@Test
public void testInvalidRequest() throws Exception
{
HttpServletRequest req = EasyMock.createStrictMock(HttpServletRequest.class);
HttpServletResponse resp = EasyMock.createStrictMock(HttpServletResponse.class);
FilterChain filterChain = EasyMock.createStrictMock(FilterChain.class);
ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
AuthenticationResult authenticationResult = new AuthenticationResult("does-not-belong", "does-not-belong",
null,
null);
EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(true).once();
EasyMock.expect(req.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).anyTimes();
EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn(authenticationResult).once();
EasyMock.expect(resp.getOutputStream()).andReturn(outputStream).once();
resp.setStatus(403);
EasyMock.expectLastCall().once();
resp.setContentType("application/json");
EasyMock.expectLastCall().once();
resp.setCharacterEncoding("UTF-8");
EasyMock.expectLastCall().once();
EasyMock.replay(req, resp, filterChain, outputStream);
SecuritySanityCheckFilter filter = new SecuritySanityCheckFilter(new DefaultObjectMapper());
filter.doFilter(req, resp, filterChain);
EasyMock.verify(req, resp, filterChain, outputStream);
}
}