Polish Logout Content Negotiation
* Rename to DelegatingLogoutSuccessHandler for consistency * Remove JavascriptOriginRequestMatcher in favor of RequestHeaderRequestMatcher Issue gh-3282
This commit is contained in:
@@ -0,0 +1,118 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
import java.util.LinkedHashMap;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.runners.MockitoJUnitRunner;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
/**
|
||||
* DelegatingLogoutSuccessHandlerTests Tests
|
||||
*
|
||||
* @author Shazin Sadakath
|
||||
* @author Rob Winch
|
||||
*/
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class DelegatingLogoutSuccessHandlerTests {
|
||||
|
||||
@Mock
|
||||
RequestMatcher matcher;
|
||||
@Mock
|
||||
RequestMatcher matcher2;
|
||||
@Mock
|
||||
LogoutSuccessHandler handler;
|
||||
@Mock
|
||||
LogoutSuccessHandler handler2;
|
||||
@Mock
|
||||
LogoutSuccessHandler defaultHandler;
|
||||
@Mock
|
||||
HttpServletRequest request;
|
||||
@Mock
|
||||
MockHttpServletResponse response;
|
||||
@Mock
|
||||
Authentication authentication;
|
||||
|
||||
DelegatingLogoutSuccessHandler delegatingHandler;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
LinkedHashMap<RequestMatcher, LogoutSuccessHandler> matcherToHandler = new LinkedHashMap<RequestMatcher, LogoutSuccessHandler>();
|
||||
matcherToHandler.put(this.matcher, this.handler);
|
||||
matcherToHandler.put(this.matcher2, this.handler2);
|
||||
this.delegatingHandler = new DelegatingLogoutSuccessHandler(matcherToHandler);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void onLogoutSuccessFirstMatches() throws Exception {
|
||||
this.delegatingHandler.setDefaultLogoutSuccessHandler(this.defaultHandler);
|
||||
when(this.matcher.matches(this.request)).thenReturn(true);
|
||||
|
||||
this.delegatingHandler.onLogoutSuccess(this.request, this.response,
|
||||
this.authentication);
|
||||
|
||||
verify(this.handler).onLogoutSuccess(this.request, this.response,
|
||||
this.authentication);
|
||||
verifyZeroInteractions(this.matcher2, this.handler2, this.defaultHandler);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void onLogoutSuccessSecondMatches() throws Exception {
|
||||
this.delegatingHandler.setDefaultLogoutSuccessHandler(this.defaultHandler);
|
||||
when(this.matcher2.matches(this.request)).thenReturn(true);
|
||||
|
||||
this.delegatingHandler.onLogoutSuccess(this.request, this.response,
|
||||
this.authentication);
|
||||
|
||||
verify(this.handler2).onLogoutSuccess(this.request, this.response,
|
||||
this.authentication);
|
||||
verifyZeroInteractions(this.handler, this.defaultHandler);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void onLogoutSuccessDefault() throws Exception {
|
||||
this.delegatingHandler.setDefaultLogoutSuccessHandler(this.defaultHandler);
|
||||
|
||||
this.delegatingHandler.onLogoutSuccess(this.request, this.response,
|
||||
this.authentication);
|
||||
|
||||
verify(this.defaultHandler).onLogoutSuccess(this.request, this.response,
|
||||
this.authentication);
|
||||
verifyZeroInteractions(this.handler, this.handler2);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void onLogoutSuccessNoMatchDefaultNull() throws Exception {
|
||||
|
||||
this.delegatingHandler.onLogoutSuccess(this.request, this.response,
|
||||
this.authentication);
|
||||
|
||||
verifyZeroInteractions(this.handler, this.handler2, this.defaultHandler);
|
||||
}
|
||||
}
|
||||
@@ -1,117 +0,0 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.runners.MockitoJUnitRunner;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.util.matcher.IpAddressMatcher;
|
||||
import org.springframework.security.web.util.matcher.JavascriptOriginRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
import org.springframework.web.accept.HeaderContentNegotiationStrategy;
|
||||
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
* RequestMatcherLogoutSuccessHandler Tests
|
||||
*
|
||||
* @author Shazin Sadakath
|
||||
*/
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class RequestMatcherLogoutSuccessHandlerTests {
|
||||
|
||||
private RequestMatcherLogoutSuccessHandler customLogoutSuccessHandler = new RequestMatcherLogoutSuccessHandler();
|
||||
|
||||
@Before
|
||||
public void init() {
|
||||
Map<RequestMatcher, LogoutSuccessHandler> requestMatcherLogoutSuccessHandlerMap = new LinkedHashMap();
|
||||
requestMatcherLogoutSuccessHandlerMap.put(new IpAddressMatcher("192.168.1.5"), new SimpleUrlLogoutSuccessHandler());
|
||||
requestMatcherLogoutSuccessHandlerMap.put(new MediaTypeRequestMatcher(new HeaderContentNegotiationStrategy(), MediaType.APPLICATION_JSON), new HttpStatusReturningLogoutSuccessHandler(HttpStatus.CREATED));
|
||||
customLogoutSuccessHandler.setRequestMatcherLogoutSuccessHandlers(requestMatcherLogoutSuccessHandlerMap);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void javascriptOriginRequest() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
LogoutSuccessHandler logoutSuccessHandler = new RequestMatcherLogoutSuccessHandler();
|
||||
|
||||
request.addHeader(JavascriptOriginRequestMatcher.HTTP_X_REQUESTED_WITH, "XMLHttpRequest");
|
||||
|
||||
logoutSuccessHandler.onLogoutSuccess(request, response, mock(Authentication.class));
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatus.NO_CONTENT.value());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void nonJavascriptOriginRequest() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
LogoutSuccessHandler logoutSuccessHandler = new RequestMatcherLogoutSuccessHandler();
|
||||
|
||||
logoutSuccessHandler.onLogoutSuccess(request, response, mock(Authentication.class));
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatus.FOUND.value());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customRequestMatcherHandlerMap_IPAddress() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRemoteAddr("192.168.1.5");
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
customLogoutSuccessHandler.onLogoutSuccess(request, response, mock(Authentication.class));
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatus.FOUND.value());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customRequestMatcherHandlerMap_AcceptHeader() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
customLogoutSuccessHandler.onLogoutSuccess(request, response, mock(Authentication.class));
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatus.CREATED.value());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customRequestMatcherHandlerMap_IPAddressAndAcceptHeader() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRemoteAddr("192.168.1.5");
|
||||
request.addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
customLogoutSuccessHandler.onLogoutSuccess(request, response, mock(Authentication.class));
|
||||
|
||||
// IPAddressRequestMatcher -> SimpleUrlLogoutSuccessHandler will be invoked first
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatus.FOUND.value());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,58 +0,0 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.web.util.matcher;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.runners.MockitoJUnitRunner;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
/**
|
||||
* JavascriptOriginRequestMatcher Tests
|
||||
*
|
||||
* @author Shazin Sadakath
|
||||
*/
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class JavascriptOriginRequestMatcherTests {
|
||||
|
||||
private RequestMatcher matcher = new JavascriptOriginRequestMatcher();
|
||||
|
||||
@Test
|
||||
public void javascriptOriginRequest() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader(JavascriptOriginRequestMatcher.HTTP_X_REQUESTED_WITH, "XMLHttpRequest");
|
||||
|
||||
assertThat(matcher.matches(request)).isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void nonJavascriptOriginRequest_EmptyHeader() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader(JavascriptOriginRequestMatcher.HTTP_X_REQUESTED_WITH, "");
|
||||
|
||||
assertThat(matcher.matches(request)).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void nonJavascriptOriginRequest_NotSetHeader() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
|
||||
assertThat(matcher.matches(request)).isFalse();
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user