From 75e1c350603281bb4a0ac3e8ad94208d2bf1c028 Mon Sep 17 00:00:00 2001
From: Florian Brons <florian.brons@live.de>
Date: Fri, 9 Nov 2018 15:13:13 +0100
Subject: [PATCH] #951 Replace AuthMode.OFF by AuthMode.NONE

---
 .../nakadi/config/SecurityConfiguration.java  |  2 +-
 .../nakadi/config/SecuritySettings.java       |  6 ++++
 .../nakadi/security/ClientResolver.java       |  4 +--
 .../nakadi/config/SecuritySettingsTest.java   | 28 +++++++++++++++++++
 4 files changed, 36 insertions(+), 4 deletions(-)
 create mode 100644 src/test/java/org/zalando/nakadi/config/SecuritySettingsTest.java

diff --git a/src/main/java/org/zalando/nakadi/config/SecurityConfiguration.java b/src/main/java/org/zalando/nakadi/config/SecurityConfiguration.java
index 7d8a95ed17..1b25e58ca1 100644
--- a/src/main/java/org/zalando/nakadi/config/SecurityConfiguration.java
+++ b/src/main/java/org/zalando/nakadi/config/SecurityConfiguration.java
@@ -210,7 +210,7 @@ private static Status fromStatusCode(final int code) throws UnknownStatusCodeExc
     public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
         @Override
         public void configure(final WebSecurity web) throws Exception {
-            if (settings.getAuthMode() == SecuritySettings.AuthMode.OFF) {
+            if (settings.getAuthMode().isNoAuthentication()) {
                 web.ignoring().anyRequest();
             }
         }
diff --git a/src/main/java/org/zalando/nakadi/config/SecuritySettings.java b/src/main/java/org/zalando/nakadi/config/SecuritySettings.java
index cedffc8c3f..d039dd522c 100644
--- a/src/main/java/org/zalando/nakadi/config/SecuritySettings.java
+++ b/src/main/java/org/zalando/nakadi/config/SecuritySettings.java
@@ -11,9 +11,15 @@ public class SecuritySettings {
 
     public enum AuthMode {
         OFF,   // no authentication at all
+        NONE,  // same as OFF
         BASIC, // only checks that the token is valid (has "uid" scope)
         REALM, // checks that the token is valid and contains at least one required realm
         FULL   // full authentication and authorization using oauth2 scopes
+        ;
+
+        public boolean isNoAuthentication() {
+            return AuthMode.OFF == this || AuthMode.NONE == this;
+        }
     }
 
     private final String tokenInfoUrl;
diff --git a/src/main/java/org/zalando/nakadi/security/ClientResolver.java b/src/main/java/org/zalando/nakadi/security/ClientResolver.java
index 59d31a2583..c54c0a5795 100644
--- a/src/main/java/org/zalando/nakadi/security/ClientResolver.java
+++ b/src/main/java/org/zalando/nakadi/security/ClientResolver.java
@@ -19,8 +19,6 @@
 import java.util.Map;
 import java.util.Optional;
 
-import static org.zalando.nakadi.config.SecuritySettings.AuthMode.OFF;
-
 @Component
 public class ClientResolver implements HandlerMethodArgumentResolver {
 
@@ -44,7 +42,7 @@ public Client resolveArgument(final MethodParameter parameter,
                                   final WebDataBinderFactory binderFactory) throws Exception {
         final Optional<String> clientId = Optional.ofNullable(request.getUserPrincipal()).map(Principal::getName);
         if (clientId.filter(settings.getAdminClientId()::equals).isPresent()
-                || settings.getAuthMode() == OFF) {
+                || settings.getAuthMode().isNoAuthentication()) {
             return new FullAccessClient(clientId.orElse(FULL_ACCESS_CLIENT_ID));
         }
 
diff --git a/src/test/java/org/zalando/nakadi/config/SecuritySettingsTest.java b/src/test/java/org/zalando/nakadi/config/SecuritySettingsTest.java
new file mode 100644
index 0000000000..bca795fca2
--- /dev/null
+++ b/src/test/java/org/zalando/nakadi/config/SecuritySettingsTest.java
@@ -0,0 +1,28 @@
+package org.zalando.nakadi.config;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Arrays;
+import java.util.LinkedList;
+import java.util.List;
+
+public class SecuritySettingsTest {
+
+    @Test
+    public void doesNotRequireAuthentication() {
+        Assert.assertTrue(SecuritySettings.AuthMode.NONE.isNoAuthentication());
+        Assert.assertTrue(SecuritySettings.AuthMode.OFF.isNoAuthentication());
+    }
+
+    @Test
+    public void mustRequireAuthentication() {
+        final List<SecuritySettings.AuthMode> authModesWithoutAuthentication =
+                new LinkedList<>(Arrays.asList(SecuritySettings.AuthMode.values()));
+        authModesWithoutAuthentication.remove(SecuritySettings.AuthMode.NONE);
+        authModesWithoutAuthentication.remove(SecuritySettings.AuthMode.OFF);
+        authModesWithoutAuthentication.forEach(authMode ->
+                Assert.assertFalse(authMode.isNoAuthentication()));
+    }
+
+}
\ No newline at end of file