Search in sources :

Example 21 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class CsrfAuthorizerTests method testHeaderOk.

@Test
public void testHeaderOk() {
    final WebContext context = MockWebContext.create().addRequestHeader(Pac4jConstants.CSRF_TOKEN, VALUE);
    final SessionStore sessionStore = new MockSessionStore();
    sessionStore.set(context, Pac4jConstants.CSRF_TOKEN, VALUE);
    sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
    Assert.assertTrue(authorizer.isAuthorized(context, sessionStore, null));
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) SessionStore(org.pac4j.core.context.session.SessionStore) WebContext(org.pac4j.core.context.WebContext) MockWebContext(org.pac4j.core.context.MockWebContext) MockSessionStore(org.pac4j.core.context.session.MockSessionStore) Test(org.junit.Test)

Example 22 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class CsrfAuthorizerTests method testNoTokenCheckAll.

@Test
public void testNoTokenCheckAll() {
    final var context = MockWebContext.create();
    final SessionStore sessionStore = new MockSessionStore();
    sessionStore.set(context, Pac4jConstants.CSRF_TOKEN, VALUE);
    sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
    authorizer.setCheckAllRequests(false);
    Assert.assertTrue(authorizer.isAuthorized(context, sessionStore, null));
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) SessionStore(org.pac4j.core.context.session.SessionStore) MockSessionStore(org.pac4j.core.context.session.MockSessionStore) Test(org.junit.Test)

Example 23 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class DefaultAuthorizationCheckerTests method testTwoExistingAuthorizerProfileDoesNotMatch2.

@Test
public void testTwoExistingAuthorizerProfileDoesNotMatch2() {
    profile.addRole(ROLE);
    final List<Authorizer> authorizers = new ArrayList<>();
    authorizers.add(new IdAuthorizer());
    authorizers.add(new RequireAnyRoleAuthorizer(ROLE));
    assertFalse(checker.isAuthorized(null, new MockSessionStore(), profiles, authorizers));
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) Authorizer(org.pac4j.core.authorization.authorizer.Authorizer) RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer) RequireAnyRoleAuthorizer(org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer) Test(org.junit.Test)

Example 24 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class BaseClientTests method testSaveAlreadyTried.

@Test
public void testSaveAlreadyTried() {
    final var client = new MockIndirectClient(TYPE, new FoundAction(LOGIN_URL), Optional.empty(), new CommonProfile());
    client.setCallbackUrl(CALLBACK_URL);
    final var context = MockWebContext.create();
    final SessionStore sessionStore = new MockSessionStore();
    client.getCredentials(context, sessionStore);
    assertEquals("true", sessionStore.get(context, client.getName() + IndirectClient.ATTEMPTED_AUTHENTICATION_SUFFIX).get());
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) SessionStore(org.pac4j.core.context.session.SessionStore) MockSessionStore(org.pac4j.core.context.session.MockSessionStore) FoundAction(org.pac4j.core.exception.http.FoundAction) CommonProfile(org.pac4j.core.profile.CommonProfile) Test(org.junit.Test)

Example 25 with MockSessionStore

use of org.pac4j.core.context.session.MockSessionStore in project pac4j by pac4j.

the class BaseClientTests method testDirectClient.

@Test
public void testDirectClient() {
    final var client = new MockIndirectClient(TYPE, new FoundAction(LOGIN_URL), Optional.empty(), new CommonProfile());
    client.setCallbackUrl(CALLBACK_URL);
    final var context = MockWebContext.create();
    final SessionStore sessionStore = new MockSessionStore();
    final var action = (FoundAction) client.getRedirectionAction(context, sessionStore).get();
    final var redirectionUrl = action.getLocation();
    assertEquals(LOGIN_URL, redirectionUrl);
    final var credentials = client.getCredentials(context, sessionStore);
    assertFalse(credentials.isPresent());
}
Also used : MockSessionStore(org.pac4j.core.context.session.MockSessionStore) SessionStore(org.pac4j.core.context.session.SessionStore) MockSessionStore(org.pac4j.core.context.session.MockSessionStore) FoundAction(org.pac4j.core.exception.http.FoundAction) CommonProfile(org.pac4j.core.profile.CommonProfile) Test(org.junit.Test)

Aggregations

MockSessionStore (org.pac4j.core.context.session.MockSessionStore)164 Test (org.junit.Test)151 FoundAction (org.pac4j.core.exception.http.FoundAction)29 SessionStore (org.pac4j.core.context.session.SessionStore)22 CommonProfile (org.pac4j.core.profile.CommonProfile)20 TokenCredentials (org.pac4j.core.credentials.TokenCredentials)19 UsernamePasswordCredentials (org.pac4j.core.credentials.UsernamePasswordCredentials)17 MockWebContext (org.pac4j.core.context.MockWebContext)15 WebContext (org.pac4j.core.context.WebContext)15 CasConfiguration (org.pac4j.cas.config.CasConfiguration)14 HttpAction (org.pac4j.core.exception.http.HttpAction)12 SimpleTestTokenAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestTokenAuthenticator)11 AnonymousProfile (org.pac4j.core.profile.AnonymousProfile)9 SimpleTestUsernamePasswordAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator)7 CasProfile (org.pac4j.cas.profile.CasProfile)6 HashMap (java.util.HashMap)5 Authorizer (org.pac4j.core.authorization.authorizer.Authorizer)5 RequireAnyRoleAuthorizer (org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer)5 OkAction (org.pac4j.core.exception.http.OkAction)5 URL (java.net.URL)4