Search code examples
spring-securityspring-cloudspring-cloud-contract

spring cloud contract: user registration test

I'm struggling with BCryptPasswordEncoder and groovy contract

I have a producer and a consumer service, the producer sends a message with user registration information (ie. user and password (encoded using BCryptPasswordEncoder(12)). The test is creating the message with the password encrypted, this is ok, but my questions are: 1. is it possible to encrypt the password in the contract? 2. how? 3. if possible how can I set BCryptPasswordEncoder(12)?

at the moment when running the test (mvn clean install) from the producer, the verification is failing since the encrypted password <> plain password defined in contract

Thanks!

UPDATE I have uploaded a sample to github https://github.com/dssantana/user-registration If you run mvn clean install, you will find that at a certain point one of the tests fail with an error similar to:

2017-12-18 11:55:36.056 INFO [user-client,,,] 5236 --- [ main] .e.u.c.UserAccountRegistrationController : UserAccountRegistrationController - UserAccountRegister: AccountRegistration(firstName=Diego, lastName=Santana, [email protected], mobileNumber=0452621048, ipAddress=127.0.0.1, birthday=1979-10-16, password=$2a$12$jm3YACnf72P3wKCmPLRXwufeXJx5lzibwLz3DzhCXft.XKW2bK1RC) [ERROR] Tests run: 2, Failures: 0, Errors: 2, Skipped: 0, Time elapsed: 6.935 s <<< FAILURE! - in au.net.example.userclient.ContractVerifierTest [ERROR] validate_shouldSendAnAccountRegistrationMessageWithSpecialCharactersUsername(au.net.example.userclient.ContractVerifierTest) Time elapsed: 0.426 s <<< ERROR! java.lang.IllegalStateException: Parsed JSON [{"firstName":"Joe","lastName":"Doe","email":"[email protected]","mobileNumber":"0452621048","ipAddress":"127.0.0.1", "birthday":"1979-10-16","password":"$2a$12$fZcEe6fUzmjHmItvsJ8MCOCOR.mnc2nbDqh/Ce1aYzUBRq5L8ywRm"}] doesn't match the JSON path [$[?(@.['password'] == 'Test01')]] at au.net.example.userclient.ContractVerifierTest.validate_shouldSendAnAccountRegistrationMessageWithSpecialCharactersUsername(ContractVerifierTest.java:49) [ERROR] validate_shouldSendAnAccountRegistrationMessage(au.net.example.userclient.ContractVerifierTest) Time elapsed: 0.323 s <<< ERROR! java.lang.IllegalStateException: Parsed JSON [{"firstName":"Diego","lastName":"Santana","email":"[email protected]","mobileNumber":"0452621048","ipAddress":"127.0.0.1", "birthday":"1979-10-16","password":"$2a$12$jm3YACnf72P3wKCmPLRXwufeXJx5lzibwLz3DzhCXft.XKW2bK1RC"}] doesn't match the JSON path [$[?(@.['password'] == 'Test01')]] at au.net.example.userclient.ContractVerifierTest.validate_shouldSendAnAccountRegistrationMessage(ContractVerifierTest.java:33)

The encrypted password is Test01 and should match with the plain password in the contract test, however I'm not sure how to verify this, it's one way encryption and the way to verify is to encrypt and match the contract data with the test data.

Solution

  • As presented in this link https://github.com/dssantana/user-registration/pull/1/files what was added to the initial test setup is the $( consumer("fixed value"), producer(regex(nonBlank()))) line to ensure that on the producer side, in the generated test we have some value of password