Refine search
private MockHttpServletRequest getMockHttpServletRequest() { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpSession session = new MockHttpSession(); SavedRequest savedRequest = mock(SavedRequest.class); when(savedRequest.getParameterValues("client_id")).thenReturn(new String[]{"client-id"}); when(savedRequest.getRedirectUrl()) .thenReturn("http://localhost:8080/uaa/oauth/authorize?client_id=identity&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Flogin&response_type=code&state=8tp0tR"); session.setAttribute(SAVED_REQUEST_SESSION_ATTRIBUTE, savedRequest); request.setSession(session); return request; }
public void requestScope() throws Exception { assertThat(myRequestBean) .isSameAs(request.getAttribute("myRequestBean")); assertThat(myRequestBean) .isSameAs(wac.getBean("myRequestBean", MyRequestBean.class)); public void sessionScope() throws Exception { assertThat(mySessionBean) .isSameAs(session.getAttribute("mySessionBean")); assertThat(mySessionBean) .isSameAs(wac.getBean("mySessionBean", MySessionBean.class));
@Override @Nullable public HttpSession getSession(boolean create) { checkActive(); // Reset session if invalidated. if (this.session instanceof MockHttpSession && ((MockHttpSession) this.session).isInvalid()) { this.session = null; } // Create new session if necessary. if (this.session == null && create) { this.session = new MockHttpSession(this.servletContext); } return this.session; }
/** * @since 4.0 */ @Test(expected = IllegalStateException.class) public void removeAttributeOnInvalidatedSession() { session.invalidate(); session.removeAttribute("name"); }
/** * @since 4.0 */ @Test(expected = IllegalStateException.class) public void getValueNamesOnInvalidatedSession() { session.invalidate(); session.getValueNames(); }
protected MockHttpServletRequest makeRequest(String body, String queryString) throws UnsupportedEncodingException { MockHttpServletRequest request = new MockHttpServletRequest(); request.setScheme("http"); request.setServerName("localhost"); request.setContextPath("/geoserver"); request.setRequestURI("/geoserver"); request.setQueryString(queryString != null ? queryString : ""); request.setRemoteAddr("127.0.0.1"); request.setServletPath("/geoserver"); request.setContentType("application/x-www-form-urlencoded"); request.setMethod("POST"); request.setContent(body.getBytes("UTF-8")); MockHttpSession session = new MockHttpSession(new MockServletContext()); request.setSession(session); request.setUserPrincipal(null); return request; }
@Before public void setUp() { MockHttpServletRequest oldRequestWithSession = new MockHttpServletRequest(); oldRequestWithSession.setSession(new MockHttpSession()); this.oldRequestAttributesWithSession = new ServletRequestAttributes(oldRequestWithSession); MockHttpServletRequest newRequestWithSession = new MockHttpServletRequest(); newRequestWithSession.setSession(new MockHttpSession()); this.newRequestAttributesWithSession = new ServletRequestAttributes(newRequestWithSession); }
@Test public void frontChannelLogoutRelayStateOK() { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(LOGOUT_PARAMETER_NAME, logoutMessage); request.setParameter(RELAY_STATE_PARAMETER_NAME, TICKET); request.setQueryString(LOGOUT_PARAMETER_NAME + "=" + logoutMessage + "&" + RELAY_STATE_PARAMETER_NAME + "=" + TICKET); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); handler.getSessionMappingStorage().addSessionById(TICKET, session); assertFalse(handler.process(request, response)); assertTrue(session.isInvalid()); } }
@Before public void setup() { cache = new UaaSavedRequestCache(); session = new MockHttpSession(); request = new MockHttpServletRequest(POST.name(), "/login.do"); redirectUri = "http://test"; spy = spy(cache); }
@Test public void get_origin_from_request() throws Exception { MockHttpSession session = new MockHttpSession(null, "the-id"); MockHttpServletRequest request = new MockHttpServletRequest("GET","/oauth/authorize"); request.setSession(session); request.setRemoteAddr("127.10.10.10"); UaaAuthenticationDetails details = new UaaAuthenticationDetails(request, "client-id"); UserAuthenticationSuccessEvent event = new UserAuthenticationSuccessEvent(mock(UaaUser.class), mock(Authentication.class)); String origin = event.getOrigin(details); assertThat(origin, containsString("remoteAddress=127.10.10.10")); assertThat(origin, containsString("clientId=client-id")); assertThat(origin, containsString("sessionId=<SESSION>")); } }
@Test public void testGateway() throws Exception { final MockHttpSession session = new MockHttpSession(); final MockHttpServletRequest request = new MockHttpServletRequest(); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { // nothing to do } }; request.setSession(session); this.filter.setRenew(true); this.filter.setGateway(true); this.filter.doFilter(request, response, filterChain); assertNotNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY)); assertNotNull(response.getRedirectedUrl()); final MockHttpServletResponse response2 = new MockHttpServletResponse(); this.filter.doFilter(request, response2, filterChain); assertNotNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY)); assertNull(response2.getRedirectedUrl()); final MockHttpServletResponse response3 = new MockHttpServletResponse(); this.filter.doFilter(request, response3, filterChain); assertNotNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY)); assertNull(response3.getRedirectedUrl()); }
@Test public void should_save_condition_works() throws MalformedURLException { assertFalse(cache.shouldSaveFormRedirectParameter(request)); request.setPathInfo("/login.do"); assertFalse(cache.shouldSaveFormRedirectParameter(request)); request.setParameter(FORM_REDIRECT_PARAMETER, redirectUri); request.setServerName(new URL(redirectUri).getHost()); assertTrue(cache.shouldSaveFormRedirectParameter(request)); request.setSession(session); assertTrue(cache.shouldSaveFormRedirectParameter(request)); ClientRedirectSavedRequest savedRequest = new ClientRedirectSavedRequest(request, redirectUri); session.setAttribute(SAVED_REQUEST_SESSION_ATTRIBUTE, savedRequest); assertFalse(cache.shouldSaveFormRedirectParameter(request)); }
private MockHttpSession getUserSession(String username, String password) throws Exception { MockHttpSession session = new MockHttpSession(); session.invalidate(); MockHttpSession afterLoginSession = (MockHttpSession) mockMvc.perform(post("/login.do") .with(cookieCsrf()) .session(session) .accept(ACCEPT_TEXT_HTML) .param("username", username) .param("password", password)) .andDo(print()) .andReturn().getRequest().getSession(false); assertNotNull(afterLoginSession); assertNotNull(afterLoginSession.getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY)); return afterLoginSession; }
public static MockHttpSession getSavedRequestSession() { MockHttpSession session = new MockHttpSession(); SavedRequest savedRequest = new MockSavedRequest(); session.setAttribute(SAVED_REQUEST_SESSION_ATTRIBUTE, savedRequest); return session; }
@Test public void requestWhenCreateSessionIsSetToNeverThenUsesExistingSession() throws Exception { this.spring.configLocations(this.xml("CreateSessionNever")).autowire(); MockHttpServletRequest request = post("/login") .param("username", "user") .param("password", "password") .buildRequest(this.servletContext()); request = csrf().postProcessRequest(request); MockHttpSession session = new MockHttpSession(); request.setSession(session); MockHttpServletResponse response = request(request, this.spring.getContext()); assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_MOVED_TEMPORARILY); assertThat(request.getSession(false)).isNotNull(); assertThat(request.getSession(false).getAttribute(SPRING_SECURITY_CONTEXT_KEY)) .isNotNull(); }
@Before public void setup() throws Exception { this.mvc = webAppContextSetup(this.wac).build(); this.session = new MockHttpSession(); }
@Test public void session() { MockHttpSession session = new MockHttpSession(this.servletContext); session.setAttribute("foo", "bar"); this.builder.session(session); this.builder.sessionAttr("baz", "qux"); MockHttpServletRequest request = this.builder.buildRequest(this.servletContext); assertEquals(session, request.getSession()); assertEquals("bar", request.getSession().getAttribute("foo")); assertEquals("qux", request.getSession().getAttribute("baz")); }
@Test void ensure_that_form_redirect_is_not_a_parameter_unless_there_is_a_saved_request() throws Exception { //make sure we don't create a session on the homepage assertNull( mockMvc.perform( get("/login") ) .andDo(print()) .andExpect(content().string(not(containsString(FORM_REDIRECT_PARAMETER)))) .andReturn().getRequest().getSession(false)); //if there is a session, but no saved request mockMvc.perform( get("/login") .session(new MockHttpSession()) ) .andDo(print()) .andExpect(content().string(not(containsString(FORM_REDIRECT_PARAMETER)))); }
@Test public void requestWhenSessionFixationProtectionIsMigrateSessionThenSessionIsReplaced() throws Exception { this.spring.configLocations(this.xml("SessionFixationProtectionMigrateSession")).autowire(); MockHttpSession session = new MockHttpSession(); String sessionId = session.getId(); MvcResult result = this.mvc.perform(get("/auth") .session(session) .with(httpBasic("user", "password"))) .andExpect(session()) .andReturn(); assertThat(result.getRequest().getSession(false).getId()).isNotEqualTo(sessionId); }
private MockHttpSession expiredSession() { MockHttpSession session = new MockHttpSession(); SessionRegistry sessionRegistry = this.spring.getContext().getBean(SessionRegistry.class); sessionRegistry.registerNewSession(session.getId(), "user"); sessionRegistry.getSessionInformation(session.getId()).expireNow(); return session; }