secureCodeBox#121 Extract Auth Header Facotry from Intermediate Class

Signed-off-by: Sven Strittmatter <[email protected]>

src/main/java/io/securecodebox/persistence/defectdojo/http/AuthHeaderFactory.java

@@ -0,0 +1,49 @@
+package io.securecodebox.persistence.defectdojo.http;
+
+import io.securecodebox.persistence.defectdojo.config.Config;
+import lombok.NonNull;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpHeaders;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+/**
+ * Utility class to create HTTP authorization headers
+ */
+@Slf4j
+public final class AuthHeaderFactory {
+  private final Config config;
+  @Setter
+  @NonNull
+  private ProxyConfig proxyConfig = ProxyConfig.NULL;
+
+  public AuthHeaderFactory(@NonNull Config config) {
+    super();
+    this.config = config;
+  }
+
+  /**
+   * This method generates appropriate authorization headers
+   *
+   * @return never {@code null}
+   */
+  public HttpHeaders generateAuthorizationHeaders() {
+    HttpHeaders headers = new HttpHeaders();
+    headers.set(HttpHeaders.AUTHORIZATION, "Token " + this.config.getApiKey());
+
+    if (proxyConfig.isComplete()) {
+      log.info("Setting Proxy Auth Header...");
+      headers.set(HttpHeaders.PROXY_AUTHORIZATION, "Basic " + encodeProxyCredentials(proxyConfig));
+    }
+
+    return headers;
+  }
+
+  String encodeProxyCredentials(@NonNull final ProxyConfig cfg) {
+    final var credential = String.format("%s:%s", cfg.getUser(), cfg.getPassword());
+    return Base64.getEncoder().encodeToString(credential.getBytes(StandardCharsets.UTF_8));
+  }
+
+}

src/main/java/io/securecodebox/persistence/defectdojo/http/Foo.java

@@ -36,27 +36,8 @@ public Foo(@NonNull final Config config, @NonNull final ProxyConfig proxyConfig)
     this.proxyConfig = proxyConfig;
   }
 
-  /**
-   * This method generates appropriate authorization headers
-   *
-   * @return never {@code null}
-   */
-  public HttpHeaders generateAuthorizationHeaders() {
-    HttpHeaders headers = new HttpHeaders();
-    headers.set(HttpHeaders.AUTHORIZATION, "Token " + this.config.getApiKey());
 
-    if (proxyConfig.isComplete()) {
-      log.info("Setting Proxy Auth Header...");
-      headers.set(HttpHeaders.PROXY_AUTHORIZATION, "Basic " + encodeProxyCredentials(proxyConfig));
-    }
 
-    return headers;
-  }
-
-  static String encodeProxyCredentials(@NonNull final ProxyConfig cfg) {
-    final var credential = String.format("%s:%s", cfg.getUser(), cfg.getPassword());
-    return Base64.getEncoder().encodeToString(credential.getBytes(StandardCharsets.UTF_8));
-  }
 
   public RestTemplate createRestTemplate() {
     if (proxyConfig.isComplete()) {

src/main/java/io/securecodebox/persistence/defectdojo/service/GenericDefectDojoService.java

@@ -12,6 +12,7 @@
 import io.securecodebox.persistence.defectdojo.config.Config;
 import io.securecodebox.persistence.defectdojo.exception.PersistenceException;
 import io.securecodebox.persistence.defectdojo.exception.TooManyResponsesException;
+import io.securecodebox.persistence.defectdojo.http.AuthHeaderFactory;
 import io.securecodebox.persistence.defectdojo.http.Foo;
 import io.securecodebox.persistence.defectdojo.http.ProxyConfigFactory;
 import io.securecodebox.persistence.defectdojo.model.Engagement;
@@ -179,7 +180,9 @@ public final T update(@NonNull T object, long id) {
    * @return The DefectDojo Authentication Header
    */
   private HttpHeaders getDefectDojoAuthorizationHeaders() {
-    return new Foo(config, new ProxyConfigFactory().create()).generateAuthorizationHeaders();
+    final var factory = new AuthHeaderFactory(config);
+    factory.setProxyConfig(new ProxyConfigFactory().create());
+    return factory.generateAuthorizationHeaders();
   }
 
   private RestTemplate setupRestTemplate() {

src/main/java/io/securecodebox/persistence/defectdojo/service/ImportScanService2.java

@@ -8,6 +8,7 @@
 import io.securecodebox.persistence.defectdojo.ScanType;
 import io.securecodebox.persistence.defectdojo.config.Config;
 import io.securecodebox.persistence.defectdojo.exception.PersistenceException;
+import io.securecodebox.persistence.defectdojo.http.AuthHeaderFactory;
 import io.securecodebox.persistence.defectdojo.http.Foo;
 import io.securecodebox.persistence.defectdojo.http.ProxyConfigFactory;
 import io.securecodebox.persistence.defectdojo.model.ScanFile;
@@ -47,7 +48,9 @@ public ImportScanService2(Config config) {
    * @return The DefectDojo Authentication Header
    */
   private HttpHeaders getDefectDojoAuthorizationHeaders() {
-    return new Foo(config, new ProxyConfigFactory().create()).generateAuthorizationHeaders();
+    final var factory = new AuthHeaderFactory(config);
+    factory.setProxyConfig(new ProxyConfigFactory().create());
+    return factory.generateAuthorizationHeaders();
   }
 
   protected RestTemplate setupRestTemplate() {

src/test/java/io/securecodebox/persistence/defectdojo/http/AuthHeaderFactoryTest.java

@@ -0,0 +1,65 @@
+package io.securecodebox.persistence.defectdojo.http;
+
+import io.securecodebox.persistence.defectdojo.config.Config;
+import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpHeaders;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.*;
+import static org.junit.jupiter.api.Assertions.assertAll;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+/**
+ * Tests for {@link AuthHeaderFactory}
+ */
+class AuthHeaderFactoryTest {
+  private final Config config = new Config("url", "apikey");
+  private final AuthHeaderFactory sut = new AuthHeaderFactory(config);
+
+  @Test
+  void setProxyConfig_doesNotAllowNull() {
+    assertThrows(NullPointerException.class, () -> sut.setProxyConfig(null));
+  }
+
+  @Test
+  void generateAuthorizationHeaders_withoutProxyAuth() {
+    assertAll(
+      () -> assertThat(
+        sut.generateAuthorizationHeaders().get(HttpHeaders.AUTHORIZATION),
+        contains("Token apikey")),
+      () -> assertThat(
+        sut.generateAuthorizationHeaders().get(HttpHeaders.PROXY_AUTHORIZATION),
+        not(contains("Basic dXNlcjpwdw==")))
+    );
+  }
+
+  @Test
+  void generateAuthorizationHeaders_withProxyAuth() {
+    final ProxyConfig proxyConfig = ProxyConfig.builder()
+      .user("user")
+      .password("pw")
+      .host("host")
+      .port(42)
+      .build();
+    sut.setProxyConfig(proxyConfig);
+
+    assertAll(
+      () -> assertThat(
+        sut.generateAuthorizationHeaders().get(HttpHeaders.AUTHORIZATION),
+        contains("Token apikey")),
+      () -> assertThat(
+        sut.generateAuthorizationHeaders().get(HttpHeaders.PROXY_AUTHORIZATION),
+        contains("Basic dXNlcjpwdw=="))
+    );
+  }
+
+  @Test
+  void encodeProxyCredentials() {
+    final var proxyConfig = ProxyConfig.builder()
+      .user("bärtram")
+      .password("gohze8Ae")
+      .build();
+
+    assertThat(sut.encodeProxyCredentials(proxyConfig), is("YsOkcnRyYW06Z29oemU4QWU="));
+  }
+}

src/test/java/io/securecodebox/persistence/defectdojo/http/FooTest.java

@@ -25,44 +25,6 @@ class FooTest {
     .build();
   private final Foo sut = new Foo(config, proxyConfig);
 
-  @Test
-  void generateAuthorizationHeaders_withoutProxyAuth() {
-    final var innerSut = new Foo(config, ProxyConfig.NULL);
-
-    assertAll(
-      () -> assertThat(
-        innerSut.generateAuthorizationHeaders().get(HttpHeaders.AUTHORIZATION),
-        contains("Token apikey")),
-      () -> assertThat(
-        innerSut.generateAuthorizationHeaders().get(HttpHeaders.PROXY_AUTHORIZATION),
-        not(contains("Basic dXNlcjpwdw==")))
-    );
-  }
-
-  @Test
-  void generateAuthorizationHeaders_withProxyAuth() {
-    final var innerSut = new Foo(config, proxyConfig);
-
-    assertAll(
-      () -> assertThat(
-        innerSut.generateAuthorizationHeaders().get(HttpHeaders.AUTHORIZATION),
-        contains("Token apikey")),
-      () -> assertThat(
-        innerSut.generateAuthorizationHeaders().get(HttpHeaders.PROXY_AUTHORIZATION),
-        contains("Basic dXNlcjpwdw=="))
-    );
-  }
-
-  @Test
-  void encodeProxyCredentials() {
-    final var proxyConfig = ProxyConfig.builder()
-      .user("bärtram")
-      .password("gohze8Ae")
-      .build();
-
-    assertThat(Foo.encodeProxyCredentials(proxyConfig), is("YsOkcnRyYW06Z29oemU4QWU="));
-  }
-
   @Test
   void createCredentialsProvider() {
     final var result = sut.createCredentialsProvider();