|
|
@@ -37,8 +37,13 @@ import org.mockito.Mockito;
|
|
|
import org.mockito.invocation.InvocationOnMock;
|
|
|
import org.mockito.stubbing.Answer;
|
|
|
|
|
|
+import static org.hamcrest.CoreMatchers.not;
|
|
|
+import static org.junit.Assert.assertThat;
|
|
|
+
|
|
|
public class TestAuthenticationFilter {
|
|
|
|
|
|
+ private static final long TOKEN_VALIDITY_SEC = 1000;
|
|
|
+
|
|
|
@Test
|
|
|
public void testGetConfiguration() throws Exception {
|
|
|
AuthenticationFilter filter = new AuthenticationFilter();
|
|
|
@@ -123,7 +128,7 @@ public class TestAuthenticationFilter {
|
|
|
String param = request.getParameter("authenticated");
|
|
|
if (param != null && param.equals("true")) {
|
|
|
token = new AuthenticationToken("u", "p", "t");
|
|
|
- token.setExpires((expired) ? 0 : System.currentTimeMillis() + 1000);
|
|
|
+ token.setExpires((expired) ? 0 : System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
} else {
|
|
|
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
|
|
}
|
|
|
@@ -139,7 +144,8 @@ public class TestAuthenticationFilter {
|
|
|
try {
|
|
|
FilterConfig config = Mockito.mock(FilterConfig.class);
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
|
|
|
- Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn("1000");
|
|
|
+ Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn(
|
|
|
+ (new Long(TOKEN_VALIDITY_SEC)).toString());
|
|
|
Mockito.when(config.getInitParameterNames()).thenReturn(
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements());
|
|
|
@@ -148,7 +154,7 @@ public class TestAuthenticationFilter {
|
|
|
Assert.assertTrue(filter.isRandomSecret());
|
|
|
Assert.assertNull(filter.getCookieDomain());
|
|
|
Assert.assertNull(filter.getCookiePath());
|
|
|
- Assert.assertEquals(1000, filter.getValidity());
|
|
|
+ Assert.assertEquals(TOKEN_VALIDITY_SEC, filter.getValidity());
|
|
|
} finally {
|
|
|
filter.destroy();
|
|
|
}
|
|
|
@@ -265,7 +271,7 @@ public class TestAuthenticationFilter {
|
|
|
filter.init(config);
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
- token.setExpires(System.currentTimeMillis() + 1000);
|
|
|
+ token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
|
|
@@ -298,7 +304,7 @@ public class TestAuthenticationFilter {
|
|
|
filter.init(config);
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
|
|
|
- token.setExpires(System.currentTimeMillis() - 1000);
|
|
|
+ token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
|
|
@@ -337,7 +343,7 @@ public class TestAuthenticationFilter {
|
|
|
filter.init(config);
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
|
|
|
- token.setExpires(System.currentTimeMillis() + 1000);
|
|
|
+ token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
|
|
@@ -410,7 +416,7 @@ public class TestAuthenticationFilter {
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE))
|
|
|
.thenReturn(DummyAuthenticationHandler.class.getName());
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter
|
|
|
- .AUTH_TOKEN_VALIDITY)).thenReturn("1000");
|
|
|
+ .AUTH_TOKEN_VALIDITY)).thenReturn(new Long(TOKEN_VALIDITY_SEC).toString());
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter
|
|
|
.SIGNATURE_SECRET)).thenReturn("secret");
|
|
|
Mockito.when(config.getInitParameterNames()).thenReturn(new
|
|
|
@@ -474,8 +480,7 @@ public class TestAuthenticationFilter {
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String value = signer.verifyAndExtract(v);
|
|
|
AuthenticationToken token = AuthenticationToken.parse(value);
|
|
|
- Assert.assertEquals(System.currentTimeMillis() + 1000 * 1000,
|
|
|
- token.getExpires(), 100);
|
|
|
+ assertThat(token.getExpires(), not(0L));
|
|
|
|
|
|
if (withDomainPath) {
|
|
|
Assert.assertEquals(".foo.com", cookieMap.get("Domain"));
|
|
|
@@ -549,7 +554,7 @@ public class TestAuthenticationFilter {
|
|
|
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
|
|
|
- token.setExpires(System.currentTimeMillis() + 1000);
|
|
|
+ token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
|
|
@@ -599,7 +604,7 @@ public class TestAuthenticationFilter {
|
|
|
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
- token.setExpires(System.currentTimeMillis() - 1000);
|
|
|
+ token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
|
|
@@ -661,7 +666,7 @@ public class TestAuthenticationFilter {
|
|
|
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
|
|
|
- token.setExpires(System.currentTimeMillis() + 1000);
|
|
|
+ token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
|
|
@@ -708,7 +713,7 @@ public class TestAuthenticationFilter {
|
|
|
Mockito.reset(response);
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
|
|
|
- token.setExpires(System.currentTimeMillis() + 1000);
|
|
|
+ token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
Signer signer = new Signer("secret".getBytes());
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
|
Arpit Agarwal