protected TestProcess testPut(String api) throws Exception { MockHttpServletRequestBuilder msrb = initDefaultSetting(put(api)); return test(msrb); }
private ResultActions performUpdateServiceProvider(String id) throws Exception { return getMockMvc().perform(put("/saml/service-providers/" + id) .header("Authorization", "bearer" + adminToken) .header("Content-Type", "application/json") .content(requestBody)); } }
@Test // SPR-15753 public void formContentIsNotDuplicated() throws Exception { MockMvc mockMvc = MockMvcBuilders.standaloneSetup(new Spr15753Controller()) .addFilter(new FormContentFilter()) .build(); mockMvc.perform(put("/").content("d1=a&d2=s").contentType(MediaType.APPLICATION_FORM_URLENCODED)) .andExpect(content().string("d1:a, d2:s.")); }
@Test public void requestWhenIgnoringRequestMatcherThenUnionsWithConfiguredIgnoringAntMatchers() throws Exception { this.spring.register(IgnoringPathsAndMatchers.class, BasicController.class).autowire(); this.mvc.perform(put("/csrf")) .andExpect(status().isForbidden()); this.mvc.perform(post("/csrf")) .andExpect(status().isOk()); this.mvc.perform(put("/no-csrf")) .andExpect(status().isOk()); }
private ResultActions performUpdate(ClientMetadata updatedClientMetadata) throws Exception { MockHttpServletRequestBuilder updateClientPut = put("/oauth/clients/" + updatedClientMetadata.getClientId() + "/meta") .header("Authorization", "Bearer " + adminClientTokenWithClientsWrite) .header("If-Match", "0") .accept(APPLICATION_JSON) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(updatedClientMetadata)); return mockMvc.perform(updateClientPut); }
private ResultActions performUpdate(ClientMetadata updatedClientMetadata) throws Exception { MockHttpServletRequestBuilder updateClientPut = put("/oauth/clients/" + updatedClientMetadata.getClientId() + "/meta") .header("Authorization", "Bearer " + adminClientTokenWithClientsWrite) .header("If-Match", "0") .accept(APPLICATION_JSON) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(updatedClientMetadata)); return mockMvc.perform(updateClientPut); } }
@Test public void putWhenDefaultConfigurationThenForbiddenSinceCsrfIsEnabled() throws Exception { this.spring.configLocations( this.xml("AutoConfig") ).autowire(); this.mvc.perform(put("/csrf")) .andExpect(status().isForbidden()) .andExpect(csrfCreated()); }
@Test public void putWhenCsrfElementEnabledThenForbidden() throws Exception { this.spring.configLocations( this.xml("CsrfEnabled") ).autowire(); this.mvc.perform(put("/csrf")) .andExpect(status().isForbidden()) .andExpect(csrfCreated()); }
private IdentityZone updateZone(String id, IdentityZone identityZone, HttpStatus expect, String expectedContent, String token) throws Exception { MvcResult result = mockMvc.perform( put("/identity-zones/" + id) .header("Authorization", "Bearer " + token) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(identityZone))) .andExpect(status().is(expect.value())) .andExpect(content().string(containsString(expectedContent))) .andReturn(); if (expect.is2xxSuccessful()) { return JsonUtils.readValue(result.getResponse().getContentAsString(), IdentityZone.class); } return null; }
private MvcResult updateIdentityProvider(String zoneId, IdentityProvider identityProvider, String token, ResultMatcher resultMatcher) throws Exception { MockHttpServletRequestBuilder requestBuilder = put("/identity-providers/" + identityProvider.getId()) .header("Authorization", "Bearer" + token) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(identityProvider)); if (zoneId != null) { requestBuilder.header(IdentityZoneSwitchingFilter.HEADER, zoneId); } MvcResult result = mockMvc.perform(requestBuilder) .andExpect(resultMatcher) .andReturn(); return result; }
@Test public void testUpdateForbiddenNonAdmin() throws Exception { mockMvc.perform(put("/mfa-providers/invalid") .header("Authorization", "bearer " + nonAdminToken) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(new MfaProvider<>()))) .andExpect(status().isForbidden()); }
@Test public void testUpdateIsNotAllowed() throws Exception { mockMvc.perform(put("/mfa-providers/invalid") .header("Authorization", "bearer " + adminToken) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(new MfaProvider<>()))) .andExpect(status().isMethodNotAllowed()); }
@Test void token_endpoint_put() throws Exception { try_token_with_non_post(put("/oauth/token"), status().isMethodNotAllowed()) .andExpect(jsonPath("$.error").value("method_not_allowed")) .andExpect(jsonPath("$.error_description").value(HtmlUtils.htmlEscape("Request method 'PUT' not supported", "ISO-8859-1"))); }
@Test void check_token_put() throws Exception { check_token(put("/check_token"), status().isMethodNotAllowed()) .andExpect(jsonPath("$.error").value("method_not_allowed")) .andExpect(jsonPath("$.error_description").value(HtmlUtils.htmlEscape("Request method 'PUT' not supported", "ISO-8859-1"))); }
@Test void testPutClientModifyAccessTokenValidity() throws Exception { ClientDetails client = createClient(adminToken, "testClientForModifyAccessTokenValidity", SECRET, Collections.singleton("client_credentials")); BaseClientDetails modified = new BaseClientDetails(client); modified.setAccessTokenValiditySeconds(73); MockHttpServletRequestBuilder put = put("/oauth/clients/" + client.getClientId()) .header("Authorization", "Bearer " + adminToken) .accept(APPLICATION_JSON) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(modified)); mockMvc.perform(put).andExpect(status().isOk()).andReturn(); client = getClient(client.getClientId()); assertThat(client.getAccessTokenValiditySeconds(), is(73)); }
public static IdentityZone updateZone(MockMvc mockMvc, IdentityZone updatedZone) throws Exception { String token = getClientCredentialsOAuthAccessToken(mockMvc, "admin", "adminsecret", "uaa.admin", null); String responseAsString = mockMvc.perform(put("/identity-zones/" + updatedZone.getId()) .header("Authorization", "Bearer " + token) .contentType(APPLICATION_JSON) .accept(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(updatedZone))) .andExpect(status().isOk()) .andReturn().getResponse().getContentAsString(); return JsonUtils.readValue(responseAsString, IdentityZone.class); } }
public static ScimGroup updateGroup(MockMvc mockMvc, String accessToken, ScimGroup group, IdentityZone zone) throws Exception { MockHttpServletRequestBuilder put = put("/Groups/" + group.getId()); if (zone != null) { put.header("Host", zone.getSubdomain() + ".localhost"); } return JsonUtils.readValue( mockMvc.perform(put.header("If-Match", group.getVersion()) .header("Authorization", "Bearer " + accessToken) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(group))) .andExpect(status().isOk()) .andReturn().getResponse().getContentAsString(), ScimGroup.class); }
@Test public void changePassword_NewPasswordSameAsOld_ReturnsUnprocessableEntityWithJsonError() throws Exception { ScimUser user = createUser(); PasswordChangeRequest request = new PasswordChangeRequest(); request.setOldPassword(password); request.setPassword(password); mockMvc.perform(put("/Users/" + user.getId() + "/password").header("Authorization", "Bearer " + passwordWriteToken) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(request))) .andExpect(status().isUnprocessableEntity()) .andExpect(jsonPath("$.error").value("invalid_password")) .andExpect(jsonPath("$.message").value("Your new password cannot be the same as the old password.")); }
@Test void userEndpointUpdateAllowed_For_Origin_SAML() throws Exception { MockMvcUtils.setDisableInternalUserManagement(false, webApplicationContext); ResultActions result = createUser(OriginKeys.SAML); ScimUser createdUser = JsonUtils.readValue(result.andReturn().getResponse().getContentAsString(), ScimUser.class); MockMvcUtils.setDisableInternalUserManagement(true, webApplicationContext); mockMvc.perform(put("/Users/" + createdUser.getId()) .header("Authorization", "Bearer " + token) .header("If-Match", "\"" + createdUser.getVersion() + "\"") .accept(APPLICATION_JSON) .contentType(APPLICATION_JSON) .content(JsonUtils.writeValueAsString(createdUser))) .andExpect(status().isOk()); }