@Test public void frontChannelLogoutFailsIfNoSessionIndex() { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(""); request.setParameter(LOGOUT_PARAMETER_NAME, logoutMessage); request.setQueryString(LOGOUT_PARAMETER_NAME + "=" + logoutMessage); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); handler.getSessionMappingStorage().addSessionById(TICKET, session); assertFalse(handler.process(request, response)); assertFalse(session.isInvalid()); }
@Test public void frontChannelLogoutFailsIfBadParameter() { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(ANOTHER_PARAMETER, logoutMessage); request.setMethod("GET"); request.setQueryString(ANOTHER_PARAMETER + "=" + logoutMessage); final MockHttpSession session = new MockHttpSession(); handler.getSessionMappingStorage().addSessionById(TICKET, session); assertTrue(handler.process(request, response)); assertFalse(session.isInvalid()); }
@Test public void frontChannelLogoutRelayStateOK() { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(LOGOUT_PARAMETER_NAME, logoutMessage); request.setParameter(RELAY_STATE_PARAMETER_NAME, TICKET); request.setQueryString(LOGOUT_PARAMETER_NAME + "=" + logoutMessage + "&" + RELAY_STATE_PARAMETER_NAME + "=" + TICKET); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); handler.getSessionMappingStorage().addSessionById(TICKET, session); assertFalse(handler.process(request, response)); assertTrue(session.isInvalid()); } }
@Test public void frontChannelLogoutOK() { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(LOGOUT_PARAMETER_NAME, logoutMessage); request.setQueryString(LOGOUT_PARAMETER_NAME + "=" + logoutMessage); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); handler.getSessionMappingStorage().addSessionById(TICKET, session); assertFalse(handler.process(request, response)); assertTrue(session.isInvalid()); assertNull(response.getRedirectedUrl()); }
@Test public void frontChannelRequest() throws IOException, ServletException { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue(), logoutMessage); request.setQueryString(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue() + "=" + logoutMessage); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().addSessionById(TICKET, session); filter.doFilter(request, response, filterChain); assertNull(SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().removeSessionByMappingId(TICKET)); assertNull(response.getRedirectedUrl()); }
@Test public void frontChannelRequestRelayState() throws IOException, ServletException { final String logoutMessage = LogoutMessageGenerator.generateFrontChannelLogoutMessage(TICKET); request.setParameter(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue(), logoutMessage); request.setParameter(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME.getDefaultValue(), RELAY_STATE); request.setQueryString(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getDefaultValue() + "=" + logoutMessage + "&" + ConfigurationKeys.RELAY_STATE_PARAMETER_NAME.getDefaultValue() + "=" + RELAY_STATE); request.setMethod("GET"); final MockHttpSession session = new MockHttpSession(); SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().addSessionById(TICKET, session); filter.doFilter(request, response, filterChain); assertNull(SingleSignOutFilter.getSingleSignOutHandler().getSessionMappingStorage().removeSessionByMappingId(TICKET)); } }