Example 36 with AuthenticationState
use of org.zaproxy.zap.users.AuthenticationState in project zaproxy by zaproxy.
the class JsonBasedAuthenticationMethodTypeUnitTest method shouldReplaceUsernameInPollRequest.
@Test
void shouldReplaceUsernameInPollRequest() throws NullPointerException, IOException {
// Given
String test = "/shouldReplaceUsernameInPollRequest/test";
String encodedPattern = URLEncoder.encode(PostBasedAuthenticationMethod.MSG_USER_PATTERN, StandardCharsets.UTF_8.name());
String pollUrl = "/shouldReplaceUsernameInPollRequest/pollUrl";
String pollData = "user=" + PostBasedAuthenticationMethod.MSG_USER_PATTERN;
String username = "user";
final List<String> orderedReqUrls = new ArrayList<>();
final List<String> orderedReqData = new ArrayList<>();
this.nano.addHandler(new NanoServerHandler(pollUrl.replace(encodedPattern, username)) {
@Override
protected Response serve(IHTTPSession session) {
orderedReqUrls.add(session.getUri() + "?" + session.getQueryParameterString());
HashMap<String, String> map = new HashMap<>();
try {
session.parseBody(map);
orderedReqData.add(map.get("postData"));
} catch (Exception e) {
}
return newFixedLengthResponse(LOGGED_IN_BODY);
}
});
HttpMessage testMsg = this.getHttpMessage(test);
HttpMessage pollMsg = this.getHttpMessage(pollUrl + "?" + encodedPattern);
method.setPollUrl(pollMsg.getRequestHeader().getURI().toString());
method.setPollData(pollData);
User user = mock(User.class);
given(user.getAuthenticationState()).willReturn(new AuthenticationState());
given(user.getAuthenticationCredentials()).willReturn(new UsernamePasswordAuthenticationCredentials(username, ""));
// When/Then
assertThat(method.isAuthenticated(testMsg, user), is(true));
assertThat(orderedReqUrls.size(), is(1));
assertThat(orderedReqUrls.get(0), is(pollUrl + "?" + username));
assertThat(orderedReqData.size(), is(1));
assertThat(orderedReqData.get(0), is(pollData.replace(PostBasedAuthenticationMethod.MSG_USER_PATTERN, username)));
}
Also used :
User(org.zaproxy.zap.users.User)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
IHTTPSession(fi.iki.elonen.NanoHTTPD.IHTTPSession)
IOException(java.io.IOException)
AuthenticationState(org.zaproxy.zap.users.AuthenticationState)
Response(fi.iki.elonen.NanoHTTPD.Response)
NanoHTTPD.newFixedLengthResponse(fi.iki.elonen.NanoHTTPD.newFixedLengthResponse)
NanoServerHandler(org.zaproxy.zap.testutils.NanoServerHandler)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Test(org.junit.jupiter.api.Test)
WithConfigsTest(org.zaproxy.zap.WithConfigsTest)
Aggregations
AuthenticationState (org.zaproxy.zap.users.AuthenticationState)36
User (org.zaproxy.zap.users.User)34
Test (org.junit.jupiter.api.Test)33
HttpMessage (org.parosproxy.paros.network.HttpMessage)14
IHTTPSession (fi.iki.elonen.NanoHTTPD.IHTTPSession)11
Response (fi.iki.elonen.NanoHTTPD.Response)11
NanoHTTPD.newFixedLengthResponse (fi.iki.elonen.NanoHTTPD.newFixedLengthResponse)11
ArrayList (java.util.ArrayList)11
NanoServerHandler (org.zaproxy.zap.testutils.NanoServerHandler)11
IOException (java.io.IOException)8
HashMap (java.util.HashMap)6
WithConfigsTest (org.zaproxy.zap.WithConfigsTest)6
JSONException (net.sf.json.JSONException)1
JSONObject (net.sf.json.JSONObject)1
Cookie (org.apache.commons.httpclient.Cookie)1
URI (org.apache.commons.httpclient.URI)1
URIException (org.apache.commons.httpclient.URIException)1
ExtensionHistory (org.parosproxy.paros.extension.history.ExtensionHistory)1
HistoryReference (org.parosproxy.paros.model.HistoryReference)1
ApiDynamicActionImplementor (org.zaproxy.zap.extension.api.ApiDynamicActionImplementor)1
