cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java

package com.cameleer3.server.app;

import com.cameleer3.server.core.agent.AgentRegistryService;
import com.cameleer3.server.core.security.JwtService;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;

import java.util.List;
import java.util.Map;

/**
 * Test utility for creating JWT-authenticated requests in integration tests.
 * <p>
 * Registers a test agent and issues a JWT access token that can be used
 * to authenticate against protected endpoints.
 */
@Component
public class TestSecurityHelper {

    private final JwtService jwtService;
    private final AgentRegistryService agentRegistryService;

    public TestSecurityHelper(JwtService jwtService, AgentRegistryService agentRegistryService) {
        this.jwtService = jwtService;
        this.agentRegistryService = agentRegistryService;
    }

    /**
     * Registers a test agent and returns a valid JWT access token for it.
     */
    public String registerTestAgent(String agentId) {
        agentRegistryService.register(agentId, "test", "test-group", "1.0", List.of(), Map.of());
        return jwtService.createAccessToken(agentId, "test-group");
    }

    /**
     * Returns HttpHeaders with JWT Bearer authorization, protocol version, and JSON content type.
     */
    public HttpHeaders authHeaders(String jwt) {
        HttpHeaders headers = new HttpHeaders();
        headers.set("Authorization", "Bearer " + jwt);
        headers.set("X-Cameleer-Protocol-Version", "1");
        headers.setContentType(MediaType.APPLICATION_JSON);
        return headers;
    }

    /**
     * Returns HttpHeaders with JWT Bearer authorization and protocol version (no content type).
     */
    public HttpHeaders authHeadersNoBody(String jwt) {
        HttpHeaders headers = new HttpHeaders();
        headers.set("Authorization", "Bearer " + jwt);
        headers.set("X-Cameleer-Protocol-Version", "1");
        return headers;
    }

    /**
     * Returns HttpHeaders with bootstrap token authorization, protocol version, and JSON content type.
     */
    public HttpHeaders bootstrapHeaders() {
        HttpHeaders headers = new HttpHeaders();
        headers.set("Authorization", "Bearer test-bootstrap-token");
        headers.set("X-Cameleer-Protocol-Version", "1");
        headers.setContentType(MediaType.APPLICATION_JSON);
        return headers;
    }
}
test(04-02): adapt all ITs for JWT auth and add 4 security integration tests - Replace TestSecurityConfig permit-all with real SecurityConfig active in tests - Create TestSecurityHelper for JWT-authenticated test requests - Update 15 existing ITs to use JWT Bearer auth and bootstrap token headers - Add SecurityFilterIT: protected/public endpoint access control (6 tests) - Add BootstrapTokenIT: registration requires valid bootstrap token (4 tests) - Add RegistrationSecurityIT: registration returns tokens + public key (3 tests) - Add JwtRefreshIT: refresh flow with valid/invalid/mismatched tokens (5 tests) - Add /error to SecurityConfig permitAll for proper error page forwarding - Exclude register and refresh paths from ProtocolVersionInterceptor - All 91 tests pass (18 new security + 73 existing) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-11 20:38:28 +01:00			`package com.cameleer3.server.app;`

			`import com.cameleer3.server.core.agent.AgentRegistryService;`
			`import com.cameleer3.server.core.security.JwtService;`
			`import org.springframework.http.HttpHeaders;`
			`import org.springframework.http.MediaType;`
			`import org.springframework.stereotype.Component;`

			`import java.util.List;`
			`import java.util.Map;`

			`/**`
			`* Test utility for creating JWT-authenticated requests in integration tests.`
			`* <p>`
			`* Registers a test agent and issues a JWT access token that can be used`
			`* to authenticate against protected endpoints.`
			`*/`
			`@Component`
			`public class TestSecurityHelper {`

			`private final JwtService jwtService;`
			`private final AgentRegistryService agentRegistryService;`

			`public TestSecurityHelper(JwtService jwtService, AgentRegistryService agentRegistryService) {`
			`this.jwtService = jwtService;`
			`this.agentRegistryService = agentRegistryService;`
			`}`

			`/**`
			`* Registers a test agent and returns a valid JWT access token for it.`
			`*/`
			`public String registerTestAgent(String agentId) {`
			`agentRegistryService.register(agentId, "test", "test-group", "1.0", List.of(), Map.of());`
			`return jwtService.createAccessToken(agentId, "test-group");`
			`}`

			`/**`
			`* Returns HttpHeaders with JWT Bearer authorization, protocol version, and JSON content type.`
			`*/`
			`public HttpHeaders authHeaders(String jwt) {`
			`HttpHeaders headers = new HttpHeaders();`
			`headers.set("Authorization", "Bearer " + jwt);`
			`headers.set("X-Cameleer-Protocol-Version", "1");`
			`headers.setContentType(MediaType.APPLICATION_JSON);`
			`return headers;`
			`}`

			`/**`
			`* Returns HttpHeaders with JWT Bearer authorization and protocol version (no content type).`
			`*/`
			`public HttpHeaders authHeadersNoBody(String jwt) {`
			`HttpHeaders headers = new HttpHeaders();`
			`headers.set("Authorization", "Bearer " + jwt);`
			`headers.set("X-Cameleer-Protocol-Version", "1");`
			`return headers;`
			`}`

			`/**`
			`* Returns HttpHeaders with bootstrap token authorization, protocol version, and JSON content type.`
			`*/`
			`public HttpHeaders bootstrapHeaders() {`
			`HttpHeaders headers = new HttpHeaders();`
			`headers.set("Authorization", "Bearer test-bootstrap-token");`
			`headers.set("X-Cameleer-Protocol-Version", "1");`
			`headers.setContentType(MediaType.APPLICATION_JSON);`
			`return headers;`
			`}`
			`}`