@Test public void testDoFilterAuthentication() throws Exception { _testDoFilterAuthentication(false, false, false); }
@Test public void testDoFilterAuthenticationUnauthorizedExpired() throws Exception { // Expired period is reached, MaxInActiveInterval is not reached. long maxInactives = System.currentTimeMillis() + TOKEN_MAX_INACTIVE_INTERVAL; long expires = System.currentTimeMillis() - TOKEN_VALIDITY_SEC; boolean authorized = false; _testDoFilterAuthenticationMaxInactiveInterval(maxInactives, expires, authorized); }
AuthenticationFilter.AUTH_TOKEN_MAX_INACTIVE_INTERVAL, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); verifyAuthorized(filter, request, response, chain, newCookie); } else { verifyUnauthorized(filter, request, response, chain);
AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); FilterChain chain = Mockito.mock(FilterChain.class); verifyUnauthorized(filter, request, response, chain); } finally { filter.destroy();
@Test public void testInitCaseSensitivity() throws Exception { // minimal configuration & simple auth handler (Pseudo) AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("SimPle"); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn( (new Long(TOKEN_VALIDITY_SEC)).toString()); Mockito.when(config.getInitParameterNames()).thenReturn( new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); Assert.assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass()); } finally { filter.destroy(); } }
FilterChain chain = Mockito.mock(FilterChain.class); verifyUnauthorized(filter, request, response, chain); } finally { filter.destroy();
AuthenticationFilter.AUTH_TOKEN_MAX_INACTIVE_INTERVAL, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); verifyAuthorized(filter, request, response, chain, newCookie); } else { verifyUnauthorized(filter, request, response, chain);
AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); FilterChain chain = Mockito.mock(FilterChain.class); verifyUnauthorized(filter, request, response, chain); } finally { filter.destroy();
@Test public void testInitCaseSensitivity() throws Exception { // minimal configuration & simple auth handler (Pseudo) AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("SimPle"); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn( (new Long(TOKEN_VALIDITY_SEC)).toString()); Mockito.when(config.getInitParameterNames()).thenReturn( new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); Assert.assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass()); } finally { filter.destroy(); } }
FilterChain chain = Mockito.mock(FilterChain.class); verifyUnauthorized(filter, request, response, chain); } finally { filter.destroy();
@Test public void testDoFilterAuthenticationImmediateExpiration() throws Exception { _testDoFilterAuthentication(false, false, true); }
AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); FilterChain chain = Mockito.mock(FilterChain.class); verifyUnauthorized(filter, request, response, chain); } finally { filter.destroy();
@Test public void testGetRequestURL() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter("management.operation.return")). thenReturn("true"); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn( DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()).thenReturn( new Vector<String>( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); Mockito.when(request.getQueryString()).thenReturn("a=A&b=B"); Assert.assertEquals("http://foo:8080/bar?a=A&b=B", filter.getRequestURL(request)); } finally { filter.destroy(); } }
@Test public void testDoFilterAuthenticationUnauthorizedExpired() throws Exception { // Expired period is reached, MaxInActiveInterval is not reached. long maxInactives = System.currentTimeMillis() + TOKEN_MAX_INACTIVE_INTERVAL; long expires = System.currentTimeMillis() - TOKEN_VALIDITY_SEC; boolean authorized = false; _testDoFilterAuthenticationMaxInactiveInterval(maxInactives, expires, authorized); }
@Test public void testDoFilterAuthenticationWithInvalidToken() throws Exception { _testDoFilterAuthentication(false, true, false); }
AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); FilterChain chain = Mockito.mock(FilterChain.class); verifyUnauthorized(filter, request, response, chain); } finally { filter.destroy();
@Test public void testGetRequestURL() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter("management.operation.return")). thenReturn("true"); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn( DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()).thenReturn( new Vector<String>( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); Mockito.when(request.getQueryString()).thenReturn("a=A&b=B"); Assert.assertEquals("http://foo:8080/bar?a=A&b=B", filter.getRequestURL(request)); } finally { filter.destroy(); } }
@Test public void testDoFilterAuthenticationAuthorized() throws Exception { // Both expired period and MaxInActiveInterval are not reached. long maxInactives = System.currentTimeMillis() + TOKEN_MAX_INACTIVE_INTERVAL; long expires = System.currentTimeMillis() + TOKEN_VALIDITY_SEC; boolean authorized = true; _testDoFilterAuthenticationMaxInactiveInterval(maxInactives, expires, authorized); }
@Test public void testDoFilterAuthenticationWithInvalidToken() throws Exception { _testDoFilterAuthentication(false, true, false); }
Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); getMockedServletContextWithStringSigner(config); filter.init(config);