Polish remember me username check

This commit is contained in:
Eleftheria Stein
2019-08-27 15:17:40 -04:00
parent 26ae590c68
commit ad0d3e9702
2 changed files with 23 additions and 4 deletions

View File

@@ -69,6 +69,10 @@ public class TokenBasedRememberMeServicesTests {
new UsernameNotFoundException(""));
}
void udsWillReturnNull() {
when(uds.loadUserByUsername(any(String.class))).thenReturn(null);
}
private long determineExpiryTimeFromBased64EncodedToken(String validToken) {
String cookieAsPlainText = new String(Base64.decodeBase64(validToken.getBytes()));
String[] cookieTokens = StringUtils.delimitedListToStringArray(cookieAsPlainText,
@@ -230,6 +234,21 @@ public class TokenBasedRememberMeServicesTests {
assertThat(returnedCookie.getMaxAge()).isZero();
}
@Test(expected = IllegalArgumentException.class)
public void autoLoginClearsCookieIfUserServiceMisconfigured() {
udsWillReturnNull();
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(
System.currentTimeMillis() + 1000000, "someone", "password",
"key"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
services.autoLogin(request, response);
}
@Test
public void autoLoginWithValidTokenAndUserSucceeds() throws Exception {
udsWillReturnUser();