From 47165f0cd3b04d5603fa3f3181b10076993b4836 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Fri, 19 May 2023 11:57:08 +0200 Subject: [PATCH] feature/Increase random string length to be at least 10 --- .../src/test/scala/code/api/oauthTest.scala | 16 ++++----- .../scala/code/api/v1_2_1/API1_2_1Test.scala | 36 +++++++++---------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/obp-api/src/test/scala/code/api/oauthTest.scala b/obp-api/src/test/scala/code/api/oauthTest.scala index 273c85cb7..603fddc99 100644 --- a/obp-api/src/test/scala/code/api/oauthTest.scala +++ b/obp-api/src/test/scala/code/api/oauthTest.scala @@ -79,7 +79,7 @@ class OAuthTest extends ServerSetup { lazy val user1Password = randomString(10) lazy val user1 = AuthUser.create. - email(randomString(3)+"@example.com"). + email(randomString(10)+"@example.com"). username("username with_space"). password(user1Password). validated(true). @@ -90,7 +90,7 @@ class OAuthTest extends ServerSetup { lazy val user2Password = randomString(10) lazy val user2 = AuthUser.create. - email(randomString(3)+"@example.com"). + email(randomString(10)+"@example.com"). username("username with more than 1 space"). password(user2Password). validated(false). @@ -100,7 +100,7 @@ class OAuthTest extends ServerSetup { lazy val consumer = new Consumer (testConsumer.key.get,testConsumer.secret.get) lazy val disabledConsumer = new Consumer (disabledTestConsumer.key.get, disabledTestConsumer.secret.get) - lazy val notRegisteredConsumer = new Consumer (randomString(5),randomString(5)) + lazy val notRegisteredConsumer = new Consumer (randomString(10),randomString(10)) private def getAPIResponse(req : Req) : OAuthResponse = { Await.result( @@ -264,7 +264,7 @@ class OAuthTest extends ServerSetup { scenario("the user cannot login because the token does not exist", Verifier, Oauth){ Given("we will use a random request token") When("the browser is launched to login") - val verifier = getVerifier(randomString(4), user1.username.get, user1Password) + val verifier = getVerifier(randomString(10), user1.username.get, user1Password) Then("we should not get a verifier") verifier.isEmpty should equal (true) } @@ -295,7 +295,7 @@ class OAuthTest extends ServerSetup { val reply = getRequestToken(consumer, oob) val requestToken = extractToken(reply.body) When("when we ask for an access token") - val accessTokenReply = getAccessToken(consumer, requestToken, randomString(5)) + val accessTokenReply = getAccessToken(consumer, requestToken, randomString(10)) Then("we should get a 401") accessTokenReply.code should equal (401) } @@ -305,7 +305,7 @@ class OAuthTest extends ServerSetup { val requestToken = extractToken(reply.body) val verifier = getVerifier(requestToken.value, user1.username.get, user1Password) When("when we ask for an access token with a request token") - val randomRequestToken = Token(randomString(5), randomString(5)) + val randomRequestToken = Token(randomString(10), randomString(10)) val accessTokenReply = getAccessToken(consumer, randomRequestToken, verifier.openOrThrowException(attemptedToOpenAnEmptyBox)) Then("we should get a 401") accessTokenReply.code should equal (401) @@ -314,8 +314,8 @@ class OAuthTest extends ServerSetup { Given("we will first get request token and a verifier") val reply = getRequestToken(consumer, selfCallback) When("when we ask for an access token with a request token") - val randomRequestToken = Token(randomString(5), randomString(5)) - val accessTokenReply = getAccessToken(consumer, randomRequestToken, randomString(5)) + val randomRequestToken = Token(randomString(10), randomString(10)) + val accessTokenReply = getAccessToken(consumer, randomRequestToken, randomString(10)) Then("we should get a 401") accessTokenReply.code should equal (401) } diff --git a/obp-api/src/test/scala/code/api/v1_2_1/API1_2_1Test.scala b/obp-api/src/test/scala/code/api/v1_2_1/API1_2_1Test.scala index 8f30349fd..17f23f9d5 100644 --- a/obp-api/src/test/scala/code/api/v1_2_1/API1_2_1Test.scala +++ b/obp-api/src/test/scala/code/api/v1_2_1/API1_2_1Test.scala @@ -1047,7 +1047,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat scenario("we don't get the hosted bank information", API1_2_1, GetHostedBank){ Given("We will not use an access token and request a random bankId") When("the request is sent") - val reply = getBankInfo(randomString(5)) + val reply = getBankInfo(randomString(10)) Then("we should get a 400 code") reply.code should equal (400) And("we should get an error message") @@ -1454,7 +1454,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val view = randomView(true, "") When("the request is sent") - val reply = postView(bankId, randomString(3), view, user1) + val reply = postView(bankId, randomString(10), view, user1) Then("we should get a 400 code") reply.code should equal (400) And("we should get an error message") @@ -1482,7 +1482,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val viewsBefore = getAccountViews(bankId, bankAccount.id, user1).body.extract[ViewsJSONV121].views val viewWithEmptyName = CreateViewJsonV121( name = "", - description = randomString(3), + description = randomString(10), is_public = true, which_alias_to_use="alias", hide_metadata_if_alias_used = false, @@ -1503,7 +1503,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankAccount : AccountJSON = randomPrivateAccount(bankId) val viewWithSystemName = CreateViewJsonV121( name = SYSTEM_OWNER_VIEW_ID, - description = randomString(3), + description = randomString(10), is_public = true, which_alias_to_use="alias", hide_metadata_if_alias_used = false, @@ -1720,7 +1720,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) When("the request is sent") - val reply = deleteView(bankId, bankAccount.id, randomString(3), user1) + val reply = deleteView(bankId, bankAccount.id, randomString(10), user1) Then("we should get a 400 code") reply.code should equal (400) And("we should get an error message") @@ -1833,7 +1833,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) When("the request is sent") - val reply = getUserAccountPermission(bankId, bankAccount.id, randomString(5), user1) + val reply = getUserAccountPermission(bankId, bankAccount.id, randomString(10), user1) Then("we should get a 400 code") reply.code should equal (400) And("we should get an error message") @@ -1864,7 +1864,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) When("the request is sent") - val reply = grantUserAccessToView(bankId, bankAccount.id, randomString(5), randomCustomViewPermalink(bankId, bankAccount), user1) + val reply = grantUserAccessToView(bankId, bankAccount.id, randomString(10), randomCustomViewPermalink(bankId, bankAccount), user1) Then("we should get a 400 ok code") reply.code should equal (400) And("we should get an error message") @@ -1878,7 +1878,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val userId = resourceUser2.idGivenByProvider val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length When("the request is sent") - val reply = grantUserAccessToView(bankId, bankAccount.id, userId, randomString(5), user1) + val reply = grantUserAccessToView(bankId, bankAccount.id, userId, randomString(10), user1) Then("we should get a 404 code") reply.code should equal (404) And("we should get an error message") @@ -1931,7 +1931,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat Given("We will use an access token with a random user Id") val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) - val userId = randomString(5) + val userId = randomString(10) val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) When("the request is sent") val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user1) @@ -1946,7 +1946,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) val userId = resourceUser3.idGivenByProvider - val viewsIdsToGrant= List(randomString(3),randomString(3)) + val viewsIdsToGrant= List(randomString(10),randomString(10)) When("the request is sent") val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user1) Then("we should get a 404 code") @@ -1960,7 +1960,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) val userId = resourceUser3.idGivenByProvider - val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(3),randomString(3)) + val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(10),randomString(10)) val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length When("the request is sent") val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user1) @@ -1977,7 +1977,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) val userId = resourceUser3.idGivenByProvider - val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(3),randomString(3)) + val viewsIdsToGrant= randomCustomViewsIdsToGrant(bankId, bankAccount.id) ++ List(randomString(10),randomString(10)) val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length When("the request is sent") val reply = grantUserAccessToViews(bankId, bankAccount.id, userId, viewsIdsToGrant, user3) @@ -2031,7 +2031,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) When("the request is sent") - val reply = revokeUserAccessToView(bankId, bankAccount.id, randomString(5), randomCustomViewPermalink(bankId, bankAccount), user1) + val reply = revokeUserAccessToView(bankId, bankAccount.id, randomString(10), randomCustomViewPermalink(bankId, bankAccount), user1) Then("we should get a 400 ok code") reply.code should equal (400) } @@ -2064,7 +2064,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val userId =resourceUser2.idGivenByProvider val viewsBefore = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length When("the request is sent") - val reply = revokeUserAccessToView(bankId, bankAccount.id, userId, randomString(5), user1) + val reply = revokeUserAccessToView(bankId, bankAccount.id, userId, randomString(10), user1) Then("we should get a 400 code") reply.code should equal (400) val viewsAfter = getUserAccountPermission(bankId, bankAccount.id, userId, user1).body.extract[ViewsJSONV121].views.length @@ -2107,7 +2107,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) When("the request is sent") - val reply = revokeUserAccessToAllViews(bankId, bankAccount.id, randomString(5), user1) + val reply = revokeUserAccessToAllViews(bankId, bankAccount.id, randomString(510), user1) Then("we should get a 400 ok code") reply.code should equal (400) } @@ -2219,7 +2219,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankId = randomBank val bankAccount : AccountJSON = randomPrivateAccount(bankId) When("the request is sent") - val reply = getTheCounterparties(bankId, bankAccount.id, randomString(5), user1) + val reply = getTheCounterparties(bankId, bankAccount.id, randomString(10), user1) Then("we should get a 400 code") reply.code should equal (400) And("we should get an error message") @@ -2277,7 +2277,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankAccount : AccountJSON = randomPrivateAccount(bankId) val otherBankAccount = randomCounterparty(bankId, bankAccount.id, randomCustomViewPermalink(bankId, bankAccount)) When("the request is sent") - val reply = getTheCounterparty(bankId, bankAccount.id, randomString(5), otherBankAccount.id, user1) + val reply = getTheCounterparty(bankId, bankAccount.id, randomString(10), otherBankAccount.id, user1) Then("we should get a 400 code") reply.code should equal (400) And("we should get an error message") @@ -2290,7 +2290,7 @@ class API1_2_1Test extends ServerSetupWithTestData with DefaultUsers with Privat val bankAccount : AccountJSON = randomPrivateAccount(bankId) val view = randomCustomViewPermalink(bankId, bankAccount) When("the request is sent") - val reply = getTheCounterparty(bankId, bankAccount.id, view, randomString(5), user1) + val reply = getTheCounterparty(bankId, bankAccount.id, view, randomString(10), user1) Then("we should get a 400 code") reply.code should equal (400) And("we should get an error message")