Search in sources :

Example 1 with IPersonManager

use of org.apereo.portal.security.IPersonManager in project uPortal by Jasig.

the class PersonalizationFilterTest method setup.

@Before
public void setup() {
    res = new MockHttpServletResponse();
    req = new MockHttpServletRequest();
    personalizationFilter = new PersonalizationFilter();
    IPerson person = mockPerson("user1");
    IPersonManager pMgr = mockPersonManager(req, person);
    personalizationFilter.setPersonManager(pMgr);
}
Also used : IPerson(org.apereo.portal.security.IPerson) IPersonManager(org.apereo.portal.security.IPersonManager) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Before(org.junit.Before)

Example 2 with IPersonManager

use of org.apereo.portal.security.IPersonManager in project uPortal by Jasig.

the class MaxInactiveFilterTest method noTimeSetWorkflow.

@Test
public void noTimeSetWorkflow() throws IOException, ServletException {
    final HttpSession session = mock(HttpSession.class);
    final HttpServletRequest req = mock(HttpServletRequest.class);
    when(req.getSession(false)).thenReturn(session);
    // no calls, used in doFilter()
    final ServletResponse resp = mock(ServletResponse.class);
    final FilterChain chain = mock(FilterChain.class);
    final ISecurityContext securityContext = mock(ISecurityContext.class);
    when(securityContext.isAuthenticated()).thenReturn(true);
    final IPerson person = mock(IPerson.class);
    when(person.getSecurityContext()).thenReturn(securityContext);
    when(person.getAttribute(SESSION_MAX_INACTIVE_SET_ATTR)).thenReturn(null);
    when(person.getAttribute(IPerson.USERNAME)).thenReturn("jsmith");
    final IPersonManager personManager = mock(IPersonManager.class);
    when(personManager.getPerson(req)).thenReturn(person);
    final IMaxInactiveStrategy maxInactiveStrategy = mock(IMaxInactiveStrategy.class);
    final Integer interval = 5;
    when(maxInactiveStrategy.calcMaxInactive(person)).thenReturn(interval);
    final MaxInactiveFilter filter = new MaxInactiveFilter();
    ReflectionTestUtils.setField(filter, "personManager", personManager);
    ReflectionTestUtils.setField(filter, "maxInactiveStrategy", maxInactiveStrategy);
    filter.doFilter(req, resp, chain);
    verify(person, times(1)).setAttribute(eq(SESSION_MAX_INACTIVE_SET_ATTR), any(LocalDateTime.class));
    verify(session, times(1)).setMaxInactiveInterval(interval);
    verify(maxInactiveStrategy, times(1)).calcMaxInactive(person);
    verify(securityContext, times(1)).isAuthenticated();
    verify(person, times(1)).getSecurityContext();
    verify(person, times(1)).getAttribute(SESSION_MAX_INACTIVE_SET_ATTR);
    verify(person, times(2)).getAttribute(IPerson.USERNAME);
    verify(personManager, times(1)).getPerson(req);
    verifyNoMoreInteractions(resp);
    verify(chain, only()).doFilter(req, resp);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) LocalDateTime(java.time.LocalDateTime) ServletResponse(javax.servlet.ServletResponse) IPerson(org.apereo.portal.security.IPerson) IPersonManager(org.apereo.portal.security.IPersonManager) HttpSession(javax.servlet.http.HttpSession) FilterChain(javax.servlet.FilterChain) ISecurityContext(org.apereo.portal.security.ISecurityContext) Test(org.junit.Test)

Example 3 with IPersonManager

use of org.apereo.portal.security.IPersonManager in project uPortal by Jasig.

the class MaxInactiveFilterTest method timeSetInsideRefreshDurationWorkflow.

@Test
public void timeSetInsideRefreshDurationWorkflow() throws IOException, ServletException {
    final HttpSession session = mock(HttpSession.class);
    final HttpServletRequest req = mock(HttpServletRequest.class);
    when(req.getSession(false)).thenReturn(session);
    // no calls, used in doFilter()
    final ServletResponse resp = mock(ServletResponse.class);
    final FilterChain chain = mock(FilterChain.class);
    final ISecurityContext securityContext = mock(ISecurityContext.class);
    when(securityContext.isAuthenticated()).thenReturn(true);
    final IPerson person = mock(IPerson.class);
    when(person.getSecurityContext()).thenReturn(securityContext);
    final LocalDateTime lastTime = LocalDateTime.now(tz).minusMinutes(1);
    when(person.getAttribute(SESSION_MAX_INACTIVE_SET_ATTR)).thenReturn(lastTime);
    when(person.getAttribute(IPerson.USERNAME)).thenReturn("jsmith");
    final IPersonManager personManager = mock(IPersonManager.class);
    when(personManager.getPerson(req)).thenReturn(person);
    final IMaxInactiveStrategy maxInactiveStrategy = mock(IMaxInactiveStrategy.class);
    final MaxInactiveFilter filter = new MaxInactiveFilter();
    ReflectionTestUtils.setField(filter, "personManager", personManager);
    ReflectionTestUtils.setField(filter, "maxInactiveStrategy", maxInactiveStrategy);
    filter.doFilter(req, resp, chain);
    verify(securityContext, times(1)).isAuthenticated();
    verify(person, times(1)).getSecurityContext();
    verify(person, times(1)).getAttribute(SESSION_MAX_INACTIVE_SET_ATTR);
    verify(person, times(1)).getAttribute(IPerson.USERNAME);
    verify(personManager, times(1)).getPerson(req);
    verifyNoMoreInteractions(maxInactiveStrategy);
    verifyNoMoreInteractions(resp);
    verifyNoMoreInteractions(session);
    verify(chain, only()).doFilter(req, resp);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) LocalDateTime(java.time.LocalDateTime) ServletResponse(javax.servlet.ServletResponse) IPerson(org.apereo.portal.security.IPerson) IPersonManager(org.apereo.portal.security.IPersonManager) HttpSession(javax.servlet.http.HttpSession) FilterChain(javax.servlet.FilterChain) ISecurityContext(org.apereo.portal.security.ISecurityContext) Test(org.junit.Test)

Example 4 with IPersonManager

use of org.apereo.portal.security.IPersonManager in project uPortal by Jasig.

the class MaxInactiveFilterTest method notAuthenticatedWorkflow.

@Test
public void notAuthenticatedWorkflow() throws IOException, ServletException {
    final HttpSession session = mock(HttpSession.class);
    final HttpServletRequest req = mock(HttpServletRequest.class);
    when(req.getSession(false)).thenReturn(session);
    // no calls, used in doFilter()
    final ServletResponse resp = mock(ServletResponse.class);
    final FilterChain chain = mock(FilterChain.class);
    final ISecurityContext securityContext = mock(ISecurityContext.class);
    when(securityContext.isAuthenticated()).thenReturn(false);
    final IPerson person = mock(IPerson.class);
    when(person.getSecurityContext()).thenReturn(securityContext);
    when(person.getAttribute(IPerson.USERNAME)).thenReturn("jsmith");
    final IPersonManager personManager = mock(IPersonManager.class);
    when(personManager.getPerson(req)).thenReturn(person);
    final IMaxInactiveStrategy maxInactiveStrategy = mock(IMaxInactiveStrategy.class);
    final MaxInactiveFilter filter = new MaxInactiveFilter();
    ReflectionTestUtils.setField(filter, "personManager", personManager);
    ReflectionTestUtils.setField(filter, "maxInactiveStrategy", maxInactiveStrategy);
    filter.doFilter(req, resp, chain);
    verify(securityContext, times(1)).isAuthenticated();
    verify(person, times(1)).getSecurityContext();
    verify(person, times(1)).getAttribute(IPerson.USERNAME);
    verify(personManager, times(1)).getPerson(req);
    verifyNoMoreInteractions(maxInactiveStrategy);
    verifyNoMoreInteractions(resp);
    verifyNoMoreInteractions(session);
    verify(chain, only()).doFilter(req, resp);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletResponse(javax.servlet.ServletResponse) IPerson(org.apereo.portal.security.IPerson) IPersonManager(org.apereo.portal.security.IPersonManager) HttpSession(javax.servlet.http.HttpSession) FilterChain(javax.servlet.FilterChain) ISecurityContext(org.apereo.portal.security.ISecurityContext) Test(org.junit.Test)

Example 5 with IPersonManager

use of org.apereo.portal.security.IPersonManager in project uPortal by Jasig.

the class MaxInactiveFilterTest method noPersonWorkflow.

@Test
public void noPersonWorkflow() throws IOException, ServletException {
    final HttpSession session = mock(HttpSession.class);
    final HttpServletRequest req = mock(HttpServletRequest.class);
    when(req.getSession(false)).thenReturn(session);
    // no calls, used in doFilter()
    final ServletResponse resp = mock(ServletResponse.class);
    final FilterChain chain = mock(FilterChain.class);
    final IPersonManager personManager = mock(IPersonManager.class);
    when(personManager.getPerson(req)).thenReturn(null);
    final IMaxInactiveStrategy maxInactiveStrategy = mock(IMaxInactiveStrategy.class);
    final MaxInactiveFilter filter = new MaxInactiveFilter();
    ReflectionTestUtils.setField(filter, "personManager", personManager);
    ReflectionTestUtils.setField(filter, "maxInactiveStrategy", maxInactiveStrategy);
    filter.doFilter(req, resp, chain);
    verify(personManager, times(1)).getPerson(req);
    verifyNoMoreInteractions(maxInactiveStrategy);
    verifyNoMoreInteractions(resp);
    verifyNoMoreInteractions(session);
    verify(chain, only()).doFilter(req, resp);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletResponse(javax.servlet.ServletResponse) IPersonManager(org.apereo.portal.security.IPersonManager) HttpSession(javax.servlet.http.HttpSession) FilterChain(javax.servlet.FilterChain) Test(org.junit.Test)

Aggregations

IPersonManager (org.apereo.portal.security.IPersonManager)10 FilterChain (javax.servlet.FilterChain)7 ServletResponse (javax.servlet.ServletResponse)7 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 Test (org.junit.Test)7 HttpSession (javax.servlet.http.HttpSession)6 IPerson (org.apereo.portal.security.IPerson)6 ISecurityContext (org.apereo.portal.security.ISecurityContext)4 LocalDateTime (java.time.LocalDateTime)3 Before (org.junit.Before)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1