use of org.orcid.core.oauth.OrcidOAuth2Authentication in project ORCID-Source by ORCID.
the class OauthRegistrationControllerTest method testStripHtmlFromNames.
@SuppressWarnings("unchecked")
@Test
public void testStripHtmlFromNames() throws UnsupportedEncodingException {
HttpSession session = mock(HttpSession.class);
RequestInfoForm rf = new RequestInfoForm();
RedirectView mv = new RedirectView();
when(servletRequest.getSession()).thenReturn(session);
when(servletRequest.getSession().getAttribute("requestInfoForm")).thenReturn(rf);
when(authorizationEndpoint.approveOrDeny(Matchers.anyMap(), Matchers.anyMap(), Matchers.any(SessionStatus.class), Matchers.any(Principal.class))).thenReturn(mv);
when(authenticationManager.authenticate(Matchers.any(Authentication.class))).thenAnswer(new Answer<Authentication>() {
@Override
public Authentication answer(InvocationOnMock invocation) throws Throwable {
OrcidOAuth2Authentication mockedAuthentication = mock(OrcidOAuth2Authentication.class);
return mockedAuthentication;
}
});
Text email = Text.valueOf(System.currentTimeMillis() + "@test.orcid.org");
OauthRegistrationForm reg = new OauthRegistrationForm();
org.orcid.pojo.ajaxForm.Visibility fv = new org.orcid.pojo.ajaxForm.Visibility();
fv.setVisibility(org.orcid.jaxb.model.v3.dev1.common.Visibility.PUBLIC);
reg.setActivitiesVisibilityDefault(fv);
reg.setEmail(email);
reg.setEmailConfirm(email);
reg.setFamilyNames(Text.valueOf("<button onclick=\"alert('hello')\">Family Name</button>"));
reg.setGivenNames(Text.valueOf("<button onclick=\"alert('hello')\">Given Names</button>"));
reg.setPassword(Text.valueOf("1234abcd"));
reg.setPasswordConfirm(Text.valueOf("1234abcd"));
reg.setValNumClient(2L);
reg.setValNumServer(4L);
reg.setApproved(true);
Checkbox c = new Checkbox();
c.setValue(true);
reg.setTermsOfUse(c);
reg.setCreationType(Text.valueOf(CreationMethod.DIRECT.value()));
reg.setPersistentTokenEnabled(true);
oauthRegistrationController.registerAndAuthorize(servletRequest, servletResponse, reg);
ArgumentCaptor<HttpServletRequest> argument1 = ArgumentCaptor.forClass(HttpServletRequest.class);
ArgumentCaptor<Registration> argument2 = ArgumentCaptor.forClass(Registration.class);
ArgumentCaptor<Boolean> argument3 = ArgumentCaptor.forClass(Boolean.class);
ArgumentCaptor<Locale> argument4 = ArgumentCaptor.forClass(Locale.class);
ArgumentCaptor<String> argument5 = ArgumentCaptor.forClass(String.class);
verify(registrationController).createMinimalRegistration(argument1.capture(), argument2.capture(), argument3.capture(), argument4.capture(), argument5.capture());
assertNotNull(argument2.getValue());
Registration registration = argument2.getValue();
assertEquals(email.getValue(), registration.getEmail().getValue());
assertEquals("Given Names", registration.getGivenNames().getValue());
assertEquals("Family Name", registration.getFamilyNames().getValue());
}
Aggregations