Search in sources :

Example 1 with ProtectedResourceProcessingFilter

use of org.springframework.security.oauth.provider.filter.ProtectedResourceProcessingFilter in project spring-security-oauth by spring-projects.

the class ProtectedResourceProcessingFilterTests method testOnValidSignature.

/**
	 * test onValidSignature
	 */
@Test
public void testOnValidSignature() throws Exception {
    ProtectedResourceProcessingFilter filter = new ProtectedResourceProcessingFilter();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    ConsumerCredentials creds = new ConsumerCredentials("key", "sig", "meth", "base", "tok");
    ConsumerAuthentication authentication = new ConsumerAuthentication(mock(ConsumerDetails.class), creds);
    authentication.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(authentication);
    OAuthProviderTokenServices tokenServices = mock(OAuthProviderTokenServices.class);
    OAuthAccessProviderToken token = mock(OAuthAccessProviderToken.class);
    filter.setTokenServices(tokenServices);
    when(tokenServices.getToken("tok")).thenReturn(token);
    when(token.isAccessToken()).thenReturn(true);
    Authentication userAuthentication = mock(Authentication.class);
    when(token.getUserAuthentication()).thenReturn(userAuthentication);
    filter.onValidSignature(request, response, chain);
    verify(chain).doFilter(request, response);
    assertSame(userAuthentication, SecurityContextHolder.getContext().getAuthentication());
    SecurityContextHolder.getContext().setAuthentication(null);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ProtectedResourceProcessingFilter(org.springframework.security.oauth.provider.filter.ProtectedResourceProcessingFilter) OAuthProviderTokenServices(org.springframework.security.oauth.provider.token.OAuthProviderTokenServices) ConsumerCredentials(org.springframework.security.oauth.provider.ConsumerCredentials) ConsumerAuthentication(org.springframework.security.oauth.provider.ConsumerAuthentication) Authentication(org.springframework.security.core.Authentication) FilterChain(javax.servlet.FilterChain) ConsumerAuthentication(org.springframework.security.oauth.provider.ConsumerAuthentication) HttpServletResponse(javax.servlet.http.HttpServletResponse) OAuthAccessProviderToken(org.springframework.security.oauth.provider.token.OAuthAccessProviderToken) ConsumerDetails(org.springframework.security.oauth.provider.ConsumerDetails) Test(org.junit.Test)

Aggregations

FilterChain (javax.servlet.FilterChain)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 Test (org.junit.Test)1 Authentication (org.springframework.security.core.Authentication)1 ConsumerAuthentication (org.springframework.security.oauth.provider.ConsumerAuthentication)1 ConsumerCredentials (org.springframework.security.oauth.provider.ConsumerCredentials)1 ConsumerDetails (org.springframework.security.oauth.provider.ConsumerDetails)1 ProtectedResourceProcessingFilter (org.springframework.security.oauth.provider.filter.ProtectedResourceProcessingFilter)1 OAuthAccessProviderToken (org.springframework.security.oauth.provider.token.OAuthAccessProviderToken)1 OAuthProviderTokenServices (org.springframework.security.oauth.provider.token.OAuthProviderTokenServices)1