ResourceTestRule throws no injection source found error doe to @Auth annotation

[Petr Šilling]

I was facing a problem with setting up *ResourceTestRule *for authorized 
resources (with *GrizzlyWebTestContainerFactory*) in DW v1.1.4.

There is no problem when only *@RolesAllowed* or *@PermitAll* annotations 
are used, however when it comes to protected resource methods that need *@Auth 
User user*, an error is thrown and the RULE isn't even created (no 
injection source found for (a method with *@Auth*) error).

Only solutions I found were dealing with wrong imports or weren't even 
connected for testing, so I decided to move all *@Auth* protected methods 
(had just 2 of them anyway) to a new resource file and everything works 
great, but I am not really fond of this solution plus isn't this a bug or 
am I just missing something? The other interesting thing was that only some 
methods were throwing the error, even with *@Auth* annotation...

Also note that I had to use a new User class (and other authorization 
classes) for testing as I would've needed to start a Keycloak server for 
testing otherwise.

*ResouceTestRule creation:*
                private static final MassageDAO massageDao = 
mock(MassageDAO.class); 
     
        @ClassRule
        public static final ResourceTestRule RULE = 
ResourceTestRule.builder()
                  .setTestContainerFactory(new 
GrizzlyWebTestContainerFactory())
                  .addProvider(new AuthDynamicFeature(new 
OAuthCredentialAuthFilter.Builder<TestUser>()
                                   .setAuthenticator(new 
TestAuthenticator())
                                   .setAuthorizer(new TestAuthorizer())
                                   .setRealm("SECRET")
                                   .setPrefix("Bearer").buildAuthFilter()))
                   .addProvider(RolesAllowedDynamicFeature.class)
                   .addProvider(new 
AuthValueFactoryProvider.Binder<>(TestUser.class))
                   .addResource(new MassageResource(massageDao)).build();


*Example method that does throw this error:*
@PUT
@Path("/{id}")
@PermitAll
@UnitOfWork
public Response update(@NotNull @Valid Massage massage, @PathParam("id") 
LongParam id, @Auth User user) {
Massage daoMassage = massageDao.findById(id.get());

if (daoMassage == null) {
throw new WebApplicationException(Status.NOT_FOUND);
}

massage.setId(id.get());

if (!user.getRoles().contains("admin")) {
// user is forbidden to edit anything other than the client and even then 
the
// client has to be the user himself or a null
if (!daoMassage.equals(massage)
|| (!user.getSubject().equals(massage.getClient())
&& !user.getSubject().equals(daoMassage.getClient()))
|| (massage.getClient() != null && 
!massage.getClient().equals(user.getSubject()))) {
throw new WebApplicationException(Status.FORBIDDEN);
}
}

massageDao.update(massage);

return Response.ok(massage).build();
}

*The error throws for the method above:*
ERROR [2017-11-25 11:01:33,486] org.glassfish.jersey.internal.Errors: 
Following issues have been detected: 
WARNING: No injection source found for a parameter of type public 
javax.ws.rs.core.Response net.rh.massages.resources.
MassageAuthResource.update(net.rh.massages.core.Massage,
io.dropwizard.jersey.params.LongParam,net.rh.massages.auth.User) at index 0.

ERROR [2017-11-25 11:01:33,490] org.glassfish.grizzly.servlet.ServletHandler: 
service exception:
! org.glassfish.jersey.server.model.ModelValidationException: Validation of 
the application resource model has failed during application initialization.
! [[FATAL] No injection source found for a parameter of type public 
javax.ws.rs.core.Response net.rh.massages.resources.
MassageAuthResource.update(net.rh.massages.core.Massage,
io.dropwizard.jersey.params.LongParam,net.rh.massages.auth.User) at index 
0.; source='ResourceMethod{httpMethod=PUT, consumedTypes=[application/json], 
producedTypes=[application/json], suspended=false, suspendTimeout=0, 
suspendTimeoutUnit=MILLISECONDS, invocable=Invocable{handler=
ClassBasedMethodHandler{handlerClass=class 
net.rh.massages.resources.MassageAuthResource, 
handlerConstructors=[org.glassfish.jersey.server.model.HandlerConstructor@605a4e83]},
 
definitionMethod=public javax.ws.rs.core.Response net.rh.massages.resources.
MassageAuthResource.update(net.rh.massages.core.Massage,
io.dropwizard.jersey.params.LongParam,net.rh.massages.auth.User), 
parameters=[Parameter [type=class net.rh.massages.core.Massage, 
source=null, defaultValue=null], Parameter [type=class 
io.dropwizard.jersey.params.LongParam, source=id, defaultValue=null], 
Parameter [type=class net.rh.massages.auth.User, source=null, 
defaultValue=null]], responseType=class javax.ws.rs.core.Response}, 
nameBindings=[]}']
! at org.glassfish.jersey.server.ApplicationHandler.initialize(
ApplicationHandler.java:555)
(…)

If this isn't enough the full test code can be also found on GitHub 
<https://github.com/PSilling/rh-massages/blob/master/dropwizard-api/src/test/java/net/rh/massages/resources/MassageResourceTest.java>
.

-- 
You received this message because you are subscribed to the Google Groups 
"dropwizard-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to dropwizard-user+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.