/** * Update the contextPath, servletPath, and pathInfo of the request. */ private void updatePathRequestProperties(MockHttpServletRequest request, String requestUri) { if (!requestUri.startsWith(this.contextPath)) { throw new IllegalArgumentException( "Request URI [" + requestUri + "] does not start with context path [" + this.contextPath + "]"); } request.setContextPath(this.contextPath); request.setServletPath(this.servletPath); if ("".equals(this.pathInfo)) { if (!requestUri.startsWith(this.contextPath + this.servletPath)) { throw new IllegalArgumentException( "Invalid servlet path [" + this.servletPath + "] for request URI [" + requestUri + "]"); } String extraPath = requestUri.substring(this.contextPath.length() + this.servletPath.length()); this.pathInfo = (StringUtils.hasText(extraPath) ? urlPathHelper.decodeRequestString(request, extraPath) : null); } request.setPathInfo(this.pathInfo); }
private void servletPath(UriComponents uriComponents, MockHttpServletRequest request) { if ("".equals(request.getPathInfo())) { request.setPathInfo(null); } String path = uriComponents.getPath(); servletPath(request, (path != null ? path : "")); }
@Test public void authenticated_password_expired() throws Exception { request.setPathInfo("/oauth/authorize"); SecurityContextHolder.getContext().setAuthentication(authentication); when(authentication.isAuthenticated()).thenReturn(true); when(authentication.isRequiresPasswordChange()).thenReturn(true); filter.doFilterInternal(request, response, chain); verify(chain, never()).doFilter(any(), any()); verify(response, times(1)).sendRedirect("/force_password_change"); verify(cache, times(1)).saveRequest(any(), any()); }
@Test public void completed_but_still_requires_change() throws Exception { request.setPathInfo("/force_password_change_completed"); request.setMethod(HttpMethod.POST.name()); SecurityContextHolder.getContext().setAuthentication(authentication); when(authentication.isAuthenticated()).thenReturn(true); when(authentication.isRequiresPasswordChange()).thenReturn(true); filter.doFilterInternal(request, response, chain); verify(chain, never()).doFilter(any(), any()); verify(response, times(1)).sendRedirect("/force_password_change"); }
@Test public void submit_change_password() throws Exception { request.setPathInfo("/force_password_change"); request.setMethod(HttpMethod.POST.name()); SecurityContextHolder.getContext().setAuthentication(authentication); when(authentication.isAuthenticated()).thenReturn(true); when(authentication.isRequiresPasswordChange()).thenReturn(true); filter.doFilterInternal(request, response, chain); verify(chain, times(1)).doFilter(same(request), same(response)); verify(response, never()).sendRedirect(anyString()); }
@Test public void loading_change_password_page() throws Exception { request.setPathInfo("/force_password_change"); request.setMethod(HttpMethod.GET.name()); SecurityContextHolder.getContext().setAuthentication(authentication); when(authentication.isAuthenticated()).thenReturn(true); when(authentication.isRequiresPasswordChange()).thenReturn(true); filter.doFilterInternal(request, response, chain); verify(chain, times(1)).doFilter(same(request), same(response)); verify(response, never()).sendRedirect(anyString()); }
@Test public void testSelfCheckSecondUaaAuth() { SecurityContextHolder.getContext().setAuthentication(authentication); request.setPathInfo("/Users/" + id + "/verify"); assertTrue(bean.isUserSelf(request,1)); }
@Test public void customConfiguerPermitAll() throws Exception { loadContext(Config.class); request.setPathInfo("/public/something"); springSecurityFilterChain.doFilter(request, response, chain); assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK); }
@Override public MockHttpServletRequest postProcessRequest(MockHttpServletRequest request) { request.setPathInfo(decodeRequestString(request, request.getPathInfo())); return request; }
@Test public void trying_access_force_password_page_not_authenticated() throws Exception { request.setPathInfo("/force_password_change"); filter.doFilterInternal(request, response, chain); verify(chain, times(1)).doFilter(same(request), same(response)); }
@Test public void testSelfUserToken() throws Exception { SecurityContextHolder.getContext().setAuthentication(oAuth2AuthenticationWithUser); request.setPathInfo("/oauth/token/revoke/user/" + id); assertTrue(bean.isUserTokenRevocationForSelf(request, 4)); SecurityContextHolder.getContext().setAuthentication(oAuth2AuthenticationWithoutUser); assertFalse(bean.isUserTokenRevocationForSelf(request, 4)); request.setPathInfo("/oauth/token/revoke/user/" + "other-user-id"); assertFalse(bean.isUserTokenRevocationForSelf(request, 4)); }
@Test public void isIgnored() throws Exception { for (String s : Arrays.asList("/login/mfa", "/login/mfa/register", "/login/mfa/verify.do")) { request.setPathInfo(s); assertTrue("Is ignored:"+s, filter.isIgnored(request, response)); } }
@Test public void customConfiguerCustomizeDisablesCsrf() throws Exception { loadContext(ConfigCustomize.class); request.setPathInfo("/public/something"); request.setMethod("POST"); springSecurityFilterChain.doFilter(request, response, chain); assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK); }
@Test public void customConfiguerCustomizeFormLogin() throws Exception { loadContext(ConfigCustomize.class); request.setPathInfo("/requires-authentication"); springSecurityFilterChain.doFilter(request, response, chain); assertThat(response.getRedirectedUrl()).endsWith("/other"); }
@Test public void next_step_mfa_in_progress_when_completed_invoked() throws Exception { request.setServletPath("/"); request.setPathInfo("login/mfa/completed"); IdentityZoneHolder.set(mfaEnabledZone); SecurityContextHolder.getContext().setAuthentication(authentication); assertSame(MFA_IN_PROGRESS, spyFilter.getNextStep(request)); }
@Test public void customConfiguerFormLogin() throws Exception { loadContext(Config.class); request.setPathInfo("/requires-authentication"); springSecurityFilterChain.doFilter(request, response, chain); assertThat(response.getRedirectedUrl()).endsWith("/custom"); }
@Before public void setUp() { filter = new DisableIdTokenResponseTypeFilter(false, applyPaths); disabledFilter = new DisableIdTokenResponseTypeFilter(true, applyPaths); request.setPathInfo("/oauth/authorize"); }
public MockHttpServletRequest buildRequest(ServletContext servletContext) { Charset charset = getCharset(); String httpMethod = this.webRequest.getHttpMethod().name(); UriComponents uriComponents = uriComponents(); String path = uriComponents.getPath(); MockHttpServletRequest request = new HtmlUnitMockHttpServletRequest( servletContext, httpMethod, (path != null ? path : "")); parent(request, this.parentBuilder); String host = uriComponents.getHost(); request.setServerName(host != null ? host : ""); // needs to be first for additional headers authType(request); request.setCharacterEncoding(charset.name()); content(request, charset); contextPath(request, uriComponents); contentType(request); cookies(request); headers(request); locales(request); servletPath(uriComponents, request); params(request, uriComponents); ports(uriComponents, request); request.setProtocol("HTTP/1.1"); request.setQueryString(uriComponents.getQuery()); String scheme = uriComponents.getScheme(); request.setScheme(scheme != null ? scheme : ""); request.setPathInfo(null); return postProcess(request); }
@Test public void url_groups() { request.setServerName("localhost:8080"); setRequestData("/uaa/authenticate"); request.setPathInfo("/authenticate"); request.setContextPath("/uaa"); assertEquals("/api", filter.getUriGroup(request).getGroup()); }
@Test public void only_save_for_POST_calls() { request.setMethod(GET.name()); assertFalse(cache.shouldSaveFormRedirectParameter(request)); request.setPathInfo("/login.do"); assertFalse(cache.shouldSaveFormRedirectParameter(request)); request.setParameter(FORM_REDIRECT_PARAMETER, redirectUri); assertFalse(cache.shouldSaveFormRedirectParameter(request)); }