Example 26 with FilterChain
use of jakarta.servlet.FilterChain in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownButAuthorizationRequestNotResolvedThenStatusInternalServerError.
@Test
public void doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownButAuthorizationRequestNotResolvedThenStatusInternalServerError() throws Exception {
String requestUri = "/path";
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
request.setServletPath(requestUri);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
willThrow(new ClientAuthorizationRequiredException(this.registration1.getRegistrationId())).given(filterChain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
OAuth2AuthorizationRequestResolver resolver = mock(OAuth2AuthorizationRequestResolver.class);
OAuth2AuthorizationRequestRedirectFilter filter = new OAuth2AuthorizationRequestRedirectFilter(resolver);
filter.doFilter(request, response, filterChain);
verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
verifyZeroInteractions(filterChain);
assertThat(response.getStatus()).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.value());
assertThat(response.getErrorMessage()).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 27 with FilterChain
use of jakarta.servlet.FilterChain in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownThenRedirectForAuthorization.
@Test
public void doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownThenRedirectForAuthorization() throws Exception {
String requestUri = "/path";
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
request.setServletPath(requestUri);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
willThrow(new ClientAuthorizationRequiredException(this.registration1.getRegistrationId())).given(filterChain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
this.filter.doFilter(request, response, filterChain);
verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
assertThat(response.getRedirectedUrl()).matches("https://example.com/login/oauth/authorize\\?" + "response_type=code&client_id=client-id&" + "scope=read:user&state=.{15,}&" + "redirect_uri=http://localhost/authorize/oauth2/code/registration-id");
verify(this.requestCache).saveRequest(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 28 with FilterChain
use of jakarta.servlet.FilterChain in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenAuthorizationRequestImplicitGrantThenAuthorizationRequestNotSaved.
@Test
public void doFilterWhenAuthorizationRequestImplicitGrantThenAuthorizationRequestNotSaved() throws Exception {
String requestUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + this.registration3.getRegistrationId();
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
request.setServletPath(requestUri);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(AuthorizationRequestRepository.class);
this.filter.setAuthorizationRequestRepository(authorizationRequestRepository);
this.filter.doFilter(request, response, filterChain);
verifyZeroInteractions(filterChain);
verify(authorizationRequestRepository, times(0)).saveAuthorizationRequest(any(OAuth2AuthorizationRequest.class), any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 29 with FilterChain
use of jakarta.servlet.FilterChain in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenAuthorizationRequestOAuth2LoginThenRedirectForAuthorization.
@Test
public void doFilterWhenAuthorizationRequestOAuth2LoginThenRedirectForAuthorization() throws Exception {
String requestUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + this.registration1.getRegistrationId();
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
request.setServletPath(requestUri);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
this.filter.doFilter(request, response, filterChain);
verifyZeroInteractions(filterChain);
assertThat(response.getRedirectedUrl()).matches("https://example.com/login/oauth/authorize\\?" + "response_type=code&client_id=client-id&" + "scope=read:user&state=.{15,}&" + "redirect_uri=http://localhost/login/oauth2/code/registration-id");
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 30 with FilterChain
use of jakarta.servlet.FilterChain in project spring-security by spring-projects.
the class BasicAuthenticationFilterTests method doFilterWhenSchemeMixedCaseThenCaseInsensitiveMatchWorks.
@Test
public void doFilterWhenSchemeMixedCaseThenCaseInsensitiveMatchWorks() throws Exception {
String token = "rod:koala";
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization", "BaSiC " + new String(Base64.encodeBase64(token.getBytes())));
request.setServletPath("/some_file.html");
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
FilterChain chain = mock(FilterChain.class);
this.filter.doFilter(request, new MockHttpServletResponse(), chain);
verify(chain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
assertThat(SecurityContextHolder.getContext().getAuthentication().getName()).isEqualTo("rod");
}
Also used :
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Aggregations
FilterChain (jakarta.servlet.FilterChain)141
Test (org.junit.jupiter.api.Test)134
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)103
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)102
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)68
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)54
MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)35
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)32
MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)29
ServletRequest (jakarta.servlet.ServletRequest)25
ServletResponse (jakarta.servlet.ServletResponse)25
Authentication (org.springframework.security.core.Authentication)23
MockFilterChain (org.springframework.mock.web.MockFilterChain)20
ServletException (jakarta.servlet.ServletException)16
StandardCharsets (java.nio.charset.StandardCharsets)16
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)16
IOException (java.io.IOException)15
BeforeEach (org.junit.jupiter.api.BeforeEach)14
FileCopyUtils (org.springframework.util.FileCopyUtils)14
Arrays (java.util.Arrays)11
