@Before
public void setUp() throws Exception {
user =
createUser(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_DUZ,
TEST_REMOTE_HOSTNAME
+ "("
+ TEST_REMOTE_ADDRESS
+ ")"
+ TEST_ACCESS
+ ";"
+ TEST_VERIFY,
true,
true,
true,
true,
new SimpleGrantedAuthority("ROLE_ONE"),
new SimpleGrantedAuthority("ROLE_TWO"));
mockUserDetailService = mock(VistaUserDetailsService.class);
provider = new VistaAuthenticationProvider();
provider.setUserDetailsService(mockUserDetailService);
mockCache = new MockUserCache();
provider.setUserCache(mockCache);
provider.afterPropertiesSet();
}
@Test
public void testStartupSuccess() throws Exception {
VistaAuthenticationProvider provider = new VistaAuthenticationProvider();
provider.setUserDetailsService(mockUserDetailService);
provider.setUserCache(new MockUserCache());
assertSame(mockUserDetailService, provider.getUserDetailsService());
provider.afterPropertiesSet();
}
@Test
public void testSupports() {
VistaAuthenticationProvider provider = new VistaAuthenticationProvider();
assertTrue(provider.supports(VistaAuthenticationToken.class));
assertFalse(provider.supports(UsernamePasswordAuthenticationToken.class));
// assertFalse(provider.supports(X509AuthenticationToken.class));
}
@Test
public void testStartupFailsIfNoVistaUserDetailsService() throws Exception {
VistaAuthenticationProvider provider = new VistaAuthenticationProvider();
try {
provider.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
}
@Test
public void testStartupFailsIfNoUserCacheSet() throws Exception {
VistaAuthenticationProvider provider = new VistaAuthenticationProvider();
provider.setUserDetailsService(mockUserDetailService);
assertEquals(NullUserCache.class, provider.getUserCache().getClass());
provider.setUserCache(null);
try {
provider.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
}
@Test
public void testAuthenticatesWithAppHandle() {
user =
createUser(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_DUZ,
TEST_REMOTE_HOSTNAME + "(" + TEST_REMOTE_ADDRESS + ")" + TEST_APP_HANDLE,
true,
true,
true,
true,
new SimpleGrantedAuthority("ROLE_ONE"),
new SimpleGrantedAuthority("ROLE_TWO"));
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_APP_HANDLE,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenReturn(user);
VistaAuthenticationToken token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_APP_HANDLE,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
Authentication result = provider.authenticate(token);
if (!(result instanceof VistaAuthenticationToken)) {
fail("Should have returned instance of VistaAuthenticationToken");
}
assertNotSame(token, result);
VistaAuthenticationToken castResult = (VistaAuthenticationToken) result;
assertTrue(VistaUserDetails.class.isAssignableFrom(castResult.getPrincipal().getClass()));
assertEquals(TEST_VISTA_ID, castResult.getVistaId());
assertNull(castResult.getAccessCode());
assertNull(castResult.getVerifyCode());
assertEquals(TEST_APP_HANDLE, castResult.getAppHandle());
assertEquals(TEST_REMOTE_ADDRESS, castResult.getRemoteAddress());
assertEquals(TEST_REMOTE_HOSTNAME, castResult.getRemoteHostName());
assertEquals(
"ROLE_ONE",
new ArrayList<GrantedAuthority>(castResult.getAuthorities()).get(0).getAuthority());
assertEquals(
"ROLE_TWO",
new ArrayList<GrantedAuthority>(castResult.getAuthorities()).get(1).getAuthority());
assertEquals(TEST_REMOTE_HOSTNAME + "(" + TEST_REMOTE_ADDRESS + ")", castResult.getDetails());
verify(mockUserDetailService)
.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_APP_HANDLE,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
}
@Test
public void testDetectsNullBeingReturnedFromAuthenticationDao() {
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenReturn(null);
VistaAuthenticationToken token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
try {
provider.authenticate(token);
fail("Should have thrown AuthenticationServiceException");
} catch (AuthenticationServiceException expected) {
assertEquals(
"VistaUserDetailsService returned null, which is an interface contract violation; it should either return an authenticated VistaUserDetails instance or throw an AuthenticationException",
expected.getMessage());
}
}
@Test
public void testAuthenticateFailsIfUserDisabled() {
user = createUser("54321.123456789", TEST_DIVISION, TEST_DUZ, null, true, true, true, false);
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenReturn(user);
VistaAuthenticationToken token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
try {
provider.authenticate(token);
fail("Should have thrown DisabledException");
} catch (DisabledException expected) {
assertTrue(true);
}
}
@Test
public void testAuthenticatesASecondTime() {
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenReturn(user);
VistaAuthenticationToken token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
Authentication result = provider.authenticate(token);
if (!(result instanceof VistaAuthenticationToken)) {
fail("Should have returned instance of VistaAuthenticationToken");
}
// Now try to authenticate with the previous result (with its UserDetails)
Authentication result2 = provider.authenticate(result);
if (!(result2 instanceof VistaAuthenticationToken)) {
fail("Should have returned instance of VistaAuthenticationToken");
}
assertNotSame(result, result2);
assertEquals(result.getCredentials(), result2.getCredentials());
}
@Test
public void testReceivedBadCredentialsWhenCredentialsNotProvided() {
when(mockUserDetailService.login(
TEST_VISTA_ID, TEST_DIVISION, TEST_ACCESS, null, null, null, null, null))
.thenThrow(new BadCredentialsException("missing credentials"));
VistaAuthenticationToken token =
new VistaAuthenticationToken(TEST_VISTA_ID, TEST_DIVISION, TEST_ACCESS, null, null, null);
try {
provider.authenticate(token);
fail("Expected BadCredentialsException");
} catch (BadCredentialsException expected) {
// NOOP
}
verify(mockUserDetailService)
.login(TEST_VISTA_ID, TEST_DIVISION, TEST_ACCESS, null, null, null, null, null);
}
@Test
public void testAuthenticateFailsIfCredentialsExpired() {
user = createUser("54321.123456789", TEST_DIVISION, TEST_DUZ, null, true, true, false, true);
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenReturn(user);
VistaAuthenticationToken token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
try {
provider.authenticate(token);
fail("Expected CredentialsExpiredException");
} catch (CredentialsExpiredException expected) {
// NOOP
}
verify(mockUserDetailService)
.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
}
@Test
public void testAuthenticateFailsWhenAuthenticationDaoHasBackendFailure() {
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenThrow(new DataRetrievalFailureException("This mock simulator is designed to fail"));
VistaAuthenticationToken token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
try {
provider.authenticate(token);
fail("Should have thrown AuthenticationServiceException");
} catch (AuthenticationServiceException expected) {
assertTrue(true);
}
verify(mockUserDetailService)
.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
}
@Test
public void
testGoesBackToAuthenticationDaoToObtainLatestVerifyCodeIfCachedVerifyCodeSeemsIncorrect() {
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenReturn(user);
VistaAuthenticationToken token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
// This will work, as password still "koala"
provider.authenticate(token);
// Check "12345@663 = www.example.org(192.168.0.1)10VEHU;VEHU10" ended up in the cache
assertEquals(
TEST_REMOTE_HOSTNAME + "(" + TEST_REMOTE_ADDRESS + ")" + TEST_ACCESS + ";" + TEST_VERIFY,
mockCache
.getUserFromCache(TEST_DUZ + "@" + TEST_VISTA_ID + ";" + TEST_DIVISION)
.getPassword());
verify(mockUserDetailService)
.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
TEST_VERIFY,
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
// Now change the password the AuthenticationDao will return
reset(mockUserDetailService);
user =
createUser(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_DUZ,
TEST_REMOTE_HOSTNAME
+ "("
+ TEST_REMOTE_ADDRESS
+ ")"
+ TEST_ACCESS
+ ";easternLongNeckTurtle",
true,
true,
true,
true,
new SimpleGrantedAuthority("ROLE_ONE"),
new SimpleGrantedAuthority("ROLE_TWO"));
when(mockUserDetailService.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
"easternLongNeckTurtle",
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME))
.thenReturn(user);
// Now try authentication again, with the new password
token =
new VistaAuthenticationToken(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
"easternLongNeckTurtle",
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
provider.authenticate(token);
// To get this far, the new password was accepted
// Check the cache was updated
assertEquals(
"www.example.org(192.168.0.1)10VEHU;easternLongNeckTurtle",
mockCache
.getUserFromCache(TEST_DUZ + "@" + TEST_VISTA_ID + ";" + TEST_DIVISION)
.getPassword());
verify(mockUserDetailService)
.login(
TEST_VISTA_ID,
TEST_DIVISION,
TEST_ACCESS,
"easternLongNeckTurtle",
null,
null,
TEST_REMOTE_ADDRESS,
TEST_REMOTE_HOSTNAME);
}
