Search in sources :

Example 41 with Configuration

use of javax.ws.rs.core.Configuration in project minijax by minijax.

the class SecurityTest method testApiKeyDeleted.

@Test
public void testApiKeyDeleted() {
    final User user = new User();
    final ApiKey apiKey = new ApiKey();
    apiKey.setValue("xyz");
    apiKey.setUser(user);
    apiKey.setDeleted(true);
    final String authorization = AuthUtils.create(apiKey.getValue(), "");
    final SecurityDao dao = mock(SecurityDao.class);
    when(dao.findApiKeyByValue(eq("xyz"))).thenReturn(apiKey);
    final Configuration config = mock(Configuration.class);
    final Security<User> security = new Security<>(dao, config, authorization, null);
    assertFalse(security.isLoggedIn());
    assertNull(security.getUserPrincipal());
}
Also used : Configuration(javax.ws.rs.core.Configuration) MinijaxTest(org.minijax.test.MinijaxTest) Test(org.junit.Test)

Example 42 with Configuration

use of javax.ws.rs.core.Configuration in project minijax by minijax.

the class SecurityTest method testCookieInvalidUuid.

@Test
public void testCookieInvalidUuid() {
    final String cookie = "not-a-uuid";
    final SecurityDao dao = mock(SecurityDao.class);
    final Configuration config = mock(Configuration.class);
    final Security<User> security = new Security<>(dao, config, null, cookie);
    assertFalse(security.isLoggedIn());
    assertNull(security.getUserPrincipal());
}
Also used : Configuration(javax.ws.rs.core.Configuration) MinijaxTest(org.minijax.test.MinijaxTest) Test(org.junit.Test)

Example 43 with Configuration

use of javax.ws.rs.core.Configuration in project minijax by minijax.

the class SecurityTest method testCookieInvalidSession.

@Test
public void testCookieInvalidSession() {
    final UserSession session = new UserSession();
    final String cookie = session.getId().toString();
    final SecurityDao dao = mock(SecurityDao.class);
    when(dao.read(eq(UserSession.class), eq(session.getId()))).thenReturn(session);
    final Configuration config = mock(Configuration.class);
    final Security<User> security = new Security<>(dao, config, null, cookie);
    assertFalse(security.isLoggedIn());
    assertNull(security.getUserPrincipal());
}
Also used : Configuration(javax.ws.rs.core.Configuration) MinijaxTest(org.minijax.test.MinijaxTest) Test(org.junit.Test)

Example 44 with Configuration

use of javax.ws.rs.core.Configuration in project minijax by minijax.

the class SecurityTest method testCookie.

@Test
public void testCookie() {
    final User user = new User();
    user.setRoles("admin");
    final UserSession session = new UserSession();
    session.setUser(user);
    final String cookie = session.getId().toString();
    final SecurityDao dao = mock(SecurityDao.class);
    when(dao.read(eq(UserSession.class), eq(session.getId()))).thenReturn(session);
    when(dao.read(eq(User.class), eq(user.getId()))).thenReturn(user);
    final Configuration config = mock(Configuration.class);
    when(config.getProperty(eq(MinijaxProperties.SECURITY_USER_CLASS))).thenReturn(User.class);
    final Security<User> security = new Security<>(dao, config, null, cookie);
    security.requireLogin();
    security.validateSession(session.getId().toString());
    assertTrue(security.isLoggedIn());
    assertNotNull(security.getUserPrincipal());
    assertEquals(user, security.getUserPrincipal());
    assertEquals(user, security.getUserPrincipal());
    assertEquals(SecurityContext.FORM_AUTH, security.getAuthenticationScheme());
    assertTrue(security.isUserInRole("admin"));
    assertFalse(security.isUserInRole("foo"));
}
Also used : Configuration(javax.ws.rs.core.Configuration) MinijaxTest(org.minijax.test.MinijaxTest) Test(org.junit.Test)

Example 45 with Configuration

use of javax.ws.rs.core.Configuration in project minijax by minijax.

the class SecurityTest method testApiKeyNotFound.

@Test
public void testApiKeyNotFound() {
    final String authorization = AuthUtils.create("xyz", "");
    final SecurityDao dao = mock(SecurityDao.class);
    final Configuration config = mock(Configuration.class);
    final Security<User> security = new Security<>(dao, config, authorization, null);
    assertFalse(security.isLoggedIn());
    assertNull(security.getUserPrincipal());
}
Also used : Configuration(javax.ws.rs.core.Configuration) MinijaxTest(org.minijax.test.MinijaxTest) Test(org.junit.Test)

Aggregations

Configuration (javax.ws.rs.core.Configuration)56 Test (org.junit.Test)28 MinijaxTest (org.minijax.test.MinijaxTest)17 FeatureContext (javax.ws.rs.core.FeatureContext)7 Client (javax.ws.rs.client.Client)5 ContainerResponseFilter (javax.ws.rs.container.ContainerResponseFilter)4 Map (java.util.Map)3 ClientRequestFilter (javax.ws.rs.client.ClientRequestFilter)3 ClientResponseFilter (javax.ws.rs.client.ClientResponseFilter)3 ContainerRequestFilter (javax.ws.rs.container.ContainerRequestFilter)3 Feature (javax.ws.rs.core.Feature)3 NewCookie (javax.ws.rs.core.NewCookie)3 List (java.util.List)2 ClassResourceInfo (org.apache.cxf.jaxrs.model.ClassResourceInfo)2 OperationResourceInfo (org.apache.cxf.jaxrs.model.OperationResourceInfo)2 AbstractBinder (org.glassfish.jersey.internal.inject.AbstractBinder)2 LocalResteasyProviderFactory (org.jboss.resteasy.client.jaxrs.internal.LocalResteasyProviderFactory)2 ResteasyJackson2Provider (org.jboss.resteasy.plugins.providers.jackson.ResteasyJackson2Provider)2 ResteasyProviderFactory (org.jboss.resteasy.spi.ResteasyProviderFactory)2 JacksonJaxbJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider)1