@Test public void doFilterIsUserInRole() throws Exception { SecurityContext context = SecurityContextHolder.getContext(); request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, context); chain = new MockFilterChain() { @Override public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; assertThat(httpRequest.isUserInRole("USER")).isTrue(); assertThat(httpRequest.isUserInRole("INVALID")).isFalse(); super.doFilter(request, response); } }; springSecurityFilterChain.doFilter(request, response, chain); assertThat(chain.getRequest()).isNotNull(); }
@Test public void testWidgetDeactivated() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest("GET", "/stagemonitor/spans"); request.addParameter("connectionId", ""); MockHttpServletResponse response = new MockHttpServletResponse(); Mockito.when(servletPlugin.isWidgetAndStagemonitorEndpointsAllowed(eq(request))).thenReturn(Boolean.FALSE); ConfigurationRegistry configuration = mock(ConfigurationRegistry.class); when(configuration.getConfig(ServletPlugin.class)).thenReturn(servletPlugin); new MockFilterChain(spanServlet, new StagemonitorSecurityFilter(configuration)).doFilter(request, response); Assert.assertEquals(404, response.getStatus()); } }
/** * Create a FilterChain with a Servlet. * @param servlet the Servlet to invoke * @since 3.2 */ public MockFilterChain(Servlet servlet) { this.filters = initFilterList(servlet); }
@Test(expected = IllegalArgumentException.class) public void doFilterNullResponse() throws Exception { MockFilterChain chain = new MockFilterChain(); chain.doFilter(this.request, null); }
private void assertFilterNotInvoked(String requestUri, String pattern) throws Exception { request.setRequestURI(request.getContextPath() + requestUri); filter = new PatternMappingFilterProxy(delegate, pattern); filter.doFilter(request, response, filterChain); assertThat(delegate.request, equalTo((ServletRequest) null)); assertThat(delegate.response, equalTo((ServletResponse) null)); assertThat(delegate.chain, equalTo((FilterChain) null)); assertThat(filterChain.getRequest(), equalTo((ServletRequest) request)); assertThat(filterChain.getResponse(), equalTo((ServletResponse) response)); filterChain = new MockFilterChain(); }
@Test public void doFilterEmptyChain() throws Exception { MockFilterChain chain = new MockFilterChain(); chain.doFilter(this.request, this.response); assertThat(chain.getRequest(), is(request)); assertThat(chain.getResponse(), is(response)); try { chain.doFilter(this.request, this.response); fail("Expected Exception"); } catch (IllegalStateException ex) { assertEquals("This FilterChain has already been called!", ex.getMessage()); } }
prepareFilterChain(pattern, testFilterName, testFilterName2); SecurityContextHolder.getContext().setAuthentication(null); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getStatus()); String tmp = response.getHeader("WWW-Authenticate"); assertNotNull(tmp); assert (tmp.indexOf(GeoServerSecurityManager.REALM) != -1); assert (tmp.indexOf("Digest") != -1); assertNull(SecurityContextHolder.getContext().getAuthentication()); response = new MockHttpServletResponse(); chain = new MockFilterChain(); response = new MockHttpServletResponse(); chain = new MockFilterChain(); request.addHeader( "Authorization", "Basic "
SecurityContextHolder.getContext().setAuthentication(null); request.addParameter("_spring_security_remember_me", "yes"); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); assertEquals(0, response.getCookies().length); String tmp = response.getHeader("WWW-Authenticate"); assertNotNull(tmp); request.addParameter("_spring_security_remember_me", "yes"); response = new MockHttpServletResponse(); chain = new MockFilterChain(); request.addHeader( "Authorization", "Basic " + new String(Base64.encodeBytes(("abc@xyz.com:abc").getBytes()))); chain = new MockFilterChain(); chain = new MockFilterChain(); assertEquals("abc@xyz.com", ((UserDetails) auth.getPrincipal()).getUsername()); chain = new MockFilterChain(); chain = new MockFilterChain();
modifyChain(pattern, false, true, null); SecurityContextHolder.getContext().setAuthentication(null); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); getProxy().doFilter(request, response, chain); assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus()); response = new MockHttpServletResponse(); chain = new MockFilterChain(); request.setQueryString(authKeyUrlParam + "=" + authKey); request.addParameter(authKeyUrlParam, authKey); chain = new MockFilterChain(); assertNull(SecurityContextHolder.getContext().getAuthentication()); chain = new MockFilterChain(); chain = new MockFilterChain();
private void setupRequest() { this.request = new MockHttpServletRequest(); this.response = new MockHttpServletResponse(); this.chain = new MockFilterChain(); }
@Before public void setup() { this.request = new MockHttpServletRequest("GET", ""); this.request.setMethod("GET"); this.response = new MockHttpServletResponse(); this.chain = new MockFilterChain(); }
@Test public void authenticatesValidUser() throws Exception { String msg = "{ \"username\":\"marissa\", \"password\":\"koala\"}"; AuthenticationManager am = mock(AuthenticationManager.class); Authentication result = mock(Authentication.class); when(am.authenticate(any(AuthzAuthenticationRequest.class))).thenReturn(result); AuthzAuthenticationFilter filter = new AuthzAuthenticationFilter(am); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/oauth/authorize"); request.setParameter("credentials", msg); MockHttpServletResponse response = new MockHttpServletResponse(); filter.doFilter(request, response, new MockFilterChain()); }
private FilterInvocation createFilterInvocation(String path, String method) { MockHttpServletRequest request = new MockHttpServletRequest("GET", ""); request.setRequestURI(null); request.setMethod(method); request.setServletPath(path); return new FilterInvocation(request, new MockHttpServletResponse(), new MockFilterChain()); } }
@Before public void setup() { this.request = new MockHttpServletRequest("GET", ""); this.request.setServletPath("/login/oauth2/code/google"); this.response = new MockHttpServletResponse(); this.filterChain = new MockFilterChain(); }
@Before public void setup() { request = new MockHttpServletRequest(); request.setContextPath("/context"); response = new MockHttpServletResponse(); filterChain = new MockFilterChain(); delegate = new MockFilter(); }
private String getXStreamHeader() throws IOException, ServletException { MockHttpServletRequest request = new MockHttpServletRequest("GET", "http://www.geoserver.org"); MockHttpServletResponse response = new MockHttpServletResponse(); XFrameOptionsFilter filter = new XFrameOptionsFilter(); MockServletContext context = new MockServletContext(); MockFilterConfig config = new MockFilterConfig(context); MockFilterChain mockChain = new MockFilterChain(); filter.doFilter(request, response, mockChain); return response.getHeader("X-Frame-Options"); } }
AsyncContext asyncContext = request.getAsyncContext(); MockHttpServletResponse mockResponse; HttpServletResponse servletResponse; mockResponse = new MockHttpServletResponse(); servletResponse = mockResponse; request.setAttribute(MVC_RESULT_ATTRIBUTE, mvcResult); MockFilterChain filterChain = new MockFilterChain(this.servlet, this.filters); filterChain.doFilter(request, servletResponse); if (DispatcherType.ASYNC.equals(request.getDispatcherType()) && asyncContext != null && !request.isAsyncStarted()) { asyncContext.complete();
request.setProtocol("https"); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain authchain = new MockFilterChain(); getProxy().doFilter(request, response, authchain); assertEquals(HttpServletResponse.SC_OK, response.getStatus()); response = new MockHttpServletResponse(); authchain = new MockFilterChain(); getProxy().doFilter(request, response, authchain); assertTrue(response.getStatus() == MockHttpServletResponse.SC_MOVED_TEMPORARILY);
private void reportSpan() { final MockHttpServletRequest request = new MockHttpServletRequest("GET", "/test"); request.addHeader(WidgetAjaxSpanReporter.CONNECTION_ID, connectionId); final MonitoredHttpRequest monitoredHttpRequest = new MonitoredHttpRequest(request, mock(StatusExposingByteCountingServletResponse.class), new MockFilterChain(), configuration, mock(ExecutorService.class)); span = monitoredHttpRequest.createScope().span(); span.setOperationName("test"); span.finish(); }
@Test public void testFilterChainWithDisabled() throws Exception { MockHttpServletRequest request = createRequest("/foo"); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); GeoServerSecurityFilterChainProxy filterChainProxy = GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class); filterChainProxy.doFilter(request, response, chain); assertNull(response.getHeader("ROLES")); } }