Search in sources :

Example 46 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project perry by ca-cwds.

the class TestLoginServiceValidatorFilter method testLoginUrlMatchesAndInvalidCallback.

@Test
public void testLoginUrlMatchesAndInvalidCallback() throws IOException, ServletException {
    LoginServiceValidatorFilter validatorFilter = new LoginServiceValidatorFilter();
    RequestMatcher requestMatcher = Mockito.mock(RequestMatcher.class);
    validatorFilter.setRequestMatcher(requestMatcher);
    HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class);
    HttpServletResponse httpServletResponse = Mockito.mock(HttpServletResponse.class);
    Mockito.when(requestMatcher.matches(httpServletRequest)).thenReturn(true);
    Mockito.when(httpServletRequest.getRequestURI()).thenReturn("requestUrl");
    RequestDispatcher requestDispatcher = Mockito.mock(RequestDispatcher.class);
    Mockito.when(httpServletRequest.getRequestDispatcher("/error")).thenReturn(requestDispatcher);
    Mockito.when(httpServletRequest.getParameter("callback")).thenReturn("invalidCallbackUrl");
    WhiteList whiteList = new WhiteList();
    PerryProperties perryProperties = new PerryProperties();
    perryProperties.setWhiteList("callbackUrl");
    whiteList.setConfiguration(perryProperties);
    validatorFilter.setWhiteList(whiteList);
    validatorFilter.doFilter(httpServletRequest, httpServletResponse, Mockito.mock(FilterChain.class));
    Mockito.verify(requestDispatcher).forward(httpServletRequest, httpServletResponse);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) FilterChain(javax.servlet.FilterChain) WhiteList(gov.ca.cwds.service.WhiteList) HttpServletResponse(javax.servlet.http.HttpServletResponse) PerryProperties(gov.ca.cwds.PerryProperties) RequestDispatcher(javax.servlet.RequestDispatcher) Test(org.junit.Test)

Example 47 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-boot by spring-projects.

the class EndpointRequestTests method toLinksWhenBasePathEmptyShouldNotMatch.

@Test
void toLinksWhenBasePathEmptyShouldNotMatch() {
    RequestMatcher matcher = EndpointRequest.toLinks();
    RequestMatcherAssert assertMatcher = assertMatcher(matcher, "");
    assertMatcher.doesNotMatch("/actuator/foo");
    assertMatcher.doesNotMatch("/actuator/bar");
    assertMatcher.doesNotMatch("/");
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) Test(org.junit.jupiter.api.Test)

Example 48 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-boot by spring-projects.

the class EndpointRequestTests method toLinksShouldOnlyMatchLinks.

@Test
void toLinksShouldOnlyMatchLinks() {
    RequestMatcher matcher = EndpointRequest.toLinks();
    assertMatcher(matcher).doesNotMatch("/actuator/foo");
    assertMatcher(matcher).doesNotMatch("/actuator/bar");
    assertMatcher(matcher).matches("/actuator");
    assertMatcher(matcher).matches("/actuator/");
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) Test(org.junit.jupiter.api.Test)

Example 49 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-boot by spring-projects.

the class EndpointRequestTests method toEndpointIdShouldMatchEndpointPath.

@Test
void toEndpointIdShouldMatchEndpointPath() {
    RequestMatcher matcher = EndpointRequest.to("foo");
    assertMatcher(matcher).matches("/actuator/foo");
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) Test(org.junit.jupiter.api.Test)

Example 50 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-boot by spring-projects.

the class EndpointRequestTests method linksRequestMatcherShouldUseCustomRequestMatcherProvider.

@Test
void linksRequestMatcherShouldUseCustomRequestMatcherProvider() {
    RequestMatcher matcher = EndpointRequest.toLinks();
    RequestMatcher mockRequestMatcher = (request) -> false;
    RequestMatcherAssert assertMatcher = assertMatcher(matcher, mockPathMappedEndpoints("/actuator"), (pattern) -> mockRequestMatcher);
    assertMatcher.doesNotMatch("/actuator");
}
Also used : PathMappedEndpoint(org.springframework.boot.actuate.endpoint.web.PathMappedEndpoint) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) EndpointId(org.springframework.boot.actuate.endpoint.EndpointId) ExposableEndpoint(org.springframework.boot.actuate.endpoint.ExposableEndpoint) Endpoint(org.springframework.boot.actuate.endpoint.annotation.Endpoint) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) WebApplicationContext(org.springframework.web.context.WebApplicationContext) StaticWebApplicationContext(org.springframework.web.context.support.StaticWebApplicationContext) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) ServletEndpoint(org.springframework.boot.actuate.endpoint.web.annotation.ServletEndpoint) RequestMatcherProvider(org.springframework.boot.autoconfigure.security.servlet.RequestMatcherProvider) ArrayList(java.util.ArrayList) Test(org.junit.jupiter.api.Test) List(java.util.List) AssertDelegateTarget(org.assertj.core.api.AssertDelegateTarget) BDDMockito.given(org.mockito.BDDMockito.given) WebEndpointProperties(org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties) Operation(org.springframework.boot.actuate.endpoint.Operation) PathMappedEndpoints(org.springframework.boot.actuate.endpoint.web.PathMappedEndpoints) MockServletContext(org.springframework.mock.web.MockServletContext) Mockito.mock(org.mockito.Mockito.mock) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) Test(org.junit.jupiter.api.Test)

Aggregations

RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)85 Test (org.junit.jupiter.api.Test)40 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)27 LinkedHashMap (java.util.LinkedHashMap)16 AndRequestMatcher (org.springframework.security.web.util.matcher.AndRequestMatcher)14 NegatedRequestMatcher (org.springframework.security.web.util.matcher.NegatedRequestMatcher)12 RequestHeaderRequestMatcher (org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher)12 ArrayList (java.util.ArrayList)11 AuthenticationEntryPoint (org.springframework.security.web.AuthenticationEntryPoint)10 OrRequestMatcher (org.springframework.security.web.util.matcher.OrRequestMatcher)10 MediaTypeRequestMatcher (org.springframework.security.web.util.matcher.MediaTypeRequestMatcher)9 Collection (java.util.Collection)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 ConfigAttribute (org.springframework.security.access.ConfigAttribute)7 AnyRequestMatcher (org.springframework.security.web.util.matcher.AnyRequestMatcher)7 HttpServletResponse (javax.servlet.http.HttpServletResponse)6 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6 DelegatingAuthenticationEntryPoint (org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint)6 ContentNegotiationStrategy (org.springframework.web.accept.ContentNegotiationStrategy)6 HeaderContentNegotiationStrategy (org.springframework.web.accept.HeaderContentNegotiationStrategy)6