List of usage examples for io.netty.handler.codec.http.cookie ClientCookieDecoder LAX
ClientCookieDecoder LAX
To view the source code for io.netty.handler.codec.http.cookie ClientCookieDecoder LAX.
Click Source Link
From source file:com.vmware.dcp.services.samples.TestSampleAuthenticationService.java
License:Open Source License
private void testAccessTokenRequest(VerificationHost host) { // make a request to get the accessToken for the authentication service Operation requestOp = Operation.createGet(host, SampleAuthenticationService.SELF_LINK).forceRemote(); Operation responseOp = host.getTestRequestSender().sendAndWait(requestOp); String cookieHeader = responseOp.getResponseHeader(Operation.SET_COOKIE_HEADER); assertNotNull(cookieHeader);//from w w w . j a v a 2s . c o m // assert the auth token cookie Cookie tokenCookie = ClientCookieDecoder.LAX.decode(cookieHeader); assertEquals(SampleAuthenticationService.ACCESS_TOKEN, tokenCookie.value()); // assert the auth token header assertEquals(SampleAuthenticationService.ACCESS_TOKEN, responseOp.getResponseHeader(Operation.REQUEST_AUTH_TOKEN_HEADER)); }
From source file:com.vmware.xenon.common.http.netty.NettyHttpServiceClient.java
License:Open Source License
private void updateCookieJarFromResponseHeaders(Operation op) { String value = op.getResponseHeader(Operation.SET_COOKIE_HEADER); if (value == null) { return;//from w w w . j a v a2s . c o m } Cookie cookie = ClientCookieDecoder.LAX.decode(value); if (cookie == null) { return; } this.cookieJar.add(op.getUri(), cookie); }
From source file:com.vmware.xenon.common.TestAuthentication.java
License:Open Source License
private void doAuthenticationServiceTokenRequest(VerificationHost host, boolean isSecure) throws Throwable { TestRequestSender sender = new TestRequestSender(host); host.log("Testing authenticationService token request"); // make a request to get the accessToken for the authentication service Operation requestOp = Operation.createGet(host, TestAuthenticationService.SELF_LINK).forceRemote(); Operation responseOp = sender.sendAndWait(requestOp); String cookieHeader = responseOp.getResponseHeader(SET_COOKIE_HEADER); assertNotNull(cookieHeader);/*from w w w . j ava2s . c o m*/ // assert the auth token cookie Cookie tokenCookie = ClientCookieDecoder.LAX.decode(cookieHeader); assertEquals(TestAuthenticationService.ACCESS_TOKEN, tokenCookie.value()); assertEquals(isSecure, tokenCookie.isSecure()); // assert the auth token header assertEquals(TestAuthenticationService.ACCESS_TOKEN, responseOp.getResponseHeader(Operation.REQUEST_AUTH_TOKEN_HEADER)); host.log("AuthenticationService token request is working"); }
From source file:com.vmware.xenon.common.TestAuthentication.java
License:Open Source License
private void testExternalAuthTokenRequestMultinode(ServiceHost host) { TestRequestSender sender = new TestRequestSender(host); // make a request to get the accessToken for the authentication service Operation requestOp = Operation.createGet(host, TestAuthenticationService.SELF_LINK).forceRemote(); Operation responseOp = sender.sendAndWait(requestOp); String cookieHeader = responseOp.getResponseHeader(SET_COOKIE_HEADER); assertNotNull(cookieHeader);//from w w w . jav a 2 s . c om // assert the auth token cookie Cookie tokenCookie = ClientCookieDecoder.LAX.decode(cookieHeader); assertEquals(TestAuthenticationService.ACCESS_TOKEN, tokenCookie.value()); // assert the auth token header assertEquals(TestAuthenticationService.ACCESS_TOKEN, responseOp.getResponseHeader(Operation.REQUEST_AUTH_TOKEN_HEADER)); }
From source file:com.vmware.xenon.services.common.authn.TestBasicAuthenticationService.java
License:Open Source License
@Test public void testAuth() throws Throwable { this.host.resetAuthorizationContext(); URI authServiceUri = UriUtils.buildUri(this.host, BasicAuthenticationService.SELF_LINK); // send a request with no authentication header this.host.testStart(1); this.host.send(Operation.createPost(authServiceUri).setBody(new Object()).setCompletion((o, e) -> { if (e == null) { this.host.failIteration(new IllegalStateException("request should have failed")); return; }//from ww w. j a va 2s .c o m if (o.getStatusCode() != Operation.STATUS_CODE_UNAUTHORIZED) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } String authHeader = o.getResponseHeader(BasicAuthenticationUtils.WWW_AUTHENTICATE_HEADER_NAME); if (authHeader == null || !authHeader.equals(BasicAuthenticationUtils.WWW_AUTHENTICATE_HEADER_VALUE)) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } this.host.completeIteration(); })); this.host.testWait(); // send a request with an authentication header for an invalid user String headerVal = constructBasicAuth(INVALID_USER, PASSWORD); this.host.testStart(1); this.host.send(Operation.createPost(authServiceUri).setBody(new Object()) .addRequestHeader(Operation.AUTHORIZATION_HEADER, headerVal).setCompletion((o, e) -> { if (e == null) { this.host.failIteration(new IllegalStateException("request should have failed")); return; } if (o.getStatusCode() != Operation.STATUS_CODE_FORBIDDEN) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } this.host.completeIteration(); })); this.host.testWait(); // send a request with a malformed authentication header String userPassStr = new String(Base64.getEncoder().encode(new StringBuffer(USER).toString().getBytes())); headerVal = new StringBuffer(BASIC_AUTH_PREFIX).append(userPassStr).toString(); this.host.testStart(1); this.host.send(Operation.createPost(authServiceUri).setBody(new Object()) .addRequestHeader(Operation.AUTHORIZATION_HEADER, headerVal).setCompletion((o, e) -> { if (e == null) { this.host.failIteration(new IllegalStateException("request should have failed")); return; } if (o.getStatusCode() != Operation.STATUS_CODE_BAD_REQUEST) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } this.host.completeIteration(); })); this.host.testWait(); // send a request with an invalid password headerVal = constructBasicAuth(USER, INVALID_PASSWORD); this.host.testStart(1); this.host.send(Operation.createPost(authServiceUri).setBody(new Object()) .addRequestHeader(Operation.AUTHORIZATION_HEADER, headerVal).setCompletion((o, e) -> { if (e == null) { this.host.failIteration(new IllegalStateException("request should have failed")); return; } if (o.getStatusCode() != Operation.STATUS_CODE_FORBIDDEN) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } this.host.completeIteration(); })); this.host.testWait(); // Next send a valid request headerVal = constructBasicAuth(USER, PASSWORD); this.host.testStart(1); this.host.send(Operation.createPost(authServiceUri).setBody(new Object()) .addRequestHeader(Operation.AUTHORIZATION_HEADER, headerVal).setCompletion((o, e) -> { if (e != null) { this.host.failIteration(e); return; } if (o.getStatusCode() != Operation.STATUS_CODE_OK) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } if (o.getAuthorizationContext() == null) { this.host.failIteration(new IllegalStateException("Authorization context not set")); return; } // now issue a logout AuthenticationRequest request = new AuthenticationRequest(); request.requestType = AuthenticationRequestType.LOGOUT; Operation logoutOp = Operation.createPost(authServiceUri).setBody(request).forceRemote() .setCompletion((oo, ee) -> { if (ee != null) { this.host.failIteration(ee); return; } if (oo.getStatusCode() != Operation.STATUS_CODE_OK) { this.host.failIteration( new IllegalStateException("Invalid status code returned")); return; } String cookieHeader = oo.getResponseHeader(SET_COOKIE_HEADER); if (cookieHeader == null) { this.host.failIteration(new IllegalStateException("Cookie is null")); return; } Cookie cookie = ClientCookieDecoder.LAX.decode(cookieHeader); if (cookie.maxAge() != 0) { this.host.failIteration( new IllegalStateException("Max-Age for cookie is not zero")); return; } this.host.resetAuthorizationContext(); this.host.completeIteration(); }); this.host.setAuthorizationContext(o.getAuthorizationContext()); this.host.send(logoutOp); })); this.host.testWait(); // Finally, send a valid remote request, and validate the cookie & auth token this.host.testStart(1); this.host.send(Operation.createPost(authServiceUri).setBody(new Object()).forceRemote() .addRequestHeader(Operation.AUTHORIZATION_HEADER, headerVal).setCompletion((o, e) -> { if (e != null) { this.host.failIteration(e); return; } if (o.getStatusCode() != Operation.STATUS_CODE_OK) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } if (!validateAuthToken(o)) { return; } this.host.completeIteration(); })); this.host.testWait(); // delete the user and issue a remote request as the user // we should see a 200 response as xenon invokes this // request with the guest context this.host.setSystemAuthorizationContext(); this.host.sendAndWait(Operation .createDelete(UriUtils.buildUri(this.host, UriUtils.buildUriPath(UserService.FACTORY_LINK, USER))) .setCompletion((o, e) -> { if (e != null) { this.host.failIteration(e); return; } this.host.completeIteration(); })); this.host.resetSystemAuthorizationContext(); this.host.assumeIdentity(UriUtils.buildUriPath(UserService.FACTORY_LINK, USER)); this.host.testStart(1); this.host.send(Operation.createGet(UriUtils.buildUri(this.host, UserService.FACTORY_LINK)).forceRemote() .setCompletion((o, e) -> { if (e != null) { this.host.failIteration(e); return; } if (o.getStatusCode() != Operation.STATUS_CODE_OK) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } this.host.completeIteration(); })); this.host.testWait(); }
From source file:com.vmware.xenon.services.common.authn.TestBasicAuthenticationService.java
License:Open Source License
private void logout(URI authServiceUri, String[] authToken) { this.host.testStart(1); AuthenticationRequest request = new AuthenticationRequest(); request.requestType = AuthenticationRequestType.LOGOUT; this.host.send(Operation.createPost(authServiceUri).setBody(request).forceRemote() .addRequestHeader(Operation.REQUEST_AUTH_TOKEN_HEADER, authToken[0]).setCompletion((oo, ee) -> { if (ee != null) { this.host.failIteration(ee); return; }/*from ww w . j a v a 2 s . c o m*/ if (oo.getStatusCode() != Operation.STATUS_CODE_OK) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } String cookieHeader = oo.getResponseHeader(SET_COOKIE_HEADER); if (cookieHeader == null) { this.host.failIteration(new IllegalStateException("Cookie is null")); return; } Cookie cookie = ClientCookieDecoder.LAX.decode(cookieHeader); if (cookie.maxAge() != 0) { this.host.failIteration(new IllegalStateException("Max-Age for cookie is not zero")); return; } this.host.completeIteration(); })); this.host.testWait(); }
From source file:com.vmware.xenon.services.common.authn.TestBasicAuthenticationService.java
License:Open Source License
private void doTestAuthWithUserInfo(boolean remote) throws Throwable { this.host.resetAuthorizationContext(); String userPassStr = new StringBuilder(USER).append(BASIC_AUTH_USER_SEPARATOR).append(PASSWORD).toString(); URI authServiceUri = UriUtils.buildUri(this.host, BasicAuthenticationService.SELF_LINK, null, userPassStr); this.host.testStart(1); Operation post = Operation.createPost(authServiceUri).setBody(new Object()).setCompletion((o, e) -> { if (e != null) { this.host.failIteration(e); return; }//w ww . ja va 2 s . c o m if (o.getStatusCode() != Operation.STATUS_CODE_OK) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } if (!o.isRemote() && o.getAuthorizationContext() == null) { this.host.failIteration(new IllegalStateException("Authorization context not set")); return; } // now issue a logout AuthenticationRequest request = new AuthenticationRequest(); request.requestType = AuthenticationRequestType.LOGOUT; Operation logoutOp = Operation.createPost(authServiceUri).setBody(request).forceRemote() .setCompletion((oo, ee) -> { if (ee != null) { this.host.failIteration(ee); return; } if (oo.getStatusCode() != Operation.STATUS_CODE_OK) { this.host.failIteration(new IllegalStateException("Invalid status code returned")); return; } String cookieHeader = oo.getResponseHeader(SET_COOKIE_HEADER); if (cookieHeader == null) { this.host.failIteration(new IllegalStateException("Cookie is null")); return; } Cookie cookie = ClientCookieDecoder.LAX.decode(cookieHeader); if (cookie.maxAge() != 0) { this.host.failIteration(new IllegalStateException("Max-Age for cookie is not zero")); return; } if (!cookie.isHttpOnly()) { this.host.failIteration(new IllegalStateException("Cookie is not HTTP-only")); return; } this.host.resetAuthorizationContext(); this.host.completeIteration(); }); this.host.setAuthorizationContext(o.getAuthorizationContext()); this.host.send(logoutOp); }); if (remote) { post.forceRemote(); } this.host.send(post); this.host.testWait(); }
From source file:com.vmware.xenon.services.common.authn.TestBasicAuthenticationService.java
License:Open Source License
private boolean validateAuthToken(Operation op) { String cookieHeader = op.getResponseHeader(SET_COOKIE_HEADER); if (cookieHeader == null) { this.host.failIteration(new IllegalStateException("Missing cookie header")); return false; }//www .jav a2 s . c o m Cookie tokenCookie = ClientCookieDecoder.LAX.decode(cookieHeader); if (!AuthenticationConstants.REQUEST_AUTH_TOKEN_COOKIE.equals(tokenCookie.name())) { this.host.failIteration(new IllegalStateException("Missing auth cookie")); return false; } if (op.getResponseHeader(Operation.REQUEST_AUTH_TOKEN_HEADER) == null) { this.host.failIteration(new IllegalStateException("Missing auth token")); return false; } String authCookie = tokenCookie.value(); String authToken = op.getResponseHeader(Operation.REQUEST_AUTH_TOKEN_HEADER); if (!authCookie.equals(authToken)) { this.host.failIteration(new IllegalStateException("Auth token and auth cookie don't match")); return false; } return true; }
From source file:org.asynchttpclient.CookieStoreTest.java
License:Open Source License
private void addCookieWithEmptyPath() { CookieStore store = new ThreadSafeCookieStore(); Uri uri = Uri.create("http://www.foo.com"); store.add(uri, ClientCookieDecoder.LAX.decode("ALPHA=VALUE1; path=")); assertTrue(store.get(uri).size() > 0); }
From source file:org.asynchttpclient.CookieStoreTest.java
License:Open Source License
private void dontReturnCookieForAnotherDomain() { CookieStore store = new ThreadSafeCookieStore(); store.add(Uri.create("http://www.foo.com"), ClientCookieDecoder.LAX.decode("ALPHA=VALUE1; path=")); assertTrue(store.get(Uri.create("http://www.bar.com")).isEmpty()); }