use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.
the class CsrfAuthorizerTests method testHeaderOk.
@Test
public void testHeaderOk() {
final WebContext context = MockWebContext.create().addRequestHeader(Pac4jConstants.CSRF_TOKEN, VALUE);
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN, VALUE);
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
Assert.assertTrue(authorizer.isAuthorized(context, sessionStore, null));
}
use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.
the class CsrfAuthorizerTests method testNoTokenCheckAll.
@Test
public void testNoTokenCheckAll() {
final var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN, VALUE);
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
authorizer.setCheckAllRequests(false);
Assert.assertTrue(authorizer.isAuthorized(context, sessionStore, null));
}
use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.
the class DefaultAuthorizationCheckerTests method testTwoExistingAuthorizerProfileDoesNotMatch2.
@Test
public void testTwoExistingAuthorizerProfileDoesNotMatch2() {
profile.addRole(ROLE);
final List<Authorizer> authorizers = new ArrayList<>();
authorizers.add(new IdAuthorizer());
authorizers.add(new RequireAnyRoleAuthorizer(ROLE));
assertFalse(checker.isAuthorized(null, new MockSessionStore(), profiles, authorizers));
}
use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.
the class BaseClientTests method testSaveAlreadyTried.
@Test
public void testSaveAlreadyTried() {
final var client = new MockIndirectClient(TYPE, new FoundAction(LOGIN_URL), Optional.empty(), new CommonProfile());
client.setCallbackUrl(CALLBACK_URL);
final var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
client.getCredentials(context, sessionStore);
assertEquals("true", sessionStore.get(context, client.getName() + IndirectClient.ATTEMPTED_AUTHENTICATION_SUFFIX).get());
}
use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.
the class BaseClientTests method testDirectClient.
@Test
public void testDirectClient() {
final var client = new MockIndirectClient(TYPE, new FoundAction(LOGIN_URL), Optional.empty(), new CommonProfile());
client.setCallbackUrl(CALLBACK_URL);
final var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
final var action = (FoundAction) client.getRedirectionAction(context, sessionStore).get();
final var redirectionUrl = action.getLocation();
assertEquals(LOGIN_URL, redirectionUrl);
final var credentials = client.getCredentials(context, sessionStore);
assertFalse(credentials.isPresent());
}
Aggregations