CookieClearingLogoutHandler enhancement

Enabled the ability to pass in an array of Cookies to support clearing cookies on a different path other than the default context path
Issue: gh-6078
This commit is contained in:
John Coyne
2018-11-19 20:39:23 -06:00
committed by Rob Winch
parent bcee22d2f9
commit d05ad19276
2 changed files with 65 additions and 12 deletions

View File

@@ -15,7 +15,7 @@
*/
package org.springframework.security.web.authentication.logout;
import static org.assertj.core.api.Assertions.*;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import javax.servlet.http.Cookie;
@@ -60,4 +60,36 @@ public class CookieClearingLogoutHandlerTests {
assertThat(c.getMaxAge()).isZero();
}
}
@Test
public void passedInCookiesAreCleared() {
MockHttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setContextPath("/foo/bar");
Cookie cookie1 = new Cookie("my_cookie",null);
cookie1.setPath("/foo");
cookie1.setMaxAge(0);
Cookie cookie2 = new Cookie("my_cookie_too",null);
cookie2.setPath("/foo");
cookie2.setMaxAge(0);
CookieClearingLogoutHandler handler = new CookieClearingLogoutHandler(cookie1, cookie2);
handler.logout(request, response, mock(Authentication.class));
assertThat(response.getCookies()).hasSize(2);
for (Cookie c : response.getCookies()) {
assertThat(c.getPath()).isEqualTo("/foo");
assertThat(c.getMaxAge()).isZero();
}
}
@Test(expected=IllegalArgumentException.class)
public void invalidAge() {
MockHttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setContextPath("/foo/bar");
Cookie cookie1 = new Cookie("my_cookie",null);
cookie1.setPath("/foo");
cookie1.setMaxAge(100);
CookieClearingLogoutHandler handler = new CookieClearingLogoutHandler(cookie1);
handler.logout(request, response, mock(Authentication.class));
}
}