/** * Add a single value for the specified HTTP parameter. * <p>If there are already one or more values registered for the given * parameter name, the given value will be added to the end of the list. */ public void addParameter(String name, @Nullable String value) { addParameter(name, new String[] {value}); }
/** * Add all provided parameters <strong>without</strong> replacing any * existing values. To replace existing values, use * {@link #setParameters(java.util.Map)}. */ public void addParameters(Map<String, ?> params) { Assert.notNull(params, "Parameter map must not be null"); params.forEach((key, value) -> { if (value instanceof String) { addParameter(key, (String) value); } else if (value instanceof String[]) { addParameter(key, (String[]) value); } else { throw new IllegalArgumentException("Parameter map value must be single value " + " or array of type [" + String.class.getName() + "]"); } }); }
private void addRequestParams(MockHttpServletRequest request, MultiValueMap<String, String> map) { map.forEach((key, values) -> values.forEach(value -> { value = (value != null ? UriUtils.decode(value, StandardCharsets.UTF_8) : null); request.addParameter(UriUtils.decode(key, StandardCharsets.UTF_8), value); })); }
private void params(MockHttpServletRequest request, UriComponents uriComponents) { uriComponents.getQueryParams().forEach((name, values) -> { String urlDecodedName = urlDecode(name); values.forEach(value -> { value = (value != null ? urlDecode(value) : ""); request.addParameter(urlDecodedName, value); }); }); for (NameValuePair param : this.webRequest.getRequestParameters()) { request.addParameter(param.getName(), param.getValue()); } }
@Test public void readmeSampleWhenRequestLoginWithValidCredentialsThenRedirectToIndex() throws Exception { this.spring.register(SampleWebSecurityConfigurerAdapter.class).autowire(); this.request.setServletPath("/login"); this.request.setMethod("POST"); this.request.addParameter("username", "user"); this.request.addParameter("password", "password"); this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain); assertThat(this.response.getRedirectedUrl()).isEqualTo("/"); }
@Test public void loadAuthorizationRequestWhenNotSavedThenReturnNull() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter(OAuth2ParameterNames.STATE, "state-1234"); OAuth2AuthorizationRequest authorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request); assertThat(authorizationRequest).isNull(); }
@Test public void helloWorldSampleWhenRequestLoginWithValidCredentialsThenRedirectToIndex() throws Exception { this.spring.register(HelloWorldWebSecurityConfigurerAdapter.class).autowire(); this.request.setServletPath("/login"); this.request.setMethod("POST"); this.request.addHeader("Accept", "text/html"); this.request.addParameter("username", "user"); this.request.addParameter("password", "password"); this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain); assertThat(this.response.getRedirectedUrl()).isEqualTo("/"); }
@Test public void resolveWhenQueryParameterIsPresentAndSupportedThenTokenIsResolved() { this.resolver.setAllowUriQueryParameter(true); MockHttpServletRequest request = new MockHttpServletRequest(); request.setMethod("GET"); request.addParameter("access_token", TEST_TOKEN); assertThat(this.resolver.resolve(request)).isEqualTo(TEST_TOKEN); }
@Test public void printRequest() throws Exception { this.request.addParameter("param", "paramValue"); this.request.addHeader("header", "headerValue"); this.request.setCharacterEncoding("UTF-16"); String palindrome = "ablE was I ere I saw Elba"; byte[] bytes = palindrome.getBytes("UTF-16"); this.request.setContent(bytes); this.request.getSession().setAttribute("foo", "bar"); this.handler.handle(this.mvcResult); HttpHeaders headers = new HttpHeaders(); headers.set("header", "headerValue"); MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("param", "paramValue"); assertValue("MockHttpServletRequest", "HTTP Method", this.request.getMethod()); assertValue("MockHttpServletRequest", "Request URI", this.request.getRequestURI()); assertValue("MockHttpServletRequest", "Parameters", params); assertValue("MockHttpServletRequest", "Headers", headers); assertValue("MockHttpServletRequest", "Body", palindrome); assertValue("MockHttpServletRequest", "Session Attrs", Collections.singletonMap("foo", "bar")); }
@Test public void printRequestWithEmptySessionMock() throws Exception { this.request.addParameter("param", "paramValue"); this.request.addHeader("header", "headerValue"); this.request.setCharacterEncoding("UTF-16"); String palindrome = "ablE was I ere I saw Elba"; byte[] bytes = palindrome.getBytes("UTF-16"); this.request.setContent(bytes); this.request.setSession(Mockito.mock(HttpSession.class)); this.handler.handle(this.mvcResult); HttpHeaders headers = new HttpHeaders(); headers.set("header", "headerValue"); MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("param", "paramValue"); assertValue("MockHttpServletRequest", "HTTP Method", this.request.getMethod()); assertValue("MockHttpServletRequest", "Request URI", this.request.getRequestURI()); assertValue("MockHttpServletRequest", "Parameters", params); assertValue("MockHttpServletRequest", "Headers", headers); assertValue("MockHttpServletRequest", "Body", palindrome); }
@Test public void printRequestWithoutSession() throws Exception { this.request.addParameter("param", "paramValue"); this.request.addHeader("header", "headerValue"); this.request.setCharacterEncoding("UTF-16"); String palindrome = "ablE was I ere I saw Elba"; byte[] bytes = palindrome.getBytes("UTF-16"); this.request.setContent(bytes); this.handler.handle(this.mvcResult); HttpHeaders headers = new HttpHeaders(); headers.set("header", "headerValue"); MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("param", "paramValue"); assertValue("MockHttpServletRequest", "HTTP Method", this.request.getMethod()); assertValue("MockHttpServletRequest", "Request URI", this.request.getRequestURI()); assertValue("MockHttpServletRequest", "Parameters", params); assertValue("MockHttpServletRequest", "Headers", headers); assertValue("MockHttpServletRequest", "Body", palindrome); }
@Test public void resolveWhenFormParameterIsPresentAndSupportedThenTokenIsResolved() { this.resolver.setAllowFormEncodedBodyParameter(true); MockHttpServletRequest request = new MockHttpServletRequest(); request.setMethod("POST"); request.setContentType("application/x-www-form-urlencoded"); request.addParameter("access_token", TEST_TOKEN); assertThat(this.resolver.resolve(request)).isEqualTo(TEST_TOKEN); }
@Test public void resolveWhenQueryParameterIsPresentAndNotSupportedThenTokenIsNotResolved() { MockHttpServletRequest request = new MockHttpServletRequest(); request.setMethod("GET"); request.addParameter("access_token", TEST_TOKEN); assertThat(this.resolver.resolve(request)).isNull(); } }
@Test public void removeAuthorizationRequestWhenNotSavedThenNotRemoved() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter(OAuth2ParameterNames.STATE, "state-1234"); MockHttpServletResponse response = new MockHttpServletResponse(); OAuth2AuthorizationRequest removedAuthorizationRequest = this.authorizationRequestRepository.removeAuthorizationRequest(request, response); assertThat(removedAuthorizationRequest).isNull(); }
@Test public void resolveWhenRequestContainsTwoAccessTokenParametersThenAuthenticationExceptionIsThrown() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter("access_token", "token1", "token2"); assertThatCode(() -> this.resolver.resolve(request)).isInstanceOf(OAuth2AuthenticationException.class) .hasMessageContaining("Found multiple bearer tokens in the request"); }
@Test public void saveAuthorizationRequestWhenNotNullThenSaved() { MockHttpServletRequest request = new MockHttpServletRequest(); OAuth2AuthorizationRequest authorizationRequest = createAuthorizationRequest().build(); this.authorizationRequestRepository.saveAuthorizationRequest( authorizationRequest, request, new MockHttpServletResponse()); request.addParameter(OAuth2ParameterNames.STATE, authorizationRequest.getState()); OAuth2AuthorizationRequest loadedAuthorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request); assertThat(loadedAuthorizationRequest).isEqualTo(authorizationRequest); }
@Test public void loadAuthorizationRequestWhenSavedThenReturnAuthorizationRequest() { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); OAuth2AuthorizationRequest authorizationRequest = createAuthorizationRequest().build(); this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, request, response); request.addParameter(OAuth2ParameterNames.STATE, authorizationRequest.getState()); OAuth2AuthorizationRequest loadedAuthorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request); assertThat(loadedAuthorizationRequest).isEqualTo(authorizationRequest); }
@Test public void resolveWhenValidHeaderIsPresentTogetherWithQueryParameterThenAuthenticationExceptionIsThrown() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addHeader("Authorization", "Bearer " + TEST_TOKEN); request.setMethod("GET"); request.addParameter("access_token", TEST_TOKEN); assertThatCode(() -> this.resolver.resolve(request)).isInstanceOf(OAuth2AuthenticationException.class) .hasMessageContaining("Found multiple bearer tokens in the request"); }
@Test public void saveAuthorizationRequestWhenNoExistingSessionAndDistributedSessionThenSaved() { MockHttpServletRequest request = new MockHttpServletRequest(); request.setSession(new MockDistributedHttpSession()); OAuth2AuthorizationRequest authorizationRequest = createAuthorizationRequest().build(); this.authorizationRequestRepository.saveAuthorizationRequest( authorizationRequest, request, new MockHttpServletResponse()); request.addParameter(OAuth2ParameterNames.STATE, authorizationRequest.getState()); OAuth2AuthorizationRequest loadedAuthorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request); assertThat(loadedAuthorizationRequest).isEqualTo(authorizationRequest); }
@Test public void resolveWhenValidHeaderIsPresentTogetherWithFormParameterThenAuthenticationExceptionIsThrown() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addHeader("Authorization", "Bearer " + TEST_TOKEN); request.setMethod("POST"); request.setContentType("application/x-www-form-urlencoded"); request.addParameter("access_token", TEST_TOKEN); assertThatCode(() -> this.resolver.resolve(request)).isInstanceOf(OAuth2AuthenticationException.class) .hasMessageContaining("Found multiple bearer tokens in the request"); }