Examples with CookieSpec com.zimbra.soap.admin.type.CookieSpec used on opensource projects

Example 1 with CookieSpec

use of com.zimbra.soap.admin.type.CookieSpec in project zm-mailbox by Zimbra.

the class TestAuth method clearCookie.

@Test
public void clearCookie() throws Exception {
    // 2 seconds
    int authTokenLifetimeMSecs = 2000;
    int waitMSecs = authTokenLifetimeMSecs + 1000;
    Account acct = provUtil.createGlobalAdmin(genAcctNameLocalPart(), domain);
    // set the account's auth token lifetime to a short period
    acct.setAdminAuthTokenLifetime(String.valueOf(authTokenLifetimeMSecs) + "ms");
    // String authToken = getAuthToken(acct.getName(), true);
    SoapTransport transport = authAdmin(acct.getName());
    // wait till the auto token expire
    Thread.sleep(waitMSecs);
    // make sure the auth token is indeed expired
    boolean caughtAuthExpired = false;
    try {
        NoOpRequest noOpReq = new NoOpRequest();
        NoOpResponse noOpResp = invokeJaxb(transport, noOpReq);
    } catch (ServiceException e) {
        if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
            caughtAuthExpired = true;
        }
    }
    assertTrue(caughtAuthExpired);
    List<CookieSpec> cookiesToClear = Lists.newArrayList(new CookieSpec(ZimbraCookie.COOKIE_ZM_ADMIN_AUTH_TOKEN));
    ClearCookieRequest req = new ClearCookieRequest(cookiesToClear);
    /*
         * test the regular path when auto token control is not set
         * (auth token in soap header)
         */
    caughtAuthExpired = false;
    try {
        invokeJaxb(transport, req);
    } catch (ServiceException e) {
        if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
            caughtAuthExpired = true;
        }
    }
    assertTrue(caughtAuthExpired);
    /*
         * test the regular path when auto token control is not set
         * (auth token in cookie)
         */
    String authToken = transport.getAuthToken().getValue();
    SoapTransport authTokenInCookieTransport = new AuthTokenInCookieTransport(authToken, true);
    caughtAuthExpired = false;
    try {
        invokeJaxb(authTokenInCookieTransport, req);
    } catch (ServiceException e) {
        if (AccountServiceException.AUTH_EXPIRED.equals(e.getCode())) {
            caughtAuthExpired = true;
        }
    }
    assertTrue(caughtAuthExpired);
    /*
         * test the path when auth token control voidOnExpired is true
         */
    // debug listener to verify the cookie is cleared
    SoapDebugListener verifyCookieClearedListener = new SoapDebugListener(Level.ALL) {

        @Override
        public void receiveSoapMessage(PostMethod postMethod, Element envelope) {
            super.receiveSoapMessage(postMethod, envelope);
            // verify cookies are cleared
            Header[] headers = postMethod.getResponseHeaders();
            boolean cookieCleared = false;
            for (Header header : headers) {
                if (header.toString().trim().equals("Set-Cookie: ZM_ADMIN_AUTH_TOKEN=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT")) {
                    cookieCleared = true;
                }
            // System.out.println(header.toString().trim()); // trim the ending crlf
            }
            assertTrue(cookieCleared);
        }
    };
    authTokenInCookieTransport = new AuthTokenInCookieTransport(authToken, true, true, verifyCookieClearedListener);
    // should NOT get AUTH_EXPIRED
    ClearCookieResponse resp = invokeJaxb(authTokenInCookieTransport, req);
    provUtil.deleteAccount(acct);
}