|
|
@ -38,7 +38,7 @@ import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
|
|
|
|
import org.apache.hadoop.security.authentication.client.AuthenticationException;
|
|
|
|
import org.apache.hadoop.security.authentication.client.AuthenticationException;
|
|
|
|
import org.apache.hadoop.security.authentication.util.Signer;
|
|
|
|
import org.apache.hadoop.security.authentication.util.Signer;
|
|
|
|
import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
|
|
|
|
import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
|
|
|
|
import org.apache.hadoop.security.authentication.util.StringSignerSecretProvider;
|
|
|
|
import org.apache.hadoop.security.authentication.util.StringSignerSecretProviderCreator;
|
|
|
|
import org.junit.Assert;
|
|
|
|
import org.junit.Assert;
|
|
|
|
import org.junit.Test;
|
|
|
|
import org.junit.Test;
|
|
|
|
import org.mockito.Mockito;
|
|
|
|
import org.mockito.Mockito;
|
|
|
@ -158,15 +158,15 @@ public class TestAuthenticationFilter {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
FilterConfig config = Mockito.mock(FilterConfig.class);
|
|
|
|
FilterConfig config = Mockito.mock(FilterConfig.class);
|
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
|
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
|
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn(
|
|
|
|
Mockito.when(config.getInitParameter(
|
|
|
|
|
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn(
|
|
|
|
(new Long(TOKEN_VALIDITY_SEC)).toString());
|
|
|
|
(new Long(TOKEN_VALIDITY_SEC)).toString());
|
|
|
|
Mockito.when(config.getInitParameterNames()).thenReturn(
|
|
|
|
Mockito.when(config.getInitParameterNames()).thenReturn(
|
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements());
|
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
Mockito.when(context.getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
.thenReturn(null);
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
Assert.assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass());
|
|
|
|
Assert.assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass());
|
|
|
@ -179,27 +179,6 @@ public class TestAuthenticationFilter {
|
|
|
|
filter.destroy();
|
|
|
|
filter.destroy();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// string secret
|
|
|
|
|
|
|
|
filter = new AuthenticationFilter();
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
|
|
|
FilterConfig config = Mockito.mock(FilterConfig.class);
|
|
|
|
|
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
|
|
|
|
|
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
|
|
|
|
|
|
|
|
Mockito.when(config.getInitParameterNames()).thenReturn(
|
|
|
|
|
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET)).elements());
|
|
|
|
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
Assert.assertFalse(filter.isRandomSecret());
|
|
|
|
|
|
|
|
Assert.assertFalse(filter.isCustomSignerSecretProvider());
|
|
|
|
|
|
|
|
} finally {
|
|
|
|
|
|
|
|
filter.destroy();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// custom secret as inline
|
|
|
|
// custom secret as inline
|
|
|
|
filter = new AuthenticationFilter();
|
|
|
|
filter = new AuthenticationFilter();
|
|
|
|
try {
|
|
|
|
try {
|
|
|
@ -278,11 +257,7 @@ public class TestAuthenticationFilter {
|
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.COOKIE_DOMAIN,
|
|
|
|
AuthenticationFilter.COOKIE_DOMAIN,
|
|
|
|
AuthenticationFilter.COOKIE_PATH)).elements());
|
|
|
|
AuthenticationFilter.COOKIE_PATH)).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
Assert.assertEquals(".foo.com", filter.getCookieDomain());
|
|
|
|
Assert.assertEquals(".foo.com", filter.getCookieDomain());
|
|
|
|
Assert.assertEquals("/bar", filter.getCookiePath());
|
|
|
|
Assert.assertEquals("/bar", filter.getCookiePath());
|
|
|
@ -303,11 +278,7 @@ public class TestAuthenticationFilter {
|
|
|
|
new Vector<String>(
|
|
|
|
new Vector<String>(
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
Assert.assertTrue(DummyAuthenticationHandler.init);
|
|
|
|
Assert.assertTrue(DummyAuthenticationHandler.init);
|
|
|
|
} finally {
|
|
|
|
} finally {
|
|
|
@ -345,11 +316,7 @@ public class TestAuthenticationFilter {
|
|
|
|
Mockito.when(config.getInitParameterNames()).thenReturn(
|
|
|
|
Mockito.when(config.getInitParameterNames()).thenReturn(
|
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements());
|
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
Assert.assertEquals(PseudoAuthenticationHandler.class,
|
|
|
|
Assert.assertEquals(PseudoAuthenticationHandler.class,
|
|
|
@ -372,11 +339,7 @@ public class TestAuthenticationFilter {
|
|
|
|
new Vector<String>(
|
|
|
|
new Vector<String>(
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
@ -392,6 +355,7 @@ public class TestAuthenticationFilter {
|
|
|
|
@Test
|
|
|
|
@Test
|
|
|
|
public void testGetToken() throws Exception {
|
|
|
|
public void testGetToken() throws Exception {
|
|
|
|
AuthenticationFilter filter = new AuthenticationFilter();
|
|
|
|
AuthenticationFilter filter = new AuthenticationFilter();
|
|
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
FilterConfig config = Mockito.mock(FilterConfig.class);
|
|
|
|
FilterConfig config = Mockito.mock(FilterConfig.class);
|
|
|
|
Mockito.when(config.getInitParameter("management.operation.return")).
|
|
|
|
Mockito.when(config.getInitParameter("management.operation.return")).
|
|
|
@ -404,21 +368,13 @@ public class TestAuthenticationFilter {
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
|
|
|
|
|
secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
|
|
|
|
|
|
|
|
Signer signer = new Signer(secretProvider);
|
|
|
|
Signer signer = new Signer(secretProvider);
|
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
String tokenSigned = signer.sign(token.toString());
|
|
|
|
|
|
|
|
|
|
|
@ -448,18 +404,14 @@ public class TestAuthenticationFilter {
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
AuthenticationToken token =
|
|
|
|
AuthenticationToken token =
|
|
|
|
new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
|
new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
|
token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
|
|
|
|
token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
@ -500,17 +452,13 @@ public class TestAuthenticationFilter {
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
@ -536,6 +484,23 @@ public class TestAuthenticationFilter {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private static SignerSecretProvider getMockedServletContextWithStringSigner(
|
|
|
|
|
|
|
|
FilterConfig config) throws Exception {
|
|
|
|
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
|
|
|
|
secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
|
|
|
|
"secret");
|
|
|
|
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
|
|
|
|
secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(secretProvider);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
return secretProvider;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
@Test
|
|
|
|
public void testDoFilterNotAuthenticated() throws Exception {
|
|
|
|
public void testDoFilterNotAuthenticated() throws Exception {
|
|
|
|
AuthenticationFilter filter = new AuthenticationFilter();
|
|
|
|
AuthenticationFilter filter = new AuthenticationFilter();
|
|
|
@ -549,11 +514,7 @@ public class TestAuthenticationFilter {
|
|
|
|
new Vector<String>(
|
|
|
|
new Vector<String>(
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
@ -603,11 +564,7 @@ public class TestAuthenticationFilter {
|
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY,
|
|
|
|
AuthenticationFilter.AUTH_TOKEN_VALIDITY,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "management.operation" +
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "management.operation" +
|
|
|
|
".return", "expired.token")).elements());
|
|
|
|
".return", "expired.token")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (withDomainPath) {
|
|
|
|
if (withDomainPath) {
|
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter
|
|
|
|
Mockito.when(config.getInitParameter(AuthenticationFilter
|
|
|
@ -661,8 +618,8 @@ public class TestAuthenticationFilter {
|
|
|
|
Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class),
|
|
|
|
Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class),
|
|
|
|
Mockito.any(ServletResponse.class));
|
|
|
|
Mockito.any(ServletResponse.class));
|
|
|
|
|
|
|
|
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
@ -734,11 +691,7 @@ public class TestAuthenticationFilter {
|
|
|
|
new Vector<String>(
|
|
|
|
new Vector<String>(
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
@ -746,8 +699,8 @@ public class TestAuthenticationFilter {
|
|
|
|
|
|
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
@ -795,11 +748,7 @@ public class TestAuthenticationFilter {
|
|
|
|
new Vector<String>(
|
|
|
|
new Vector<String>(
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
@ -863,11 +812,7 @@ public class TestAuthenticationFilter {
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
@ -875,8 +820,8 @@ public class TestAuthenticationFilter {
|
|
|
|
|
|
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
|
|
|
|
token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
|
|
|
|
token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, secret);
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, secret);
|
|
|
@ -942,11 +887,7 @@ public class TestAuthenticationFilter {
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
@ -954,8 +895,8 @@ public class TestAuthenticationFilter {
|
|
|
|
|
|
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, secret);
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, secret);
|
|
|
@ -989,11 +930,7 @@ public class TestAuthenticationFilter {
|
|
|
|
new Vector<String>(
|
|
|
|
new Vector<String>(
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
"management.operation.return")).elements());
|
|
|
|
ServletContext context = Mockito.mock(ServletContext.class);
|
|
|
|
getMockedServletContextWithStringSigner(config);
|
|
|
|
Mockito.when(context.getAttribute(
|
|
|
|
|
|
|
|
AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE))
|
|
|
|
|
|
|
|
.thenReturn(null);
|
|
|
|
|
|
|
|
Mockito.when(config.getServletContext()).thenReturn(context);
|
|
|
|
|
|
|
|
filter.init(config);
|
|
|
|
filter.init(config);
|
|
|
|
|
|
|
|
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
|
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
|
|
|
@ -1013,8 +950,8 @@ public class TestAuthenticationFilter {
|
|
|
|
|
|
|
|
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
|
|
|
|
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
|
|
|
|
StringSignerSecretProvider secretProvider
|
|
|
|
SignerSecretProvider secretProvider =
|
|
|
|
= new StringSignerSecretProvider();
|
|
|
|
StringSignerSecretProviderCreator.newStringSignerSecretProvider();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
Properties secretProviderProps = new Properties();
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
secretProviderProps.setProperty(
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
|
AuthenticationFilter.SIGNATURE_SECRET, "secret");
|
|
|
|