List of usage examples for org.springframework.mock.web MockHttpServletRequest setRequestURI
public void setRequestURI(@Nullable String requestURI)
From source file:org.apache.archiva.webdav.RepositoryServletSecurityTest.java
@Test public void testPutWithValidUserWithWriteAccess() throws Exception { assertTrue(repoRootInternal.getRoot().exists()); MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(); String putUrl = "http://machine.com/repository/internal/path/to/artifact.jar"; InputStream is = getClass().getResourceAsStream("/artifact.jar"); assertNotNull("artifact.jar inputstream", is); servlet.setDavSessionProvider(davSessionProvider); ArchivaDavResourceFactory archivaDavResourceFactory = (ArchivaDavResourceFactory) servlet .getResourceFactory();//from w w w. j av a2s . c om archivaDavResourceFactory.setHttpAuth(httpAuth); archivaDavResourceFactory.setServletAuth(servletAuth); TestAuditListener listener = new TestAuditListener(); archivaDavResourceFactory.addAuditListener(listener); servlet.setResourceFactory(archivaDavResourceFactory); AuthenticationResult result = new AuthenticationResult(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), anyObject(AuthenticationResult.class))).andReturn(true); User user = new SimpleUser(); user.setUsername("admin"); // ArchivaDavResourceFactory#isAuthorized() SecuritySession session = new DefaultSecuritySession(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(httpAuth.getSecuritySession(mockHttpServletRequest.getSession())).andReturn(session); EasyMock.expect(httpAuth.getSessionUser(mockHttpServletRequest.getSession())).andReturn(user); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), eq(result))) .andReturn(true); EasyMock.expect(servletAuth.isAuthorized(anyObject(HttpServletRequest.class), eq(session), eq("internal"), eq(ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD))).andReturn(true); httpAuthControl.replay(); servletAuthControl.replay(); mockHttpServletRequest.addHeader("User-Agent", "foo"); mockHttpServletRequest.setMethod("PUT"); mockHttpServletRequest.setRequestURI("/repository/internal/path/to/artifact.jar"); mockHttpServletRequest.setContent(IOUtils.toByteArray(is)); mockHttpServletRequest.setContentType("application/octet-stream"); MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse(); servlet.service(mockHttpServletRequest, mockHttpServletResponse); httpAuthControl.verify(); servletAuthControl.verify(); assertEquals(HttpServletResponse.SC_CREATED, mockHttpServletResponse.getStatus()); assertEquals("admin", listener.getEvents().get(0).getUserId()); }
From source file:org.apache.archiva.webdav.RepositoryServletSecurityTest.java
@Test public void testGetWithInvalidUserAndGuestHasReadAccess() throws Exception { String commonsLangJar = "commons-lang/commons-lang/2.1/commons-lang-2.1.jar"; String expectedArtifactContents = "dummy-commons-lang-artifact"; File artifactFile = new File(repoRootInternal.getRoot(), commonsLangJar); artifactFile.getParentFile().mkdirs(); FileUtils.writeStringToFile(artifactFile, expectedArtifactContents, Charset.defaultCharset()); servlet.setDavSessionProvider(davSessionProvider); ArchivaDavResourceFactory archivaDavResourceFactory = (ArchivaDavResourceFactory) servlet .getResourceFactory();// w w w .ja v a 2 s .c o m archivaDavResourceFactory.setHttpAuth(httpAuth); archivaDavResourceFactory.setServletAuth(servletAuth); servlet.setResourceFactory(archivaDavResourceFactory); AuthenticationResult result = new AuthenticationResult(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), anyObject(AuthenticationResult.class))) .andThrow(new AuthenticationException("Authentication error")); EasyMock.expect( servletAuth.isAuthorized("guest", "internal", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS)) .andReturn(true); // ArchivaDavResourceFactory#isAuthorized() SecuritySession session = new DefaultSecuritySession(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(httpAuth.getSecuritySession(anyObject(HttpSession.class))).andReturn(session); EasyMock.expect(httpAuth.getSessionUser(anyObject(HttpSession.class))).andReturn(null); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), eq(result))) .andReturn(true); EasyMock.expect(servletAuth.isAuthorized(anyObject(HttpServletRequest.class), eq(session), eq("internal"), eq(ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS))).andReturn(true); httpAuthControl.replay(); servletAuthControl.replay(); MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(); mockHttpServletRequest.addHeader("User-Agent", "foo"); mockHttpServletRequest.setMethod("GET"); mockHttpServletRequest.setRequestURI("/repository/internal/" + commonsLangJar); MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse(); servlet.service(mockHttpServletRequest, mockHttpServletResponse); httpAuthControl.verify(); servletAuthControl.verify(); assertEquals(HttpServletResponse.SC_OK, mockHttpServletResponse.getStatus()); assertEquals("Expected file contents", expectedArtifactContents, mockHttpServletResponse.getContentAsString()); }
From source file:org.apache.archiva.webdav.RepositoryServletSecurityTest.java
@Test public void testGetWithInvalidUserAndGuestHasNoReadAccess() throws Exception { String commonsLangJar = "commons-lang/commons-lang/2.1/commons-lang-2.1.jar"; String expectedArtifactContents = "dummy-commons-lang-artifact"; File artifactFile = new File(repoRootInternal.getRoot(), commonsLangJar); artifactFile.getParentFile().mkdirs(); FileUtils.writeStringToFile(artifactFile, expectedArtifactContents, Charset.defaultCharset()); servlet.setDavSessionProvider(davSessionProvider); AuthenticationResult result = new AuthenticationResult(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), anyObject(AuthenticationResult.class))) .andThrow(new AuthenticationException("Authentication error")); EasyMock.expect(//from w w w . j av a 2 s. c o m servletAuth.isAuthorized("guest", "internal", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS)) .andReturn(false); httpAuthControl.replay(); servletAuthControl.replay(); MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(); mockHttpServletRequest.addHeader("User-Agent", "foo"); mockHttpServletRequest.setMethod("GET"); mockHttpServletRequest.setRequestURI("/repository/internal/" + commonsLangJar); MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse(); servlet.service(mockHttpServletRequest, mockHttpServletResponse); httpAuthControl.verify(); servletAuthControl.verify(); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, mockHttpServletResponse.getStatus()); }
From source file:org.apache.archiva.webdav.RepositoryServletSecurityTest.java
@Test public void testGetWithAValidUserWithReadAccess() throws Exception { String commonsLangJar = "commons-lang/commons-lang/2.1/commons-lang-2.1.jar"; String expectedArtifactContents = "dummy-commons-lang-artifact"; File artifactFile = new File(repoRootInternal.getRoot(), commonsLangJar); artifactFile.getParentFile().mkdirs(); FileUtils.writeStringToFile(artifactFile, expectedArtifactContents, Charset.defaultCharset()); servlet.setDavSessionProvider(davSessionProvider); ArchivaDavResourceFactory archivaDavResourceFactory = (ArchivaDavResourceFactory) servlet .getResourceFactory();//w w w. j av a2s. co m archivaDavResourceFactory.setHttpAuth(httpAuth); archivaDavResourceFactory.setServletAuth(servletAuth); servlet.setResourceFactory(archivaDavResourceFactory); AuthenticationResult result = new AuthenticationResult(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), anyObject(AuthenticationResult.class))).andReturn(true); // ArchivaDavResourceFactory#isAuthorized() SecuritySession session = new DefaultSecuritySession(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(httpAuth.getSecuritySession(anyObject(HttpSession.class))).andReturn(session); EasyMock.expect(httpAuth.getSessionUser(anyObject(HttpSession.class))).andReturn(new SimpleUser()); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), eq(result))) .andReturn(true); EasyMock.expect(servletAuth.isAuthorized(anyObject(HttpServletRequest.class), eq(session), eq("internal"), eq(ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS))).andReturn(true); httpAuthControl.replay(); servletAuthControl.replay(); MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(); mockHttpServletRequest.addHeader("User-Agent", "foo"); mockHttpServletRequest.setMethod("GET"); mockHttpServletRequest.setRequestURI("/repository/internal/" + commonsLangJar); MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse(); servlet.service(mockHttpServletRequest, mockHttpServletResponse); httpAuthControl.verify(); servletAuthControl.verify(); assertEquals(HttpServletResponse.SC_OK, mockHttpServletResponse.getStatus()); assertEquals("Expected file contents", expectedArtifactContents, mockHttpServletResponse.getContentAsString()); }
From source file:org.apache.archiva.webdav.RepositoryServletSecurityTest.java
@Test public void testGetWithAValidUserWithNoReadAccess() throws Exception { String commonsLangJar = "commons-lang/commons-lang/2.1/commons-lang-2.1.jar"; String expectedArtifactContents = "dummy-commons-lang-artifact"; File artifactFile = new File(repoRootInternal.getRoot(), commonsLangJar); artifactFile.getParentFile().mkdirs(); FileUtils.writeStringToFile(artifactFile, expectedArtifactContents, Charset.defaultCharset()); servlet.setDavSessionProvider(davSessionProvider); ArchivaDavResourceFactory archivaDavResourceFactory = (ArchivaDavResourceFactory) servlet .getResourceFactory();//w w w . j a va 2s . com archivaDavResourceFactory.setHttpAuth(httpAuth); archivaDavResourceFactory.setServletAuth(servletAuth); servlet.setResourceFactory(archivaDavResourceFactory); AuthenticationResult result = new AuthenticationResult(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), anyObject(AuthenticationResult.class))).andReturn(true); // ArchivaDavResourceFactory#isAuthorized() SecuritySession session = new DefaultSecuritySession(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(httpAuth.getSecuritySession(anyObject(HttpSession.class))).andReturn(session); EasyMock.expect(httpAuth.getSessionUser(anyObject(HttpSession.class))).andReturn(new SimpleUser()); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), eq(result))) .andReturn(true); EasyMock.expect(servletAuth.isAuthorized(anyObject(HttpServletRequest.class), eq(session), eq("internal"), eq(ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS))) .andThrow(new UnauthorizedException("User not authorized to read repository.")); httpAuthControl.replay(); servletAuthControl.replay(); MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(); mockHttpServletRequest.addHeader("User-Agent", "foo"); mockHttpServletRequest.setMethod("GET"); mockHttpServletRequest.setRequestURI("/repository/internal/" + commonsLangJar); MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse(); servlet.service(mockHttpServletRequest, mockHttpServletResponse); httpAuthControl.verify(); servletAuthControl.verify(); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, mockHttpServletResponse.getStatus()); }
From source file:org.apache.struts2.StrutsJUnit4TestCase.java
/** * Finds an ActionMapping for a given url */// w w w .ja v a 2 s.c o m protected ActionMapping getActionMapping(String url) { MockHttpServletRequest req = new MockHttpServletRequest(); req.setRequestURI(url); return getActionMapping(req); }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenMvcMockTests.java
@Test public void test_saml_bearer_grant() throws Exception { String subdomain = generator.generate().toLowerCase(); //all our SAML defaults use :8080/uaa/ so we have to use that here too String host = subdomain + ".localhost"; String fullPath = "/uaa/oauth/token/alias/" + subdomain + ".cloudfoundry-saml-login"; String origin = subdomain + ".cloudfoundry-saml-login"; MockMvcUtils.IdentityZoneCreationResult zone = MockMvcUtils .createOtherIdentityZoneAndReturnResult(subdomain, getMockMvc(), getWebApplicationContext(), null); //create an actual IDP, so we can fetch metadata String idpMetadata = MockMvcUtils.getIDPMetaData(getMockMvc(), subdomain); //create an IDP in the default zone SamlIdentityProviderDefinition idpDef = createLocalSamlIdpDefinition(origin, zone.getIdentityZone().getId(), idpMetadata);/*from w w w . j a v a2 s . c o m*/ IdentityProvider provider = new IdentityProvider(); provider.setConfig(idpDef); provider.setActive(true); provider.setIdentityZoneId(zone.getIdentityZone().getId()); provider.setName(origin); provider.setOriginKey(origin); IdentityZoneHolder.set(zone.getIdentityZone()); getWebApplicationContext().getBean(JdbcIdentityProviderProvisioning.class).create(provider); getWebApplicationContext().getBean(ZoneAwareIdpMetadataManager.class).refreshAllProviders(); IdentityZoneHolder.clear(); String assertion = samlTestUtils.mockAssertionEncoded(subdomain + ".cloudfoundry-saml-login", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "Saml2BearerIntegrationUser", "http://" + subdomain + ".localhost:8080/uaa/oauth/token/alias/" + subdomain + ".cloudfoundry-saml-login", subdomain + ".cloudfoundry-saml-login"); //create client in default zone String clientId = "testclient" + generator.generate(); setUpClients(clientId, "uaa.none", "uaa.user,openid", GRANT_TYPE_SAML2_BEARER + ",password", true, TEST_REDIRECT_URI, null, 600, zone.getIdentityZone()); //String fullPath = "/uaa/oauth/token"; MockHttpServletRequestBuilder post = post(fullPath).with(new RequestPostProcessor() { @Override public MockHttpServletRequest postProcessRequest(MockHttpServletRequest request) { request.setServerPort(8080); request.setRequestURI(fullPath); request.setServerName(host); return request; } }).contextPath("/uaa").accept(APPLICATION_JSON).header(HOST, host).contentType(APPLICATION_FORM_URLENCODED) .param("grant_type", "urn:ietf:params:oauth:grant-type:saml2-bearer").param("client_id", clientId) .param("client_secret", "secret").param("assertion", assertion); getMockMvc().perform(post).andDo(print()).andExpect(status().isOk()) .andExpect(jsonPath("$.access_token").exists()) .andExpect(jsonPath("$.scope").value("openid uaa.user")); getMockMvc().perform(post.param("scope", "uaa.admin")).andDo(print()).andExpect(status().isUnauthorized()); }
From source file:org.cloudfoundry.identity.uaa.mock.token.TokenMvcMockTests.java
@Test public void test_two_zone_saml_bearer_grant() throws Exception { String subdomain = generator.generate().toLowerCase(); //all our SAML defaults use :8080/uaa/ so we have to use that here too String spInvocationEndpoint = "/uaa/oauth/token/alias/cloudfoundry-saml-login"; String idpOrigin = subdomain + ".cloudfoundry-saml-login"; //create an zone - that zone will be our IDP MockMvcUtils.IdentityZoneCreationResult zone = MockMvcUtils .createOtherIdentityZoneAndReturnResult(subdomain, getMockMvc(), getWebApplicationContext(), null); //create an actual IDP, so we can fetch metadata String spMetadata = MockMvcUtils.getSPMetadata(getMockMvc(), null); String idpMetadata = MockMvcUtils.getIDPMetaData(getMockMvc(), subdomain); //create an IDP in the default zone SamlIdentityProviderDefinition idpDef = createLocalSamlIdpDefinition(idpOrigin, IdentityZone.getUaa().getId(), idpMetadata); IdentityProvider provider = new IdentityProvider(); provider.setConfig(idpDef);//ww w . ja v a 2 s . c o m provider.setActive(true); provider.setIdentityZoneId(IdentityZone.getUaa().getId()); provider.setName(idpOrigin); provider.setOriginKey(idpOrigin); IdentityZoneHolder.clear(); getWebApplicationContext().getBean(JdbcIdentityProviderProvisioning.class).create(provider); getWebApplicationContext().getBean(ZoneAwareIdpMetadataManager.class).refreshAllProviders(); IdentityZoneHolder.clear(); String assertion = samlTestUtils.mockAssertionEncoded(subdomain + ".cloudfoundry-saml-login", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "Saml2BearerIntegrationUser", "http://localhost:8080/uaa/oauth/token/alias/cloudfoundry-saml-login", "cloudfoundry-saml-login"); //create client in default zone String clientId = "testclient" + generator.generate(); setUpClients(clientId, "uaa.none", "uaa.user,openid", GRANT_TYPE_SAML2_BEARER + ",password", true, TEST_REDIRECT_URI, null, 600, null); MockHttpServletRequestBuilder post = post(spInvocationEndpoint).with(new RequestPostProcessor() { @Override public MockHttpServletRequest postProcessRequest(MockHttpServletRequest request) { request.setServerPort(8080); request.setRequestURI(spInvocationEndpoint); request.setServerName("localhost"); return request; } }).contextPath("/uaa").accept(APPLICATION_JSON).header(HOST, "localhost") .contentType(APPLICATION_FORM_URLENCODED) .param("grant_type", "urn:ietf:params:oauth:grant-type:saml2-bearer").param("client_id", clientId) .param("client_secret", "secret").param("assertion", assertion); String json = getMockMvc().perform(post).andDo(print()).andExpect(status().isOk()) .andExpect(jsonPath("$.access_token").exists()) .andExpect(jsonPath("$.scope").value("openid uaa.user")).andReturn().getResponse() .getContentAsString(); System.out.println("json = " + json); getMockMvc().perform(post.param("scope", "uaa.admin")).andDo(print()).andExpect(status().isUnauthorized()); }
From source file:org.cloudifysource.rest.AttributesContollerTest.java
private MockHttpServletRequest createMockGetRequest(final String requestUri) { final MockHttpServletRequest request = new MockHttpServletRequest(); request.setRequestURI(requestUri); request.setMethod("GET"); request.setContentType("application/json"); return request; }
From source file:org.cloudifysource.rest.AttributesContollerTest.java
private MockHttpServletRequest createMockPostRequest(final String requestUri, final String contentAsJson) { final MockHttpServletRequest request = new MockHttpServletRequest(); request.setRequestURI(requestUri); request.setMethod("POST"); request.setContentType("application/json"); if (StringUtils.isNotBlank(contentAsJson)) { request.setContent(contentAsJson.getBytes()); }/* w ww . ja va 2s . c o m*/ return request; }