Example 1 with ServletRequest
use of jakarta.servlet.ServletRequest in project spring-security by spring-projects.
the class Saml2WebSsoAuthenticationRequestFilterTests method setup.
@BeforeEach
public void setup() {
this.filter = new Saml2WebSsoAuthenticationRequestFilter(this.resolver, this.factory);
this.request = new MockHttpServletRequest();
this.response = new MockHttpServletResponse();
this.request.setPathInfo("/saml2/authenticate/registration-id");
this.filterChain = new MockFilterChain() {
@Override
public void doFilter(ServletRequest request, ServletResponse response) {
((HttpServletResponse) response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
};
this.rpBuilder = RelyingPartyRegistration.withRegistrationId("registration-id").providerDetails((c) -> c.entityId("idp-entity-id")).providerDetails((c) -> c.webSsoUrl(IDP_SSO_URL)).assertionConsumerServiceUrlTemplate("template").credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartyPrivateCredential()));
this.filter.setAuthenticationRequestRepository(this.authenticationRequestRepository);
}
Also used :
Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
BeforeEach(org.junit.jupiter.api.BeforeEach)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
ServletException(jakarta.servlet.ServletException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
HtmlUtils(org.springframework.web.util.HtmlUtils)
Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)
BDDMockito.given(org.mockito.BDDMockito.given)
AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest)
Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)
Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)
Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)
ServletRequest(jakarta.servlet.ServletRequest)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
IOException(java.io.IOException)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
StandardCharsets(java.nio.charset.StandardCharsets)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials)
ServletResponse(jakarta.servlet.ServletResponse)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
UriUtils(org.springframework.web.util.UriUtils)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
Mockito.mock(org.mockito.Mockito.mock)
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Example 2 with ServletRequest
use of jakarta.servlet.ServletRequest in project spring-security by spring-projects.
the class GrantedAuthorityDefaultsXmlTests method doFilterIsUserInRole.
// SEC-2926
@Test
public void doFilterIsUserInRole() throws Exception {
SecurityContext context = SecurityContextHolder.getContext();
this.request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, context);
this.chain = new MockFilterChain() {
@Override
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
assertThat(httpRequest.isUserInRole("USER")).isTrue();
assertThat(httpRequest.isUserInRole("INVALID")).isFalse();
super.doFilter(request, response);
}
};
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
assertThat(this.chain.getRequest()).isNotNull();
}
Also used :
ServletException(jakarta.servlet.ServletException)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
ServletRequest(jakarta.servlet.ServletRequest)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
SecurityContext(org.springframework.security.core.context.SecurityContext)
IOException(java.io.IOException)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
Test(org.junit.jupiter.api.Test)
Example 3 with ServletRequest
use of jakarta.servlet.ServletRequest in project spring-framework by spring-projects.
the class FormTag method processAction.
/**
* Process the action through a {@link RequestDataValueProcessor} instance
* if one is configured or otherwise returns the action unmodified.
*/
private String processAction(String action) {
RequestDataValueProcessor processor = getRequestContext().getRequestDataValueProcessor();
ServletRequest request = this.pageContext.getRequest();
if (processor != null && request instanceof HttpServletRequest) {
action = processor.processAction((HttpServletRequest) request, action, getHttpMethod());
}
return action;
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
ServletRequest(jakarta.servlet.ServletRequest)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
RequestDataValueProcessor(org.springframework.web.servlet.support.RequestDataValueProcessor)
Example 4 with ServletRequest
use of jakarta.servlet.ServletRequest in project spring-framework by spring-projects.
the class ViewResolverTests method internalResourceViewResolverWithContextBeans.
@Test
public void internalResourceViewResolverWithContextBeans() throws Exception {
this.wac.registerSingleton("myBean", TestBean.class);
this.wac.registerSingleton("myBean2", TestBean.class);
this.wac.refresh();
InternalResourceViewResolver vr = new InternalResourceViewResolver();
Properties props = new Properties();
props.setProperty("key1", "value1");
vr.setAttributes(props);
Map<String, Object> map = new HashMap<>();
map.put("key2", 2);
vr.setAttributesMap(map);
vr.setExposeContextBeansAsAttributes(true);
vr.setApplicationContext(this.wac);
HttpServletRequest request = new MockHttpServletRequest(this.sc) {
@Override
public RequestDispatcher getRequestDispatcher(String path) {
return new MockRequestDispatcher(path) {
@Override
public void forward(ServletRequest forwardRequest, ServletResponse forwardResponse) {
assertThat(forwardRequest.getAttribute("rc") == null).as("Correct rc attribute").isTrue();
assertThat(forwardRequest.getAttribute("key1")).isEqualTo("value1");
assertThat(forwardRequest.getAttribute("key2")).isEqualTo(2);
assertThat(forwardRequest.getAttribute("myBean")).isSameAs(wac.getBean("myBean"));
assertThat(forwardRequest.getAttribute("myBean2")).isSameAs(wac.getBean("myBean2"));
}
};
}
};
request.setAttribute(DispatcherServlet.WEB_APPLICATION_CONTEXT_ATTRIBUTE, this.wac);
request.setAttribute(DispatcherServlet.LOCALE_RESOLVER_ATTRIBUTE, new AcceptHeaderLocaleResolver());
View view = vr.resolveViewName("example1", Locale.getDefault());
view.render(new HashMap<String, Object>(), request, this.response);
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.web.testfixture.servlet.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.web.testfixture.servlet.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.web.testfixture.servlet.MockHttpServletRequest)
Properties(java.util.Properties)
AcceptHeaderLocaleResolver(org.springframework.web.servlet.i18n.AcceptHeaderLocaleResolver)
View(org.springframework.web.servlet.View)
MockRequestDispatcher(org.springframework.web.testfixture.servlet.MockRequestDispatcher)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.web.testfixture.servlet.MockHttpServletRequest)
Test(org.junit.jupiter.api.Test)
Example 5 with ServletRequest
use of jakarta.servlet.ServletRequest in project spring-framework by spring-projects.
the class RequestContextFilterTests method testFilterInvocation.
private void testFilterInvocation(final ServletException sex) throws Exception {
final MockHttpServletRequest req = new MockHttpServletRequest();
req.setAttribute("myAttr", "myValue");
final MockHttpServletResponse resp = new MockHttpServletResponse();
// Expect one invocation by the filter being tested
class DummyFilterChain implements FilterChain {
public int invocations = 0;
@Override
public void doFilter(ServletRequest req, ServletResponse resp) throws IOException, ServletException {
++invocations;
if (invocations == 1) {
assertThat(RequestContextHolder.currentRequestAttributes().getAttribute("myAttr", RequestAttributes.SCOPE_REQUEST)).isSameAs("myValue");
if (sex != null) {
throw sex;
}
} else {
throw new IllegalStateException("Too many invocations");
}
}
}
DummyFilterChain fc = new DummyFilterChain();
MockFilterConfig mfc = new MockFilterConfig(new MockServletContext(), "foo");
RequestContextFilter rbf = new RequestContextFilter();
rbf.init(mfc);
try {
rbf.doFilter(req, resp, fc);
assertThat(sex).isNull();
} catch (ServletException ex) {
assertThat(sex).isNotNull();
}
assertThatIllegalStateException().isThrownBy(RequestContextHolder::currentRequestAttributes);
assertThat(fc.invocations).isEqualTo(1);
}
Also used :
ServletException(jakarta.servlet.ServletException)
RequestContextHolder(org.springframework.web.context.request.RequestContextHolder)
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.web.testfixture.servlet.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.web.testfixture.servlet.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
Assertions.assertThatIllegalStateException(org.assertj.core.api.Assertions.assertThatIllegalStateException)
MockHttpServletRequest(org.springframework.web.testfixture.servlet.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
MockHttpServletResponse(org.springframework.web.testfixture.servlet.MockHttpServletResponse)
MockServletContext(org.springframework.web.testfixture.servlet.MockServletContext)
MockFilterConfig(org.springframework.web.testfixture.servlet.MockFilterConfig)
Aggregations
ServletRequest (jakarta.servlet.ServletRequest)31
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)20
ServletResponse (jakarta.servlet.ServletResponse)16
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)15
ServletException (jakarta.servlet.ServletException)9
IOException (java.io.IOException)9
Test (org.junit.jupiter.api.Test)6
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)5
Request (org.apache.catalina.connector.Request)4
MockFilterChain (org.springframework.mock.web.MockFilterChain)4
MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)4
MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)4
ServletRequestWrapper (jakarta.servlet.ServletRequestWrapper)3
RequestDataValueProcessor (org.springframework.web.servlet.support.RequestDataValueProcessor)3
HttpSession (jakarta.servlet.http.HttpSession)2
Principal (java.security.Principal)2
HashMap (java.util.HashMap)2
Properties (java.util.Properties)2
Context (org.apache.catalina.Context)2
