public void testDoFilterNotAuthenticated() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements()); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); FilterChain chain = Mockito.mock(FilterChain.class); Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { fail(); return null; } }) .when(chain) .doFilter(Mockito.<ServletRequest>anyObject(), Mockito.<ServletResponse>anyObject()); filter.doFilter(request, response, chain); Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED); } finally { filter.destroy(); } }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { final HttpServletRequest httpRequest = toLowerCase((HttpServletRequest) request); final String tokenString = httpRequest.getParameter(DelegationParam.NAME); if (tokenString != null) { // Token is present in the url, therefore token will be used for // authentication, bypass kerberos authentication. filterChain.doFilter(httpRequest, response); return; } super.doFilter(httpRequest, response, filterChain); }
public void testDoFilterAuthenticated() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameterNames()) .thenReturn(new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements()); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); AuthenticationToken token = new AuthenticationToken("u", "p", "t"); token.setExpires(System.currentTimeMillis() + 1000); Signer signer = new Signer("alfredo".getBytes()); String tokenSigned = signer.sign(token.toString()); Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned); Mockito.when(request.getCookies()).thenReturn(new Cookie[] {cookie}); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); FilterChain chain = Mockito.mock(FilterChain.class); Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { Object[] args = invocation.getArguments(); HttpServletRequest request = (HttpServletRequest) args[0]; assertEquals("u", request.getRemoteUser()); assertEquals("p", request.getUserPrincipal().getName()); return null; } }) .when(chain) .doFilter(Mockito.<ServletRequest>anyObject(), Mockito.<ServletResponse>anyObject()); filter.doFilter(request, response, chain); } finally { filter.destroy(); } }
private void _testDoFilterAuthentication(boolean withDomainPath) throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)) .thenReturn(DummyAuthenticationHandler.class.getName()); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)) .thenReturn("1000"); Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)) .thenReturn("secret"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY, AuthenticationFilter.SIGNATURE_SECRET)) .elements()); if (withDomainPath) { Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_DOMAIN)) .thenReturn(".foo.com"); Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH)).thenReturn("/bar"); Mockito.when(config.getInitParameterNames()) .thenReturn( new Vector( Arrays.asList( AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY, AuthenticationFilter.SIGNATURE_SECRET, AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter.COOKIE_PATH)) .elements()); } filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getParameter("authenticated")).thenReturn("true"); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); Mockito.when(request.getQueryString()).thenReturn("authenticated=true"); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); FilterChain chain = Mockito.mock(FilterChain.class); final boolean[] calledDoFilter = new boolean[1]; Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { calledDoFilter[0] = true; return null; } }) .when(chain) .doFilter(Mockito.<ServletRequest>anyObject(), Mockito.<ServletResponse>anyObject()); final Cookie[] setCookie = new Cookie[1]; Mockito.doAnswer( new Answer() { @Override public Object answer(InvocationOnMock invocation) throws Throwable { Object[] args = invocation.getArguments(); setCookie[0] = (Cookie) args[0]; return null; } }) .when(response) .addCookie(Mockito.<Cookie>anyObject()); filter.doFilter(request, response, chain); assertNotNull(setCookie[0]); assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName()); assertTrue(setCookie[0].getValue().contains("u=")); assertTrue(setCookie[0].getValue().contains("p=")); assertTrue(setCookie[0].getValue().contains("t=")); assertTrue(setCookie[0].getValue().contains("e=")); assertTrue(setCookie[0].getValue().contains("s=")); assertTrue(calledDoFilter[0]); Signer signer = new Signer("secret".getBytes()); String value = signer.verifyAndExtract(setCookie[0].getValue()); AuthenticationToken token = AuthenticationToken.parse(value); assertEquals(System.currentTimeMillis() + 1000 * 1000, token.getExpires(), 100); if (withDomainPath) { assertEquals(".foo.com", setCookie[0].getDomain()); assertEquals("/bar", setCookie[0].getPath()); } else { assertNull(setCookie[0].getDomain()); assertNull(setCookie[0].getPath()); } } finally { filter.destroy(); } }