Example 11 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class CsrfAuthorizerTests method testHeaderOkButNoTokenInSession.
@Test
public void testHeaderOkButNoTokenInSession() {
final WebContext context = MockWebContext.create().addRequestHeader(Pac4jConstants.CSRF_TOKEN, VALUE);
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
Assert.assertFalse(authorizer.isAuthorized(context, sessionStore, null));
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
WebContext(org.pac4j.core.context.WebContext)
MockWebContext(org.pac4j.core.context.MockWebContext)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
Test(org.junit.Test)
Example 12 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class CsrfAuthorizerTests method testParameterOkPreviousToken.
@Test
public void testParameterOkPreviousToken() {
final WebContext context = MockWebContext.create().addRequestParameter(Pac4jConstants.CSRF_TOKEN, VALUE);
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, Pac4jConstants.PREVIOUS_CSRF_TOKEN, VALUE);
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN, KEY);
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
Assert.assertTrue(authorizer.isAuthorized(context, sessionStore, null));
Assert.assertFalse(sessionStore.get(context, Pac4jConstants.PREVIOUS_CSRF_TOKEN).isPresent());
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
WebContext(org.pac4j.core.context.WebContext)
MockWebContext(org.pac4j.core.context.MockWebContext)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
Test(org.junit.Test)
Example 13 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class CsrfAuthorizerTests method testHeaderOk.
@Test
public void testHeaderOk() {
final WebContext context = MockWebContext.create().addRequestHeader(Pac4jConstants.CSRF_TOKEN, VALUE);
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN, VALUE);
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
Assert.assertTrue(authorizer.isAuthorized(context, sessionStore, null));
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
WebContext(org.pac4j.core.context.WebContext)
MockWebContext(org.pac4j.core.context.MockWebContext)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
Test(org.junit.Test)
Example 14 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class CsrfAuthorizerTests method testNoTokenCheckAll.
@Test
public void testNoTokenCheckAll() {
final var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN, VALUE);
sessionStore.set(context, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE, expirationDate);
authorizer.setCheckAllRequests(false);
Assert.assertTrue(authorizer.isAuthorized(context, sessionStore, null));
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
Test(org.junit.Test)
Example 15 with SessionStore
use of org.pac4j.core.context.session.SessionStore in project pac4j by pac4j.
the class BaseClientTests method testSaveAlreadyTried.
@Test
public void testSaveAlreadyTried() {
final var client = new MockIndirectClient(TYPE, new FoundAction(LOGIN_URL), Optional.empty(), new CommonProfile());
client.setCallbackUrl(CALLBACK_URL);
final var context = MockWebContext.create();
final SessionStore sessionStore = new MockSessionStore();
client.getCredentials(context, sessionStore);
assertEquals("true", sessionStore.get(context, client.getName() + IndirectClient.ATTEMPTED_AUTHENTICATION_SUFFIX).get());
}
Also used :
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
SessionStore(org.pac4j.core.context.session.SessionStore)
MockSessionStore(org.pac4j.core.context.session.MockSessionStore)
FoundAction(org.pac4j.core.exception.http.FoundAction)
CommonProfile(org.pac4j.core.profile.CommonProfile)
Test(org.junit.Test)
Aggregations
SessionStore (org.pac4j.core.context.session.SessionStore)32
MockSessionStore (org.pac4j.core.context.session.MockSessionStore)22
Test (org.junit.Test)20
WebContext (org.pac4j.core.context.WebContext)18
MockWebContext (org.pac4j.core.context.MockWebContext)13
FoundAction (org.pac4j.core.exception.http.FoundAction)6
CommonProfile (org.pac4j.core.profile.CommonProfile)5
Slf4j (lombok.extern.slf4j.Slf4j)3
lombok.val (lombok.val)3
Client (org.pac4j.core.client.Client)3
Date (java.util.Date)2
Optional (java.util.Optional)2
SneakyThrows (lombok.SneakyThrows)2
ServicesManager (org.apereo.cas.services.ServicesManager)2
Unchecked (org.jooq.lambda.Unchecked)2
HttpAction (org.pac4j.core.exception.http.HttpAction)2
Algorithm (com.nimbusds.jose.Algorithm)1
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
MalformedURLException (java.net.MalformedURLException)1
