artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 15:06:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature/Increase random string length to be at least 10

Browse Source
This commit is contained in:
Marko Milić 2023-05-19 11:57:08 +02:00
parent 1a0ea99d2b
commit 47165f0cd3
2 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
obp-api/src/test/scala/code/api/oauthTest.scala
View File

@ -79,7 +79,7 @@ class OAuthTest extends ServerSetup {
lazy val user1Password = randomString(10)
lazy val user1 =
AuthUser.create.
email(randomString(3)+"@example.com").
email(randomString(10)+"@example.com").
username("username with_space").
password(user1Password).
validated(true).
@ -90,7 +90,7 @@ class OAuthTest extends ServerSetup {
lazy val user2Password = randomString(10)
lazy val user2 =
AuthUser.create.
email(randomString(3)+"@example.com").
email(randomString(10)+"@example.com").
username("username with more than 1 space").
password(user2Password).
validated(false).
@ -100,7 +100,7 @@ class OAuthTest extends ServerSetup {
lazy val consumer = new Consumer (testConsumer.key.get,testConsumer.secret.get)
lazy val disabledConsumer = new Consumer (disabledTestConsumer.key.get, disabledTestConsumer.secret.get)
lazy val notRegisteredConsumer = new Consumer (randomString(5),randomString(5))
lazy val notRegisteredConsumer = new Consumer (randomString(10),randomString(10))
private def getAPIResponse(req : Req) : OAuthResponse = {
Await.result(
@ -264,7 +264,7 @@ class OAuthTest extends ServerSetup {
scenario("the user cannot login because the token does not exist", Verifier, Oauth){
Given("we will use a random request token")
When("the browser is launched to login")
val verifier = getVerifier(randomString(4), user1.username.get, user1Password)
val verifier = getVerifier(randomString(10), user1.username.get, user1Password)
Then("we should not get a verifier")
verifier.isEmpty should equal (true)
}
@ -295,7 +295,7 @@ class OAuthTest extends ServerSetup {
val reply = getRequestToken(consumer, oob)
val requestToken = extractToken(reply.body)
When("when we ask for an access token")
val accessTokenReply = getAccessToken(consumer, requestToken, randomString(5))
val accessTokenReply = getAccessToken(consumer, requestToken, randomString(10))
Then("we should get a 401")
accessTokenReply.code should equal (401)
}
@ -305,7 +305,7 @@ class OAuthTest extends ServerSetup {
val requestToken = extractToken(reply.body)
val verifier = getVerifier(requestToken.value, user1.username.get, user1Password)
When("when we ask for an access token with a request token")
val randomRequestToken = Token(randomString(5), randomString(5))
val randomRequestToken = Token(randomString(10), randomString(10))
val accessTokenReply = getAccessToken(consumer, randomRequestToken, verifier.openOrThrowException(attemptedToOpenAnEmptyBox))
Then("we should get a 401")
accessTokenReply.code should equal (401)
@ -314,8 +314,8 @@ class OAuthTest extends ServerSetup {
Given("we will first get request token and a verifier")
val reply = getRequestToken(consumer, selfCallback)
When("when we ask for an access token with a request token")
val randomRequestToken = Token(randomString(5), randomString(5))
val accessTokenReply = getAccessToken(consumer, randomRequestToken, randomString(5))
val randomRequestToken = Token(randomString(10), randomString(10))
val accessTokenReply = getAccessToken(consumer, randomRequestToken, randomString(10))
Then("we should get a 401")
accessTokenReply.code should equal (401)
}

36
obp-api/src/test/scala/code/api/v1_2_1/API1_2_1Test.scala
View File

@ -1047,7 +1047,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
scenario("we don't get the hosted bank information", API1_2_1, GetHostedBank){
Given("We will not use an access token and request a random bankId")
When("the request is sent")
val reply = getBankInfo(randomString(5))
val reply = getBankInfo(randomString(10))
Then("we should get a 400 code")
reply.code should equal (400)
And("we should get an error message")
@ -1454,7 +1454,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val view = randomView(true, "")
When("the request is sent")
val reply = postView(bankId, randomString(3), view, user1)
val reply = postView(bankId, randomString(10), view, user1)
Then("we should get a 400 code")
reply.code should equal (400)
And("we should get an error message")
@ -1482,7 +1482,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val viewsBefore = getAccountViews(bankId, bankAccount.id, user1).body.extract[ViewsJSONV121].views
val viewWithEmptyName = CreateViewJsonV121(
name = "",
description = randomString(3),
description = randomString(10),
is_public = true,
which_alias_to_use="alias",
hide_metadata_if_alias_used = false,
@ -1503,7 +1503,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
val viewWithSystemName = CreateViewJsonV121(
name = SYSTEM_OWNER_VIEW_ID,
description = randomString(3),
description = randomString(10),
is_public = true,
which_alias_to_use="alias",
hide_metadata_if_alias_used = false,
@ -1720,7 +1720,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
When("the request is sent")
val reply = deleteView(bankId, bankAccount.id, randomString(3), user1)
val reply = deleteView(bankId, bankAccount.id, randomString(10), user1)
Then("we should get a 400 code")
reply.code should equal (400)
And("we should get an error message")
@ -1833,7 +1833,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
When("the request is sent")
val reply = getUserAccountPermission(bankId, bankAccount.id, randomString(5), user1)
val reply = getUserAccountPermission(bankId, bankAccount.id, randomString(10), user1)
Then("we should get a 400 code")
reply.code should equal (400)
And("we should get an error message")
@ -1864,7 +1864,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
When("the request is sent")
val reply = grantUserAccessToView(bankId, bankAccount.id, randomString(5), randomCustomViewPermalink(bankId, bankAccount), user1)
val reply = grantUserAccessToView(bankId, bankAccount.id, randomString(10), randomCustomViewPermalink(bankId, bankAccount), user1)
Then("we should get a 400 ok code")
reply.code should equal (400)
And("we should get an error message")
@ -1878,7 +1878,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val userId = resourceUser2.idGivenByProvider
val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length
When("the request is sent")
val reply = grantUserAccessToView(bankId, bankAccount.id, userId, randomString(5), user1)
val reply = grantUserAccessToView(bankId, bankAccount.id, userId, randomString(10), user1)
Then("we should get a 404 code")
reply.code should equal (404)
And("we should get an error message")
@ -1931,7 +1931,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
Given("We will use an access token with a random user Id")
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
val userId = randomString(5)
val userId = randomString(10)
val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id)
When("the request is sent")
val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user1)
@ -1946,7 +1946,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
val userId = resourceUser3.idGivenByProvider
val viewsIdsToGrant= List(randomString(3),randomString(3))
val viewsIdsToGrant= List(randomString(10),randomString(10))
When("the request is sent")
val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user1)
Then("we should get a 404 code")
@ -1960,7 +1960,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
val userId = resourceUser3.idGivenByProvider
val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(3),randomString(3))
val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(10),randomString(10))
val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length
When("the request is sent")
val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user1)
@ -1977,7 +1977,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
val userId = resourceUser3.idGivenByProvider
val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(3),randomString(3))
val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(10),randomString(10))
val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length
When("the request is sent")
val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user3)
@ -2031,7 +2031,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
When("the request is sent")
val reply = revokeUserAccessToView(bankId, bankAccount.id, randomString(5), randomCustomViewPermalink(bankId, bankAccount), user1)
val reply = revokeUserAccessToView(bankId, bankAccount.id, randomString(10), randomCustomViewPermalink(bankId, bankAccount), user1)
Then("we should get a 400 ok code")
reply.code should equal (400)
}
@ -2064,7 +2064,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val userId =resourceUser2.idGivenByProvider
val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length
When("the request is sent")
val reply = revokeUserAccessToView(bankId, bankAccount.id, userId, randomString(5), user1)
val reply = revokeUserAccessToView(bankId, bankAccount.id, userId, randomString(10), user1)
Then("we should get a 400 code")
reply.code should equal (400)
val viewsAfter = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length
@ -2107,7 +2107,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
When("the request is sent")
val reply = revokeUserAccessToAllViews(bankId, bankAccount.id, randomString(5), user1)
val reply = revokeUserAccessToAllViews(bankId, bankAccount.id, randomString(510), user1)
Then("we should get a 400 ok code")
reply.code should equal (400)
}
@ -2219,7 +2219,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankId = randomBank
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
When("the request is sent")
val reply = getTheCounterparties(bankId, bankAccount.id, randomString(5), user1)
val reply = getTheCounterparties(bankId, bankAccount.id, randomString(10), user1)
Then("we should get a 400 code")
reply.code should equal (400)
And("we should get an error message")
@ -2277,7 +2277,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
val otherBankAccount = randomCounterparty(bankId, bankAccount.id, randomCustomViewPermalink(bankId, bankAccount))
When("the request is sent")
val reply = getTheCounterparty(bankId, bankAccount.id, randomString(5), otherBankAccount.id, user1)
val reply = getTheCounterparty(bankId, bankAccount.id, randomString(10), otherBankAccount.id, user1)
Then("we should get a 400 code")
reply.code should equal (400)
And("we should get an error message")
@ -2290,7 +2290,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat
val bankAccount : AccountJSON = randomPrivateAccount(bankId)
val view = randomCustomViewPermalink(bankId, bankAccount)
When("the request is sent")
val reply = getTheCounterparty(bankId, bankAccount.id, view, randomString(5), user1)
val reply = getTheCounterparty(bankId, bankAccount.id, view, randomString(10), user1)
Then("we should get a 400 code")
reply.code should equal (400)
And("we should get an error message")