Examples with FilterChain jakarta.servlet.FilterChain used on opensource projects

Search in sources :

Example 21 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class FilterChainProxyTests method setup.

@BeforeEach
public void setup() throws Exception {
    this.matcher = mock(RequestMatcher.class);
    this.filter = mock(Filter.class);
    willAnswer((Answer<Object>) (inv) -> {
        Object[] args = inv.getArguments();
        FilterChain fc = (FilterChain) args[2];
        HttpServletRequestWrapper extraWrapper = new HttpServletRequestWrapper((HttpServletRequest) args[0]);
        fc.doFilter(extraWrapper, (HttpServletResponse) args[1]);
        return null;
    }).given(this.filter).doFilter(any(), any(), any());
    this.fcp = new FilterChainProxy(new DefaultSecurityFilterChain(this.matcher, Arrays.asList(this.filter)));
    this.fcp.setFilterChainValidator(mock(FilterChainProxy.FilterChainValidator.class));
    this.request = new MockHttpServletRequest("GET", "");
    this.request.setServletPath("/path");
    this.response = new MockHttpServletResponse();
    this.chain = mock(FilterChain.class);
}
Also used : ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) Arrays(java.util.Arrays) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) RequestRejectedException(org.springframework.security.web.firewall.RequestRejectedException) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ServletException(jakarta.servlet.ServletException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Filter(jakarta.servlet.Filter) HttpServletRequestWrapper(jakarta.servlet.http.HttpServletRequestWrapper) Mockito.verifyZeroInteractions(org.mockito.Mockito.verifyZeroInteractions) Answer(org.mockito.stubbing.Answer) BDDMockito.given(org.mockito.BDDMockito.given) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) RequestRejectedHandler(org.springframework.security.web.firewall.RequestRejectedHandler) FilterChain(jakarta.servlet.FilterChain) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) HttpFirewall(org.springframework.security.web.firewall.HttpFirewall) FirewalledRequest(org.springframework.security.web.firewall.FirewalledRequest) BDDMockito.willAnswer(org.mockito.BDDMockito.willAnswer) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) List(java.util.List) AfterEach(org.junit.jupiter.api.AfterEach) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) Collections(java.util.Collections) Mockito.mock(org.mockito.Mockito.mock) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Filter(jakarta.servlet.Filter) HttpServletRequestWrapper(jakarta.servlet.http.HttpServletRequestWrapper) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 22 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class SessionManagementFilterTests method strategyFailureInvokesFailureHandler.

@Test
public void strategyFailureInvokesFailureHandler() throws Exception {
    SecurityContextRepository repo = mock(SecurityContextRepository.class);
    // repo will return false to containsContext()
    SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);
    AuthenticationFailureHandler failureHandler = mock(AuthenticationFailureHandler.class);
    SessionManagementFilter filter = new SessionManagementFilter(repo, strategy);
    filter.setAuthenticationFailureHandler(failureHandler);
    HttpServletRequest request = new MockHttpServletRequest();
    HttpServletResponse response = new MockHttpServletResponse();
    FilterChain fc = mock(FilterChain.class);
    authenticateUser();
    SessionAuthenticationException exception = new SessionAuthenticationException("Failure");
    willThrow(exception).given(strategy).onAuthentication(SecurityContextHolder.getContext().getAuthentication(), request, response);
    filter.doFilter(request, response, fc);
    verifyZeroInteractions(fc);
    verify(failureHandler).onAuthenticationFailure(request, response, exception);
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) SessionAuthenticationException(org.springframework.security.web.authentication.session.SessionAuthenticationException) SessionAuthenticationStrategy(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) AuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 23 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantFilterTests method doFilterWhenAuthorizationSucceedsAndRequestCacheConfiguredThenRequestCacheUsed.

@Test
public void doFilterWhenAuthorizationSucceedsAndRequestCacheConfiguredThenRequestCacheUsed() throws Exception {
    MockHttpServletRequest authorizationRequest = createAuthorizationRequest("/callback/client-1");
    MockHttpServletRequest authorizationResponse = createAuthorizationResponse(authorizationRequest);
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    this.setUpAuthorizationRequest(authorizationRequest, response, this.registration1);
    this.setUpAuthenticationResult(this.registration1);
    RequestCache requestCache = spy(HttpSessionRequestCache.class);
    this.filter.setRequestCache(requestCache);
    authorizationRequest.setRequestURI("/saved-request");
    requestCache.saveRequest(authorizationRequest, response);
    this.filter.doFilter(authorizationResponse, response, filterChain);
    verify(requestCache).getRequest(any(HttpServletRequest.class), any(HttpServletResponse.class));
    assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/saved-request");
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) RequestCache(org.springframework.security.web.savedrequest.RequestCache) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 24 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantFilterTests method doFilterWhenAuthorizationFailsThenHandleOAuth2AuthorizationException.

@Test
public void doFilterWhenAuthorizationFailsThenHandleOAuth2AuthorizationException() throws Exception {
    MockHttpServletRequest authorizationRequest = createAuthorizationRequest("/callback/client-1");
    MockHttpServletRequest authorizationResponse = createAuthorizationResponse(authorizationRequest);
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    this.setUpAuthorizationRequest(authorizationRequest, response, this.registration1);
    OAuth2Error error = new OAuth2Error(OAuth2ErrorCodes.INVALID_GRANT);
    given(this.authenticationManager.authenticate(any(Authentication.class))).willThrow(new OAuth2AuthorizationException(error));
    this.filter.doFilter(authorizationResponse, response, filterChain);
    assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/callback/client-1?error=invalid_grant");
}
Also used : OAuth2AuthorizationException(org.springframework.security.oauth2.core.OAuth2AuthorizationException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Authentication(org.springframework.security.core.Authentication) FilterChain(jakarta.servlet.FilterChain) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 25 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantFilterTests method doFilterWhenAuthorizationRequestRedirectUriParametersDoesNotMatchThenNotProcessed.

// gh-7963
@Test
public void doFilterWhenAuthorizationRequestRedirectUriParametersDoesNotMatchThenNotProcessed() throws Exception {
    String requestUri = "/callback/client-1";
    Map<String, String> parameters = new LinkedHashMap<>();
    parameters.put("param1", "value1");
    parameters.put("param2", "value2");
    MockHttpServletRequest authorizationRequest = createAuthorizationRequest(requestUri, parameters);
    MockHttpServletResponse response = new MockHttpServletResponse();
    this.setUpAuthorizationRequest(authorizationRequest, response, this.registration1);
    this.setUpAuthenticationResult(this.registration1);
    FilterChain filterChain = mock(FilterChain.class);
    // 1) Parameter value
    Map<String, String> parametersNotMatch = new LinkedHashMap<>(parameters);
    parametersNotMatch.put("param2", "value8");
    MockHttpServletRequest authorizationResponse = createAuthorizationResponse(createAuthorizationRequest(requestUri, parametersNotMatch));
    authorizationResponse.setSession(authorizationRequest.getSession());
    this.filter.doFilter(authorizationResponse, response, filterChain);
    verify(filterChain, times(1)).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
    // 2) Parameter order
    parametersNotMatch = new LinkedHashMap<>();
    parametersNotMatch.put("param2", "value2");
    parametersNotMatch.put("param1", "value1");
    authorizationResponse = createAuthorizationResponse(createAuthorizationRequest(requestUri, parametersNotMatch));
    authorizationResponse.setSession(authorizationRequest.getSession());
    this.filter.doFilter(authorizationResponse, response, filterChain);
    verify(filterChain, times(2)).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
    // 3) Parameter missing
    parametersNotMatch = new LinkedHashMap<>(parameters);
    parametersNotMatch.remove("param2");
    authorizationResponse = createAuthorizationResponse(createAuthorizationRequest(requestUri, parametersNotMatch));
    authorizationResponse.setSession(authorizationRequest.getSession());
    this.filter.doFilter(authorizationResponse, response, filterChain);
    verify(filterChain, times(3)).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) LinkedHashMap(java.util.LinkedHashMap) Test(org.junit.jupiter.api.Test)

Aggregations

FilterChain (jakarta.servlet.FilterChain)141 Test (org.junit.jupiter.api.Test)134 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)103 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)102 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)68 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)54 MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)35 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)32 MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)29 ServletRequest (jakarta.servlet.ServletRequest)25 ServletResponse (jakarta.servlet.ServletResponse)25 Authentication (org.springframework.security.core.Authentication)23 MockFilterChain (org.springframework.mock.web.MockFilterChain)20 ServletException (jakarta.servlet.ServletException)16 StandardCharsets (java.nio.charset.StandardCharsets)16 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)16 IOException (java.io.IOException)15 BeforeEach (org.junit.jupiter.api.BeforeEach)14 FileCopyUtils (org.springframework.util.FileCopyUtils)14 Arrays (java.util.Arrays)11
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial