@Test
public void testHeadersAreRemoved() throws Exception {
HttpBasicAuthFilter filter = new HttpBasicAuthFilter(null, null, failureHandler);
filter.setCacheHeader(false);
Exchange exchange = newExchange();
Request request = newRequest();
request.getHeaders().putSingle(AUTHORIZATION_HEADER, "Basic azerty");
doAnswer(
new Answer<Promise<Response, NeverThrowsException>>() {
@Override
public Promise<Response, NeverThrowsException> answer(
final InvocationOnMock invocation) throws Throwable {
// Produce a valid response with an authentication challenge
Response response = new Response();
response.setStatus(Status.OK);
response.getHeaders().putSingle(AUTHENTICATE_HEADER, "Realm toto");
return Promises.newResultPromise(response);
}
})
.when(terminalHandler)
.handle(eq(exchange), argThat(new AbsenceOfHeaderInRequest(AUTHORIZATION_HEADER)));
Response response = filter.filter(exchange, request, terminalHandler).getOrThrow();
// Verify that the outgoing message has no authenticate header
assertThat(response.getHeaders().get(AUTHENTICATE_HEADER)).isNull();
}
// 1st time called: Mock a 401 (Unauthorized status) response
@Override
public Promise<Response, NeverThrowsException> answer(InvocationOnMock invocation)
throws Throwable {
Response response = new Response();
response.setStatus(Status.UNAUTHORIZED);
response.getHeaders().putSingle(AUTHENTICATE_HEADER, "Basic realm=\"Login\"");
return Promises.newResultPromise(response);
}
@Test
public void shouldThrottleConcurrentRequests() throws Exception {
CountDownLatch latch1 = new CountDownLatch(1);
CountDownLatch latch2 = new CountDownLatch(1);
FakeTimeService time = new FakeTimeService(0);
final ThrottlingFilter filter =
new ThrottlingFilter(time, 1, duration("3 seconds"), DEFAULT_PARTITION_EXPR);
// This one has to be called as there are enough tokens in the bucket.
final Handler handler1 = new LatchHandler(latch1, latch2);
Runnable r =
new Runnable() {
@Override
public void run() {
filter.filter(mock(Context.class), new Request(), handler1);
}
};
Thread t1 = new Thread(r);
t1.setName("Filter for request #1");
t1.start();
latch2.await();
time.advance(duration("2 seconds"));
try {
// This one does not have to be called as there no token anymore in the bucket.
Handler handler2 = mock(Handler.class, "handler2");
Promise<Response, NeverThrowsException> promise2 =
filter.filter(mock(Context.class), new Request(), handler2);
verifyZeroInteractions(handler2);
Response response = promise2.get(20, TimeUnit.SECONDS);
assertThat(response.getStatus()).isEqualTo(Status.TOO_MANY_REQUESTS);
assertThat(response.getHeaders().getFirst("Retry-After")).isEqualTo("1");
} finally {
latch1.countDown();
t1.join();
}
}