test(user): add CRUD tests for auth0 endpoints

Also, improve error handling of Auth0Users.java

Author: evansiroky

src/main/java/com/conveyal/datatools/manager/auth/Auth0Users.java

@@ -1,7 +1,6 @@
 package com.conveyal.datatools.manager.auth;
 
 import com.conveyal.datatools.manager.DataManager;
-import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.http.HttpResponse;
@@ -16,7 +15,6 @@
 import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
-import java.util.Collection;
 import java.util.HashSet;
 import java.util.Set;
 
@@ -43,7 +41,8 @@ private static URI getUrl(String searchQuery, int page, int perPage, boolean inc
         // always filter users by datatools client_id
         String defaultQuery = "app_metadata.datatools.client_id:" + clientId;
         URIBuilder builder = new URIBuilder();
-        builder.setScheme("https").setHost(AUTH0_DOMAIN).setPath("/api/v2/users");
+        setSchemePortAndHost(builder);
+        builder.setPath("/api/v2/users");
         builder.setParameter("sort", "email:1");
         builder.setParameter("per_page", Integer.toString(perPage));
         builder.setParameter("page", Integer.toString(page));
@@ -82,20 +81,40 @@ private static String doRequest(URI uri) {
 
         request.addHeader("Authorization", "Bearer " + AUTH0_API_TOKEN);
         request.setHeader("Accept-Charset", charset);
-        HttpResponse response = null;
+        HttpResponse response;
+
+        LOG.info("Making request: ({})", request.toString());
 
         try {
             response = client.execute(request);
         } catch (IOException e) {
+            LOG.error("An exception occurred while making a request to Auth0");
             e.printStackTrace();
+            return null;
         }
 
         String result = null;
 
-        try {
-            result = EntityUtils.toString(response.getEntity());
-        } catch (IOException e) {
-            e.printStackTrace();
+        if (response.getEntity() != null) {
+            try {
+                result = EntityUtils.toString(response.getEntity());
+            } catch (IOException e) {
+                LOG.error("An exception occurred while parsing a response from Auth0");
+                e.printStackTrace();
+            }
+        } else {
+            LOG.warn("No response body available to parse from Auth0 request");
+        }
+
+        int statusCode = response.getStatusLine().getStatusCode();
+        if(statusCode >= 300) {
+            LOG.warn(
+                "HTTP request to Auth0 returned error code >= 300: ({}). Body: {}",
+                request.toString(),
+                result != null ? result : ""
+            );
+        } else {
+            LOG.info("Successfully made request: ({})", request.toString());
         }
 
         return result;
@@ -118,35 +137,18 @@ public static String getAuth0Users(String queryString) {
         return getAuth0Users(queryString, 0);
     }
 
-    /**
-     * Get all users for this application (using the default search).
-     */
-    public static Collection<Auth0UserProfile> getAll () {
-        Collection<Auth0UserProfile> users = new HashSet<>();
-
-        // limited to the first 100
-        URI uri = getUrl(null, 0, 100, false);
-        String response = doRequest(uri);
-        try {
-            users = mapper.readValue(response, new TypeReference<Collection<Auth0UserProfile>>(){});
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-        return users;
-    }
-
     /**
      * Get a single Auth0 user for the specified ID.
      */
     public static Auth0UserProfile getUserById(String id) {
-
         URIBuilder builder = new URIBuilder();
-        builder.setScheme("https").setHost(AUTH0_DOMAIN).setPath("/api/v2/users/" + id);
+        setSchemePortAndHost(builder);
+        builder.setPath("/api/v2/users/" + id);
         URI uri = null;
         try {
             uri = builder.build();
-
         } catch (URISyntaxException e) {
+            LOG.error("Unable to build URI to getUserById");
             e.printStackTrace();
             return null;
         }
@@ -155,23 +157,33 @@ public static Auth0UserProfile getUserById(String id) {
         try {
             user = mapper.readValue(response, Auth0UserProfile.class);
         } catch (IOException e) {
+            LOG.error("Unable to parse user profile response from Auth0! Response: {}", response);
             e.printStackTrace();
         }
         return user;
     }
 
     /**
-     * Get users subscribed to a given target ID.
+     * Sets uri builder scheme port and host according to whether a test environment is in effect
      */
-    public static String getUsersBySubscription(String subscriptionType, String target) {
-        return getAuth0Users("app_metadata.datatools.subscriptions.type:" + subscriptionType + " AND app_metadata.datatools.subscriptions.target:" + target);
+    private static void setSchemePortAndHost(URIBuilder builder) {
+        if (AUTH0_DOMAIN.equals("localhost:8089")) {
+            // set items for testing purposes assuming use of a Wiremock server
+            builder.setScheme("http");
+            builder.setPort(8089);
+            builder.setHost("localhost");
+        } else {
+            // use live Auth0 domain
+            builder.setScheme("https");
+            builder.setHost(AUTH0_DOMAIN);
+        }
     }
 
     /**
-     * Get users belong to a specified organization.
+     * Get users subscribed to a given target ID.
      */
-    public static String getUsersForOrganization(String organizationId) {
-        return getAuth0Users("app_metadata.datatools.organizations.organization_id:" + organizationId);
+    public static String getUsersBySubscription(String subscriptionType, String target) {
+        return getAuth0Users("app_metadata.datatools.subscriptions.type:" + subscriptionType + " AND app_metadata.datatools.subscriptions.target:" + target);
     }
 
     public static Set<String> getVerifiedEmailsBySubscription(String subscriptionType, String target) {

src/test/java/com/conveyal/datatools/manager/controllers/api/UserControllerTest.java

@@ -11,8 +11,11 @@
 
 import static com.conveyal.datatools.TestUtils.parseJson;
 import static com.github.tomakehurst.wiremock.client.WireMock.aResponse;
+import static com.github.tomakehurst.wiremock.client.WireMock.delete;
 import static com.github.tomakehurst.wiremock.client.WireMock.equalTo;
+import static com.github.tomakehurst.wiremock.client.WireMock.get;
 import static com.github.tomakehurst.wiremock.client.WireMock.matchingJsonPath;
+import static com.github.tomakehurst.wiremock.client.WireMock.patch;
 import static com.github.tomakehurst.wiremock.client.WireMock.post;
 import static com.github.tomakehurst.wiremock.client.WireMock.stubFor;
 import static com.github.tomakehurst.wiremock.client.WireMock.urlPathEqualTo;
@@ -45,6 +48,73 @@ public static void setUp() {
         DatatoolsTest.setUp();
     }
 
+    /**
+     * Make sure the user endpoint can return a list of users
+     */
+    @Test
+    public void canListFirstTenUsers() throws IOException {
+        // create wiremock stub for get users endpoint
+        stubFor(
+            get(urlPathEqualTo("/api/v2/users"))
+                .withQueryParam("page", equalTo("1"))
+                .willReturn(
+                    aResponse()
+                        .withBodyFile("getFirstTenUsersResponse.json")
+                )
+        );
+
+
+        // make request and parse the json response
+        JsonNode userResponse = parseJson(
+            given()
+                .port(4000)
+                .get("/api/manager/secure/user?page=1")
+            .then()
+                .extract()
+                .response()
+                .asString()
+        );
+
+        // make sure the response matches the saved snapshot
+        assertThat(userResponse, matchesSnapshot());
+    }
+
+    /**
+     * Make sure a user can be created
+     */
+    @Test
+    public void canCreateUser() throws IOException {
+        // create wiremock stub for create users endpoint
+        stubFor(
+            post(urlPathEqualTo("/api/v2/users"))
+                .withRequestBody(matchingJsonPath("$.email", equalTo("[email protected]")))
+                .willReturn(
+                    aResponse()
+                        .withBodyFile("createNewUserResponse.json")
+                )
+        );
+
+
+        // make request and parse the json response
+        JsonNode createUserResponse = parseJson(
+            given()
+                .port(4000)
+                .body("{\n" +
+                    "  \"email\" : \"[email protected]\",\n" +
+                    "  \"password\" : \"password\",\n" +
+                    "  \"permissions\" : {}\n" +
+                    "}")
+                .post("/api/manager/secure/user")
+            .then()
+                .extract()
+                .response()
+                .asString()
+        );
+
+        // make sure the response matches the saved snapshot
+        assertThat(createUserResponse, matchesSnapshot());
+    }
+
     /**
      * Make sure a meaningful Auth0 error can be returned when a duplicate user is being created
      */
@@ -82,4 +152,85 @@ public void canReturnMeaningfulAuth0Error() throws IOException {
         // make sure the response matches the saved snapshot
         assertThat(createUserResponse, matchesSnapshot());
     }
+
+    /**
+     * Make sure a user can be updated
+     */
+    @Test
+    public void canUpdateUser() throws IOException {
+        // create wiremock stub for update users endpoint
+        stubFor(
+            patch(urlPathEqualTo("/api/v2/users/auth0%7Ctest-existing-user"))
+                .withRequestBody(
+                    matchingJsonPath(
+                        "$.app_metadata.datatools[0].permissions[0].type",
+                        equalTo("administer-application")
+                    )
+                )
+                .willReturn(
+                    aResponse()
+                        .withBodyFile("updateExistingUserResponse.json")
+                )
+        );
+
+        // create wiremock stub for get user by id endpoint
+        stubFor(
+            get(urlPathEqualTo("/api/v2/users/auth0%7Ctest-existing-user"))
+                .willReturn(
+                    aResponse()
+                        .withBodyFile("getExistingUserResponse.json")
+                )
+        );
+
+
+        // make request and parse the json response
+        JsonNode createUserResponse = parseJson(
+            given()
+                .port(4000)
+                .body("{" +
+                    "\"user_id\": \"auth0|test-existing-user\"" +
+                    ",\"data\": [{" +
+                    "\"permissions\": [{\"type\": \"administer-application\"}]," +
+                    "\"projects\": []," +
+                    "\"organizations\": []," +
+                    "\"client_id\":\"testing-client-id\"" +
+                    "}]" +
+                    "}")
+                .put("/api/manager/secure/user/auth0|test-existing-user")
+            .then()
+                .extract()
+                .response()
+                .asString()
+        );
+
+        // make sure the response matches the saved snapshot
+        assertThat(createUserResponse, matchesSnapshot());
+    }
+
+    /**
+     * Make sure a user can be deleted
+     */
+    @Test
+    public void canDeleteUser() throws IOException {
+        // create wiremock stub for the delate users endpoint
+        stubFor(
+            delete(urlPathEqualTo("/api/v2/users/auth0%7Ctest-existing-user"))
+                .willReturn(aResponse())
+        );
+
+
+        // make request and parse the json response
+        JsonNode deleteUserResponse = parseJson(
+            given()
+                .port(4000)
+                .delete("/api/manager/secure/user/auth0|test-existing-user")
+            .then()
+                .extract()
+                .response()
+                .asString()
+        );
+
+        // make sure the response matches the saved snapshot
+        assertThat(deleteUserResponse, matchesSnapshot());
+    }
 }

src/test/resources/com/conveyal/datatools/auth0-mock-responses/__files/createNewUserResponse.json

@@ -0,0 +1,24 @@
+{
+  "email": "[email protected]",
+  "email_verified": false,
+  "updated_at": "2019-02-16T01:27:19.810Z",
+  "user_id": "auth0|test-new-user",
+  "name": "[email protected]",
+  "picture": "https://i0.wp.com/cdn.auth0.com/avatars/tu.png?ssl=1",
+  "nickname": "test-new-user",
+  "identities": [{
+    "connection": "Username-Password-Authentication",
+    "user_id": "test-new-user",
+    "provider": "auth0",
+    "isSocial": false
+  }],
+  "created_at": "2019-02-16T01:27:19.810Z",
+  "app_metadata": {
+    "datatools": [{
+      "permissions": [],
+      "projects": [],
+      "organizations": [],
+      "client_id": "testing-client-id"
+    }]
+  }
+}

src/test/resources/com/conveyal/datatools/auth0-mock-responses/__files/getExistingUserResponse.json

@@ -0,0 +1,24 @@
+{
+  "email": "[email protected]",
+  "email_verified": false,
+  "updated_at": "2019-02-16T01:27:19.810Z",
+  "user_id": "auth0|test-existing-user",
+  "name": "[email protected]",
+  "picture": "https://i0.wp.com/cdn.auth0.com/avatars/tu.png?ssl=1",
+  "nickname": "test-existing-user",
+  "identities": [{
+    "connection": "Username-Password-Authentication",
+    "user_id": "test-existing-user",
+    "provider": "auth0",
+    "isSocial": false
+  }],
+  "created_at": "2019-02-16T01:27:19.810Z",
+  "app_metadata": {
+    "datatools": [{
+      "permissions": [],
+      "projects": [],
+      "organizations": [],
+      "client_id": "testing-client-id"
+    }]
+  }
+}