@Test
public void testGetCredentialsValid() {
ComponentContext context = configureForCookie();
HttpServletRequest request = createMock(HttpServletRequest.class);
Cookie[] cookies =
new Cookie[] {
new Cookie("sdfsd", "fsdfs"),
new Cookie("sdfsd1", "fsdfs"),
null,
new Cookie("sdfsd3", "fsdfs"),
new Cookie("sdfsd4", "fsdfs"),
};
EasyMock.expect(request.getCookies()).andReturn(cookies);
HttpServletResponse response = createMock(HttpServletResponse.class);
replay();
trustedTokenService.activate(context);
Cookie secureCookie = new Cookie("secure-cookie", trustedTokenService.encodeCookie("ieb"));
cookies[2] = secureCookie;
Credentials ieb = trustedTokenService.getCredentials(request, response);
Assert.assertTrue(ieb instanceof SimpleCredentials);
SimpleCredentials sc = (SimpleCredentials) ieb;
TrustedUser tu = (TrustedUser) sc.getAttribute(TrustedTokenService.CA_AUTHENTICATION_USER);
Assert.assertNotNull(tu);
Assert.assertEquals("ieb", tu.getUser());
verify();
}
@Test
public void testCookieEncodingSafety() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
Assert.assertNull(trustedTokenService.encodeCookie(null));
Assert.assertNull(trustedTokenService.decodeCookie(null));
verify();
}
@Test
public void testCookieNoRefresh() throws InterruptedException {
ComponentContext context = configureForCookie();
HttpServletResponse response = createMock(HttpServletResponse.class);
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
Thread.sleep(10L);
trustedTokenService.refreshToken(response, cookie, "ieb");
verify();
}
@Test
public void testCookieEncodingSafety3() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
cookie = "a;" + cookie;
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNull(user);
verify();
}
@Test
public void testCookieEncodingSafety4() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
System.err.println("Cookie is " + cookie);
String[] parts = StringUtils.split(cookie, "@");
parts[1] = String.valueOf(System.currentTimeMillis() - 3600000L);
cookie = parts[0] + "@" + parts[1] + "@" + parts[2];
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNull(user);
verify();
}
@Test
public void testDropCredentialsSession() {
ComponentContext context = configureForSession();
HttpServletRequest request = createMock(HttpServletRequest.class);
HttpSession session = createMock(HttpSession.class);
EasyMock.expect(request.getSession(false)).andReturn(session);
session.setAttribute(TrustedTokenService.SA_AUTHENTICATION_CREDENTIALS, null);
EasyMock.expectLastCall();
HttpServletResponse response = createMock(HttpServletResponse.class);
replay();
trustedTokenService.activate(context);
trustedTokenService.dropCredentials(request, response);
verify();
}
@Test
public void testAddCookie() {
ComponentContext context = configureForCookie();
HttpServletResponse response = createMock(HttpServletResponse.class);
Capture<Cookie> cookieCapture = new Capture<Cookie>();
response.addCookie(EasyMock.capture(cookieCapture));
EasyMock.expectLastCall();
replay();
trustedTokenService.activate(context);
trustedTokenService.addCookie(response, "ieb");
Assert.assertTrue(cookieCapture.hasCaptured());
Cookie cookie = cookieCapture.getValue();
Assert.assertNotNull(cookie);
Assert.assertEquals("secure-cookie", cookie.getName());
String user = trustedTokenService.decodeCookie(cookie.getValue());
Assert.assertEquals("ieb", user);
verify();
}
@Test
public void testGetCredentialsNone() {
ComponentContext context = configureForCookie();
HttpServletRequest request = createMock(HttpServletRequest.class);
Cookie[] cookies =
new Cookie[] {
new Cookie("sdfsd", "fsdfs"),
new Cookie("sdfsd1", "fsdfs"),
new Cookie("sdfsd2", "fsdfs"),
new Cookie("sdfsd3", "fsdfs"),
new Cookie("sdfsd4", "fsdfs"),
};
EasyMock.expect(request.getCookies()).andReturn(cookies);
HttpServletResponse response = createMock(HttpServletResponse.class);
replay();
trustedTokenService.activate(context);
Credentials none = trustedTokenService.getCredentials(request, response);
Assert.assertNull(none);
verify();
}
@Test
public void testCookieRefresh() throws InterruptedException {
ComponentContext context = configureForCookieFast();
HttpServletResponse response = createMock(HttpServletResponse.class);
Capture<Cookie> cookieCapture = new Capture<Cookie>();
response.addCookie(EasyMock.capture(cookieCapture));
EasyMock.expectLastCall();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
Thread.sleep(100L);
trustedTokenService.refreshToken(response, cookie, "ieb");
Assert.assertTrue(cookieCapture.hasCaptured());
Cookie cookie2 = cookieCapture.getValue();
Assert.assertNotNull(cookie);
Assert.assertNotSame(cookie, cookie2.getValue());
Assert.assertEquals("secure-cookie", cookie2.getName());
String user = trustedTokenService.decodeCookie(cookie2.getValue());
Assert.assertEquals("ieb", user);
verify();
}
@Test
public void testGetCredentialsValidSession() {
ComponentContext context = configureForSession();
HttpServletRequest request = createMock(HttpServletRequest.class);
HttpSession session = createMock(HttpSession.class);
EasyMock.expect(request.getSession(true)).andReturn(session);
Principal principal = createMock(Principal.class);
EasyMock.expect(request.getUserPrincipal()).andReturn(principal);
EasyMock.expect(principal.getName()).andReturn(null);
EasyMock.expect(request.getRemoteUser()).andReturn("ieb");
Capture<SimpleCredentials> attributeValue = new Capture<SimpleCredentials>();
Capture<String> attributeName = new Capture<String>();
session.setAttribute(EasyMock.capture(attributeName), EasyMock.capture(attributeValue));
HttpServletResponse response = createMock(HttpServletResponse.class);
replay();
trustedTokenService.activate(context);
trustedTokenService.injectToken(request, response);
Assert.assertTrue(attributeName.hasCaptured());
Assert.assertTrue(attributeValue.hasCaptured());
Credentials credentials = attributeValue.getValue();
verify();
reset();
EasyMock.expect(request.getSession(false)).andReturn(session);
EasyMock.expect(session.getAttribute(TrustedTokenService.SA_AUTHENTICATION_CREDENTIALS))
.andReturn(credentials);
replay();
Credentials ieb = trustedTokenService.getCredentials(request, response);
Assert.assertTrue(ieb instanceof SimpleCredentials);
SimpleCredentials sc = (SimpleCredentials) ieb;
TrustedUser tu = (TrustedUser) sc.getAttribute(TrustedTokenService.CA_AUTHENTICATION_USER);
Assert.assertNotNull(tu);
Assert.assertEquals("ieb", tu.getUser());
verify();
}
@Test
public void testInjectCookiePrincipal() {
ComponentContext context = configureForCookie();
HttpServletRequest request = createMock(HttpServletRequest.class);
Principal principal = createMock(Principal.class);
EasyMock.expect(request.getUserPrincipal()).andReturn(principal);
EasyMock.expect(principal.getName()).andReturn("ieb");
HttpServletResponse response = createMock(HttpServletResponse.class);
Capture<Cookie> cookieCapture = new Capture<Cookie>();
response.addCookie(EasyMock.capture(cookieCapture));
EasyMock.expectLastCall();
replay();
trustedTokenService.activate(context);
trustedTokenService.injectToken(request, response);
Assert.assertTrue(cookieCapture.hasCaptured());
Cookie cookie = cookieCapture.getValue();
Assert.assertNotNull(cookie);
Assert.assertEquals("secure-cookie", cookie.getName());
String user = trustedTokenService.decodeCookie(cookie.getValue());
Assert.assertEquals("ieb", user);
verify();
}
@Test
public void testCookieEncoding() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNotNull(user);
Assert.assertEquals("ieb", user);
long start = System.currentTimeMillis();
for (int i = 0; i < 1000; i++) {
cookie = trustedTokenService.encodeCookie("ieb");
}
System.err.println("Encode Time " + (System.currentTimeMillis() - start));
start = System.currentTimeMillis();
for (int i = 0; i < 1000; i++) {
user = trustedTokenService.decodeCookie(cookie);
}
System.err.println("Decode Time " + (System.currentTimeMillis() - start));
verify();
}
@Test
public void testCookieEncodingTokens() throws InterruptedException {
ComponentContext context = configureForCookieFast();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
Thread.sleep(30L);
String cookie2 = trustedTokenService.encodeCookie("ieb2");
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNotNull(user);
Assert.assertEquals("ieb", user);
user = trustedTokenService.decodeCookie(cookie2);
Assert.assertNotNull(user);
Assert.assertEquals("ieb2", user);
for (int i = 0; i < 20; i++) {
Thread.sleep(50L);
trustedTokenService.encodeCookie("ieb2");
}
verify();
}