public BypassAuthOnRequestMethod only() { return new BypassAuthOnRequestMethod(builder.authenticationFilter, builder.reasons.build()); } }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest)request; if (shouldBypassAuth(httpRequest)) { bypassAuth(request, response, chain); } else { tryAuth(httpRequest, response, chain); } }
@Before public void setup() throws Exception { mockedRequest = mock(HttpServletRequest.class); nestedFilter = mock(AuthenticationFilter.class); sut = BypassAuthOnRequestMethod.bypass(nestedFilter).on("POST").and("OPTIONS").only(); filterChain = mock(FilterChain.class); }
@Test public void filterShouldCallChainOnOptions() throws Exception { when(mockedRequest.getMethod()) .thenReturn("OPTIONS"); sut.doFilter(mockedRequest, null, filterChain); verify(filterChain).doFilter(mockedRequest, null); }
.with(authenticationServlet) .filter(JMAPUrls.AUTHENTICATION) .with(new AllowAllCrossOriginRequests(bypass(authenticationFilter).on("POST").and("OPTIONS").only())) .and(new MDCFilter()) .only() .with(jmapServlet) .filter(JMAPUrls.JMAP) .with(new AllowAllCrossOriginRequests(bypass(authenticationFilter).on("OPTIONS").only())) .and(new LogbookFilter(logbook())) .and(userProvisioningFilter) .with(downloadServlet) .filterAsOneLevelTemplate(JMAPUrls.DOWNLOAD) .with(new AllowAllCrossOriginRequests(bypass(authenticationFilter).on("OPTIONS").only())) .and(new MDCFilter()) .only() .with(uploadServlet) .filterAsOneLevelTemplate(JMAPUrls.UPLOAD) .with(new AllowAllCrossOriginRequests(bypass(authenticationFilter).on("OPTIONS").only())) .and(new MDCFilter()) .only()
@Test public void filterShouldNotCallDirectlyChainOnGet() throws Exception { when(mockedRequest.getMethod()) .thenReturn("GET"); sut.doFilter(mockedRequest, null, filterChain); verify(filterChain, never()).doFilter(mockedRequest, null); }
@Test public void filterShouldCallChainOnPost() throws Exception { when(mockedRequest.getMethod()) .thenReturn("POST"); sut.doFilter(mockedRequest, null, filterChain); verify(filterChain).doFilter(mockedRequest, null); }
@Test public void filterShouldNotCallNestedFilterOnOptions() throws Exception { when(mockedRequest.getMethod()) .thenReturn("OPTIONS"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter, never()).doFilter(mockedRequest, null, filterChain); }
@Test public void filterShouldNotCallNestedFilterOnPost() throws Exception { when(mockedRequest.getMethod()) .thenReturn("POST"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter, never()).doFilter(mockedRequest, null, filterChain); }
@Test public void filterShouldCallNestedFilterOnGet() throws Exception { when(mockedRequest.getMethod()) .thenReturn("GET"); sut.doFilter(mockedRequest, null, filterChain); verify(nestedFilter).doFilter(mockedRequest, null, filterChain); }