提交H5登录入口的TokenOnce测试用例，取消用户注册入口的TokenOnce校验

05da424e · 技术部-任文超 · 6e6c9d1b · 05da424e · 05da424e · 05da424e
Commit 05da424e authored Nov 02, 2017 by 技术部-任文超
3 changed files
--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java
 package cn.quantgroup.xyqb.controller.internal.user;

 import cn.quantgroup.xyqb.Constants;
-import cn.quantgroup.xyqb.aspect.captcha.CaptchaNewValidator;
-import cn.quantgroup.xyqb.aspect.logcaller.LogHttpCaller;
 import cn.quantgroup.xyqb.aspect.token.TokenOnceValidator;
 import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.Merchant;
@@ -77,6 +75,84 @@ public class UserController implements IBaseController {
      'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w',
      'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'};

+  //@LogHttpCaller
+  //@RequestMapping("/login2")
+  //public JsonResult login2(
+  //    @RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
+  //    @RequestParam(required = false, defaultValue = "1") Long createdFrom,
+  //    @RequestParam(required = false, defaultValue = "") String userId, HttpServletRequest request,  @RequestParam(required = false) String openId,@RequestParam(required = false) String dimension) {
+  //
+  //  if (!StringUtils.isEmpty(userId) && userId.length() > 10) {
+  //
+  //    return loginWithUserId(channelId, appChannel, createdFrom, userId, null, dimension);
+  //  } else {
+  //    return loginWithHttpBasic(channelId, appChannel, createdFrom, null, request, null,dimension);
+  //  }
+  //}
+
+  @RequestMapping("/test")
+  public JsonResult test() {
+    return JsonResult.buildSuccessResult("", getCurrentUserFromRedis());
+  }
+
+  /**
+   * 登录（账号 + 密码），H5专用入口
+   * @param channelId
+   * @param appChannel
+   * @param createdFrom
+   * @param userId
+   * @param key
+   * @param request
+   * @param openId
+   * @param dimension
+   * @return
+   */
+  @TokenOnceValidator
+  @RequestMapping("/loginForH5")
+  public JsonResult loginForH5(
+          @RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
+          @RequestParam(required = false, defaultValue = "1") Long createdFrom,
+          @RequestParam(required = false, defaultValue = "") String userId,
+          @RequestParam(required = false,defaultValue = "xyqb") String key,
+          HttpServletRequest request, String openId,
+          @RequestParam(required = false) String dimension) {
+    return login(channelId, appChannel, createdFrom, userId, key, request, openId, dimension);
+  }
+
+  /**
+   * 快速登录（手机号 + 短信验证码），H5专用入口
+   * @param channelId
+   * @param appChannel
+   * @param createdFrom
+   * @param key
+   * @param btRegisterChannelId
+   * @param dimension
+   * @param request
+   * @return
+   */
+  @TokenOnceValidator
+  @RequestMapping("/login/fastForH5")
+  public JsonResult loginFastForH5(
+          @RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
+          @RequestParam(required = false, defaultValue = "1") Long createdFrom,
+          @RequestParam(required = false,defaultValue = "xyqb") String key,
+          @RequestParam(required = false)Long btRegisterChannelId,
+          @RequestParam(required = false) String dimension ,HttpServletRequest request) {
+    return loginFast(channelId, appChannel, createdFrom, key, btRegisterChannelId, dimension, request);
+  }
+
+  /**
+   * 账号密码登录
+   * @param channelId
+   * @param appChannel
+   * @param createdFrom
+   * @param userId
+   * @param key
+   * @param request
+   * @param openId
+   * @param dimension
+   * @return
+   */
  @RequestMapping("/login")
  public JsonResult login(
      @RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
@@ -97,25 +173,6 @@ public class UserController implements IBaseController {
      return loginWithHttpBasic(channelId, appChannel, createdFrom, merchant, request, openId,dimension);
    }
  }
-  //@LogHttpCaller
-  //@RequestMapping("/login2")
-  //public JsonResult login2(
-  //    @RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
-  //    @RequestParam(required = false, defaultValue = "1") Long createdFrom,
-  //    @RequestParam(required = false, defaultValue = "") String userId, HttpServletRequest request,  @RequestParam(required = false) String openId,@RequestParam(required = false) String dimension) {
-  //
-  //  if (!StringUtils.isEmpty(userId) && userId.length() > 10) {
-  //
-  //    return loginWithUserId(channelId, appChannel, createdFrom, userId, null, dimension);
-  //  } else {
-  //    return loginWithHttpBasic(channelId, appChannel, createdFrom, null, request, null,dimension);
-  //  }
-  //}
-
-  @RequestMapping("/test")
-  public JsonResult test() {
-    return JsonResult.buildSuccessResult("", getCurrentUserFromRedis());
-  }

  @RequestMapping("/login/fast")
  public JsonResult loginFast(
@@ -297,7 +354,6 @@ public class UserController implements IBaseController {
   * @param channelId
   * @return
   */
-  @TokenOnceValidator
  @RequestMapping("/register")
  public JsonResult register(@RequestParam String phoneNo, @RequestParam String password,
                             @RequestParam String verificationCode, @RequestParam(required = false) Long channelId,
@@ -367,7 +423,6 @@ public class UserController implements IBaseController {
   * @param verificationCode
   * @return
   */
-  @CaptchaNewValidator
  @RequestMapping("/reset_password")
  public JsonResult resetPassword(@RequestParam String phoneNo,
                                  @RequestParam String password,

--- a/src/test/java/login/LoginWithTokenOnceTests.java
+++ b/src/test/java/login/LoginWithTokenOnceTests.java
+package login;
+
+import cn.quantgroup.xyqb.Bootstrap;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.SpringApplicationConfiguration;
+import org.springframework.http.MediaType;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+import java.nio.charset.Charset;
+import java.util.Base64;
+
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@SpringApplicationConfiguration(classes = Bootstrap.class)
+@WebAppConfiguration
+public class LoginWithTokenOnceTests {
+  final String phoneNo = "13461067662";
+  final String userName = "root";
+  final String password = "！QAZ2wsx";
+
+  private MockMvc mvc;
+  @Autowired
+  WebApplicationContext webApplicationConnect;
+
+  @Before
+  public void setUp() throws JsonProcessingException {
+    mvc = MockMvcBuilders.webAppContextSetup(webApplicationConnect).build();
+
+  }
+
+  /**
+   * 测试Server是否可达
+   * @throws Exception
+   */
+  @Test
+  public void testServer() throws Exception {
+    mvc.perform(MockMvcRequestBuilders.get("/").accept(MediaType.APPLICATION_JSON))
+            .andExpect(status().isOk());
+    mvc.perform(MockMvcRequestBuilders.get("/user/loginForH5").accept(MediaType.APPLICATION_JSON))
+            .andExpect(status().isOk());
+    mvc.perform(MockMvcRequestBuilders.get("/user/login/fastForH5").accept(MediaType.APPLICATION_JSON))
+            .andExpect(status().isOk());
+    mvc.perform(MockMvcRequestBuilders.get("/api/sms/send_login_code").accept(MediaType.APPLICATION_JSON))
+            .andExpect(status().isOk());
+  }
+
+  /**
+   * 测试TokenOnce发放服务
+   * @throws Exception
+   */
+  @Test
+  public void testLoginFoH5() throws Exception{
+    // 获取TokenOnce
+    String tokenOnceUri = "/token/once";
+    MvcResult mvcResult = mvc.perform(MockMvcRequestBuilders.get(tokenOnceUri).accept(MediaType.APPLICATION_JSON)
+            .param("phoneNo", phoneNo))
+            .andExpect(status().isOk())
+            .andReturn();
+    String content = mvcResult.getResponse().getContentAsString();
+    JSONObject jsonResult = JSON.parseObject(new String(content));
+    Object code = jsonResult.get("code");
+    Assert.assertEquals("0000", code);
+    Object data = jsonResult.get("data");
+    Assert.assertNotNull(data);
+    StringBuilder tokenBuilder = new StringBuilder(phoneNo);
+    String tokenOnce = new String(Base64.getEncoder().encodeToString(tokenBuilder.append(":").append(data).toString().getBytes(Charset.forName("UTF-8"))));
+    StringBuilder basicBuilder = new StringBuilder();
+    String authorization = "Basic " + new String(Base64.getEncoder().encodeToString(basicBuilder.append(userName).append(":").append(password).toString().getBytes(Charset.forName("UTF-8"))));
+    // 第一次使用TokenOnce
+    String aspectUri = "/user/loginForH5";
+    mvcResult = mvc.perform(MockMvcRequestBuilders.get(aspectUri).accept(MediaType.APPLICATION_JSON)
+            .header("TokenOnce", tokenOnce)
+            .header("authorization", authorization)
+            .param("openId", "none"))
+            .andExpect(status().isOk())
+            .andReturn();
+    content = mvcResult.getResponse().getContentAsString();
+    jsonResult = JSON.parseObject(new String(content));
+    code = jsonResult.get("code");
+    Object businessCode = jsonResult.get("businessCode");
+    Assert.assertEquals("0000", code);
+    Assert.assertNotEquals("0002", businessCode);
+    // 使用过期的TokenOnce
+    mvcResult = mvc.perform(MockMvcRequestBuilders.get(aspectUri).accept(MediaType.APPLICATION_JSON)
+            .header("TokenOnce", tokenOnce)
+            .header("authorization", authorization)
+            .param("openId", "none"))
+            .andExpect(status().isOk())
+            .andReturn();
+    content = mvcResult.getResponse().getContentAsString();
+    jsonResult = JSON.parseObject(new String(content));
+    code = jsonResult.get("code");
+    Assert.assertEquals("0000", code);
+    businessCode = jsonResult.get("businessCode");
+    Assert.assertEquals("0002", businessCode);
+    // 不使用TokenOnce
+    mvcResult = mvc.perform(MockMvcRequestBuilders.get(aspectUri).accept(MediaType.APPLICATION_JSON)
+            .header("authorization", authorization)
+            .param("openId", "none"))
+            .andExpect(status().isOk())
+            .andReturn();
+    content = mvcResult.getResponse().getContentAsString();
+    jsonResult = JSON.parseObject(new String(content));
+    code = jsonResult.get("code");
+    Assert.assertEquals("0000", code);
+    businessCode = jsonResult.get("businessCode");
+    Assert.assertEquals("0002", businessCode);
+  }
+
+  /**
+   * 测试TokenOnce切面
+   * @throws Exception
+   */
+  @Test
+  public void testLoginFastFoH5() throws Exception{
+    // 获取TokenOnce
+    String tokenOnceUri = "/token/once";
+    MvcResult mvcResult = mvc.perform(MockMvcRequestBuilders.get(tokenOnceUri).accept(MediaType.APPLICATION_JSON)
+            .param("phoneNo", phoneNo))
+            .andExpect(status().isOk())
+            .andReturn();
+    String content = mvcResult.getResponse().getContentAsString();
+    JSONObject jsonResult = JSON.parseObject(new String(content));
+    Object code = jsonResult.get("code");
+    Assert.assertEquals("0000", code);
+    Object data = jsonResult.get("data");
+    Assert.assertNotNull(data);
+    StringBuilder tokenBuilder = new StringBuilder(phoneNo);
+    String tokenOnce = new String(Base64.getEncoder().encodeToString(tokenBuilder.append(":").append(data).toString().getBytes(Charset.forName("UTF-8"))));
+
+    String smsUri = "/api/sms/send_login_code";
+    mvcResult = mvc.perform(MockMvcRequestBuilders.get(tokenOnceUri).accept(MediaType.APPLICATION_JSON)
+            .param("phoneNo", phoneNo))
+            .andExpect(status().isOk())
+            .andReturn();
+    content = mvcResult.getResponse().getContentAsString();
+    jsonResult = JSON.parseObject(new String(content));
+    code = jsonResult.get("code");
+    Assert.assertEquals("0000", code);
+    data = jsonResult.get("data");
+    Assert.assertNotNull(data);
+    String verificationCode = "1234";
+    StringBuilder verificationBuilder = new StringBuilder();
+    String authorization = "Verification " + new String(Base64.getEncoder().encodeToString(verificationBuilder.append(phoneNo).append(":").append(verificationCode).toString().getBytes(Charset.forName("UTF-8"))));
+    // 第一次使用TokenOnce
+    String aspectUri = "/user/login/fastForH5";
+    mvcResult = mvc.perform(MockMvcRequestBuilders.get(aspectUri).accept(MediaType.APPLICATION_JSON)
+            .header("TokenOnce", tokenOnce)
+            .header("authorization", authorization))
+            .andExpect(status().isOk())
+            .andReturn();
+    content = mvcResult.getResponse().getContentAsString();
+    jsonResult = JSON.parseObject(new String(content));
+    code = jsonResult.get("code");
+    Object businessCode = jsonResult.get("businessCode");
+    Assert.assertEquals("0000", code);
+    Assert.assertNotEquals("0001", businessCode);
+    // 使用过期的TokenOnce与verificationCode
+    mvcResult = mvc.perform(MockMvcRequestBuilders.get(aspectUri).accept(MediaType.APPLICATION_JSON)
+            .header("TokenOnce", tokenOnce)
+            .header("authorization", authorization))
+            .andExpect(status().isOk())
+            .andReturn();
+    content = mvcResult.getResponse().getContentAsString();
+    jsonResult = JSON.parseObject(new String(content));
+    code = jsonResult.get("code");
+    Assert.assertEquals("0000", code);
+    businessCode = jsonResult.get("businessCode");
+    Assert.assertEquals("0002", businessCode);
+    // 不使用TokenOnce和verificationCode
+    mvcResult = mvc.perform(MockMvcRequestBuilders.get(aspectUri).accept(MediaType.APPLICATION_JSON))
+            .andExpect(status().isOk())
+            .andReturn();
+    content = mvcResult.getResponse().getContentAsString();
+    jsonResult = JSON.parseObject(new String(content));
+    code = jsonResult.get("code");
+    Assert.assertEquals("0000", code);
+    businessCode = jsonResult.get("businessCode");
+    Assert.assertEquals("0002", businessCode);
+  }
+
+}
--- a/src/test/java/token/TokenOnceTests.java
+++ b/src/test/java/token/TokenOnceTests.java
@@ -48,6 +48,8 @@ public class TokenOnceTests {
  public void testServer() throws Exception {
    mvc.perform(MockMvcRequestBuilders.get("/").accept(MediaType.APPLICATION_JSON))
            .andExpect(status().isOk());
+    mvc.perform(MockMvcRequestBuilders.get("/token/once").accept(MediaType.APPLICATION_JSON))
+            .andExpect(status().isOk());
  }

  /**
@@ -89,7 +91,8 @@ public class TokenOnceTests {
   * 测试TokenOnce切面
   * @throws Exception
   */
-  @Test
+  // TODO 用户注册先不加TokenOnce校验，进一步确认后再添加或删除本用例
+  //@Test
  public void testAspect() throws Exception{
    // 获取TokenOnce
    String tokenOnceUri = "/token/once";