRegistrationId("first", "second")))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
@ -321,16 +316,16 @@ class AccountControllerTest {
verify(AuthHelper.VALID_DEVICE_3_PRIMARY, times(1)).setVoipApnId(eq("second")); verify(AuthHelper.VALID_DEVICE_3_PRIMARY, times(1)).setVoipApnId(eq("second"));
verify(accountsManager, times(1)).updateDevice(eq(AuthHelper.VALID_ACCOUNT_3), anyByte(), any()); verify(accountsManager, times(1)).updateDevice(eq(AuthHelper.VALID_ACCOUNT_3), anyByte(), any());
} }
}
@Test @Test
void testSetApnIdNoVoip() { void testSetApnIdNoVoip() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/apn/") .target("/v1/accounts/apn/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, .header(HttpHeaders.AUTHORIZATION,
AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY)) AuthHelper.getAuthHeader(AuthHelper.VALID_UUID_3, AuthHelper.VALID_PASSWORD_3_PRIMARY))
.put(Entity.json(new ApnRegistrationId("first", null))); .put(Entity.json(new ApnRegistrationId("first", null)))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
@ -338,22 +333,21 @@ class AccountControllerTest {
verify(AuthHelper.VALID_DEVICE_3_PRIMARY, times(1)).setVoipApnId(null); verify(AuthHelper.VALID_DEVICE_3_PRIMARY, times(1)).setVoipApnId(null);
verify(accountsManager, times(1)).updateDevice(eq(AuthHelper.VALID_ACCOUNT_3), anyByte(), any()); verify(accountsManager, times(1)).updateDevice(eq(AuthHelper.VALID_ACCOUNT_3), anyByte(), any());
} }
}
@ParameterizedTest @ParameterizedTest
@ValueSource(strings = {"/v1/accounts/whoami", "/v1/accounts/me"}) @ValueSource(strings = {"/v1/accounts/whoami", "/v1/accounts/me"})
void testWhoAmI(final String path) { void testWhoAmI(final String path) {
try (final Response response = resources.getJerseyTest()
final Response response = resources.getJerseyTest()
.target(path) .target(path)
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(); .get()) {
assertThat(response.getStatus()).isEqualTo(200); assertThat(response.getStatus()).isEqualTo(200);
assertThat(response.readEntity(AccountIdentityResponse.class).uuid()).isEqualTo(AuthHelper.VALID_UUID); assertThat(response.readEntity(AccountIdentityResponse.class).uuid()).isEqualTo(AuthHelper.VALID_UUID);
} }
}
static Stream<Arguments> testSetUsernameLink() { static Stream<Arguments> testSetUsernameLink() {
return Stream.of( return Stream.of(
@ -373,7 +367,7 @@ class AccountControllerTest {
final boolean passRateLimiting, final boolean passRateLimiting,
final boolean setUsernameHash, final boolean setUsernameHash,
final int payloadSize, final int payloadSize,
final int expectedStatus) throws Exception { final int expectedStatus) {
// checking if rate limiting needs to pass or fail for this test // checking if rate limiting needs to pass or fail for this test
if (passRateLimiting) { if (passRateLimiting) {
@ -403,9 +397,11 @@ class AccountControllerTest {
// make sure `update()` works // make sure `update()` works
doReturn(AuthHelper.VALID_ACCOUNT).when(accountsManager).update(any(), any()); doReturn(AuthHelper.VALID_ACCOUNT).when(accountsManager).update(any(), any());
final Response put = builder.put(Entity.json(new EncryptedUsername(TestRandomUtil.nextBytes(payloadSize)))); try (final Response response =
builder.put(Entity.json(new EncryptedUsername(TestRandomUtil.nextBytes(payloadSize))))) {
assertEquals(expectedStatus, put.getStatus()); assertEquals(expectedStatus, response.getStatus());
}
} }
static Stream<Arguments> testDeleteUsernameLink() { static Stream<Arguments> testDeleteUsernameLink() {
@ -421,7 +417,7 @@ class AccountControllerTest {
public void testDeleteUsernameLink( public void testDeleteUsernameLink(
final boolean auth, final boolean auth,
final boolean passRateLimiting, final boolean passRateLimiting,
final int expectedStatus) throws Exception { final int expectedStatus) {
// checking if rate limiting needs to pass or fail for this test // checking if rate limiting needs to pass or fail for this test
if (passRateLimiting) { if (passRateLimiting) {
@ -444,10 +440,10 @@ class AccountControllerTest {
// make sure `update()` works // make sure `update()` works
doReturn(AuthHelper.VALID_ACCOUNT).when(accountsManager).update(any(), any()); doReturn(AuthHelper.VALID_ACCOUNT).when(accountsManager).update(any(), any());
final Response delete = builder.delete(); try (final Response delete = builder.delete()) {
assertEquals(expectedStatus, delete.getStatus()); assertEquals(expectedStatus, delete.getStatus());
} }
}
static Stream<Arguments> testLookupUsernameLink() { static Stream<Arguments> testLookupUsernameLink() {
return Stream.of( return Stream.of(
@ -501,41 +497,46 @@ class AccountControllerTest {
void testReserveUsernameHash() { void testReserveUsernameHash() {
when(accountsManager.reserveUsernameHash(any(), any())) when(accountsManager.reserveUsernameHash(any(), any()))
.thenReturn(CompletableFuture.completedFuture(new AccountsManager.UsernameReservation(null, USERNAME_HASH_1))); .thenReturn(CompletableFuture.completedFuture(new AccountsManager.UsernameReservation(null, USERNAME_HASH_1)));
Response response =
resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target("/v1/accounts/username_hash/reserve") .target("/v1/accounts/username_hash/reserve")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ReserveUsernameHashRequest(List.of(USERNAME_HASH_1, USERNAME_HASH_2)))); .put(Entity.json(new ReserveUsernameHashRequest(List.of(USERNAME_HASH_1, USERNAME_HASH_2))))) {
assertThat(response.getStatus()).isEqualTo(200); assertThat(response.getStatus()).isEqualTo(200);
assertThat(response.readEntity(ReserveUsernameHashResponse.class)) assertThat(response.readEntity(ReserveUsernameHashResponse.class))
.satisfies(r -> assertThat(r.usernameHash()).hasSize(32)); .satisfies(r -> assertThat(r.usernameHash()).hasSize(32));
} }
}
@Test @Test
void testReserveUsernameHashUnavailable() { void testReserveUsernameHashUnavailable() {
when(accountsManager.reserveUsernameHash(any(), anyList())) when(accountsManager.reserveUsernameHash(any(), anyList()))
.thenReturn(CompletableFuture.failedFuture(new UsernameHashNotAvailableException())); .thenReturn(CompletableFuture.failedFuture(new UsernameHashNotAvailableException()));
Response response =
resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target("/v1/accounts/username_hash/reserve") .target("/v1/accounts/username_hash/reserve")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ReserveUsernameHashRequest(List.of(USERNAME_HASH_1, USERNAME_HASH_2)))); .put(Entity.json(new ReserveUsernameHashRequest(List.of(USERNAME_HASH_1, USERNAME_HASH_2))))) {
assertThat(response.getStatus()).isEqualTo(409); assertThat(response.getStatus()).isEqualTo(409);
} }
}
@ParameterizedTest @ParameterizedTest
@MethodSource @MethodSource
void testReserveUsernameHashListSizeInvalid(List<byte[]> usernameHashes) { void testReserveUsernameHashListSizeInvalid(List<byte[]> usernameHashes) {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/username_hash/reserve") .target("/v1/accounts/username_hash/reserve")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ReserveUsernameHashRequest(usernameHashes))); .put(Entity.json(new ReserveUsernameHashRequest(usernameHashes)))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
} }
}
static Stream<Arguments> testReserveUsernameHashListSizeInvalid() { static Stream<Arguments> testReserveUsernameHashListSizeInvalid() {
return Stream.of( return Stream.of(
@ -547,42 +548,50 @@ class AccountControllerTest {
@Test @Test
void testReserveUsernameHashInvalidHashSize() { void testReserveUsernameHashInvalidHashSize() {
List<byte[]> usernameHashes = List.of(new byte[31]); List<byte[]> usernameHashes = List.of(new byte[31]);
Response response =
resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target("/v1/accounts/username_hash/reserve") .target("/v1/accounts/username_hash/reserve")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ReserveUsernameHashRequest(usernameHashes))); .put(Entity.json(new ReserveUsernameHashRequest(usernameHashes)))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
} }
}
@Test @Test
void testReserveUsernameHashNullList() { void testReserveUsernameHashNullList() {
Response response = try (final Response response =
resources.getJerseyTest() resources.getJerseyTest()
.target("/v1/accounts/username_hash/reserve") .target("/v1/accounts/username_hash/reserve")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION,
.put(Entity.json(new ReserveUsernameHashRequest(null))); AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ReserveUsernameHashRequest(null)))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
} }
}
@Test @Test
void testReserveUsernameHashInvalidBase64UrlEncoding() { void testReserveUsernameHashInvalidBase64UrlEncoding() {
Response response = try (final Response response =
resources.getJerseyTest() resources.getJerseyTest()
.target("/v1/accounts/username_hash/reserve") .target("/v1/accounts/username_hash/reserve")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION,
AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json( .put(Entity.json(
// Has '+' and '='characters which are invalid in base64url // Has '+' and '='characters which are invalid in base64url
""" """
{ {
"usernameHashes": ["jh1jJ50oGn9wUXAFNtDus6AJgWOQ6XbZzF+wCv7OOQs="] "usernameHashes": ["jh1jJ50oGn9wUXAFNtDus6AJgWOQ6XbZzF+wCv7OOQs="]
} }
""")); """))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
} }
}
@Test @Test
void testConfirmUsernameHash() throws BaseUsernameException { void testConfirmUsernameHash() throws BaseUsernameException {
@ -593,12 +602,12 @@ class AccountControllerTest {
when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), eq(ENCRYPTED_USERNAME_1))) when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), eq(ENCRYPTED_USERNAME_1)))
.thenReturn(CompletableFuture.completedFuture(account)); .thenReturn(CompletableFuture.completedFuture(account));
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/username_hash/confirm") .target("/v1/accounts/username_hash/confirm")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1))); .put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1)))) {
assertThat(response.getStatus()).isEqualTo(200); assertThat(response.getStatus()).isEqualTo(200);
final UsernameHashResponse respEntity = response.readEntity(UsernameHashResponse.class); final UsernameHashResponse respEntity = response.readEntity(UsernameHashResponse.class);
@ -606,6 +615,7 @@ class AccountControllerTest {
assertEquals(respEntity.usernameLinkHandle(), uuid); assertEquals(respEntity.usernameLinkHandle(), uuid);
verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1); verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1);
} }
}
@Test @Test
void testConfirmUsernameHashNullProof() { void testConfirmUsernameHashNullProof() {
@ -628,14 +638,12 @@ class AccountControllerTest {
when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), eq(null))) when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), eq(null)))
.thenReturn(CompletableFuture.completedFuture(account)); .thenReturn(CompletableFuture.completedFuture(account));
try (final Response response = resources.getJerseyTest()
Response response =
resources.getJerseyTest()
.target("/v1/accounts/username_hash/confirm") .target("/v1/accounts/username_hash/confirm")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, null))); .put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, null)))) {
assertThat(response.getStatus()).isEqualTo(200); assertThat(response.getStatus()).isEqualTo(200);
final UsernameHashResponse respEntity = response.readEntity(UsernameHashResponse.class); final UsernameHashResponse respEntity = response.readEntity(UsernameHashResponse.class);
@ -643,41 +651,43 @@ class AccountControllerTest {
assertNull(respEntity.usernameLinkHandle()); assertNull(respEntity.usernameLinkHandle());
verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1); verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1);
} }
}
@Test @Test
void testConfirmUnreservedUsernameHash() throws BaseUsernameException { void testConfirmUnreservedUsernameHash() throws BaseUsernameException {
when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), any())) when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), any()))
.thenReturn(CompletableFuture.failedFuture(new UsernameReservationNotFoundException())); .thenReturn(CompletableFuture.failedFuture(new UsernameReservationNotFoundException()));
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/username_hash/confirm") .target("/v1/accounts/username_hash/confirm")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1))); .put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1)))) {
assertThat(response.getStatus()).isEqualTo(409); assertThat(response.getStatus()).isEqualTo(409);
verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1); verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1);
} }
}
@Test @Test
void testConfirmLapsedUsernameHash() throws BaseUsernameException { void testConfirmLapsedUsernameHash() throws BaseUsernameException {
when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), any())) when(accountsManager.confirmReservedUsernameHash(any(), eq(USERNAME_HASH_1), any()))
.thenReturn(CompletableFuture.failedFuture(new UsernameHashNotAvailableException())); .thenReturn(CompletableFuture.failedFuture(new UsernameHashNotAvailableException()));
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/username_hash/confirm") .target("/v1/accounts/username_hash/confirm")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1))); .put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1)))) {
assertThat(response.getStatus()).isEqualTo(410); assertThat(response.getStatus()).isEqualTo(410);
verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1); verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1);
} }
}
@Test @Test
void testConfirmUsernameHashInvalidBase64UrlEncoding() { void testConfirmUsernameHashInvalidBase64UrlEncoding() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/username_hash/confirm") .target("/v1/accounts/username_hash/confirm")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
@ -688,144 +698,151 @@ class AccountControllerTest {
"usernameHash": "jh1jJ50oGn9wUXAFNtDus6AJgWOQ6XbZzF+wCv7OOQs=", "usernameHash": "jh1jJ50oGn9wUXAFNtDus6AJgWOQ6XbZzF+wCv7OOQs=",
"zkProof": "iYXE0QPK60PS3lGa-xdNv0GlXA3B03xQLzltSf-2xmscyS_8fjy5H9ymfaEr62PcVY7tsWhWjOOvcCnhmP_HS=" "zkProof": "iYXE0QPK60PS3lGa-xdNv0GlXA3B03xQLzltSf-2xmscyS_8fjy5H9ymfaEr62PcVY7tsWhWjOOvcCnhmP_HS="
} }
""")); """))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
verifyNoInteractions(usernameZkProofVerifier); verifyNoInteractions(usernameZkProofVerifier);
} }
}
@Test @Test
void testConfirmUsernameHashInvalidHashSize() { void testConfirmUsernameHashInvalidHashSize() {
byte[] usernameHash = new byte[31]; byte[] usernameHash = new byte[31];
Response response =
resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target("/v1/accounts/username_hash/confirm") .target("/v1/accounts/username_hash/confirm")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ConfirmUsernameHashRequest(usernameHash, ZK_PROOF, ENCRYPTED_USERNAME_1))); .put(Entity.json(new ConfirmUsernameHashRequest(usernameHash, ZK_PROOF, ENCRYPTED_USERNAME_1)))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
verifyNoInteractions(usernameZkProofVerifier); verifyNoInteractions(usernameZkProofVerifier);
} }
}
@Test @Test
void testCommitUsernameHashWithInvalidProof() throws BaseUsernameException { void testCommitUsernameHashWithInvalidProof() throws BaseUsernameException {
doThrow(new BaseUsernameException("invalid username")).when(usernameZkProofVerifier).verifyProof(eq(ZK_PROOF), eq(USERNAME_HASH_1)); doThrow(new BaseUsernameException("invalid username")).when(usernameZkProofVerifier).verifyProof(eq(ZK_PROOF), eq(USERNAME_HASH_1));
Response response =
resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target("/v1/accounts/username_hash/confirm") .target("/v1/accounts/username_hash/confirm")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1))); .put(Entity.json(new ConfirmUsernameHashRequest(USERNAME_HASH_1, ZK_PROOF, ENCRYPTED_USERNAME_1)))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1); verify(usernameZkProofVerifier).verifyProof(ZK_PROOF, USERNAME_HASH_1);
} }
}
@Test @Test
void testDeleteUsername() { void testDeleteUsername() {
when(accountsManager.clearUsernameHash(any())) when(accountsManager.clearUsernameHash(any()))
.thenAnswer(invocation -> CompletableFutureTestUtil.almostCompletedFuture(invocation.getArgument(0))); .thenAnswer(invocation -> CompletableFutureTestUtil.almostCompletedFuture(invocation.getArgument(0)));
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/username_hash/") .target("/v1/accounts/username_hash/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.delete(); .delete()) {
assertThat(response.readEntity(String.class)).isEqualTo(""); assertThat(response.readEntity(String.class)).isEqualTo("");
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
verify(accountsManager).clearUsernameHash(AuthHelper.VALID_ACCOUNT); verify(accountsManager).clearUsernameHash(AuthHelper.VALID_ACCOUNT);
} }
}
@Test @Test
void testDeleteUsernameBadAuth() { void testDeleteUsernameBadAuth() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/username_hash/") .target("/v1/accounts/username_hash/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.INVALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.INVALID_PASSWORD))
.delete(); .delete()) {
assertThat(response.getStatus()).isEqualTo(401); assertThat(response.getStatus()).isEqualTo(401);
} }
}
@Test @Test
void testSetAccountAttributesNoDiscoverabilityChange() { void testSetAccountAttributesNoDiscoverabilityChange() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/attributes/") .target("/v1/accounts/attributes/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, true, null))); .put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, true, null)))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
} }
}
@Test @Test
void testSetAccountAttributesEnableDiscovery() { void testSetAccountAttributesEnableDiscovery() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/attributes/") .target("/v1/accounts/attributes/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.UNDISCOVERABLE_UUID, AuthHelper.UNDISCOVERABLE_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.UNDISCOVERABLE_UUID, AuthHelper.UNDISCOVERABLE_PASSWORD))
.put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, true, null))); .put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, true, null)))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
} }
}
@Test @Test
void testAccountsAttributesUpdateRecoveryPassword() { void testAccountsAttributesUpdateRecoveryPassword() {
final byte[] recoveryPassword = TestRandomUtil.nextBytes(32); final byte[] recoveryPassword = TestRandomUtil.nextBytes(32);
final Response response =
resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target("/v1/accounts/attributes/") .target("/v1/accounts/attributes/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.UNDISCOVERABLE_UUID, AuthHelper.UNDISCOVERABLE_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.UNDISCOVERABLE_UUID, AuthHelper.UNDISCOVERABLE_PASSWORD))
.put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, true, null) .put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, true, null)
.withRecoveryPassword(recoveryPassword))); .withRecoveryPassword(recoveryPassword)))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
verify(registrationRecoveryPasswordsManager).storeForCurrentNumber(eq(AuthHelper.UNDISCOVERABLE_NUMBER), eq(recoveryPassword)); verify(registrationRecoveryPasswordsManager).storeForCurrentNumber(eq(AuthHelper.UNDISCOVERABLE_NUMBER), eq(recoveryPassword));
} }
}
@Test @Test
void testSetAccountAttributesDisableDiscovery() { void testSetAccountAttributesDisableDiscovery() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/attributes/") .target("/v1/accounts/attributes/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, false, null))); .put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, false, null)))) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
} }
}
@Test @Test
void testSetAccountAttributesBadUnidentifiedKeyLength() { void testSetAccountAttributesBadUnidentifiedKeyLength() {
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/attributes/") .target("/v1/accounts/attributes/")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, false, null) .put(Entity.json(new AccountAttributes(false, 2222, 3333, null, null, false, null)
.withUnidentifiedAccessKey(new byte[7]))); .withUnidentifiedAccessKey(new byte[7])))) {
assertThat(response.getStatus()).isEqualTo(422); assertThat(response.getStatus()).isEqualTo(422);
} }
}
@Test @Test
void testDeleteAccount() { void testDeleteAccount() {
when(accountsManager.delete(any(), any())).thenReturn(CompletableFutureTestUtil.almostCompletedFuture(null)); when(accountsManager.delete(any(), any())).thenReturn(CompletableFutureTestUtil.almostCompletedFuture(null));
Response response = try (final Response response = resources.getJerseyTest()
resources.getJerseyTest()
.target("/v1/accounts/me") .target("/v1/accounts/me")
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.delete(); .delete()) {
assertThat(response.getStatus()).isEqualTo(204); assertThat(response.getStatus()).isEqualTo(204);
verify(accountsManager).delete(AuthHelper.VALID_ACCOUNT, AccountsManager.DeletionReason.USER_REQUEST); verify(accountsManager).delete(AuthHelper.VALID_ACCOUNT, AccountsManager.DeletionReason.USER_REQUEST);
} }
}
@Test @Test
void testDeleteAccountException() { void testDeleteAccountException() {
@ -855,27 +872,33 @@ class AccountControllerTest {
when(rateLimiters.getCheckAccountExistenceLimiter()).thenReturn(mock(RateLimiter.class)); when(rateLimiters.getCheckAccountExistenceLimiter()).thenReturn(mock(RateLimiter.class));
assertThat(resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/account/%s", accountIdentifier)) .target(String.format("/v1/accounts/account/%s", accountIdentifier))
.request() .request()
.head() .head()) {
.getStatus()).isEqualTo(200);
assertThat(resources.getJerseyTest() assertThat(response.getStatus()).isEqualTo(200);
}
try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/account/PNI:%s", phoneNumberIdentifier)) .target(String.format("/v1/accounts/account/PNI:%s", phoneNumberIdentifier))
.request() .request()
.head() .head()) {
.getStatus()).isEqualTo(200);
assertThat(resources.getJerseyTest() assertThat(response.getStatus()).isEqualTo(200);
}
try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/account/%s", UUID.randomUUID())) .target(String.format("/v1/accounts/account/%s", UUID.randomUUID()))
.request() .request()
.head() .head()) {
.getStatus()).isEqualTo(404);
assertThat(response.getStatus()).isEqualTo(404);
}
} }
@Test @Test
void testAccountExistsRateLimited() throws RateLimitExceededException { void testAccountExistsRateLimited() {
final Duration expectedRetryAfter = Duration.ofSeconds(13); final Duration expectedRetryAfter = Duration.ofSeconds(13);
final Account account = mock(Account.class); final Account account = mock(Account.class);
final UUID accountIdentifier = UUID.randomUUID(); final UUID accountIdentifier = UUID.randomUUID();
@ -884,23 +907,26 @@ class AccountControllerTest {
MockUtils.updateRateLimiterResponseToFail( MockUtils.updateRateLimiterResponseToFail(
rateLimiters, RateLimiters.For.CHECK_ACCOUNT_EXISTENCE, "127.0.0.1", expectedRetryAfter, true); rateLimiters, RateLimiters.For.CHECK_ACCOUNT_EXISTENCE, "127.0.0.1", expectedRetryAfter, true);
final Response response = resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/account/%s", accountIdentifier)) .target(String.format("/v1/accounts/account/%s", accountIdentifier))
.request() .request()
.head(); .head()) {
assertThat(response.getStatus()).isEqualTo(413); assertThat(response.getStatus()).isEqualTo(413);
assertThat(response.getHeaderString("Retry-After")).isEqualTo(String.valueOf(expectedRetryAfter.toSeconds())); assertThat(response.getHeaderString("Retry-After")).isEqualTo(String.valueOf(expectedRetryAfter.toSeconds()));
} }
}
@Test @Test
void testAccountExistsAuthenticated() { void testAccountExistsAuthenticated() {
assertThat(resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/account/%s", UUID.randomUUID())) .target(String.format("/v1/accounts/account/%s", UUID.randomUUID()))
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.head() .head()) {
.getStatus()).isEqualTo(400);
assertThat(response.getStatus()).isEqualTo(400);
}
} }
@Test @Test
@ -928,7 +954,7 @@ class AccountControllerTest {
} }
@Test @Test
void testLookupUsernameRateLimited() throws RateLimitExceededException { void testLookupUsernameRateLimited() {
final Duration expectedRetryAfter = Duration.ofSeconds(13); final Duration expectedRetryAfter = Duration.ofSeconds(13);
MockUtils.updateRateLimiterResponseToFail( MockUtils.updateRateLimiterResponseToFail(
rateLimiters, RateLimiters.For.USERNAME_LOOKUP, "127.0.0.1", expectedRetryAfter, true); rateLimiters, RateLimiters.For.USERNAME_LOOKUP, "127.0.0.1", expectedRetryAfter, true);
@ -943,27 +969,33 @@ class AccountControllerTest {
@Test @Test
void testLookupUsernameAuthenticated() { void testLookupUsernameAuthenticated() {
assertThat(resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/username_hash/%s", USERNAME_HASH_1)) .target(String.format("/v1/accounts/username_hash/%s", BASE_64_URL_USERNAME_HASH_1))
.request() .request()
.header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header(HttpHeaders.AUTHORIZATION, AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get() .get()) {
.getStatus()).isEqualTo(400);
assertThat(response.getStatus()).isEqualTo(400);
}
} }
@Test @Test
void testLookupUsernameInvalidFormat() { void testLookupUsernameInvalidFormat() {
assertThat(resources.getJerseyTest() try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/username_hash/%s", INVALID_USERNAME_HASH)) .target("/v1/accounts/username_hash/Not valid base64")
.request() .request()
.get() .get()) {
.getStatus()).isEqualTo(422);
assertThat(resources.getJerseyTest() assertThat(response.getStatus()).isEqualTo(422);
.target(String.format("/v1/accounts/username_hash/%s", TOO_SHORT_USERNAME_HASH)) }
try (final Response response = resources.getJerseyTest()
.target(String.format("/v1/accounts/username_hash/%s", TOO_SHORT_BASE_64_URL_USERNAME_HASH))
.request() .request()
.get() .get()) {
.getStatus()).isEqualTo(422);
assertThat(response.getStatus()).isEqualTo(422);
}
} }
@ParameterizedTest @ParameterizedTest