SEC-2368: DebugFilter outputs headers and HTTP method
This commit is contained in:
@@ -1,5 +1,6 @@
|
||||
package org.springframework.security.web.debug;
|
||||
|
||||
import static org.fest.assertions.Assertions.assertThat;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.mockito.Matchers.anyString;
|
||||
import static org.mockito.Matchers.eq;
|
||||
@@ -7,6 +8,8 @@ import static org.mockito.Mockito.never;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import java.util.Collections;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletRequestWrapper;
|
||||
@@ -21,10 +24,8 @@ import org.mockito.Mock;
|
||||
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
|
||||
import org.powermock.modules.junit4.PowerMockRunner;
|
||||
import org.powermock.reflect.internal.WhiteboxImpl;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.security.web.debug.DebugFilter;
|
||||
import org.springframework.security.web.debug.DebugRequestWrapper;
|
||||
import org.springframework.security.web.debug.Logger;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -36,6 +37,9 @@ import org.springframework.security.web.debug.Logger;
|
||||
public class DebugFilterTest {
|
||||
@Captor
|
||||
private ArgumentCaptor<HttpServletRequest> requestCaptor;
|
||||
@Captor
|
||||
private ArgumentCaptor<String> logCaptor;
|
||||
|
||||
@Mock
|
||||
private HttpServletRequest request;
|
||||
@Mock
|
||||
@@ -53,6 +57,7 @@ public class DebugFilterTest {
|
||||
|
||||
@Before
|
||||
public void setUp() {
|
||||
when(request.getHeaderNames()).thenReturn(Collections.enumeration(Collections.<String>emptyList()));
|
||||
when(request.getServletPath()).thenReturn("/login");
|
||||
filter = new DebugFilter(fcp);
|
||||
WhiteboxImpl.setInternalState(filter, Logger.class, logger);
|
||||
@@ -92,4 +97,32 @@ public class DebugFilterTest {
|
||||
|
||||
verify(fcp).doFilter(fireWalledRequest, response, filterChain);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void doFilterLogsProperly() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setMethod("GET");
|
||||
request.setServletPath("/path");
|
||||
request.setPathInfo("/");
|
||||
request.addHeader("A", "A Value");
|
||||
request.addHeader("A", "Another Value");
|
||||
request.addHeader("B", "B Value");
|
||||
|
||||
filter.doFilter(request, response, filterChain);
|
||||
|
||||
verify(logger).info(logCaptor.capture());
|
||||
|
||||
assertThat(logCaptor.getValue()).isEqualTo("Request received for GET '/path/':\n" +
|
||||
"\n" +
|
||||
request + "\n" +
|
||||
"\n" +
|
||||
"servletPath:/path\n" +
|
||||
"pathInfo:/\n" +
|
||||
"headers: \n" +
|
||||
"A: A Value, Another Value\n" +
|
||||
"B: B Value\n" +
|
||||
"\n" +
|
||||
"\n" +
|
||||
"Security filter chain: no match");
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user