fix for migration issue for basic auth apis and test case

GihanAyesh · Mar 20, 2024 · 003a7d9 · 003a7d9
1 parent df47529
commit 003a7d9
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 1 deletion.
diff --git a/...va/org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator.java b/...va/org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator.java
@@ -21,6 +21,7 @@
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.http.HttpHeaders;
 import org.apache.synapse.MessageContext;
 import org.apache.synapse.core.SynapseEnvironment;
 import org.apache.synapse.core.axis2.Axis2MessageContext;
@@ -368,6 +369,9 @@ public String getSecurityHeader() {
  if (this.securityHeader == null) {
  try {
  securityHeader = APIUtil.getOAuthConfigurationFromAPIMConfig(APIConstants.AUTHORIZATION_HEADER);
+ if (securityHeader == null) {
+ securityHeader = HttpHeaders.AUTHORIZATION;
+ }
  } catch (APIManagementException e) {
  log.error("Error while reading authorization header from APIM configurations", e);
  }

diff --git a/...rg/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticatorTest.java b/...rg/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticatorTest.java
@@ -17,6 +17,7 @@
 package org.wso2.carbon.apimgt.gateway.handlers.security.basicauth;
 
 import io.swagger.v3.oas.models.OpenAPI;
+import org.apache.http.HttpHeaders;
 import org.apache.synapse.MessageContext;
 import org.apache.synapse.core.axis2.Axis2MessageContext;
 import org.junit.Assert;
@@ -36,12 +37,13 @@
 import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
 import org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO;
 import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
+import org.wso2.carbon.apimgt.impl.utils.APIUtil;
 
 import java.util.TreeMap;
 
 @RunWith(PowerMockRunner.class)
 @PrepareForTest({OpenAPIUtils.class, BasicAuthAuthenticator.class, BasicAuthCredentialValidator.class,
- ServiceReferenceHolder.class})
+ ServiceReferenceHolder.class, APIUtil.class})
 public class BasicAuthAuthenticatorTest {
  private MessageContext messageContext;
  private org.apache.axis2.context.MessageContext axis2MsgCntxt;
@@ -53,6 +55,7 @@ public class BasicAuthAuthenticatorTest {
  @Before
  public void setup() throws Exception {
  PowerMockito.mockStatic(OpenAPIUtils.class);
+ PowerMockito.mockStatic(APIUtil.class);
  PowerMockito.when(OpenAPIUtils.getResourceAuthenticationScheme(Mockito.any(), Mockito.any()))
  .thenReturn(APIConstants.AUTH_APPLICATION_OR_USER_LEVEL_TOKEN);
 
@@ -207,4 +210,16 @@ public void testAuthenticateWithRemoveOAuthHeadersFromOutMessageSetToFalse() {
  Assert.assertNotNull(transportHeaders.get(CUSTOM_AUTH_HEADER));
  Assert.assertEquals(transportHeaders.get(CUSTOM_AUTH_HEADER), "Basic dGVzdF91c2VybmFtZTp0ZXN0X3Bhc3N3b3Jk");
  }
+
+ /**
+ * Test case for getSecurityHeader method when security header is null
+ * The null should be handled and HttpHeaders.AUTHORIZATION should be returned
+ */
+ @Test public void testSetSecurityHeaderWithNullHeader() throws Exception {
+ PowerMockito.when(APIUtil.getOAuthConfigurationFromAPIMConfig(Mockito.anyString())).thenReturn(null);
+ BasicAuthAuthenticator basicAuthAuthenticatorWithNullHeader = new BasicAuthAuthenticator(null, true,
+ UNLIMITED_THROTTLE_POLICY);
+ String actualHeader = basicAuthAuthenticatorWithNullHeader.getSecurityHeader();
+ Assert.assertEquals(HttpHeaders.AUTHORIZATION, actualHeader);
+ }
 }