changePasswordService.changePassword(username, currentPassword, newPassword); request.getSession().invalidate(); request.getSession(true);
@Test public void changePassword_Returns302Found_SuccessfullyChangedPassword() throws Exception { MockHttpServletRequestBuilder post = createRequest("secret", "new secret", "new secret"); mockMvc.perform(post) .andExpect(status().isFound()) .andExpect(redirectedUrl("profile")); verify(changePasswordService).changePassword("bob", "secret", "new secret"); Authentication afterAuth = SecurityContextHolder.getContext().getAuthentication(); assertThat(((UaaAuthentication)afterAuth).getAuthenticationMethods(), containsInAnyOrder(authMethods.toArray())); assertSame(authentication, afterAuth); }
@Test public void changePassword_Returns401Unauthorized_WrongCurrentPassword() throws Exception { doThrow(new BadCredentialsException("401 Unauthorized")).when(changePasswordService).changePassword("bob", "wrong", "new secret"); MockHttpServletRequestBuilder post = createRequest("wrong", "new secret", "new secret"); mockMvc.perform(post) .andExpect(status().isUnprocessableEntity()) .andExpect(view().name("change_password")) .andExpect(model().attribute("message_code", "unauthorized")); }
@Test public void changePassword_PasswordPolicyViolationReported() throws Exception { doThrow(new InvalidPasswordException(asList("Msg 2b", "Msg 1b"))).when(changePasswordService).changePassword("bob", "secret", "new secret"); MockHttpServletRequestBuilder post = createRequest("secret", "new secret", "new secret"); mockMvc.perform(post) .andExpect(status().isUnprocessableEntity()) .andExpect(view().name("change_password")) .andExpect(model().attribute("message", "Msg 1b Msg 2b")); }
@Test public void changePassword_PasswordNoveltyViolationReported_NewPasswordSameAsCurrentPassword() throws Exception { doThrow(new InvalidPasswordException("Your new password cannot be the same as the old password.")).when(changePasswordService).changePassword("bob", "secret", "new secret"); MockHttpServletRequestBuilder post = createRequest("secret", "new secret", "new secret"); mockMvc.perform(post) .andExpect(status().isUnprocessableEntity()) .andExpect(view().name("change_password")) .andExpect(model().attribute("message", "Your new password cannot be the same as the old password.")); }