Esempio n. 1
0
  @Test
  public void multipleLoginsGetDifferentSessionToken() {
    CreateUserRequest request = getDefaultCreateUserRequest();
    ExternalUser createdUser = userService.createUser(request, Role.authenticated);
    String sessionToken = createdUser.getSessions().get(0).getSessionToken();
    LoginRequest loginRequest = new LoginRequest();
    loginRequest.setUsername(request.getUser().getEmailAddress());
    loginRequest.setPassword(request.getPassword().getPassword());
    String session1 = userService.login(loginRequest).getSessions().get(0).getSessionToken();
    String session2 = userService.login(loginRequest).getSessions().get(0).getSessionToken();

    assertThat(session1, is(not(session2)));
  }
Esempio n. 2
0
  @Test
  public void cleanUpExpiredSessions() {

    CreateUserRequest request = getDefaultCreateUserRequest();
    ExternalUser createdUser = userService.createUser(request, Role.authenticated);
    LoginRequest loginRequest = new LoginRequest();
    loginRequest.setUsername(request.getUser().getEmailAddress());
    loginRequest.setPassword(request.getPassword().getPassword());
    userService.login(loginRequest).getSessions().get(0).getSessionToken();
    userService.login(loginRequest).getSessions().get(0).getSessionToken();
    userService.deleteExpiredSessions(-1);
    ExternalUser externalUser = userService.getUser(createdUser, createdUser.getId());
    assertThat(externalUser.getSessions().size(), is(0));
  }
Esempio n. 3
0
 @Test
 public void validLoginWithEmailAddress() throws Exception {
   CreateUserRequest request = getDefaultCreateUserRequest();
   ExternalUser createdUser = userService.createUser(request, Role.authenticated);
   String sessionToken = createdUser.getSessions().get(0).getSessionToken();
   LoginRequest loginRequest = new LoginRequest();
   loginRequest.setUsername(request.getUser().getEmailAddress());
   loginRequest.setPassword(request.getPassword().getPassword());
   ExternalUser loggedInUser = userService.login(loginRequest);
   assertThat(loggedInUser.getId().toString(), is(createdUser.getId().toString()));
   assertThat(loggedInUser.getSessions().get(0), is(notNullValue()));
   // check that a new token was issued
   assertThat(loggedInUser.getSessions().get(0).getSessionToken(), is(not(sessionToken)));
   assertThat(loggedInUser.isVerified(), is(false));
 }
Esempio n. 4
0
 @Test
 public void saveActiveSession() {
   CreateUserRequest request = getDefaultCreateUserRequest();
   ExternalUser createdUser = userService.createUser(request, Role.authenticated);
   UserSession sessionToken1 = createdUser.getSessions().get(0);
   LoginRequest loginRequest = new LoginRequest();
   loginRequest.setUsername(request.getUser().getEmailAddress());
   loginRequest.setPassword(request.getPassword().getPassword());
   UserSession sessionToken2 = userService.login(loginRequest).getSessions().get(0);
   createdUser.setActiveSession(sessionToken1);
   userService.saveUserSession(createdUser);
   ExternalUser updatedUser = userService.getUser(createdUser, createdUser.getId());
   // most recently used token
   assertThat(
       updatedUser.getSessions().get(0).getSessionToken(), is(sessionToken1.getSessionToken()));
 }
Esempio n. 5
0
 @Test
 public void getMostRecentSession() {
   CreateUserRequest request = getDefaultCreateUserRequest();
   ExternalUser createdUser = userService.createUser(request, Role.authenticated);
   String sessionToken = createdUser.getSessions().get(0).getSessionToken();
   LoginRequest loginRequest = new LoginRequest();
   loginRequest.setUsername(request.getUser().getEmailAddress());
   loginRequest.setPassword(request.getPassword().getPassword());
   String session1 = userService.login(loginRequest).getSessions().get(0).getSessionToken();
   String session2 = userService.login(loginRequest).getSessions().get(0).getSessionToken();
   ExternalUser updatedUser = userService.getUser(createdUser, createdUser.getId());
   assertThat(updatedUser.getSessions().size(), is(3));
   assertThat(updatedUser.getActiveSession(), is(nullValue()));
   assertThat(
       updatedUser.getSessions().get(0).getSessionToken(),
       is(session2)); // most recently updated session
 }