Search in sources :

Example 86 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenAuthorizationRequestWithInvalidClientThenStatusInternalServerError.

@Test
public void doFilterWhenAuthorizationRequestWithInvalidClientThenStatusInternalServerError() throws Exception {
    String requestUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + this.registration1.getRegistrationId() + "-invalid";
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    this.filter.doFilter(request, response, filterChain);
    verifyZeroInteractions(filterChain);
    assertThat(response.getStatus()).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.value());
    assertThat(response.getErrorMessage()).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 87 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantFilterTests method doFilterWhenNotAuthorizationResponseThenNotProcessed.

@Test
public void doFilterWhenNotAuthorizationResponseThenNotProcessed() throws Exception {
    String requestUri = "/path";
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    // NOTE: A valid Authorization Response contains either a 'code' or 'error'
    // parameter.
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    this.filter.doFilter(request, response, filterChain);
    verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 88 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantFilterTests method doFilterWhenAuthorizationSucceedsAndHasSavedRequestThenRedirectToSavedRequest.

@Test
public void doFilterWhenAuthorizationSucceedsAndHasSavedRequestThenRedirectToSavedRequest() throws Exception {
    String requestUri = "/saved-request";
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    MockHttpServletResponse response = new MockHttpServletResponse();
    RequestCache requestCache = new HttpSessionRequestCache();
    requestCache.saveRequest(request, response);
    request.setRequestURI("/callback/client-1");
    request.addParameter(OAuth2ParameterNames.CODE, "code");
    request.addParameter(OAuth2ParameterNames.STATE, "state");
    FilterChain filterChain = mock(FilterChain.class);
    this.setUpAuthorizationRequest(request, response, this.registration1);
    this.setUpAuthenticationResult(this.registration1);
    this.filter.doFilter(request, response, filterChain);
    assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/saved-request");
}
Also used : HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) RequestCache(org.springframework.security.web.savedrequest.RequestCache) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 89 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantFilterTests method doFilterWhenAuthorizationRequestRedirectUriDoesNotMatchThenNotProcessed.

@Test
public void doFilterWhenAuthorizationRequestRedirectUriDoesNotMatchThenNotProcessed() throws Exception {
    String requestUri = "/callback/client-1";
    MockHttpServletRequest authorizationRequest = createAuthorizationRequest(requestUri);
    MockHttpServletRequest authorizationResponse = createAuthorizationResponse(authorizationRequest);
    MockHttpServletResponse response = new MockHttpServletResponse();
    this.setUpAuthorizationRequest(authorizationRequest, response, this.registration1);
    authorizationResponse.setRequestURI(requestUri + "-no-match");
    FilterChain filterChain = mock(FilterChain.class);
    this.filter.doFilter(authorizationResponse, response, filterChain);
    verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 90 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantFilterTests method doFilterWhenAuthorizationRequestNotFoundThenNotProcessed.

@Test
public void doFilterWhenAuthorizationRequestNotFoundThenNotProcessed() throws Exception {
    MockHttpServletRequest authorizationRequest = createAuthorizationRequest("/path");
    MockHttpServletRequest authorizationResponse = createAuthorizationResponse(authorizationRequest);
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    this.filter.doFilter(authorizationResponse, response, filterChain);
    verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

FilterChain (jakarta.servlet.FilterChain)141 Test (org.junit.jupiter.api.Test)134 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)103 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)102 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)68 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)54 MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)35 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)32 MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)29 ServletRequest (jakarta.servlet.ServletRequest)25 ServletResponse (jakarta.servlet.ServletResponse)25 Authentication (org.springframework.security.core.Authentication)23 MockFilterChain (org.springframework.mock.web.MockFilterChain)20 ServletException (jakarta.servlet.ServletException)16 StandardCharsets (java.nio.charset.StandardCharsets)16 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)16 IOException (java.io.IOException)15 BeforeEach (org.junit.jupiter.api.BeforeEach)14 FileCopyUtils (org.springframework.util.FileCopyUtils)14 Arrays (java.util.Arrays)11