@Test public void testGetCredentialsValid() { ComponentContext context = configureForCookie(); HttpServletRequest request = createMock(HttpServletRequest.class); Cookie[] cookies = new Cookie[] { new Cookie("sdfsd", "fsdfs"), new Cookie("sdfsd1", "fsdfs"), null, new Cookie("sdfsd3", "fsdfs"), new Cookie("sdfsd4", "fsdfs"), }; EasyMock.expect(request.getCookies()).andReturn(cookies); HttpServletResponse response = createMock(HttpServletResponse.class); replay(); trustedTokenService.activate(context); Cookie secureCookie = new Cookie("secure-cookie", trustedTokenService.encodeCookie("ieb")); cookies[2] = secureCookie; Credentials ieb = trustedTokenService.getCredentials(request, response); Assert.assertTrue(ieb instanceof SimpleCredentials); SimpleCredentials sc = (SimpleCredentials) ieb; TrustedUser tu = (TrustedUser) sc.getAttribute(TrustedTokenService.CA_AUTHENTICATION_USER); Assert.assertNotNull(tu); Assert.assertEquals("ieb", tu.getUser()); verify(); }
@Test public void testCookieEncodingSafety() { ComponentContext context = configureForCookie(); replay(); trustedTokenService.activate(context); Assert.assertNull(trustedTokenService.encodeCookie(null)); Assert.assertNull(trustedTokenService.decodeCookie(null)); verify(); }
@Test public void testCookieNoRefresh() throws InterruptedException { ComponentContext context = configureForCookie(); HttpServletResponse response = createMock(HttpServletResponse.class); replay(); trustedTokenService.activate(context); String cookie = trustedTokenService.encodeCookie("ieb"); Thread.sleep(10L); trustedTokenService.refreshToken(response, cookie, "ieb"); verify(); }
@Test public void testCookieEncodingTokens() throws InterruptedException { ComponentContext context = configureForCookieFast(); replay(); trustedTokenService.activate(context); String cookie = trustedTokenService.encodeCookie("ieb"); Thread.sleep(30L); String cookie2 = trustedTokenService.encodeCookie("ieb2"); String user = trustedTokenService.decodeCookie(cookie); Assert.assertNotNull(user); Assert.assertEquals("ieb", user); user = trustedTokenService.decodeCookie(cookie2); Assert.assertNotNull(user); Assert.assertEquals("ieb2", user); for (int i = 0; i < 20; i++) { Thread.sleep(50L); trustedTokenService.encodeCookie("ieb2"); } verify(); }
@Test public void testCookieEncodingSafety3() { ComponentContext context = configureForCookie(); replay(); trustedTokenService.activate(context); String cookie = trustedTokenService.encodeCookie("ieb"); cookie = "a;" + cookie; String user = trustedTokenService.decodeCookie(cookie); Assert.assertNull(user); verify(); }
@Test public void testCookieEncodingSafety4() { ComponentContext context = configureForCookie(); replay(); trustedTokenService.activate(context); String cookie = trustedTokenService.encodeCookie("ieb"); System.err.println("Cookie is " + cookie); String[] parts = StringUtils.split(cookie, "@"); parts[1] = String.valueOf(System.currentTimeMillis() - 3600000L); cookie = parts[0] + "@" + parts[1] + "@" + parts[2]; String user = trustedTokenService.decodeCookie(cookie); Assert.assertNull(user); verify(); }
@Test public void testCookieEncoding() { ComponentContext context = configureForCookie(); replay(); trustedTokenService.activate(context); String cookie = trustedTokenService.encodeCookie("ieb"); String user = trustedTokenService.decodeCookie(cookie); Assert.assertNotNull(user); Assert.assertEquals("ieb", user); long start = System.currentTimeMillis(); for (int i = 0; i < 1000; i++) { cookie = trustedTokenService.encodeCookie("ieb"); } System.err.println("Encode Time " + (System.currentTimeMillis() - start)); start = System.currentTimeMillis(); for (int i = 0; i < 1000; i++) { user = trustedTokenService.decodeCookie(cookie); } System.err.println("Decode Time " + (System.currentTimeMillis() - start)); verify(); }
@Test public void testCookieRefresh() throws InterruptedException { ComponentContext context = configureForCookieFast(); HttpServletResponse response = createMock(HttpServletResponse.class); Capture<Cookie> cookieCapture = new Capture<Cookie>(); response.addCookie(EasyMock.capture(cookieCapture)); EasyMock.expectLastCall(); replay(); trustedTokenService.activate(context); String cookie = trustedTokenService.encodeCookie("ieb"); Thread.sleep(100L); trustedTokenService.refreshToken(response, cookie, "ieb"); Assert.assertTrue(cookieCapture.hasCaptured()); Cookie cookie2 = cookieCapture.getValue(); Assert.assertNotNull(cookie); Assert.assertNotSame(cookie, cookie2.getValue()); Assert.assertEquals("secure-cookie", cookie2.getName()); String user = trustedTokenService.decodeCookie(cookie2.getValue()); Assert.assertEquals("ieb", user); verify(); }