コード例 #1
0
 @Before
 public void setUp() throws Exception {
   MockHttpSession mockHttpSession = new MockHttpSession();
   httpServletRequest.setSession(mockHttpSession);
   mockHttpSession.setAttribute(USER, USER);
   mockHttpSession.setAttribute(USER_ID, 1L);
 }
  @Before
  public void setUp() throws Exception {
    request = new MockHttpServletRequest();
    MockHttpSession session = new MockHttpSession();
    session.setAttribute(UserAuthenticationSuccessHandler.USER, USER);
    session.setAttribute(UserAuthenticationSuccessHandler.USER_ID, USER_ID);
    when(permissionService.hasPermissionOnZone(USER_ID, ZONE_ID)).thenReturn(true);

    request.setSession(session);
  }
コード例 #3
0
  @Before
  public void setup() {
    logger.info("setup");

    this.mockMvc =
        MockMvcBuilders.webAppContextSetup(context).addFilters(springSecurityFilterChain).build();

    User user = null;
    try {
      user = userService.findByLogin("johndoe");
    } catch (ServiceException e) {
      logger.error(e.getLocalizedMessage());
    }

    Authentication authentication = null;
    if (user != null) {
      authentication = new UsernamePasswordAuthenticationToken(user.getLogin(), user.getPassword());
    }
    Authentication result = authenticationManager.authenticate(authentication);
    SecurityContext securityContext = SecurityContextHolder.getContext();
    securityContext.setAuthentication(result);
    session = new MockHttpSession();
    session.setAttribute(
        HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, securityContext);
  }
コード例 #4
0
 @Test
 @Rollback(true)
 @Transactional
 public void positiveTestGetAllCompanies() throws Exception {
   session.setAttribute("googleUser", user);
   this.mockMvc
       .perform(get("/getAllCompanies").accept(MediaType.ALL).session(session))
       .andExpect(status().isOk());
 }
コード例 #5
0
  @Test
  @Rollback(true)
  @Transactional
  public void negativeGoogleUserTestGetAllCompanies() throws Exception {

    session.setAttribute("googleUser", null);
    this.mockMvc
        .perform(get("/getAllCompanies").accept(MediaType.ALL).session(session))
        .andExpect(status().isUnauthorized());
  }
コード例 #6
0
  @Test
  public void session() throws Exception {
    MockHttpSession session = new MockHttpSession(this.servletContext);
    session.setAttribute("foo", "bar");
    this.builder.session(session);
    this.builder.sessionAttr("baz", "qux");

    MockHttpServletRequest request = this.builder.buildRequest(this.servletContext);

    assertEquals(session, request.getSession());
    assertEquals("bar", request.getSession().getAttribute("foo"));
    assertEquals("qux", request.getSession().getAttribute("baz"));
  }
  public MockHttpSession mockAnonymousHttpSession() {
    MockHttpSession mockSession = new MockHttpSession();

    SecurityContext mockSecurityContext = mock(SecurityContext.class);

    AnonymousAuthenticationToken principal =
        new AnonymousAuthenticationToken(ANONYMOUS_USER_KEY, ANONYMOUS_USER_PRINCIPAL, AUTHORITIES);

    when(mockSecurityContext.getAuthentication()).thenReturn(principal);

    SecurityContextHolder.setContext(mockSecurityContext);
    mockSession.setAttribute(
        HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, mockSecurityContext);

    return mockSession;
  }
  public MockHttpSession mockHttpSession(boolean secured) {
    MockHttpSession mockSession = new MockHttpSession();

    SecurityContext mockSecurityContext = mock(SecurityContext.class);

    if (secured) {
      ExpiringUsernameAuthenticationToken principal =
          new ExpiringUsernameAuthenticationToken(null, USER_DETAILS, USER_NAME, AUTHORITIES);
      principal.setDetails(USER_DETAILS);
      when(mockSecurityContext.getAuthentication()).thenReturn(principal);
    }

    SecurityContextHolder.setContext(mockSecurityContext);
    mockSession.setAttribute(
        HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, mockSecurityContext);

    return mockSession;
  }
コード例 #9
0
  /** @see {@link HtmlFormEntryUtil#getLocation(String, FormEntryContext)} */
  @Test
  @Verifies(
      value = "should find a location by session attribute",
      method = "getLocation(String,FormEntrySession)")
  public void getLocation_shouldFindALocationBySessionAttribute() throws Exception {
    String attrName = "emr.sessionLocation";
    MockHttpSession httpSession = new MockHttpSession();
    httpSession.setAttribute(attrName, "2");

    FormEntryContext formEntryContext = new FormEntryContext(FormEntryContext.Mode.ENTER);
    formEntryContext.setHttpSession(httpSession);

    Assert.assertEquals(
        "2",
        HtmlFormEntryUtil.getLocation("SessionAttribute:" + attrName, formEntryContext)
            .getId()
            .toString());
  }
コード例 #10
0
ファイル: ServletProbeTest.java プロジェクト: trask/jmonitor
  @Test
  @ConfigureAgentEnabled(false)
  @ConfigureServletProbeUsernameSessionAttribute("username")
  @WrapInMockProbeExecution
  public void testUsernameSessionAttributeCaptureUnderDisabledAgent()
      throws ServletException, IOException {

    Servlet servlet = new MockServlet();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/test");
    MockHttpServletResponse response = new MockHttpServletResponse();
    servlet.service(request, response);

    MockHttpSession session = new MockHttpSession();
    session.setAttribute("username", "abc");

    // perform assertions
    OperationSafeImpl operation = Agent.getInstance().getCurrentOperation();
    assertNull(operation);
  }
コード例 #11
0
  @Test
  public void testLoginUsingPasscodeWithUnknownToken() throws Exception {
    RemoteUserAuthentication userAuthentication =
        new RemoteUserAuthentication(
            marissa.getId(),
            marissa.getName(),
            marissa.getEmail(),
            new ArrayList<GrantedAuthority>());
    final MockSecurityContext mockSecurityContext = new MockSecurityContext(userAuthentication);

    SecurityContextHolder.setContext(mockSecurityContext);
    MockHttpSession session = new MockHttpSession();

    session.setAttribute(
        HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, mockSecurityContext);

    MockHttpServletRequestBuilder get = get("/passcode").accept(APPLICATION_JSON).session(session);

    getMockMvc().perform(get).andExpect(status().isForbidden());
  }
 /** Test that the store code is resolved and cached by <code>resolveStoreCodeParam</code>. */
 @Test
 public void testResolveStoreCodeParamIsCached() {
   final String storeCode = "store3";
   request.addParameter(STORE_CODE, storeCode);
   session.setAttribute(STORE_CODE, storeCode);
   request.setSession(session);
   context.checking(
       new Expectations() {
         {
           oneOf(delegate).resolveStoreCodeParam(request, STORE_CODE);
           will(returnValue(storeCode));
         }
       });
   assertEquals(
       SAME_CODE_AS_DELEGATE_EXPECTED,
       storeCode,
       cachingResolver.resolveStoreCodeParam(request, STORE_CODE));
   assertEquals(
       SAME_CODE_EXPECTED_ON_SECOND_CALL,
       storeCode,
       cachingResolver.resolveStoreCodeParam(request, STORE_CODE));
 }
 /** Test that the store code is resolved and cached by <code>resolveStoreCodeHeader</code>. */
 @Test
 public void testResolveDomainSessionIsCached() {
   final String domain = "domain";
   MockHttpSession session = new MockHttpSession();
   session.setAttribute(domain, "http://www.store6.com");
   request.setSession(session);
   context.checking(
       new Expectations() {
         {
           oneOf(delegate).resolveDomainSession(request, STORE_CODE);
           will(returnValue("store6"));
         }
       });
   assertEquals(
       SAME_CODE_AS_DELEGATE_EXPECTED,
       "store6",
       cachingResolver.resolveDomainSession(request, STORE_CODE));
   assertEquals(
       SAME_CODE_EXPECTED_ON_SECOND_CALL,
       "store6",
       cachingResolver.resolveDomainSession(request, STORE_CODE));
 }
コード例 #14
0
  @Before
  public void setup() {
    logger.info("setup");

    this.mockMvc =
        MockMvcBuilders.webAppContextSetup(context).addFilters(springSecurityFilterChain).build();

    User user = null;
    try {
      user = userService.findByLogin("johndoe");
    } catch (ServiceException e) {
      logger.error(e.getLocalizedMessage());
    }

    Authentication authentication =
        new UsernamePasswordAuthenticationToken(user.getLogin(), user.getPassword());
    Authentication result = authenticationManager.authenticate(authentication);
    SecurityContext securityContext = SecurityContextHolder.getContext();
    securityContext.setAuthentication(result);
    session = new MockHttpSession();
    session.setAttribute(
        HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, securityContext);

    try {
      logger.info("Create Tomcat server");
      String jsonString =
          "{\"applicationName\":\"" + applicationName + "\", \"serverName\":\"" + release + "\"}";
      ResultActions resultats =
          mockMvc.perform(
              post("/application")
                  .session(session)
                  .contentType(MediaType.APPLICATION_JSON)
                  .content(jsonString));
      resultats.andExpect(status().isOk());

    } catch (Exception e) {
      logger.error(e.getMessage());
    }
  }
コード例 #15
0
  @Test
  public void testLoginUsingPasscodeWithSamlToken() throws Exception {
    ExpiringUsernameAuthenticationToken et =
        new ExpiringUsernameAuthenticationToken(USERNAME, null);
    LoginSamlAuthenticationToken auth = new LoginSamlAuthenticationToken(marissa, et);
    final MockSecurityContext mockSecurityContext = new MockSecurityContext(auth);

    SecurityContextHolder.setContext(mockSecurityContext);
    MockHttpSession session = new MockHttpSession();

    session.setAttribute(
        HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, mockSecurityContext);

    MockHttpServletRequestBuilder get = get("/passcode").accept(APPLICATION_JSON).session(session);

    String passcode =
        JsonUtils.readValue(
            getMockMvc()
                .perform(get)
                .andExpect(status().isOk())
                .andReturn()
                .getResponse()
                .getContentAsString(),
            String.class);

    mockSecurityContext.setAuthentication(null);
    session = new MockHttpSession();
    session.setAttribute(
        HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, mockSecurityContext);

    String basicDigestHeaderValue = "Basic " + new String(Base64.encodeBase64(("cf:").getBytes()));
    MockHttpServletRequestBuilder post =
        post("/oauth/token")
            .accept(APPLICATION_JSON)
            .contentType(APPLICATION_FORM_URLENCODED)
            .header("Authorization", basicDigestHeaderValue)
            .param("grant_type", "password")
            .param("passcode", passcode)
            .param("response_type", "token");

    Map accessToken =
        JsonUtils.readValue(
            getMockMvc()
                .perform(post)
                .andExpect(status().isOk())
                .andReturn()
                .getResponse()
                .getContentAsString(),
            Map.class);
    assertEquals("bearer", accessToken.get("token_type"));
    assertNotNull(accessToken.get("access_token"));
    assertNotNull(accessToken.get("refresh_token"));
    String[] scopes = ((String) accessToken.get("scope")).split(" ");
    assertThat(
        Arrays.asList(scopes),
        containsInAnyOrder(
            "uaa.user",
            "scim.userids",
            "password.write",
            "cloud_controller.write",
            "openid",
            "cloud_controller.read"));

    Authentication authentication = captureSecurityContextFilter.getAuthentication();
    assertNotNull(authentication);
    assertTrue(authentication instanceof OAuth2Authentication);
    assertTrue(
        ((OAuth2Authentication) authentication).getUserAuthentication()
            instanceof UsernamePasswordAuthenticationToken);
    assertTrue(authentication.getPrincipal() instanceof UaaPrincipal);
    assertEquals(marissa.getOrigin(), ((UaaPrincipal) authentication.getPrincipal()).getOrigin());
  }