@Before public void setup() throws Exception { codeStore = new InMemoryExpiringCodeStore(); code = codeStore.generateCode("{}", new Timestamp(System.currentTimeMillis() + 10*60*1000), "", IdentityZoneHolder.get().getId()).getCode(); password = "test"; passwordConfirmation = "test"; email = "test@test.org"; request = new MockHttpServletRequest("POST", "/reset_password.do"); request.setParameter("code", code); request.setParameter("password", password); request.setParameter("password_confirmation", passwordConfirmation); request.setParameter("email", email); response = mock(HttpServletResponse.class); chain = mock(FilterChain.class); service = mock(ResetPasswordService.class); user = new ScimUser("id", "username", "first name", "last name"); resetPasswordResponse = new ResetPasswordService.ResetPasswordResponse(user, "/", null); when(service.resetPassword(any(ExpiringCode.class), eq(password))).thenReturn(resetPasswordResponse); authenticationSuccessHandler = mock(AuthenticationSuccessHandler.class); entryPoint = mock(AuthenticationEntryPoint.class); filter = new ResetPasswordAuthenticationFilter(service, authenticationSuccessHandler, entryPoint, codeStore); }