use of com.zimbra.soap.admin.message.ClearCookieResponse in project zm-mailbox by Zimbra.
the class TestAuth method clearCookie.
@Test
public void clearCookie() throws Exception {
// 2 seconds
int authTokenLifetimeMSecs = 2000;
int waitMSecs = authTokenLifetimeMSecs + 1000;
Account acct = provUtil.createGlobalAdmin(genAcctNameLocalPart(), domain);
// set the account's auth token lifetime to a short period
acct.setAdminAuthTokenLifetime(String.valueOf(authTokenLifetimeMSecs) + "ms");
// String authToken = getAuthToken(acct.getName(), true);
SoapTransport transport = authAdmin(acct.getName());
// wait till the auto token expire
Thread.sleep(waitMSecs);
// make sure the auth token is indeed expired
boolean caughtAuthExpired = false;
try {
NoOpRequest noOpReq = new NoOpRequest();
NoOpResponse noOpResp = invokeJaxb(transport, noOpReq);
} catch (ServiceException e) {
if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
caughtAuthExpired = true;
}
}
assertTrue(caughtAuthExpired);
List<CookieSpec> cookiesToClear = Lists.newArrayList(new CookieSpec(ZimbraCookie.COOKIE_ZM_ADMIN_AUTH_TOKEN));
ClearCookieRequest req = new ClearCookieRequest(cookiesToClear);
/*
* test the regular path when auto token control is not set
* (auth token in soap header)
*/
caughtAuthExpired = false;
try {
invokeJaxb(transport, req);
} catch (ServiceException e) {
if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
caughtAuthExpired = true;
}
}
assertTrue(caughtAuthExpired);
/*
* test the regular path when auto token control is not set
* (auth token in cookie)
*/
String authToken = transport.getAuthToken().getValue();
SoapTransport authTokenInCookieTransport = new AuthTokenInCookieTransport(authToken, true);
caughtAuthExpired = false;
try {
invokeJaxb(authTokenInCookieTransport, req);
} catch (ServiceException e) {
if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
caughtAuthExpired = true;
}
}
assertTrue(caughtAuthExpired);
/*
* test the path when auth token control voidOnExpired is true
*/
// debug listener to verify the cookie is cleared
SoapDebugListener verifyCookieClearedListener = new SoapDebugListener(Level.ALL) {
@Override
public void receiveSoapMessage(PostMethod postMethod, Element envelope) {
super.receiveSoapMessage(postMethod, envelope);
// verify cookies are cleared
Header[] headers = postMethod.getResponseHeaders();
boolean cookieCleared = false;
for (Header header : headers) {
if (header.toString().trim().equals("Set-Cookie: ZM_ADMIN_AUTH_TOKEN=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT")) {
cookieCleared = true;
}
// System.out.println(header.toString().trim()); // trim the ending crlf
}
assertTrue(cookieCleared);
}
};
authTokenInCookieTransport = new AuthTokenInCookieTransport(authToken, true, true, verifyCookieClearedListener);
// should NOT get AUTH_EXPIRED
ClearCookieResponse resp = invokeJaxb(authTokenInCookieTransport, req);
provUtil.deleteAccount(acct);
}
Aggregations