@Test
public void testCookieEncodingSafety() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
Assert.assertNull(trustedTokenService.encodeCookie(null));
Assert.assertNull(trustedTokenService.decodeCookie(null));
verify();
}
@Test
public void testCookieEncodingTokens() throws InterruptedException {
ComponentContext context = configureForCookieFast();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
Thread.sleep(30L);
String cookie2 = trustedTokenService.encodeCookie("ieb2");
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNotNull(user);
Assert.assertEquals("ieb", user);
user = trustedTokenService.decodeCookie(cookie2);
Assert.assertNotNull(user);
Assert.assertEquals("ieb2", user);
for (int i = 0; i < 20; i++) {
Thread.sleep(50L);
trustedTokenService.encodeCookie("ieb2");
}
verify();
}
@Test
public void testCookieEncodingSafety3() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
cookie = "a;" + cookie;
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNull(user);
verify();
}
@Test
public void testCookieEncodingSafety4() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
System.err.println("Cookie is " + cookie);
String[] parts = StringUtils.split(cookie, "@");
parts[1] = String.valueOf(System.currentTimeMillis() - 3600000L);
cookie = parts[0] + "@" + parts[1] + "@" + parts[2];
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNull(user);
verify();
}
@Test
public void testCookieEncoding() {
ComponentContext context = configureForCookie();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
String user = trustedTokenService.decodeCookie(cookie);
Assert.assertNotNull(user);
Assert.assertEquals("ieb", user);
long start = System.currentTimeMillis();
for (int i = 0; i < 1000; i++) {
cookie = trustedTokenService.encodeCookie("ieb");
}
System.err.println("Encode Time " + (System.currentTimeMillis() - start));
start = System.currentTimeMillis();
for (int i = 0; i < 1000; i++) {
user = trustedTokenService.decodeCookie(cookie);
}
System.err.println("Decode Time " + (System.currentTimeMillis() - start));
verify();
}
@Test
public void testAddCookie() {
ComponentContext context = configureForCookie();
HttpServletResponse response = createMock(HttpServletResponse.class);
Capture<Cookie> cookieCapture = new Capture<Cookie>();
response.addCookie(EasyMock.capture(cookieCapture));
EasyMock.expectLastCall();
replay();
trustedTokenService.activate(context);
trustedTokenService.addCookie(response, "ieb");
Assert.assertTrue(cookieCapture.hasCaptured());
Cookie cookie = cookieCapture.getValue();
Assert.assertNotNull(cookie);
Assert.assertEquals("secure-cookie", cookie.getName());
String user = trustedTokenService.decodeCookie(cookie.getValue());
Assert.assertEquals("ieb", user);
verify();
}
@Test
public void testCookieRefresh() throws InterruptedException {
ComponentContext context = configureForCookieFast();
HttpServletResponse response = createMock(HttpServletResponse.class);
Capture<Cookie> cookieCapture = new Capture<Cookie>();
response.addCookie(EasyMock.capture(cookieCapture));
EasyMock.expectLastCall();
replay();
trustedTokenService.activate(context);
String cookie = trustedTokenService.encodeCookie("ieb");
Thread.sleep(100L);
trustedTokenService.refreshToken(response, cookie, "ieb");
Assert.assertTrue(cookieCapture.hasCaptured());
Cookie cookie2 = cookieCapture.getValue();
Assert.assertNotNull(cookie);
Assert.assertNotSame(cookie, cookie2.getValue());
Assert.assertEquals("secure-cookie", cookie2.getName());
String user = trustedTokenService.decodeCookie(cookie2.getValue());
Assert.assertEquals("ieb", user);
verify();
}
@Test
public void testInjectCookiePrincipal() {
ComponentContext context = configureForCookie();
HttpServletRequest request = createMock(HttpServletRequest.class);
Principal principal = createMock(Principal.class);
EasyMock.expect(request.getUserPrincipal()).andReturn(principal);
EasyMock.expect(principal.getName()).andReturn("ieb");
HttpServletResponse response = createMock(HttpServletResponse.class);
Capture<Cookie> cookieCapture = new Capture<Cookie>();
response.addCookie(EasyMock.capture(cookieCapture));
EasyMock.expectLastCall();
replay();
trustedTokenService.activate(context);
trustedTokenService.injectToken(request, response);
Assert.assertTrue(cookieCapture.hasCaptured());
Cookie cookie = cookieCapture.getValue();
Assert.assertNotNull(cookie);
Assert.assertEquals("secure-cookie", cookie.getName());
String user = trustedTokenService.decodeCookie(cookie.getValue());
Assert.assertEquals("ieb", user);
verify();
}