garrettmills/commafeed
1
0
Fork 0
forked from Archives/Athou_commafeed
Code Pull Requests Activity

set a Max-Age on the auth cookie

Browse Source
This commit is contained in:
Athou
2024-08-12 13:10:35 +02:00
parent 6b0aa32da2
commit 89405009ec
3 changed files with 142 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
commafeed-server/src/test/java/com/commafeed/integration/SecurityIT.java
View File

@@ -1,6 +1,9 @@
package com.commafeed.integration;
import java.net.HttpCookie;
import java.util.Base64;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.hc.core5.http.HttpStatus;
import org.junit.jupiter.api.Assertions;
@@ -27,6 +30,30 @@ class SecurityIT extends BaseIT {
}
}
@Test
void formLogin() {
List<HttpCookie> cookies = login();
try (Response response = getClient().target(getApiBaseUrl() + "user/profile")
.request()
.header(HttpHeaders.COOKIE, cookies.stream().map(HttpCookie::toString).collect(Collectors.joining(";")))
.get()) {
Assertions.assertEquals(HttpStatus.SC_OK, response.getStatus());
cookies.forEach(c -> Assertions.assertTrue(c.getMaxAge() > 0));
}
}
@Test
void basicAuthLogin() {
String auth = "Basic " + Base64.getEncoder().encodeToString("admin:admin".getBytes());
try (Response response = getClient().target(getApiBaseUrl() + "user/profile")
.request()
.header(HttpHeaders.AUTHORIZATION, auth)
.get()) {
Assertions.assertEquals(HttpStatus.SC_OK, response.getStatus());
}
}
@Test
void wrongPassword() {
String auth = "Basic " + Base64.getEncoder().encodeToString("admin:wrong-password".getBytes());