Search in sources :

Example 1 with CrossOriginFilter

use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.

the class TestCrossOriginFilter method testCrossOriginFilterAfterRestart.

@Test
public void testCrossOriginFilterAfterRestart() throws ServletException {
    // Setup the configuration settings of the server
    Map<String, String> conf = new HashMap<String, String>();
    conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
    conf.put(CrossOriginFilter.ALLOWED_HEADERS, "X-Requested-With,Accept");
    conf.put(CrossOriginFilter.ALLOWED_METHODS, "GET,POST");
    FilterConfig filterConfig = new FilterConfigTest(conf);
    // Object under test
    CrossOriginFilter filter = new CrossOriginFilter();
    filter.init(filterConfig);
    //verify filter values
    Assert.assertTrue("Allowed headers do not match", filter.getAllowedHeadersHeader().compareTo("X-Requested-With,Accept") == 0);
    Assert.assertTrue("Allowed methods do not match", filter.getAllowedMethodsHeader().compareTo("GET,POST") == 0);
    Assert.assertTrue(filter.areOriginsAllowed("example.com"));
    //destroy filter values and clear conf
    filter.destroy();
    conf.clear();
    // Setup the configuration settings of the server
    conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "newexample.com");
    conf.put(CrossOriginFilter.ALLOWED_HEADERS, "Content-Type,Origin");
    conf.put(CrossOriginFilter.ALLOWED_METHODS, "GET,HEAD");
    filterConfig = new FilterConfigTest(conf);
    //initialize filter
    filter.init(filterConfig);
    //verify filter values
    Assert.assertTrue("Allowed headers do not match", filter.getAllowedHeadersHeader().compareTo("Content-Type,Origin") == 0);
    Assert.assertTrue("Allowed methods do not match", filter.getAllowedMethodsHeader().compareTo("GET,HEAD") == 0);
    Assert.assertTrue(filter.areOriginsAllowed("newexample.com"));
    //destroy filter values
    filter.destroy();
}
Also used : HashMap(java.util.HashMap) FilterConfig(javax.servlet.FilterConfig) CrossOriginFilter(org.apache.hadoop.security.http.CrossOriginFilter) Test(org.junit.Test)

Example 2 with CrossOriginFilter

use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.

the class TestCrossOriginFilter method testDisallowedOrigin.

@Test
public void testDisallowedOrigin() throws ServletException, IOException {
    // Setup the configuration settings of the server
    Map<String, String> conf = new HashMap<String, String>();
    conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
    FilterConfig filterConfig = new FilterConfigTest(conf);
    // Origin is not specified for same origin requests
    HttpServletRequest mockReq = Mockito.mock(HttpServletRequest.class);
    Mockito.when(mockReq.getHeader(CrossOriginFilter.ORIGIN)).thenReturn("example.org");
    // Objects to verify interactions based on request
    HttpServletResponse mockRes = Mockito.mock(HttpServletResponse.class);
    FilterChain mockChain = Mockito.mock(FilterChain.class);
    // Object under test
    CrossOriginFilter filter = new CrossOriginFilter();
    filter.init(filterConfig);
    filter.doFilter(mockReq, mockRes, mockChain);
    Mockito.verifyZeroInteractions(mockRes);
    Mockito.verify(mockChain).doFilter(mockReq, mockRes);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HashMap(java.util.HashMap) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) FilterConfig(javax.servlet.FilterConfig) CrossOriginFilter(org.apache.hadoop.security.http.CrossOriginFilter) Test(org.junit.Test)

Example 3 with CrossOriginFilter

use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.

the class TestCrossOriginFilter method testAllowAllOrigins.

@Test
public void testAllowAllOrigins() throws ServletException, IOException {
    // Setup the configuration settings of the server
    Map<String, String> conf = new HashMap<String, String>();
    conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "*");
    FilterConfig filterConfig = new FilterConfigTest(conf);
    // Object under test
    CrossOriginFilter filter = new CrossOriginFilter();
    filter.init(filterConfig);
    Assert.assertTrue(filter.areOriginsAllowed("example.com"));
}
Also used : HashMap(java.util.HashMap) FilterConfig(javax.servlet.FilterConfig) CrossOriginFilter(org.apache.hadoop.security.http.CrossOriginFilter) Test(org.junit.Test)

Example 4 with CrossOriginFilter

use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.

the class TestCrossOriginFilter method testCrossOriginFilter.

@Test
public void testCrossOriginFilter() throws ServletException, IOException {
    // Setup the configuration settings of the server
    Map<String, String> conf = new HashMap<String, String>();
    conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
    FilterConfig filterConfig = new FilterConfigTest(conf);
    // Origin is not specified for same origin requests
    HttpServletRequest mockReq = Mockito.mock(HttpServletRequest.class);
    Mockito.when(mockReq.getHeader(CrossOriginFilter.ORIGIN)).thenReturn("example.com");
    Mockito.when(mockReq.getHeader(CrossOriginFilter.ACCESS_CONTROL_REQUEST_METHOD)).thenReturn("GET");
    Mockito.when(mockReq.getHeader(CrossOriginFilter.ACCESS_CONTROL_REQUEST_HEADERS)).thenReturn("X-Requested-With");
    // Objects to verify interactions based on request
    HttpServletResponse mockRes = Mockito.mock(HttpServletResponse.class);
    FilterChain mockChain = Mockito.mock(FilterChain.class);
    // Object under test
    CrossOriginFilter filter = new CrossOriginFilter();
    filter.init(filterConfig);
    filter.doFilter(mockReq, mockRes, mockChain);
    Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN, "example.com");
    Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.TRUE.toString());
    Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_METHODS, filter.getAllowedMethodsHeader());
    Mockito.verify(mockRes).setHeader(CrossOriginFilter.ACCESS_CONTROL_ALLOW_HEADERS, filter.getAllowedHeadersHeader());
    Mockito.verify(mockChain).doFilter(mockReq, mockRes);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HashMap(java.util.HashMap) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) FilterConfig(javax.servlet.FilterConfig) CrossOriginFilter(org.apache.hadoop.security.http.CrossOriginFilter) Test(org.junit.Test)

Example 5 with CrossOriginFilter

use of org.apache.hadoop.security.http.CrossOriginFilter in project hadoop by apache.

the class TestCrossOriginFilter method testDisallowedMethod.

@Test
public void testDisallowedMethod() throws ServletException, IOException {
    // Setup the configuration settings of the server
    Map<String, String> conf = new HashMap<String, String>();
    conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "example.com");
    FilterConfig filterConfig = new FilterConfigTest(conf);
    // Origin is not specified for same origin requests
    HttpServletRequest mockReq = Mockito.mock(HttpServletRequest.class);
    Mockito.when(mockReq.getHeader(CrossOriginFilter.ORIGIN)).thenReturn("example.com");
    Mockito.when(mockReq.getHeader(CrossOriginFilter.ACCESS_CONTROL_REQUEST_METHOD)).thenReturn("DISALLOWED_METHOD");
    // Objects to verify interactions based on request
    HttpServletResponse mockRes = Mockito.mock(HttpServletResponse.class);
    FilterChain mockChain = Mockito.mock(FilterChain.class);
    // Object under test
    CrossOriginFilter filter = new CrossOriginFilter();
    filter.init(filterConfig);
    filter.doFilter(mockReq, mockRes, mockChain);
    Mockito.verifyZeroInteractions(mockRes);
    Mockito.verify(mockChain).doFilter(mockReq, mockRes);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HashMap(java.util.HashMap) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) FilterConfig(javax.servlet.FilterConfig) CrossOriginFilter(org.apache.hadoop.security.http.CrossOriginFilter) Test(org.junit.Test)

Aggregations

HashMap (java.util.HashMap)8 FilterConfig (javax.servlet.FilterConfig)8 CrossOriginFilter (org.apache.hadoop.security.http.CrossOriginFilter)8 Test (org.junit.Test)8 FilterChain (javax.servlet.FilterChain)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)5 HttpServletResponse (javax.servlet.http.HttpServletResponse)5