private void tryAuth(HttpServletRequest httpRequest, ServletResponse response, FilterChain chain) throws IOException, ServletException { authenticationFilter.doFilter(httpRequest, response, chain); }
private HttpServletRequest authenticate(HttpServletRequest httpRequest) { TimeMetric timeMetric = metricFactory.timer("JMAP-authentication-filter"); try { return authMethods.stream() .flatMap(auth -> createSession(auth, httpRequest)) .findFirst() .map(mailboxSession -> addSessionToRequest(httpRequest, mailboxSession)) .orElseThrow(UnauthorizedException::new); } finally { timeMetric.stopAndPublish(); } }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; try { chain.doFilter(authenticate(httpRequest), response); } catch (UnauthorizedException | NoValidAuthHeaderException | MailboxSessionCreationException | JwtException e) { LOGGER.info("Exception occurred during authentication process", e); httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); } }
@Test public void filterShouldReturnUnauthorizedWhenNoStrategy() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Before public void setup() throws Exception { mockedRequest = mock(HttpServletRequest.class); mockedResponse = mock(HttpServletResponse.class); accessTokenRepository = new MemoryAccessTokenRepository(TimeUnit.MILLISECONDS.convert(1, TimeUnit.HOURS)); when(mockedRequest.getMethod()).thenReturn("POST"); List<AuthenticationStrategy> fakeAuthenticationStrategies = ImmutableList.of(new FakeAuthenticationStrategy(false)); testee = new AuthenticationFilter(fakeAuthenticationStrategies, new NoopMetricFactory()); filterChain = mock(FilterChain.class); }
@Test public void filterShouldChainOnValidAuthorizationHeader() throws Exception { AccessToken token = AccessToken.fromString(TOKEN); when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); accessTokenRepository.addToken("user@domain.tld", token).join(); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(true)), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(filterChain).doFilter(any(ServletRequest.class), eq(mockedResponse)); }
@Test public void filterShouldReturnUnauthorizedOnNullAuthorizationHeader() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn(null); testee.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void filterShouldChainAuthorizationStrategy() throws Exception { AccessToken token = AccessToken.fromString(TOKEN); when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); accessTokenRepository.addToken("user@domain.tld", token).join(); AuthenticationFilter sut = new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(false), new FakeAuthenticationStrategy(true)), new NoopMetricFactory()); sut.doFilter(mockedRequest, mockedResponse, filterChain); verify(filterChain).doFilter(any(ServletRequest.class), eq(mockedResponse)); }
@Test public void filterShouldReturnUnauthorizedOnBadAuthorizationHeader() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn("bad"); testee.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void filterShouldReturnUnauthorizedOnInvalidAuthorizationHeader() throws Exception { when(mockedRequest.getHeader("Authorization")) .thenReturn(TOKEN); testee.doFilter(mockedRequest, mockedResponse, filterChain); verify(mockedResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void filterShouldNotCallNestedFilterOnOptions() throws Exception { when(mockedRequest.getMethod()) .thenReturn("OPTIONS"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter, never()).doFilter(mockedRequest, null, filterChain); }
@Test public void filterShouldNotCallNestedFilterOnPost() throws Exception { when(mockedRequest.getMethod()) .thenReturn("POST"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter, never()).doFilter(mockedRequest, null, filterChain); }
@Test public void filterShouldCallNestedFilterOnGet() throws Exception { when(mockedRequest.getMethod()) .thenReturn("GET"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter).doFilter(mockedRequest, null, filterChain); }