How to test a rest endpoint that's protected with @RequiresRoles?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

How to test a rest endpoint that's protected with @RequiresRoles?

I hope this is ok to post here. I have an endpoint that's protected with
@RequiresRoles and I would like to write a couple of tests to make sure it
works: One where a user without the roles tries to access it and it fails,
and one where a user with the role tries to access it and it succeeds. So
far I haven't been able to set up these tests. I've seen, but are there any other examples I
can look at? I've managed to write a test for an internal method that's
protected with @RequiresRoles, but not an external endpoint (i.e. a method
annotated with both @GET and @RequiresRoles). For example:

  @ApiOperation(value = "helloworld",
      notes = "Simple hello world.",
      response = String.class)
  public Response helloWorld() {
    String hello = "Hello world!";
    return Response.status(Response.Status.OK).entity(hello).build();

  @ApiOperation(value = "helloReply",
      notes = "Returns Hello you! and {param}",
      response = String.class)
  public Response getMsg(@PathParam("param") String msg) {
    String output = "Hello you! " + msg;
    return Response.status(Response.Status.OK).entity(output).build();

If I start my application I can send requests to these endpoints and confirm
that they work as I intend. But how could/should I write tests for these?

Sent from: