use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.
the class TestCrossOriginFilter method testCrossOriginFilterAfterRestart.
@Test
public void testCrossOriginFilterAfterRestart() throws ServletException {
// Setup the configuration settings of the server
Map<String, String> conf = new HashMap<String, String>();
conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
conf.put(CrossOriginFilter.ALLOWED_HEADERS, "X-Requested-With,Accept");
conf.put(CrossOriginFilter.ALLOWED_METHODS, "GET,POST");
FilterConfig filterConfig = new FilterConfigTest(conf);
// Object under test
CrossOriginFilter filter = new CrossOriginFilter();
filter.init(filterConfig);
//verify filter values
Assert.assertTrue("Allowed headers do not match", filter.getAllowedHeadersHeader().compareTo("X-Requested-With,Accept") == 0);
Assert.assertTrue("Allowed methods do not match", filter.getAllowedMethodsHeader().compareTo("GET,POST") == 0);
Assert.assertTrue(filter.areOriginsAllowed("example.com"));
//destroy filter values and clear conf
filter.destroy();
conf.clear();
// Setup the configuration settings of the server
conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "newexample.com");
conf.put(CrossOriginFilter.ALLOWED_HEADERS, "Content-Type,Origin");
conf.put(CrossOriginFilter.ALLOWED_METHODS, "GET,HEAD");
filterConfig = new FilterConfigTest(conf);
//initialize filter
filter.init(filterConfig);
//verify filter values
Assert.assertTrue("Allowed headers do not match", filter.getAllowedHeadersHeader().compareTo("Content-Type,Origin") == 0);
Assert.assertTrue("Allowed methods do not match", filter.getAllowedMethodsHeader().compareTo("GET,HEAD") == 0);
Assert.assertTrue(filter.areOriginsAllowed("newexample.com"));
//destroy filter values
filter.destroy();
}
use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.
the class TestCrossOriginFilter method testDisallowedOrigin.
@Test
public void testDisallowedOrigin() throws ServletException, IOException {
// Setup the configuration settings of the server
Map<String, String> conf = new HashMap<String, String>();
conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
FilterConfig filterConfig = new FilterConfigTest(conf);
// Origin is not specified for same origin requests
HttpServletRequest mockReq = Mockito.mock(HttpServletRequest.class);
Mockito.when(mockReq.getHeader(CrossOriginFilter.ORIGIN)).thenReturn("example.org");
// Objects to verify interactions based on request
HttpServletResponse mockRes = Mockito.mock(HttpServletResponse.class);
FilterChain mockChain = Mockito.mock(FilterChain.class);
// Object under test
CrossOriginFilter filter = new CrossOriginFilter();
filter.init(filterConfig);
filter.doFilter(mockReq, mockRes, mockChain);
Mockito.verifyZeroInteractions(mockRes);
Mockito.verify(mockChain).doFilter(mockReq, mockRes);
}
use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.
the class TestCrossOriginFilter method testAllowAllOrigins.
@Test
public void testAllowAllOrigins() throws ServletException, IOException {
// Setup the configuration settings of the server
Map<String, String> conf = new HashMap<String, String>();
conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "*");
FilterConfig filterConfig = new FilterConfigTest(conf);
// Object under test
CrossOriginFilter filter = new CrossOriginFilter();
filter.init(filterConfig);
Assert.assertTrue(filter.areOriginsAllowed("example.com"));
}
use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.
the class TestCrossOriginFilter method testCrossOriginFilter.
@Test
public void testCrossOriginFilter() throws ServletException, IOException {
// Setup the configuration settings of the server
Map<String, String> conf = new HashMap<String, String>();
conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
FilterConfig filterConfig = new FilterConfigTest(conf);
// Origin is not specified for same origin requests
HttpServletRequest mockReq = Mockito.mock(HttpServletRequest.class);
Mockito.when(mockReq.getHeader(CrossOriginFilter.ORIGIN)).thenReturn("example.com");
Mockito.when(mockReq.getHeader(CrossOriginFilter.ACCESS_CONTROL_REQUEST_METHOD)).thenReturn("GET");
Mockito.when(mockReq.getHeader(CrossOriginFilter.ACCESS_CONTROL_REQUEST_HEADERS)).thenReturn("X-Requested-With");
// Objects to verify interactions based on request
HttpServletResponse mockRes = Mockito.mock(HttpServletResponse.class);
FilterChain mockChain = Mockito.mock(FilterChain.class);
// Object under test
CrossOriginFilter filter = new CrossOriginFilter();
filter.init(filterConfig);
filter.doFilter(mockReq, mockRes, mockChain);
Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN, "example.com");
Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.TRUE.toString());
Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_METHODS, filter.getAllowedMethodsHeader());
Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_HEADERS, filter.getAllowedHeadersHeader());
Mockito.verify(mockChain).doFilter(mockReq, mockRes);
}
use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.
the class TestCrossOriginFilter method testDisallowedMethod.
@Test
public void testDisallowedMethod() throws ServletException, IOException {
// Setup the configuration settings of the server
Map<String, String> conf = new HashMap<String, String>();
conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
FilterConfig filterConfig = new FilterConfigTest(conf);
// Origin is not specified for same origin requests
HttpServletRequest mockReq = Mockito.mock(HttpServletRequest.class);
Mockito.when(mockReq.getHeader(CrossOriginFilter.ORIGIN)).thenReturn("example.com");
Mockito.when(mockReq.getHeader(CrossOriginFilter.ACCESS_CONTROL_REQUEST_METHOD)).thenReturn("DISALLOWED_METHOD");
// Objects to verify interactions based on request
HttpServletResponse mockRes = Mockito.mock(HttpServletResponse.class);
FilterChain mockChain = Mockito.mock(FilterChain.class);
// Object under test
CrossOriginFilter filter = new CrossOriginFilter();
filter.init(filterConfig);
filter.doFilter(mockReq, mockRes, mockChain);
Mockito.verifyZeroInteractions(mockRes);
Mockito.verify(mockChain).doFilter(mockReq, mockRes);
}
Aggregations