test /health endpoint with basic authentication

Author: asalan316

src/autoscaler/scheduler/src/main/java/org/cloudfoundry/autoscaler/scheduler/conf/CfHttpConfiguration.java

@@ -1,5 +1,6 @@
 package org.cloudfoundry.autoscaler.scheduler.conf;
 
+import lombok.Getter;
 import lombok.Setter;
 import org.apache.catalina.connector.Connector;
 import org.springframework.boot.context.properties.ConfigurationProperties;
@@ -8,9 +9,11 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
+// TODO: may be move this to a better place e.g. CfServerConfiguration.java
 @Configuration
 @ConfigurationProperties(prefix = "server.http")
 @Setter
+@Getter
 public class CfHttpConfiguration {
 
   private int port;

src/autoscaler/scheduler/src/main/java/org/cloudfoundry/autoscaler/scheduler/filter/HttpAuthFilter.java

@@ -50,7 +50,7 @@ protected void doFilterInternal(
       handleHealthEndpoint(request, response);
       return;
     }
-    // Only enforce XFCC for HTTPS requests
+    // Check for XFCC header
     String xfccHeader = request.getHeader(XFCC_HEADER);
     if (xfccHeader == null || xfccHeader.isEmpty()) {
       logger.warn("Missing X-Forwarded-Client-Cert header, URI={}", request.getRequestURI());

src/autoscaler/scheduler/src/test/java/org/cloudfoundry/autoscaler/scheduler/health/SchedulerHealthEndpointTest.java

@@ -2,6 +2,7 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 
+import org.cloudfoundry.autoscaler.scheduler.conf.CfHttpConfiguration;
 import org.cloudfoundry.autoscaler.scheduler.conf.MetricsConfiguration;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -25,6 +26,8 @@ public class SchedulerHealthEndpointTest {
 
   @Autowired private MetricsConfiguration metricsConfig;
 
+  @Autowired private CfHttpConfiguration cfHttpConfiguration;
+
   @Test
   public void givenCorrectCredentialsStandardMetricsShouldBeAvailable() {
 
@@ -76,4 +79,38 @@ public void givenCorrectPasswordAndWrongUsernameFailsWith401() {
         this.restTemplate.withBasicAuth("bad", "someHash").getForEntity(metricsUrl(), String.class);
     assertThat(response.getStatusCode().value()).isEqualTo(401);
   }
+
+  /**
+   * /Health API Tests
+   */
+  @Test
+  public void testHealthEndpointWithValidBasicAuthReturns200() {
+    ResponseEntity<String> response =
+        restTemplate
+            .withBasicAuth("health-username", "health-password")
+            .getForEntity(getHealthUrl(), String.class);
+
+    assertThat(response.getStatusCode().value()).isEqualTo(200);
+    assertThat(response.getBody()).contains("\"status\":\"UP\"");
+  }
+
+  @Test
+  public void testHealthEndpointWithInvalidValidBasicAuthReturns401() {
+    ResponseEntity<String> response =
+        restTemplate
+            .withBasicAuth("wrong-user", "wrong-password")
+            .getForEntity(getHealthUrl(), String.class);
+
+    assertThat(response.getStatusCode().value()).isEqualTo(401);
+  }
+
+  @Test
+  public void testHealthEndpointWithoutBasicAuthReturns401() {
+    ResponseEntity<String> response = restTemplate.getForEntity(getHealthUrl(), String.class);
+    assertThat(response.getStatusCode().value()).isEqualTo(401);
+  }
+
+  private String getHealthUrl() {
+    return "http://localhost:" + cfHttpConfiguration.getPort() + "/health";
+  }
 }

src/autoscaler/scheduler/src/test/resources/application-HealthAuth.yml

@@ -2,4 +2,9 @@ scheduler:
   healthserver:
     basicAuthEnabled: true
     username: prometheus
-    password: "someHash"
+    password: "someHash"
+
+cfserver:
+  healthserver:
+    username: "health-username"
+    password: "health-password"