@Test public void testEqualsWhenEqual() { AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12); AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("key", "Test", ROLES_12); assertThat(token2).isEqualTo(token1); }
@Test public void testGetters() { AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", "Test", ROLES_12); assertThat(token.getKeyHash()).isEqualTo("key".hashCode()); assertThat(token.getPrincipal()).isEqualTo("Test"); assertThat(token.getCredentials()).isEqualTo(""); assertThat(AuthorityUtils.authorityListToSet(token.getAuthorities())).contains( "ROLE_ONE", "ROLE_TWO"); assertThat(token.isAuthenticated()).isTrue(); }
@Test public void testSetAuthenticatedIgnored() { AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", "Test", ROLES_12); assertThat(token.isAuthenticated()).isTrue(); token.setAuthenticated(false); assertThat(!token.isAuthenticated()).isTrue(); }
protected Authentication createAuthentication(HttpServletRequest request) { GeoServerUser anonymous = GeoServerUser.createAnonymous(); List<GrantedAuthority> roles = new ArrayList<GrantedAuthority>(); roles.addAll(anonymous.getAuthorities()); AnonymousAuthenticationToken auth = new AnonymousAuthenticationToken("geoserver", anonymous.getUsername(), roles); auth.setDetails(authenticationDetailsSource.buildDetails(request)); return auth; }
@Test public void testNotEqualsDueToAbstractParentEqualsCheck() { AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12); AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("key", "DIFFERENT_PRINCIPAL", ROLES_12); assertThat(token1.equals(token2)).isFalse(); }
/** * If a user sends a websocket when processing another websocket * * @throws Exception */ @Test public void restoresOriginalContextNestedThreeDeep() throws Exception { AnonymousAuthenticationToken anonymous = new AnonymousAuthenticationToken("key", "anonymous", AuthorityUtils.createAuthorityList("ROLE_USER")); TestingAuthenticationToken origional = new TestingAuthenticationToken("original", "origional", "ROLE_USER"); SecurityContextHolder.getContext().setAuthentication(origional); messageBuilder.setHeader(SimpMessageHeaderAccessor.USER_HEADER, authentication); interceptor.beforeHandle(messageBuilder.build(), channel, handler); assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs( authentication); // start send websocket messageBuilder.setHeader(SimpMessageHeaderAccessor.USER_HEADER, null); interceptor.beforeHandle(messageBuilder.build(), channel, handler); assertThat(SecurityContextHolder.getContext().getAuthentication().getName()) .isEqualTo(anonymous.getName()); interceptor.afterMessageHandled(messageBuilder.build(), channel, handler, null); assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs( authentication); // end send websocket interceptor.afterMessageHandled(messageBuilder.build(), channel, handler, null); assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs( origional); }
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!authenticatedAccess && SecurityContextHolder.getContext().getAuthentication() != null && SecurityContextHolder.getContext().getAuthentication() instanceof AnonymousAuthenticationToken) { AnonymousAuthenticationToken anonymousToken = (AnonymousAuthenticationToken)SecurityContextHolder.getContext().getAuthentication(); AnonymousAuthenticationToken newAnonymousToken = new AnonymousAuthenticationToken(Integer.toString(anonymousToken.getKeyHash()),anonymousToken.getPrincipal(),AuthorityUtils.createAuthorityList("ROLE_USER")); SecurityContextHolder.getContext().setAuthentication(newAnonymousToken); } chain.doFilter(request, response); }
@Test public void serializeAnonymousAuthenticationTokenMixinAfterEraseCredentialTest() throws JsonProcessingException, JSONException { User user = createDefaultUser(); AnonymousAuthenticationToken token = new AnonymousAuthenticationToken( HASH_KEY, user, user.getAuthorities() ); token.eraseCredentials(); String actualJson = mapper.writeValueAsString(token); JSONAssert.assertEquals(ANONYMOUS_JSON.replace(UserDeserializerTests.USER_PASSWORD, "null"), actualJson, true); } }
@Override public boolean equals(Object obj) { if (!super.equals(obj)) { return false; } if (obj instanceof AnonymousAuthenticationToken) { AnonymousAuthenticationToken test = (AnonymousAuthenticationToken) obj; if (this.getKeyHash() != test.getKeyHash()) { return false; } return true; } return false; }
private void assertAnonymous() { Authentication currentAuthentication = SecurityContextHolder.getContext() .getAuthentication(); assertThat(currentAuthentication) .isInstanceOf(AnonymousAuthenticationToken.class); AnonymousAuthenticationToken anonymous = (AnonymousAuthenticationToken) currentAuthentication; assertThat(anonymous.getName()).isEqualTo(expectedAnonymous.getName()); assertThat(anonymous.getAuthorities()).containsOnlyElementsOf( expectedAnonymous.getAuthorities()); assertThat(anonymous.getKeyHash()).isEqualTo(expectedAnonymous.getKeyHash()); } }
@Test public void deserializeAnonymousAuthenticationTokenTest() throws IOException { AnonymousAuthenticationToken token = mapper .readValue(ANONYMOUS_JSON, AnonymousAuthenticationToken.class); assertThat(token).isNotNull(); assertThat(token.getKeyHash()).isEqualTo(HASH_KEY.hashCode()); assertThat(token.getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); }
/** * Constructor helps in Jackson Deserialization * * @param keyHash hashCode of provided Key, constructed by above constructor * @param principal the principal (typically a <code>UserDetails</code>) * @param authorities the authorities granted to the principal * @since 4.2 */ private AnonymousAuthenticationToken(Integer keyHash, Object principal, Collection<? extends GrantedAuthority> authorities) { super(authorities); if (principal == null || "".equals(principal)) { throw new IllegalArgumentException("principal cannot be null or empty"); } Assert.notEmpty(authorities, "authorities cannot be null or empty"); this.keyHash = keyHash; this.principal = principal; setAuthenticated(true); }
protected Authentication createAuthentication(HttpServletRequest request) { AnonymousAuthenticationToken auth = new AnonymousAuthenticationToken(key, principal, authorities); auth.setDetails(authenticationDetailsSource.buildDetails(request)); return auth; }
@Test public void testNotEqualsDueToKey() { AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12); AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken( "DIFFERENT_KEY", "Test", ROLES_12); assertThat(token1.equals(token2)).isFalse(); }
@Test public void doFilterWhenAuthorizationResponseSuccessAndAnonymousAccessThenAuthorizedClientSavedToHttpSession() throws Exception { AnonymousAuthenticationToken anonymousPrincipal = new AnonymousAuthenticationToken("key-1234", "anonymousUser", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS")); SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); securityContext.setAuthentication(anonymousPrincipal); assertThat(authorizedClient.getPrincipalName()).isEqualTo(anonymousPrincipal.getName()); assertThat(authorizedClient.getAccessToken()).isNotNull();
@Override public boolean equals(Object obj) { if (!super.equals(obj)) { return false; } if (obj instanceof AnonymousAuthenticationToken) { AnonymousAuthenticationToken test = (AnonymousAuthenticationToken) obj; if (this.getKeyHash() != test.getKeyHash()) { return false; } return true; } return false; }
/** * Constructor helps in Jackson Deserialization * * @param keyHash hashCode of provided Key, constructed by above constructor * @param principal the principal (typically a <code>UserDetails</code>) * @param authorities the authorities granted to the principal * @since 4.2 */ private AnonymousAuthenticationToken(Integer keyHash, Object principal, Collection<? extends GrantedAuthority> authorities) { super(authorities); if (principal == null || "".equals(principal)) { throw new IllegalArgumentException("principal cannot be null or empty"); } Assert.notEmpty(authorities, "authorities cannot be null or empty"); this.keyHash = keyHash; this.principal = principal; setAuthenticated(true); }
@Test(expected = IllegalArgumentException.class) public void constructorWhenPrincipalIsEmptyStringThenThrowIllegalArgumentException() throws Exception { new AnonymousAuthenticationToken("key", "", ROLES_12); } }
protected Authentication createAuthentication(HttpServletRequest request) { AnonymousAuthenticationToken auth = new AnonymousAuthenticationToken(key, principal, authorities); auth.setDetails(authenticationDetailsSource.buildDetails(request)); return auth; }
@Test public void testNotEqualsDueToDifferentAuthenticationClass() { AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12); UsernamePasswordAuthenticationToken token2 = new UsernamePasswordAuthenticationToken( "Test", "Password", ROLES_12); assertThat(token1.equals(token2)).isFalse(); }