use of org.zaproxy.zap.testutils.NanoServerHandler in project zaproxy by zaproxy.
the class DownloadManagerUnitTest method shouldDownloadAllFiles.
@Test
@Timeout(30)
void shouldDownloadAllFiles() throws Exception {
// Given
nano.addHandler(new NanoServerHandler("/") {
@Override
protected Response serve(IHTTPSession session) {
return newFixedLengthResponse("");
}
});
downloadManager.start();
int numberOfDownloads = 1000;
// When
for (int i = 0; i < numberOfDownloads; i++) {
downloadManager.downloadFile(createDownloadUrl(i), createTargetFile(i), 0L, HASH);
}
// Then
waitDownloadManagerFinished();
List<Downloader> progress = downloadManager.getProgress();
assertThat(progress, hasSize(numberOfDownloads));
progress.forEach(download -> {
assertThat(download.getFinished(), is(not(nullValue())));
});
}
use of org.zaproxy.zap.testutils.NanoServerHandler in project zaproxy by zaproxy.
the class JsonBasedAuthenticationMethodTypeUnitTest method shouldNotReplacePasswordInPollRequest.
@Test
void shouldNotReplacePasswordInPollRequest() throws NullPointerException, IOException {
// Given
String test = "/shouldNotReplacePasswordInPollRequest/test";
String pollUrl = "/shouldNotReplacePasswordInPollRequest/pollUrl";
String pollData = "pwd=" + PostBasedAuthenticationMethod.MSG_PASS_PATTERN;
String password = "password123!";
final List<String> orderedReqData = new ArrayList<>();
this.nano.addHandler(new NanoServerHandler(pollUrl) {
@Override
protected Response serve(IHTTPSession session) {
HashMap<String, String> map = new HashMap<>();
try {
session.parseBody(map);
orderedReqData.add(map.get("postData"));
} catch (Exception e) {
}
return newFixedLengthResponse(LOGGED_IN_BODY);
}
});
HttpMessage testMsg = this.getHttpMessage(test);
HttpMessage pollMsg = this.getHttpMessage(pollUrl);
method.setPollUrl(pollMsg.getRequestHeader().getURI().toString());
method.setPollData(pollData);
User user = mock(User.class);
given(user.getAuthenticationState()).willReturn(new AuthenticationState());
given(user.getAuthenticationCredentials()).willReturn(new UsernamePasswordAuthenticationCredentials("", password));
// When/Then
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(orderedReqData.size(), is(1));
assertThat(orderedReqData.get(0), is(pollData));
}
use of org.zaproxy.zap.testutils.NanoServerHandler in project zaproxy by zaproxy.
the class FormBasedAuthenticationMethodTypeUnitTest method shouldNotReplacePasswordInPollRequest.
@Test
void shouldNotReplacePasswordInPollRequest() throws NullPointerException, IOException {
// Given
String test = "/shouldNotReplacePasswordInPollRequest/test";
String pollUrl = "/shouldNotReplacePasswordInPollRequest/pollUrl";
String pollData = "pwd=" + PostBasedAuthenticationMethod.MSG_PASS_PATTERN;
String password = "password123!";
final List<String> orderedReqData = new ArrayList<>();
this.nano.addHandler(new NanoServerHandler(pollUrl) {
@Override
protected Response serve(IHTTPSession session) {
HashMap<String, String> map = new HashMap<>();
try {
session.parseBody(map);
orderedReqData.add(map.get("postData"));
} catch (Exception e) {
}
return newFixedLengthResponse(LOGGED_IN_BODY);
}
});
HttpMessage testMsg = this.getHttpMessage(test);
HttpMessage pollMsg = this.getHttpMessage(pollUrl);
method.setPollUrl(pollMsg.getRequestHeader().getURI().toString());
method.setPollData(pollData);
User user = mock(User.class);
given(user.getAuthenticationState()).willReturn(new AuthenticationState());
given(user.getAuthenticationCredentials()).willReturn(new UsernamePasswordAuthenticationCredentials("", password));
// When/Then
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(orderedReqData.size(), is(1));
assertThat(orderedReqData.get(0), is(pollData));
}
use of org.zaproxy.zap.testutils.NanoServerHandler in project zaproxy by zaproxy.
the class FormBasedAuthenticationMethodTypeUnitTest method shouldReplaceUsernameInPollRequest.
@Test
void shouldReplaceUsernameInPollRequest() throws NullPointerException, IOException {
// Given
String test = "/shouldReplaceUsernameInPollRequest/test";
String encodedPattern = URLEncoder.encode(PostBasedAuthenticationMethod.MSG_USER_PATTERN, StandardCharsets.UTF_8.name());
String pollUrl = "/shouldReplaceUsernameInPollRequest/pollUrl";
String pollData = "user=" + PostBasedAuthenticationMethod.MSG_USER_PATTERN;
String username = "user";
final List<String> orderedReqUrls = new ArrayList<>();
final List<String> orderedReqData = new ArrayList<>();
this.nano.addHandler(new NanoServerHandler(pollUrl.replace(encodedPattern, username)) {
@Override
protected Response serve(IHTTPSession session) {
orderedReqUrls.add(session.getUri() + "?" + session.getQueryParameterString());
HashMap<String, String> map = new HashMap<>();
try {
session.parseBody(map);
orderedReqData.add(map.get("postData"));
} catch (Exception e) {
}
return newFixedLengthResponse(LOGGED_IN_BODY);
}
});
HttpMessage testMsg = this.getHttpMessage(test);
HttpMessage pollMsg = this.getHttpMessage(pollUrl + "?" + encodedPattern);
method.setPollUrl(pollMsg.getRequestHeader().getURI().toString());
method.setPollData(pollData);
User user = mock(User.class);
given(user.getAuthenticationState()).willReturn(new AuthenticationState());
given(user.getAuthenticationCredentials()).willReturn(new UsernamePasswordAuthenticationCredentials(username, ""));
// When/Then
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(orderedReqUrls.size(), is(1));
assertThat(orderedReqUrls.get(0), is(pollUrl + "?" + username));
assertThat(orderedReqData.size(), is(1));
assertThat(orderedReqData.get(0), is(pollData.replace(PostBasedAuthenticationMethod.MSG_USER_PATTERN, username)));
}
use of org.zaproxy.zap.testutils.NanoServerHandler in project zaproxy by zaproxy.
the class AuthenticationMethodPollUrlUnitTest method shouldPollOnSpecifiedNumberOfRequests.
@Test
void shouldPollOnSpecifiedNumberOfRequests() throws NullPointerException, IOException {
// Given
String test = "/shouldPollOnFirstRequest/test";
String pollUrl = "/shouldPollOnFirstRequest/pollUrl";
final List<String> orderedReqs = new ArrayList<>();
this.nano.addHandler(new NanoServerHandler(pollUrl) {
@Override
protected Response serve(IHTTPSession session) {
orderedReqs.add(session.getUri());
return newFixedLengthResponse(LOGGED_IN_BODY);
}
});
HttpMessage testMsg = this.getHttpMessage(test);
HttpMessage pollMsg = this.getHttpMessage(pollUrl);
method.setAuthCheckingStrategy(AuthCheckingStrategy.POLL_URL);
method.setPollUrl(pollMsg.getRequestHeader().getURI().toString());
method.setPollFrequencyUnits(AuthPollFrequencyUnits.REQUESTS);
method.setPollFrequency(5);
method.setLoggedInIndicatorPattern(LOGGED_IN_INDICATOR);
User user = mock(User.class);
given(user.getAuthenticationState()).willReturn(new AuthenticationState());
// When/Then
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(orderedReqs.size(), is(1));
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(orderedReqs.size(), is(1));
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(orderedReqs.size(), is(2));
assertThat(orderedReqs.get(0), is(pollUrl));
assertThat(orderedReqs.get(1), is(pollUrl));
}
Aggregations