@Test public void testAuthenticateSuccess() { OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider(); provider.setUserDetailsService(new MockUserDetailsService()); Authentication preAuth = new OpenIDAuthenticationToken( OpenIDAuthenticationStatus.SUCCESS, USERNAME, "", null); assertThat(preAuth.isAuthenticated()).isFalse(); Authentication postAuth = provider.authenticate(preAuth); assertThat(postAuth).isNotNull(); assertThat(postAuth instanceof OpenIDAuthenticationToken).isTrue(); assertThat(postAuth.isAuthenticated()).isTrue(); assertThat(postAuth.getPrincipal()).isNotNull(); assertThat(postAuth.getPrincipal() instanceof UserDetails).isTrue(); assertThat(postAuth.getAuthorities()).isNotNull(); assertThat(postAuth.getAuthorities().size() > 0).isTrue(); assertThat( ((OpenIDAuthenticationToken) postAuth).getStatus() == OpenIDAuthenticationStatus.SUCCESS).isTrue(); assertThat(((OpenIDAuthenticationToken) postAuth).getMessage() == null).isTrue(); }
@Test public void failedVerificationReturnsFailedAuthenticationStatus() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); VerificationResult vr = mock(VerificationResult.class); DiscoveryInformation di = mock(DiscoveryInformation.class); when( mgr.verify(any(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute(DiscoveryInformation.class.getName(), di); OpenIDAuthenticationToken auth = consumer.endConsumption(request); assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.FAILURE); }
@SuppressWarnings("serial") @Test public void successfulVerificationReturnsExpectedAuthentication() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); VerificationResult vr = mock(VerificationResult.class); DiscoveryInformation di = mock(DiscoveryInformation.class); Identifier id = new Identifier() { public String getIdentifier() { return "id"; } }; Message msg = mock(Message.class); when( mgr.verify(any(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr); when(vr.getVerifiedId()).thenReturn(id); when(vr.getAuthResponse()).thenReturn(msg); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute(DiscoveryInformation.class.getName(), di); request.getSession().setAttribute( "SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST", attributes); OpenIDAuthenticationToken auth = consumer.endConsumption(request); assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.SUCCESS); }
OpenIDAuthenticationStatus status = response.getStatus();
@Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { if(exception instanceof UsernameNotFoundException && exception.getAuthentication() instanceof OpenIDAuthenticationToken && ((OpenIDAuthenticationToken)exception.getAuthentication()).getStatus().equals(OpenIDAuthenticationStatus.SUCCESS)) { OpenIDAuthenticationToken token = (OpenIDAuthenticationToken)exception.getAuthentication(); String url = token.getIdentityUrl(); User user = createTemporaryUser(token, url); request.getSession(true).setAttribute(ModelKeys.NEW_USER, user); DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); log.info("Redirecting to new user account creation page"); super.setRedirectStrategy(redirectStrategy); redirectStrategy.sendRedirect(request, response, "/"+ViewNames.CREATE_ACCOUNT_PAGE); return; } else { super.onAuthenticationFailure(request, response, exception); } }
OpenIDAuthenticationStatus status = response.getStatus();
if (token.getStatus() == OpenIDAuthenticationStatus.SUCCESS) {