Fix SwitchUserFilter matchers

Fixes: gh-4249
This commit is contained in:
Rob Winch
2018-09-14 09:06:04 -05:00
parent 8b19f7a71a
commit 9c749bf556
2 changed files with 85 additions and 29 deletions

View File

@@ -40,6 +40,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.util.FieldUtils;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
import javax.servlet.FilterChain;
import java.util.*;
@@ -112,6 +113,29 @@ public class SwitchUserFilterTests {
assertThat(filter.requiresExitUser(request)).isTrue();
}
@Test
// gh-4249
public void requiresExitUserWhenEndsWithThenDoesNotMatch() {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setExitUserUrl("/j_spring_security_my_exit_user");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/foo/bar/j_spring_security_my_exit_user");
assertThat(filter.requiresExitUser(request)).isFalse();
}
@Test
public void requiresExitUserWhenMatcherThenWorks() {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setExitUserMatcher(AnyRequestMatcher.INSTANCE);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/foo/bar/j_spring_security_my_exit_user");
assertThat(filter.requiresExitUser(request)).isTrue();
}
@Test
public void requiresSwitchMatchesCorrectly() {
SwitchUserFilter filter = new SwitchUserFilter();
@@ -123,6 +147,29 @@ public class SwitchUserFilterTests {
assertThat(filter.requiresSwitchUser(request)).isTrue();
}
@Test
// gh-4249
public void requiresSwitchUserWhenEndsWithThenDoesNotMatch() {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setSwitchUserUrl("/j_spring_security_my_exit_user");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/foo/bar/j_spring_security_my_exit_user");
assertThat(filter.requiresSwitchUser(request)).isFalse();
}
@Test
public void requiresSwitchUserWhenMatcherThenWorks() {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setSwitchUserMatcher(AnyRequestMatcher.INSTANCE);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/foo/bar/j_spring_security_my_exit_user");
assertThat(filter.requiresSwitchUser(request)).isTrue();
}
@Test(expected = UsernameNotFoundException.class)
public void attemptSwitchToUnknownUserFails() throws Exception {
@@ -218,6 +265,7 @@ public class SwitchUserFilterTests {
@Test
public void defaultProcessesFilterUrlMatchesUrlWithPathParameter() {
MockHttpServletRequest request = createMockSwitchRequest();
request.setContextPath("/webapp");
SwitchUserFilter filter = new SwitchUserFilter();
filter.setSwitchUserUrl("/login/impersonate");
@@ -351,6 +399,7 @@ public class SwitchUserFilterTests {
// http request
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/webapp/login/impersonate");
request.setContextPath("/webapp");
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY,
"jacklord");