Archives/Athou_commafeed
1
0
Fork 1
mirror of https://github.com/Athou/commafeed.git synced 2026-03-21 21:37:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cover SecurityCheckProvider.SecurityCheckInjectable.cookieLogin with tests

Browse Source
This commit is contained in:
Sankaranarayanan Viswanathan
2014-10-11 13:18:09 -04:00
parent 326ee79c8c
commit 0059cabebe
3 changed files with 106 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/commafeed/backend/service/UserService.java
View File

@@ -54,7 +54,7 @@ public class UserService {
boolean authenticated = encryptionService.authenticate(password, user.getPassword(), user.getSalt()); boolean authenticated = encryptionService.authenticate(password, user.getPassword(), user.getSalt());
if (authenticated) { if (authenticated) {
afterLogin(user); afterLogin(user);
return Optional.fromNullable(user); return Optional.of(user);
} }
} }
return Optional.absent(); return Optional.absent();

4
src/main/java/com/commafeed/frontend/auth/SecurityCheckProvider.java
View File

@@ -35,7 +35,7 @@ public class SecurityCheckProvider implements InjectableProvider<SecurityCheck,
} }
@RequiredArgsConstructor @RequiredArgsConstructor
private static class SecurityCheckInjectable<T> extends AbstractHttpContextInjectable<User> { static class SecurityCheckInjectable<T> extends AbstractHttpContextInjectable<User> {
private static final String PREFIX = "Basic"; private static final String PREFIX = "Basic";
private final HttpServletRequest request; private final HttpServletRequest request;
@@ -66,7 +66,7 @@ public class SecurityCheckProvider implements InjectableProvider<SecurityCheck,
} }
} }
private Optional<User> cookieSessionLogin() { Optional<User> cookieSessionLogin() {
return userService.login(request.getSession(false)); return userService.login(request.getSession(false));
} }

103
src/test/java/com/commafeed/frontend/auth/SecurityCheckInjectableTest.java Normal file
View File

@@ -0,0 +1,103 @@
package com.commafeed.frontend.auth;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.junit.Assert;
import org.junit.Test;
import com.commafeed.backend.model.User;
import com.commafeed.backend.service.UserService;
import com.commafeed.backend.service.internal.PostLoginActivities;
import com.commafeed.frontend.auth.SecurityCheckProvider.SecurityCheckInjectable;
import com.commafeed.frontend.resource.UserREST;
import com.google.common.base.Optional;
public class SecurityCheckInjectableTest {
@Test public void
cookie_login_does_not_create_a_session_if_not_present() {
HttpServletRequest request = mock(HttpServletRequest.class);
UserService service = mock(UserService.class);
SecurityCheckInjectable injectable = new SecurityCheckInjectable(request, service, null, false);
injectable.cookieSessionLogin();
verify(request).getSession(false);
}
@Test public void
cookie_login_should_not_return_user_if_there_is_no_preexisting_http_session() {
HttpServletRequest request = mock(HttpServletRequest.class);
when(request.getSession(false)).thenReturn(null);
UserService service = new UserService(null, null, null, null, null, null);
SecurityCheckInjectable injectable = new SecurityCheckInjectable(request, service, null, false);
Optional<User> user = injectable.cookieSessionLogin();
Assert.assertFalse(user.isPresent());
}
@Test public void
cookie_login_should_not_return_user_if_user_not_present_in_http_session() {
HttpSession session = mock(HttpSession.class);
when(session.getAttribute(UserREST.SESSION_KEY_USER)).thenReturn(null);
HttpServletRequest request = mock(HttpServletRequest.class);
when(request.getSession(false)).thenReturn(session);
UserService service = new UserService(null, null, null, null, null, null);
SecurityCheckInjectable injectable = new SecurityCheckInjectable(request, service, null, false);
Optional<User> user = injectable.cookieSessionLogin();
Assert.assertFalse(user.isPresent());
}
@Test public void
cookie_login_should_perform_post_login_activities_if_user_present_in_http_session() {
User userInSession = new User();
HttpSession session = mock(HttpSession.class);
when(session.getAttribute(UserREST.SESSION_KEY_USER)).thenReturn(userInSession);
HttpServletRequest request = mock(HttpServletRequest.class);
when(request.getSession(false)).thenReturn(session);
PostLoginActivities postLoginActivities = mock(PostLoginActivities.class);
UserService service = new UserService(null, null, null, null, null, postLoginActivities);
SecurityCheckInjectable injectable = new SecurityCheckInjectable(request, service, null, false);
Optional<User> user = injectable.cookieSessionLogin();
verify(postLoginActivities).executeFor(userInSession);
}
@Test public void
calling_login_should_return_user_if_user_present_in_http_session() {
User userInSession = new User();
HttpSession session = mock(HttpSession.class);
when(session.getAttribute(UserREST.SESSION_KEY_USER)).thenReturn(userInSession);
HttpServletRequest request = mock(HttpServletRequest.class);
when(request.getSession(false)).thenReturn(session);
PostLoginActivities postLoginActivities = mock(PostLoginActivities.class);
UserService service = new UserService(null, null, null, null, null, postLoginActivities);
SecurityCheckInjectable injectable = new SecurityCheckInjectable(request, service, null, false);
Optional<User> user = injectable.cookieSessionLogin();
Assert.assertTrue(user.isPresent());
Assert.assertEquals(userInSession, user.get());
}
}