@Test public void shouldValidateRequestWhenUsernameHeaderIsEmptyString() throws AuthException { // Given MessageInfoContext messageInfo = mock(MessageInfoContext.class); Subject clientSubject = new Subject(); Subject serviceSubject = new Subject(); Request request = new Request(); given(messageInfo.getRequest()).willReturn(request); request.getHeaders().put("X-OpenIDM-Username", ""); request.getHeaders().put("X-OpenIDM-Password", "PASSWORD"); // When AuthStatus authStatus = module .validateRequest(messageInfo, clientSubject, serviceSubject) .getOrThrowUninterruptibly(); // Then verifyZeroInteractions(authenticator); assertTrue(clientSubject.getPrincipals().isEmpty()); assertEquals(authStatus, AuthStatus.SEND_FAILURE); }
@Test(enabled = true) public void shouldValidateRequestWhenAuthenticationFailed() throws ResourceException, AuthException { // Given MessageInfoContext messageInfo = mock(MessageInfoContext.class); AuthenticatorResult authResult = mock(AuthenticatorResult.class); Subject clientSubject = new Subject(); Subject serviceSubject = new Subject(); Map<String, Object> messageInfoMap = new HashMap<String, Object>(); Map<String, Object> auditInfoMap = new HashMap<String, Object>(); Request request = new Request(); given(messageInfo.getRequest()).willReturn(request); request.getHeaders().put("X-OpenIDM-Username", "USERNAME"); request.getHeaders().put("X-OpenIDM-Password", "PASSWORD"); given(messageInfo.getRequestContextMap()).willReturn(messageInfoMap); messageInfoMap.put(AuditTrail.AUDIT_INFO_KEY, auditInfoMap); given(authResult.isAuthenticated()).willReturn(false); given(authenticator.authenticate(eq("USERNAME"), eq("PASSWORD"), Matchers.<Context>anyObject())) .willReturn(authResult); // When AuthStatus authStatus = module .validateRequest(messageInfo, clientSubject, serviceSubject) .getOrThrowUninterruptibly(); // Then assertTrue(clientSubject.getPrincipals().isEmpty()); assertEquals(authStatus, AuthStatus.SEND_FAILURE); }
@BeforeMethod public void setUp() throws ResourceException { AuthenticatorFactory authenticatorFactory = mock(AuthenticatorFactory.class); authenticator = mock(Authenticator.class); when(authenticatorFactory.apply(any(JsonValue.class))).thenReturn(authenticator); module = new DelegatedAuthModule(authenticatorFactory, IDMAuthModule.DELEGATED); module.initialize(null, null, null, json(object(field("queryOnResource", ""))).asMap()); }
@Test public void shouldSecureResponse() throws AuthException { // Given MessageInfoContext messageInfo = mock(MessageInfoContext.class); Subject serviceSubject = new Subject(); // When AuthStatus authStatus = module.secureResponse(messageInfo, serviceSubject).getOrThrowUninterruptibly(); // Then assertEquals(authStatus, AuthStatus.SEND_SUCCESS); verifyZeroInteractions(messageInfo); }