public void testDoFilterNotAuthenticated() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements()); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); FilterChain chain = Mockito.mock(FilterChain.class); Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { fail(); return null; } }) .when(chain) .doFilter(Mockito.<ServletRequest>anyObject(), Mockito.<ServletResponse>anyObject()); filter.doFilter(request, response, chain); Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED); } finally { filter.destroy(); } }
public void testGetToken() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)) .thenReturn("secret"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET)) .elements()); filter.init(config); AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE); token.setExpires(System.currentTimeMillis() + 1000); Signer signer = new Signer("secret".getBytes()); String tokenSigned = signer.sign(token.toString()); Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getCookies()).thenReturn(new Cookie[] {cookie}); AuthenticationToken newToken = filter.getToken(request); assertEquals(token.toString(), newToken.toString()); } finally { filter.destroy(); } }
public void testInitEmpty() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameterNames()).thenReturn(new Vector().elements()); filter.init(config); fail(); } catch (ServletException ex) { // Expected } catch (Exception ex) { fail(); } finally { filter.destroy(); } }
public void testDoFilterAuthenticated() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements()); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); AuthenticationToken token = new AuthenticationToken("u", "p", "t"); token.setExpires(System.currentTimeMillis() + 1000); Signer signer = new Signer("alfredo".getBytes()); String tokenSigned = signer.sign(token.toString()); Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned); Mockito.when(request.getCookies()).thenReturn(new Cookie[] {cookie}); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); FilterChain chain = Mockito.mock(FilterChain.class); Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { Object[] args = invocation.getArguments(); HttpServletRequest request = (HttpServletRequest) args[0]; assertEquals("u", request.getRemoteUser()); assertEquals("p", request.getUserPrincipal().getName()); return null; } }) .when(chain) .doFilter(Mockito.<ServletRequest>anyObject(), Mockito.<ServletResponse>anyObject()); filter.doFilter(request, response, chain); } finally { filter.destroy(); } }
public void testGetConfiguration() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.CONFIG_PREFIX)).thenReturn(""); Mockito.when(config.getInitParameter("a")).thenReturn("A"); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList("a")).elements()); Properties props = filter.getConfiguration("", config); assertEquals("A", props.getProperty("a")); config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.CONFIG_PREFIX)).thenReturn("foo"); Mockito.when(config.getInitParameter("foo.a")).thenReturn("A"); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList("foo.a")).elements()); props = filter.getConfiguration("foo.", config); assertEquals("A", props.getProperty("a")); }
public void testGetRequestURL() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements()); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); Mockito.when(request.getQueryString()).thenReturn("a=A&b=B"); assertEquals("http://foo:8080/bar?a=A&b=B", filter.getRequestURL(request)); } finally { filter.destroy(); } }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { final HttpServletRequest httpRequest = toLowerCase((HttpServletRequest) request); final String tokenString = httpRequest.getParameter(DelegationParam.NAME); if (tokenString != null) { // Token is present in the url, therefore token will be used for // authentication, bypass kerberos authentication. filterChain.doFilter(httpRequest, response); return; } super.doFilter(httpRequest, response, filterChain); }
private void _testDoFilterAuthentication(boolean withDomainPath) throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)) .thenReturn("1000"); Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)) .thenReturn("secret"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY, AuthenticationFilter.SIGNATURE_SECRET)) .elements()); if (withDomainPath) { Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_DOMAIN)) .thenReturn(".foo.com"); Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH)).thenReturn("/bar"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY, AuthenticationFilter.SIGNATURE_SECRET, AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter.COOKIE_PATH)) .elements()); } filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getParameter("authenticated")).thenReturn("true"); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); Mockito.when(request.getQueryString()).thenReturn("authenticated=true"); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); FilterChain chain = Mockito.mock(FilterChain.class); final boolean[] calledDoFilter = new boolean[1]; Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { calledDoFilter[0] = true; return null; } }) .when(chain) .doFilter(Mockito.<ServletRequest>anyObject(), Mockito.<ServletResponse>anyObject()); final Cookie[] setCookie = new Cookie[1]; Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { Object[] args = invocation.getArguments(); setCookie[0] = (Cookie) args[0]; return null; } }) .when(response) .addCookie(Mockito.<Cookie>anyObject()); filter.doFilter(request, response, chain); assertNotNull(setCookie[0]); assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName()); assertTrue(setCookie[0].getValue().contains("u=")); assertTrue(setCookie[0].getValue().contains("p=")); assertTrue(setCookie[0].getValue().contains("t=")); assertTrue(setCookie[0].getValue().contains("e=")); assertTrue(setCookie[0].getValue().contains("s=")); assertTrue(calledDoFilter[0]); Signer signer = new Signer("secret".getBytes()); String value = signer.verifyAndExtract(setCookie[0].getValue()); AuthenticationToken token = AuthenticationToken.parse(value); assertEquals(System.currentTimeMillis() + 1000 * 1000, token.getExpires(), 100); if (withDomainPath) { assertEquals(".foo.com", setCookie[0].getDomain()); assertEquals("/bar", setCookie[0].getPath()); } else { assertNull(setCookie[0].getDomain()); assertNull(setCookie[0].getPath()); } } finally { filter.destroy(); } }
public void testInit() throws Exception { // minimal configuration & simple auth handler (Pseudo) AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple"); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)) .thenReturn("1000"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY)) .elements()); filter.init(config); assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass()); assertTrue(filter.isRandomSecret()); assertNull(filter.getCookieDomain()); assertNull(filter.getCookiePath()); assertEquals(1000, filter.getValidity()); } finally { filter.destroy(); } // custom secret filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple"); Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)) .thenReturn("secret"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET)) .elements()); filter.init(config); assertFalse(filter.isRandomSecret()); } finally { filter.destroy(); } // custom cookie domain and cookie path filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple"); Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_DOMAIN)) .thenReturn(".foo.com"); Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH)).thenReturn("/bar"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter.COOKIE_PATH)) .elements()); filter.init(config); assertEquals(".foo.com", filter.getCookieDomain()); assertEquals("/bar", filter.getCookiePath()); } finally { filter.destroy(); } // authentication handler lifecycle, and custom impl DummyAuthenticationHandler.reset(); filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements()); filter.init(config); assertTrue(DummyAuthenticationHandler.init); } finally { filter.destroy(); assertTrue(DummyAuthenticationHandler.destroy); } // kerberos auth handler filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("kerberos"); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements()); filter.init(config); } catch (ServletException ex) { // Expected } finally { assertEquals( KerberosAuthenticationHandler.class, filter.getAuthenticationHandler().getClass()); filter.destroy(); } }