ci/cd : add first unit test codes

Author: patternhelloworld

README.md

@@ -187,4 +187,9 @@ public class CommonDataSourceConfiguration {
 ## Running this App with Docker
 * Use the following module for Blue-Green deployment:
   * https://github.com/patternknife/docker-blue-green-runner
-* The above module references this app's Dockerfile and the entrypoint script in the .docker folder.
+* The above module references this app's Dockerfile and the entrypoint script in the .docker folder.
+
+## Contribution Guide
+* You can create a pull request directly to the main branch.
+* Integration tests in the client folder are sufficient for now, but you may add more if necessary.
+* There is a lack of unit tests, so contributions to unit test code are welcome, which will help improve the overall codebase.

pom.xml

@@ -60,6 +60,7 @@ http://maven.apache.org/xsd/maven-4.0.0.xsd">
         <maven-resources-plugin.version>3.3.1</maven-resources-plugin.version>
         <maven-javadoc-plugin.version>3.6.3</maven-javadoc-plugin.version>
         <maven-surefire-plugin.version>3.2.5</maven-surefire-plugin.version>
+        <mockito.version>5.2.0</mockito.version>
     </properties>
 
     <dependencyManagement>
@@ -194,6 +195,13 @@ http://maven.apache.org/xsd/maven-4.0.0.xsd">
             <scope>test</scope>
         </dependency>
 
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-inline</artifactId>
+            <version>${mockito.version}</version>
+            <scope>test</scope>
+        </dependency>
+
 
         <dependency>
             <groupId>javax.annotation</groupId>

src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/serivce/CommonOAuth2AuthorizationSaver.java

@@ -1,6 +1,7 @@
 package io.github.patternknife.securityhelper.oauth2.api.config.security.serivce;
 
 import jakarta.annotation.Nullable;
+import jakarta.validation.constraints.NotNull;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
@@ -12,8 +13,8 @@
 * */
 public interface CommonOAuth2AuthorizationSaver {
 
-     OAuth2Authorization save(UserDetails userDetails, AuthorizationGrantType authorizationGrantType,
-                              String clientId, Map<String, Object> additionalParameters,
-                              @Nullable Map<String, Object> modifiableAdditionalParameters);
+     @NotNull OAuth2Authorization save(UserDetails userDetails, AuthorizationGrantType authorizationGrantType,
+                                       String clientId, Map<String, Object> additionalParameters,
+                                       @Nullable Map<String, Object> modifiableAdditionalParameters);
 
 }

src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/serivce/CommonOAuth2AuthorizationSaverImpl.java

@@ -7,6 +7,7 @@
 import io.github.patternknife.securityhelper.oauth2.api.config.security.serivce.authentication.OAuth2AuthorizationBuildingService;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.serivce.persistence.authorization.OAuth2AuthorizationServiceImpl;
 
+import jakarta.validation.constraints.NotNull;
 import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -31,8 +32,8 @@ public class CommonOAuth2AuthorizationSaverImpl implements CommonOAuth2Authoriza
      private final OAuth2AuthorizationServiceImpl oAuth2AuthorizationService;
 
      @Override
-     public OAuth2Authorization save(UserDetails userDetails, AuthorizationGrantType authorizationGrantType, String clientId,
-                                     Map<String, Object> additionalParameters, Map<String, Object> modifiableAdditionalParameters) {
+     public @NotNull OAuth2Authorization save(UserDetails userDetails, AuthorizationGrantType authorizationGrantType, String clientId,
+                                              Map<String, Object> additionalParameters, Map<String, Object> modifiableAdditionalParameters) {
 
           OAuth2Authorization oAuth2Authorization = oAuth2AuthorizationService.findByUserNameAndClientIdAndAppToken(userDetails.getUsername(), clientId, (String) additionalParameters.get(KnifeHttpHeaders.APP_TOKEN));
           if(authorizationGrantType.getValue().equals(AuthorizationGrantType.PASSWORD.getValue())){

src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/serivce/authentication/OAuth2AuthorizationBuildingServiceImpl.java

@@ -42,6 +42,8 @@ private OAuth2Authorization build(String clientId, UserDetails userDetails,
 
         if(AuthorizationServerContextHolder.getContext() == null){
 
+            // If you use "api/v1/traditional-oauth/token", "AuthorizationServerContextHolder.getContext()" is null,
+            // while you use "/oauth2/token", "AuthorizationServerContextHolder.getContext()" is NOT null.
             AuthorizationServerContext authorizationServerContext = new AuthorizationServerContext() {
                 @Override
                 public String getIssuer() {

src/main/java/io/github/patternknife/securityhelper/oauth2/api/domain/traditionaloauth/service/TraditionalOauthService.java

@@ -15,6 +15,7 @@
 import io.github.patternknife.securityhelper.oauth2.api.domain.traditionaloauth.bo.BasicTokenResolver;
 import io.github.patternknife.securityhelper.oauth2.api.domain.traditionaloauth.dto.SpringSecurityTraditionalOauthDTO;
 import jakarta.servlet.http.HttpServletRequest;
+import jakarta.validation.constraints.NotNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -46,7 +47,7 @@ public class TraditionalOauthService {
 
     private final ConditionalDetailsService conditionalDetailsService;
 
-    private final CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationCycle;
+    private final CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationSaver;
     private final DefaultOauth2AuthenticationHashCheckService oauth2AuthenticationHashCheckService;
 
 
@@ -55,15 +56,15 @@ public class TraditionalOauthService {
     public TraditionalOauthService(RegisteredClientRepositoryImpl registeredClientRepository,
                                    OAuth2AuthorizationServiceImpl authorizationService,
                                    ConditionalDetailsService conditionalDetailsService,
-                                   CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationCycle,
+                                   CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationSaver,
                                    DefaultOauth2AuthenticationHashCheckService oauth2AuthenticationHashCheckService,
                                    ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService) {
 
         this.registeredClientRepository = registeredClientRepository;
         this.authorizationService = authorizationService;
         this.conditionalDetailsService = conditionalDetailsService;
 
-        this.commonOAuth2AuthorizationCycle = commonOAuth2AuthorizationCycle;
+        this.commonOAuth2AuthorizationSaver = commonOAuth2AuthorizationSaver;
         this.oauth2AuthenticationHashCheckService = oauth2AuthenticationHashCheckService;
 
         this.iSecurityUserExceptionMessageService = iSecurityUserExceptionMessageService;
@@ -76,18 +77,19 @@ public SpringSecurityTraditionalOauthDTO.TokenResponse createAccessToken(SpringS
         try {
             BasicTokenResolver.BasicCredentials basicCredentials = BasicTokenResolver.parse(authorizationHeader).orElseThrow(() -> new KnifeOauth2AuthenticationException(ErrorMessages.builder().message("Header parsing error (header : " + authorizationHeader).userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_WRONG_CLIENT_ID_SECRET)).build()));
 
-            RegisteredClient registeredClient = registeredClientRepository.findByClientId(basicCredentials.getClientId());
+            HttpServletRequest request =
+                    ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
+
+            @NotNull RegisteredClient registeredClient = registeredClientRepository.findByClientId(basicCredentials.getClientId());
 
             oauth2AuthenticationHashCheckService.validateClientCredentials(basicCredentials.getClientSecret(), registeredClient);
 
-            UserDetails userDetails = conditionalDetailsService.loadUserByUsername(accessTokenRequest.getUsername(), basicCredentials.getClientId());
+            @NotNull UserDetails userDetails = conditionalDetailsService.loadUserByUsername(accessTokenRequest.getUsername(), basicCredentials.getClientId());
 
             oauth2AuthenticationHashCheckService.validateUsernamePassword(accessTokenRequest.getPassword(), userDetails);
 
-            HttpServletRequest request =
-                    ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
 
-            OAuth2Authorization oAuth2Authorization = commonOAuth2AuthorizationCycle.save(userDetails,
+            @NotNull OAuth2Authorization oAuth2Authorization = commonOAuth2AuthorizationSaver.save(userDetails,
                     new AuthorizationGrantType(accessTokenRequest.getGrant_type()), basicCredentials.getClientId(), RequestOAuth2Distiller.getTokenUsingSecurityAdditionalParameters(request), null);
 
             Instant now = Instant.now();
@@ -127,7 +129,7 @@ public SpringSecurityTraditionalOauthDTO.TokenResponse refreshAccessToken(Spring
             Map<String, Object> modifiableAdditionalParameters = new HashMap<>();
             modifiableAdditionalParameters.put("refresh_token", refreshTokenRequest.getRefresh_token());
 
-            oAuth2Authorization = commonOAuth2AuthorizationCycle.save(userDetails,
+            oAuth2Authorization = commonOAuth2AuthorizationSaver.save(userDetails,
                     new AuthorizationGrantType(refreshTokenRequest.getGrant_type()),
                     basicCredentials.getClientId(), oAuth2Authorization.getAttributes(), modifiableAdditionalParameters);