Search in sources :

Example 1 with ClearCookieRequest

use of com.zimbra.soap.admin.message.ClearCookieRequest in project zm-mailbox by Zimbra.

the class TestAuth method clearCookie.

@Test
public void clearCookie() throws Exception {
    // 2 seconds
    int authTokenLifetimeMSecs = 2000;
    int waitMSecs = authTokenLifetimeMSecs + 1000;
    Account acct = provUtil.createGlobalAdmin(genAcctNameLocalPart(), domain);
    // set the account's auth token lifetime to a short period
    acct.setAdminAuthTokenLifetime(String.valueOf(authTokenLifetimeMSecs) + "ms");
    // String authToken = getAuthToken(acct.getName(), true);
    SoapTransport transport = authAdmin(acct.getName());
    // wait till the auto token expire
    Thread.sleep(waitMSecs);
    // make sure the auth token is indeed expired
    boolean caughtAuthExpired = false;
    try {
        NoOpRequest noOpReq = new NoOpRequest();
        NoOpResponse noOpResp = invokeJaxb(transport, noOpReq);
    } catch (ServiceException e) {
        if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
            caughtAuthExpired = true;
        }
    }
    assertTrue(caughtAuthExpired);
    List<CookieSpec> cookiesToClear = Lists.newArrayList(new CookieSpec(ZimbraCookie.COOKIE_ZM_ADMIN_AUTH_TOKEN));
    ClearCookieRequest req = new ClearCookieRequest(cookiesToClear);
    /*
         * test the regular path when auto token control is not set
         * (auth token in soap header)
         */
    caughtAuthExpired = false;
    try {
        invokeJaxb(transport, req);
    } catch (ServiceException e) {
        if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
            caughtAuthExpired = true;
        }
    }
    assertTrue(caughtAuthExpired);
    /*
         * test the regular path when auto token control is not set
         * (auth token in cookie)
         */
    String authToken = transport.getAuthToken().getValue();
    SoapTransport authTokenInCookieTransport = new AuthTokenInCookieTransport(authToken, true);
    caughtAuthExpired = false;
    try {
        invokeJaxb(authTokenInCookieTransport, req);
    } catch (ServiceException e) {
        if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
            caughtAuthExpired = true;
        }
    }
    assertTrue(caughtAuthExpired);
    /*
         * test the path when auth token control voidOnExpired is true
         */
    // debug listener to verify the cookie is cleared
    SoapDebugListener verifyCookieClearedListener = new SoapDebugListener(Level.ALL) {

        @Override
        public void receiveSoapMessage(PostMethod postMethod, Element envelope) {
            super.receiveSoapMessage(postMethod, envelope);
            // verify cookies are cleared
            Header[] headers = postMethod.getResponseHeaders();
            boolean cookieCleared = false;
            for (Header header : headers) {
                if (header.toString().trim().equals("Set-Cookie: ZM_ADMIN_AUTH_TOKEN=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT")) {
                    cookieCleared = true;
                }
            // System.out.println(header.toString().trim()); // trim the ending crlf
            }
            assertTrue(cookieCleared);
        }
    };
    authTokenInCookieTransport = new AuthTokenInCookieTransport(authToken, true, true, verifyCookieClearedListener);
    // should NOT get AUTH_EXPIRED
    ClearCookieResponse resp = invokeJaxb(authTokenInCookieTransport, req);
    provUtil.deleteAccount(acct);
}
Also used : Account(com.zimbra.cs.account.Account) NoOpRequest(com.zimbra.soap.admin.message.NoOpRequest) PostMethod(org.apache.commons.httpclient.methods.PostMethod) Element(com.zimbra.common.soap.Element) AccountServiceException(com.zimbra.cs.account.AccountServiceException) ServiceException(com.zimbra.common.service.ServiceException) Header(org.apache.commons.httpclient.Header) NoOpResponse(com.zimbra.soap.admin.message.NoOpResponse) ClearCookieRequest(com.zimbra.soap.admin.message.ClearCookieRequest) ClearCookieResponse(com.zimbra.soap.admin.message.ClearCookieResponse) CookieSpec(com.zimbra.soap.admin.type.CookieSpec) SoapTransport(com.zimbra.common.soap.SoapTransport) Test(org.junit.Test)

Aggregations

ServiceException (com.zimbra.common.service.ServiceException)1 Element (com.zimbra.common.soap.Element)1 SoapTransport (com.zimbra.common.soap.SoapTransport)1 Account (com.zimbra.cs.account.Account)1 AccountServiceException (com.zimbra.cs.account.AccountServiceException)1 ClearCookieRequest (com.zimbra.soap.admin.message.ClearCookieRequest)1 ClearCookieResponse (com.zimbra.soap.admin.message.ClearCookieResponse)1 NoOpRequest (com.zimbra.soap.admin.message.NoOpRequest)1 NoOpResponse (com.zimbra.soap.admin.message.NoOpResponse)1 CookieSpec (com.zimbra.soap.admin.type.CookieSpec)1 Header (org.apache.commons.httpclient.Header)1 PostMethod (org.apache.commons.httpclient.methods.PostMethod)1 Test (org.junit.Test)1