From the documentation it's unclear how to by pass the authentication. What I read here doesn't work because the methods used are simply not there (e.g: client.addFilter(new HTTPBasicAuthFilter(“user”, “secret")); - seems to be from jersey). If I can make this work I would update the documentation to make it easier for others to do testing.
Here is my class rule
@ClassRule
public static final ResourceTestRule resources = ResourceTestRule
.builder()
.addProvider(
AuthFactory.binder(new BasicAuthFactory<User>(
new TokenAuthenticator(userDAO),
"SUPER SECRET STUFF", User.class)))
.addResource(new ShopResource(shopDAO, userDAO)).build();
where TokenAuthenticator is a derivation of a username/password scheme. I want to basically have the username:password send to BasicAuthentication to the specified realm. However when I send my request
Builder builder = resources
.client()
.register(
HttpAuthenticationFeature
.basic("[email protected]", "test"))
.target(R.URL_SHOPS).request();
Response response = builder.post(Entity.json(shop));
System.out.println(response.getStringHeaders());
my authenticator simple doesn't get called at all.
For more details, here is my token validator
public class TokenAuthenticator implements
Authenticator<BasicCredentials, User> {
UserDAO userDAO;
public TokenAuthenticator(UserDAO userDAO) {
super();
this.userDAO = userDAO;
}
/**
* Need to send in email:auth_token
*/
@Override
public Optional<User> authenticate(BasicCredentials credentials)
throws AuthenticationException {
Optional<User> userOptional = userDAO.findByEmail(credentials
.getUsername());
if (!userOptional.isPresent()
|| userOptional.get().getAuthToken() != credentials
.getPassword())
return Optional.absent();
return userOptional;
}
}
and here is my resource
@POST
public Response create(@Auth User user, Shop shop) {
if (shopDAO.findByName(shop.getName()).isPresent()) {
return Response.status(Status.NOT_ACCEPTABLE).entity("Name existed").build();
}
if (!userDAO.findById(shop.getUserId()).isPresent()) {
return Response.status(Status.NOT_FOUND).entity("User id not found").build();
}
long shopId = shopDAO.create(shop);
return Response.status(Status.CREATED).entity(shopId).build();
}
can anybody take a look?
Please don't open issues to ask questions. Use the mailing the list.
With that said, there are tests that use the authentication. See this:
@carlo-rtr thank you for your pointer, but it's still not clear how to do it properly. I created a discussion here and it turns out I'm not the only one with this problem. I'm surprised the documentation doesn't mention anything about this matter, at all.
Most helpful comment
@carlo-rtr thank you for your pointer, but it's still not clear how to do it properly. I created a discussion here and it turns out I'm not the only one with this problem. I'm surprised the documentation doesn't mention anything about this matter, at all.