@Override public RequestPostProcessor beforeMockMvcCreated(ConfigurableMockMvcBuilder<?> builder, WebApplicationContext context) { return request -> { if (this.session != null) { request.setSession(this.session); } return request; }; }
private void processCookie(MockHttpServletRequest request, List<Cookie> cookies, Cookie cookie) { cookies.add(cookie); if ("JSESSIONID".equals(cookie.getName())) { request.setRequestedSessionId(cookie.getValue()); request.setSession(httpSession(request, cookie.getValue())); } }
@Before public void setUp() { MockHttpServletRequest oldRequestWithSession = new MockHttpServletRequest(); oldRequestWithSession.setSession(new MockHttpSession()); this.oldRequestAttributesWithSession = new ServletRequestAttributes(oldRequestWithSession); MockHttpServletRequest newRequestWithSession = new MockHttpServletRequest(); newRequestWithSession.setSession(new MockHttpSession()); this.newRequestAttributesWithSession = new ServletRequestAttributes(newRequestWithSession); }
request.setSession(this.session);
private MockHttpServletRequest getMockHttpServletRequest() { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpSession session = new MockHttpSession(); SavedRequest savedRequest = mock(SavedRequest.class); when(savedRequest.getParameterValues("client_id")).thenReturn(new String[]{"client-id"}); when(savedRequest.getRedirectUrl()) .thenReturn("http://localhost:8080/uaa/oauth/authorize?client_id=identity&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Flogin&response_type=code&state=8tp0tR"); session.setAttribute(SAVED_REQUEST_SESSION_ATTRIBUTE, savedRequest); request.setSession(session); return request; }
@Test public void get_origin_from_request() throws Exception { MockHttpSession session = new MockHttpSession(null, "the-id"); MockHttpServletRequest request = new MockHttpServletRequest("GET","/oauth/authorize"); request.setSession(session); request.setRemoteAddr("127.10.10.10"); UaaAuthenticationDetails details = new UaaAuthenticationDetails(request, "client-id"); UserAuthenticationSuccessEvent event = new UserAuthenticationSuccessEvent(mock(UaaUser.class), mock(Authentication.class)); String origin = event.getOrigin(details); assertThat(origin, containsString("remoteAddress=127.10.10.10")); assertThat(origin, containsString("clientId=client-id")); assertThat(origin, containsString("sessionId=<SESSION>")); } }
@Test public void printRequestWithEmptySessionMock() throws Exception { this.request.addParameter("param", "paramValue"); this.request.addHeader("header", "headerValue"); this.request.setCharacterEncoding("UTF-16"); String palindrome = "ablE was I ere I saw Elba"; byte[] bytes = palindrome.getBytes("UTF-16"); this.request.setContent(bytes); this.request.setSession(Mockito.mock(HttpSession.class)); this.handler.handle(this.mvcResult); HttpHeaders headers = new HttpHeaders(); headers.set("header", "headerValue"); MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); params.add("param", "paramValue"); assertValue("MockHttpServletRequest", "HTTP Method", this.request.getMethod()); assertValue("MockHttpServletRequest", "Request URI", this.request.getRequestURI()); assertValue("MockHttpServletRequest", "Parameters", params); assertValue("MockHttpServletRequest", "Headers", headers); assertValue("MockHttpServletRequest", "Body", palindrome); }
@Test public void do_not_save_form() throws Exception { request.setSession(session); spy.saveRequest(request, new MockHttpServletResponse()); verify(spy, never()).saveClientRedirect(request, request.getParameter(FORM_REDIRECT_PARAMETER)); }
@Before public void setUp() { this.oldRequestAttributes = new ServletRequestAttributes(new MockHttpServletRequest()); this.newRequestAttributes = new ServletRequestAttributes(new MockHttpServletRequest()); MockHttpServletRequest oldRequestWithSession = new MockHttpServletRequest(); oldRequestWithSession.setSession(new MockHttpSession()); this.oldRequestAttributesWithSession = new ServletRequestAttributes(oldRequestWithSession); MockHttpServletRequest newRequestWithSession = new MockHttpServletRequest(); newRequestWithSession.setSession(new MockHttpSession()); this.newRequestAttributesWithSession = new ServletRequestAttributes(newRequestWithSession); }
@Test public void saveFormRedirectRequest() throws Exception { String redirectUri = "http://login"; request.setSession(session); request.setParameter(FORM_REDIRECT_PARAMETER, redirectUri); request.setServerName(new URL(redirectUri).getHost()); spy.saveRequest(request, new MockHttpServletResponse()); verify(spy).saveClientRedirect(request, request.getParameter(FORM_REDIRECT_PARAMETER)); }
@Test public void testSessionScoping() throws Exception { MockHttpSession oldSession = new MockHttpSession(); MockHttpSession newSession = new MockHttpSession(); MockHttpServletRequest request = new MockHttpServletRequest(); request.setSession(oldSession); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(request)); ITestBean scoped = (ITestBean) this.context.getBean("sessionScoped"); assertTrue("Should be AOP proxy", AopUtils.isAopProxy(scoped)); assertFalse("Should not be target class proxy", scoped instanceof TestBean); ITestBean scopedAlias = (ITestBean) this.context.getBean("sessionScopedAlias"); assertSame(scoped, scopedAlias); ITestBean testBean = (ITestBean) this.context.getBean("testBean"); assertTrue("Should be AOP proxy", AopUtils.isAopProxy(testBean)); assertFalse("Regular bean should be JDK proxy", testBean instanceof TestBean); String rob = "Rob Harrop"; String bram = "Bram Smeets"; assertEquals(rob, scoped.getName()); scoped.setName(bram); request.setSession(newSession); assertEquals(rob, scoped.getName()); request.setSession(oldSession); assertEquals(bram, scoped.getName()); assertTrue("Should have advisors", ((Advised) scoped).getAdvisors().length > 0); }
@Test public void saveFormRedirectRequest_GET_Method() throws Exception { request.setSession(session); request.setParameter(FORM_REDIRECT_PARAMETER, "http://login"); request.setMethod(HttpMethod.GET.name()); spy.saveRequest(request, new MockHttpServletResponse()); verify(spy, never()).saveClientRedirect(request, request.getParameter(FORM_REDIRECT_PARAMETER)); }
@Test public void saveAuthorizationRequestWhenNoExistingSessionAndDistributedSessionThenSaved() { MockHttpServletRequest request = new MockHttpServletRequest(); request.setSession(new MockDistributedHttpSession()); OAuth2AuthorizationRequest authorizationRequest = createAuthorizationRequest().build(); this.authorizationRequestRepository.saveAuthorizationRequest( authorizationRequest, request, new MockHttpServletResponse()); request.addParameter(OAuth2ParameterNames.STATE, authorizationRequest.getState()); OAuth2AuthorizationRequest loadedAuthorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request); assertThat(loadedAuthorizationRequest).isEqualTo(authorizationRequest); }
@Test public void requestWhenCreateSessionIsSetToNeverThenUsesExistingSession() throws Exception { this.spring.configLocations(this.xml("CreateSessionNever")).autowire(); MockHttpServletRequest request = post("/login") .param("username", "user") .param("password", "password") .buildRequest(this.servletContext()); request = csrf().postProcessRequest(request); MockHttpSession session = new MockHttpSession(); request.setSession(session); MockHttpServletResponse response = request(request, this.spring.getContext()); assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_MOVED_TEMPORARILY); assertThat(request.getSession(false)).isNotNull(); assertThat(request.getSession(false).getAttribute(SPRING_SECURITY_CONTEXT_KEY)) .isNotNull(); }
@Test public void saveClientRedirect_On_Regular_Get() throws Exception { request.setSession(session); request.setScheme("http"); request.setServerName("localhost"); request.setRequestURI("/test"); request.setMethod(HttpMethod.GET.name()); spy.saveRequest(request, new MockHttpServletResponse()); verify(spy, times(1)).saveClientRedirect(request, "http://localhost/test"); }
@Test public void testNoSavedRequest() throws IOException, ServletException { LoginSAMLAuthenticationFailureHandler handler = new LoginSAMLAuthenticationFailureHandler(); DefaultSavedRequest savedRequest = mock(DefaultSavedRequest.class); Map<String, String[]> parameterMap = new HashMap<String, String[]>(); parameterMap.put("redirect_uri", new String[] { "https://example.com" }); when(savedRequest.getParameterMap()).thenReturn(parameterMap); MockHttpSession session = new MockHttpSession(); MockHttpServletRequest request = new MockHttpServletRequest(); request.setSession(session); MockHttpServletResponse response = new MockHttpServletResponse(); LoginSAMLException exception = new LoginSAMLException("Denied!"); handler.onAuthenticationFailure(request, response, exception); String actual = response.getRedirectedUrl(); assertEquals(null, actual); int status = response.getStatus(); assertEquals(401, status); }
@Test public void testErrorRedirect() throws IOException, ServletException { LoginSAMLAuthenticationFailureHandler handler = new LoginSAMLAuthenticationFailureHandler(); DefaultSavedRequest savedRequest = mock(DefaultSavedRequest.class); Map<String, String[]> parameterMap = new HashMap<String, String[]>(); parameterMap.put("redirect_uri", new String[] { "https://example.com" }); when(savedRequest.getParameterMap()).thenReturn(parameterMap); MockHttpSession session = new MockHttpSession(); session.setAttribute(SAVED_REQUEST_SESSION_ATTRIBUTE, savedRequest); MockHttpServletRequest request = new MockHttpServletRequest(); request.setSession(session); MockHttpServletResponse response = new MockHttpServletResponse(); LoginSAMLException exception = new LoginSAMLException("Denied!"); handler.onAuthenticationFailure(request, response, exception); String actual = response.getRedirectedUrl(); assertEquals("https://example.com/?error=access_denied&error_description=Denied%21", actual); int status = response.getStatus(); assertEquals(302, status); }
@Test public void saveAuthorizationRequestWhenExistingSessionAndDistributedSessionThenSaved() { MockHttpServletRequest request = new MockHttpServletRequest(); request.setSession(new MockDistributedHttpSession()); OAuth2AuthorizationRequest authorizationRequest1 = createAuthorizationRequest().build(); this.authorizationRequestRepository.saveAuthorizationRequest( authorizationRequest1, request, new MockHttpServletResponse()); OAuth2AuthorizationRequest authorizationRequest2 = createAuthorizationRequest().build(); this.authorizationRequestRepository.saveAuthorizationRequest( authorizationRequest2, request, new MockHttpServletResponse()); request.addParameter(OAuth2ParameterNames.STATE, authorizationRequest2.getState()); OAuth2AuthorizationRequest loadedAuthorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request); assertThat(loadedAuthorizationRequest).isEqualTo(authorizationRequest2); }
@Test public void should_save_condition_works() throws MalformedURLException { assertFalse(cache.shouldSaveFormRedirectParameter(request)); request.setPathInfo("/login.do"); assertFalse(cache.shouldSaveFormRedirectParameter(request)); request.setParameter(FORM_REDIRECT_PARAMETER, redirectUri); request.setServerName(new URL(redirectUri).getHost()); assertTrue(cache.shouldSaveFormRedirectParameter(request)); request.setSession(session); assertTrue(cache.shouldSaveFormRedirectParameter(request)); ClientRedirectSavedRequest savedRequest = new ClientRedirectSavedRequest(request, redirectUri); session.setAttribute(SAVED_REQUEST_SESSION_ATTRIBUTE, savedRequest); assertFalse(cache.shouldSaveFormRedirectParameter(request)); }
protected MockHttpServletRequest makeRequest(String body, String queryString) throws UnsupportedEncodingException { MockHttpServletRequest request = new MockHttpServletRequest(); request.setScheme("http"); request.setServerName("localhost"); request.setContextPath("/geoserver"); request.setRequestURI("/geoserver"); request.setQueryString(queryString != null ? queryString : ""); request.setRemoteAddr("127.0.0.1"); request.setServletPath("/geoserver"); request.setContentType("application/x-www-form-urlencoded"); request.setMethod("POST"); request.setContent(body.getBytes("UTF-8")); MockHttpSession session = new MockHttpSession(new MockServletContext()); request.setSession(session); request.setUserPrincipal(null); return request; }