Modelate backoffice authentication

Author: rgomezcasas

apps/main/tv/codely/apps/backoffice/backend/config/BackofficeBackendServerConfiguration.java

@@ -3,15 +3,22 @@
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import tv.codely.shared.infrastructure.spring.BasicHttpAuthMiddleware;
+import tv.codely.apps.backoffice.backend.middleware.BasicHttpAuthMiddleware;
+import tv.codely.shared.domain.bus.command.CommandBus;
 
 @Configuration
 public class BackofficeBackendServerConfiguration {
+    private final CommandBus bus;
+
+    public BackofficeBackendServerConfiguration(CommandBus bus) {
+        this.bus = bus;
+    }
+
     @Bean
     public FilterRegistrationBean<BasicHttpAuthMiddleware> basicHttpAuthMiddleware() {
         FilterRegistrationBean<BasicHttpAuthMiddleware> registrationBean = new FilterRegistrationBean<>();
 
-        registrationBean.setFilter(new BasicHttpAuthMiddleware());
+        registrationBean.setFilter(new BasicHttpAuthMiddleware(bus));
         registrationBean.addUrlPatterns("/health-check");
 
         return registrationBean;

src/shared/main/tv/codely/shared/infrastructure/spring/BasicHttpAuthMiddleware.java renamed to apps/main/tv/codely/apps/backoffice/backend/middleware/BasicHttpAuthMiddleware.java

@@ -1,17 +1,24 @@
-package tv.codely.shared.infrastructure.spring;
+package tv.codely.apps.backoffice.backend.middleware;
+
+import tv.codely.backoffice.auth.application.authenticate.AuthenticateUserCommand;
+import tv.codely.backoffice.auth.domain.InvalidAuthCredentials;
+import tv.codely.backoffice.auth.domain.InvalidAuthUsername;
+import tv.codely.shared.domain.bus.command.CommandBus;
+import tv.codely.shared.domain.bus.command.CommandHandlerExecutionError;
+import tv.codely.shared.domain.bus.command.CommandNotRegisteredError;
 
 import javax.servlet.*;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.Base64;
-import java.util.HashMap;
 
 public final class BasicHttpAuthMiddleware implements Filter {
-    private final HashMap<String, String> validUsers = new HashMap<String, String>() {{
-        put("javi", "barbitas");
-        put("rafa", "pelazo");
-    }};
+    private final CommandBus bus;
+
+    public BasicHttpAuthMiddleware(CommandBus bus) {
+        this.bus = bus;
+    }
 
     @Override
     public void doFilter(
@@ -42,18 +49,17 @@ private void authenticate(
         String   user = auth[0];
         String   pass = auth[1];
 
-        if (isValid(user, pass)) {
+        try {
+            bus.dispatch(new AuthenticateUserCommand(user, pass));
+
             request.setAttribute("authentication_username", user);
+
             chain.doFilter(request, response);
-        } else {
+        } catch (InvalidAuthUsername | InvalidAuthCredentials | CommandHandlerExecutionError | CommandNotRegisteredError error) {
             setInvalidCredentials(response);
         }
     }
 
-    private boolean isValid(String user, String pass) {
-        return validUsers.containsKey(user) && validUsers.get(user).equals(pass);
-    }
-
     private String[] decodeAuth(String authString) {
         return new String(Base64.getDecoder().decode(authString.split("\\s+")[1])).split(":");
     }

apps/test/tv/codely/apps/ApplicationTestCase.java

@@ -4,6 +4,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
@@ -43,6 +44,22 @@ protected void assertResponse(
             .andExpect(response);
     }
 
+    protected void assertResponse(
+        String endpoint,
+        Integer expectedStatusCode,
+        String expectedResponse,
+        HttpHeaders headers
+    ) throws Exception {
+        ResultMatcher response = expectedResponse.isEmpty()
+            ? content().string("")
+            : content().json(expectedResponse);
+
+        mockMvc
+            .perform(get(endpoint).headers(headers))
+            .andExpect(status().is(expectedStatusCode))
+            .andExpect(response);
+    }
+
     protected void assertRequestWithBody(
         String method,
         String endpoint,

apps/test/tv/codely/apps/backoffice/backend/controller/health_check/HealthCheckGetControllerShould.java

@@ -1,11 +1,36 @@
 package tv.codely.apps.backoffice.backend.controller.health_check;
 
 import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpHeaders;
 import tv.codely.apps.ApplicationTestCase;
 
 final class HealthCheckGetControllerShould extends ApplicationTestCase {
     @Test
-    void check_the_app_is_working_ok() throws Exception {
-        assertResponse("/health-check", 200, "{'application':'backoffice_backend','status':'ok'}");
+    void check_the_app_is_working_ok_with_valid_credentials() throws Exception {
+        HttpHeaders headers = new HttpHeaders();
+        headers.setBasicAuth("javi", "barbitas");
+
+        assertResponse("/health-check", 200, "{'application':'backoffice_backend','status':'ok'}", headers);
+    }
+
+    @Test
+    void not_check_the_app_is_working_ok_with_invalid_credentials() throws Exception {
+        HttpHeaders headers = new HttpHeaders();
+        headers.setBasicAuth("tipo_de_incognito", "homer.sampson");
+
+        assertResponse("/health-check", 403, "", headers);
+    }
+
+    @Test
+    void not_check_the_app_is_working_ok_with_invalid_credentials_of_an_existing_user() throws Exception {
+        HttpHeaders headers = new HttpHeaders();
+        headers.setBasicAuth("rafa", "incorrect.password");
+
+        assertResponse("/health-check", 403, "", headers);
+    }
+
+    @Test
+    void not_check_the_app_is_working_ok_with_no_credentials() throws Exception {
+        assertResponse("/health-check", 401, "");
     }
 }

src/backoffice/main/tv/codely/backoffice/auth/application/authenticate/AuthenticateUserCommand.java

@@ -0,0 +1,21 @@
+package tv.codely.backoffice.auth.application.authenticate;
+
+import tv.codely.shared.domain.bus.command.Command;
+
+public final class AuthenticateUserCommand implements Command {
+    private final String username;
+    private final String password;
+
+    public AuthenticateUserCommand(String username, String password) {
+        this.username = username;
+        this.password = password;
+    }
+
+    public String username() {
+        return username;
+    }
+
+    public String password() {
+        return password;
+    }
+}

src/backoffice/main/tv/codely/backoffice/auth/application/authenticate/AuthenticateUserCommandHandler.java

@@ -0,0 +1,23 @@
+package tv.codely.backoffice.auth.application.authenticate;
+
+import tv.codely.backoffice.auth.domain.AuthPassword;
+import tv.codely.backoffice.auth.domain.AuthUsername;
+import tv.codely.shared.domain.Service;
+import tv.codely.shared.domain.bus.command.CommandHandler;
+
+@Service
+public final class AuthenticateUserCommandHandler implements CommandHandler<AuthenticateUserCommand> {
+    private final UserAuthenticator authenticator;
+
+    public AuthenticateUserCommandHandler(UserAuthenticator authenticator) {
+        this.authenticator = authenticator;
+    }
+
+    @Override
+    public void handle(AuthenticateUserCommand command) {
+        AuthUsername username = new AuthUsername(command.username());
+        AuthPassword password = new AuthPassword(command.password());
+
+        authenticator.authenticate(username, password);
+    }
+}

src/backoffice/main/tv/codely/backoffice/auth/application/authenticate/UserAuthenticator.java

@@ -0,0 +1,34 @@
+package tv.codely.backoffice.auth.application.authenticate;
+
+import tv.codely.backoffice.auth.domain.*;
+import tv.codely.shared.domain.Service;
+
+import java.util.Optional;
+
+@Service
+public final class UserAuthenticator {
+    private final AuthRepository repository;
+
+    public UserAuthenticator(AuthRepository repository) {
+        this.repository = repository;
+    }
+
+    public void authenticate(AuthUsername username, AuthPassword password) {
+        Optional<AuthUser> auth = repository.search(username);
+
+        ensureUserExist(auth, username);
+        ensureCredentialsAreValid(auth.get(), password);
+    }
+
+    private void ensureUserExist(Optional<AuthUser> auth, AuthUsername username) {
+        if (!auth.isPresent()) {
+            throw new InvalidAuthUsername(username);
+        }
+    }
+
+    private void ensureCredentialsAreValid(AuthUser auth, AuthPassword password) {
+        if (!auth.passwordMatches(password)) {
+            throw new InvalidAuthCredentials(auth.username());
+        }
+    }
+}

src/backoffice/main/tv/codely/backoffice/auth/domain/AuthPassword.java

@@ -0,0 +1,9 @@
+package tv.codely.backoffice.auth.domain;
+
+import tv.codely.shared.domain.StringValueObject;
+
+public final class AuthPassword extends StringValueObject {
+    public AuthPassword(String value) {
+        super(value);
+    }
+}

src/backoffice/main/tv/codely/backoffice/auth/domain/AuthRepository.java

@@ -0,0 +1,7 @@
+package tv.codely.backoffice.auth.domain;
+
+import java.util.Optional;
+
+public interface AuthRepository {
+    Optional<AuthUser> search(AuthUsername username);
+}

src/backoffice/main/tv/codely/backoffice/auth/domain/AuthUser.java

@@ -0,0 +1,19 @@
+package tv.codely.backoffice.auth.domain;
+
+public final class AuthUser {
+    private final AuthUsername username;
+    private final AuthPassword password;
+
+    public AuthUser(AuthUsername username, AuthPassword password) {
+        this.username = username;
+        this.password = password;
+    }
+
+    public AuthUsername username() {
+        return username;
+    }
+
+    public boolean passwordMatches(AuthPassword password) {
+        return this.password.equals(password);
+    }
+}