Example 21 with RequestContext
use of org.craftercms.commons.http.RequestContext in project engine by craftercms.
the class ConfigAwareUrlAccessRestrictionCheckingProcessorTest method testProcessRequest.
@Test(expected = AccessDeniedException.class)
public void testProcessRequest() throws Exception {
RequestContext requestContext = RequestContext.getCurrent();
RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
SecurityUtils.setAuthentication(requestContext.getRequest(), new DefaultAuthentication(ObjectId.get().toString(), new Profile()));
processor.processRequest(requestContext, chain);
}
Also used :
DefaultAuthentication(org.craftercms.security.authentication.impl.DefaultAuthentication)
RequestSecurityProcessorChain(org.craftercms.security.processors.RequestSecurityProcessorChain)
RequestContext(org.craftercms.commons.http.RequestContext)
Profile(org.craftercms.profile.api.Profile)
Test(org.junit.Test)
Example 22 with RequestContext
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class RestAccessDeniedHandlerTest method testHandle.
@Test
public void testHandle() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/admin.json");
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
handler.handle(context, new AccessDeniedException(ERROR_MESSAGE));
assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
assertEquals(EXPECTED_RESPONSE_CONTENT, response.getContentAsString());
}
Also used :
AccessDeniedException(org.craftercms.security.exception.AccessDeniedException)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
RequestContext(org.craftercms.commons.http.RequestContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Example 23 with RequestContext
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class CurrentAuthenticationResolvingProcessorTest method testGetAuthentication.
@Test
public void testGetAuthentication() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
Date profileLastModified = new Date();
Cookie ticketCookie = new Cookie(SecurityUtils.TICKET_COOKIE_NAME, TICKET);
Cookie profileLastModifiedCookie = new Cookie(SecurityUtils.PROFILE_LAST_MODIFIED_COOKIE_NAME, String.valueOf(profileLastModified.getTime()));
request.setCookies(ticketCookie, profileLastModifiedCookie);
Profile profile = new Profile();
profile.setLastModified(profileLastModified);
Authentication auth = new DefaultAuthentication(TICKET, profile);
when(authenticationManager.getAuthentication(TICKET, false)).thenReturn(auth);
processor.processRequest(context, chain);
verify(chain).processRequest(context);
Authentication newAuth = SecurityUtils.getAuthentication(request);
assertNotNull(newAuth);
assertEquals(auth.getTicket(), newAuth.getTicket());
assertEquals(auth.getProfile().getLastModified(), newAuth.getProfile().getLastModified());
}
Also used :
Cookie(javax.servlet.http.Cookie)
DefaultAuthentication(org.craftercms.security.authentication.impl.DefaultAuthentication)
RequestSecurityProcessorChain(org.craftercms.security.processors.RequestSecurityProcessorChain)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.craftercms.security.authentication.Authentication)
DefaultAuthentication(org.craftercms.security.authentication.impl.DefaultAuthentication)
RequestContext(org.craftercms.commons.http.RequestContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Date(java.util.Date)
Profile(org.craftercms.profile.api.Profile)
Test(org.junit.Test)
Example 24 with RequestContext
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class LogoutProcessorTest method testLogout.
@Test
public void testLogout() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(LogoutProcessor.DEFAULT_LOGOUT_METHOD, LogoutProcessor.DEFAULT_LOGOUT_URL);
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
Profile profile = new Profile();
profile.setUsername(USERNAME);
Authentication auth = new DefaultAuthentication(new ObjectId().toString(), profile);
SecurityUtils.setAuthentication(request, auth);
processor.processRequest(context, chain);
verify(chain, never()).processRequest(context);
assertNull(SecurityUtils.getAuthentication(request));
verify(logoutSuccessHandler).handle(context);
}
Also used :
DefaultAuthentication(org.craftercms.security.authentication.impl.DefaultAuthentication)
RequestSecurityProcessorChain(org.craftercms.security.processors.RequestSecurityProcessorChain)
ObjectId(org.bson.types.ObjectId)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.craftercms.security.authentication.Authentication)
DefaultAuthentication(org.craftercms.security.authentication.impl.DefaultAuthentication)
RequestContext(org.craftercms.commons.http.RequestContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Profile(org.craftercms.profile.api.Profile)
Test(org.junit.Test)
Example 25 with RequestContext
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class RememberMeAutoLoginProcessorTest method testProcessRequest.
@Test
public void testProcessRequest() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
processor.processRequest(context, chain);
assertNotNull(SecurityUtils.getAuthentication(request));
assertEquals(authentication, SecurityUtils.getAuthentication(request));
verify(rememberMeManager).autoLogin(context);
verify(chain).processRequest(context);
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
RequestContext(org.craftercms.commons.http.RequestContext)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Aggregations
RequestContext (org.craftercms.commons.http.RequestContext)47
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)40
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)40
Test (org.junit.Test)37
RequestSecurityProcessorChain (org.craftercms.security.processors.RequestSecurityProcessorChain)17
Authentication (org.craftercms.security.authentication.Authentication)12
DefaultAuthentication (org.craftercms.security.authentication.impl.DefaultAuthentication)11
Cookie (javax.servlet.http.Cookie)9
Profile (org.craftercms.profile.api.Profile)9
ObjectId (org.bson.types.ObjectId)7
AuthenticationRequiredException (org.craftercms.security.exception.AuthenticationRequiredException)5
AccessDeniedException (org.craftercms.security.exception.AccessDeniedException)4
Date (java.util.Date)3
BadCredentialsException (org.craftercms.security.exception.BadCredentialsException)3
RequestSecurityProcessor (org.craftercms.security.processors.RequestSecurityProcessor)3
HashMap (java.util.HashMap)2
HttpSession (javax.servlet.http.HttpSession)2
AuthenticationException (org.craftercms.security.exception.AuthenticationException)2
ExecutionInput (graphql.ExecutionInput)1
ExecutionInput.newExecutionInput (graphql.ExecutionInput.newExecutionInput)1
