private boolean validateCredentials(TokenCredentials tokenCredentials) { // credentials without userID -> check if attributes provide // sufficient information for successful authentication. String token = tokenCredentials.getToken(); tokenInfo = tokenProvider.getTokenInfo(token); if (tokenInfo == null) { log.debug("No valid TokenInfo for token."); return false; } long loginTime = new Date().getTime(); if (tokenInfo.isExpired(loginTime)) { // token is expired log.debug("Token is expired"); tokenInfo.remove(); return false; } if (tokenInfo.matches(tokenCredentials)) { tokenInfo.resetExpiration(loginTime); return true; } return false; } }
boolean reset = tokenInfo.resetExpiration(loginTime); log.debug("Token reset={}", reset); } else {
boolean reset = tokenInfo.resetExpiration(loginTime); log.debug("Token reset={}", reset); } else {
@Test public void testNotReset() { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertNotNull(info); assertFalse(info.resetExpiration(new Date().getTime())); long loginTime = new Date().getTime() + 3600000; assertFalse(info.resetExpiration(loginTime)); } }
@Test public void testResetTokenExpiration() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertFalse(info.resetExpiration(new Date().getTime())); long loginTime = new Date().getTime() + 3600000; assertFalse(info.isExpired(loginTime)); assertTrue(info.resetExpiration(loginTime)); } }
@Test public void testResetTokenExpirationExpiredToken() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); long expiredTime = new Date().getTime() + 7200001; assertTrue(info.isExpired(expiredTime)); assertFalse(info.resetExpiration(expiredTime)); }
@Test public void testAuthenticateExpiredTokenMock() throws Exception { TokenCredentials tc = new TokenCredentials("token"); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { auth.authenticate(tc); fail("LoginException expected"); } catch (LoginException e) { // success } Mockito.verify(ti, Mockito.never()).matches(Mockito.any()); Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong()); } }
@Test public void testRefreshToken() throws Exception { TokenInfo readOnlyInfo = readOnlyTp.getTokenInfo(generateToken()); assertFalse(readOnlyInfo.resetExpiration(System.currentTimeMillis() + TokenProviderImpl.DEFAULT_TOKEN_EXPIRATION - 100)); }
@Test public void testAuthenticateRefreshToken() throws Exception { TokenCredentials tc = new TokenCredentials("token"); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false); Mockito.when(ti.matches(tc)).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { assertTrue(auth.authenticate(tc)); Mockito.verify(ti).resetExpiration(Mockito.anyLong()); } catch (LoginException e) { fail(e.getMessage()); } }
@Test public void testAuthenticateSkipRefreshToken() throws Exception { TokenCredentials tc = new TokenCredentials("token"); tc.setAttribute(TokenConstants.TOKEN_SKIP_REFRESH, ""); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false); Mockito.when(ti.matches(tc)).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { assertTrue(auth.authenticate(tc)); Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong()); } catch (LoginException e) { fail(e.getMessage()); } }