| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.shiro.web.mgt; |
| |
| import com.sun.org.apache.xerces.internal.impl.dv.util.Base64; |
| import org.apache.shiro.authc.AuthenticationInfo; |
| import org.apache.shiro.authc.SimpleAuthenticationInfo; |
| import org.apache.shiro.authc.UsernamePasswordToken; |
| import org.apache.shiro.crypto.AesCipherService; |
| import org.apache.shiro.crypto.CipherService; |
| import org.apache.shiro.crypto.CryptoException; |
| import org.apache.shiro.subject.PrincipalCollection; |
| import org.apache.shiro.web.servlet.ShiroHttpServletRequest; |
| import org.apache.shiro.web.servlet.SimpleCookie; |
| import org.apache.shiro.web.subject.WebSubject; |
| import org.apache.shiro.web.subject.WebSubjectContext; |
| import org.apache.shiro.web.subject.support.DefaultWebSubjectContext; |
| import org.junit.Test; |
| |
| import javax.servlet.http.Cookie; |
| import javax.servlet.http.HttpServletRequest; |
| import javax.servlet.http.HttpServletResponse; |
| |
| import static org.easymock.EasyMock.*; |
| import static org.junit.Assert.*; |
| |
| /** |
| * Unit tests for the {@link CookieRememberMeManager} implementation. |
| * |
| * @since 1.0 |
| */ |
| public class CookieRememberMeManagerTest { |
| |
| @Test |
| public void onSuccessfulLogin() { |
| |
| HttpServletRequest mockRequest = createNiceMock(HttpServletRequest.class); |
| HttpServletResponse mockResponse = createNiceMock(HttpServletResponse.class); |
| WebSubject mockSubject = createNiceMock(WebSubject.class); |
| expect(mockSubject.getServletRequest()).andReturn(mockRequest).anyTimes(); |
| expect(mockSubject.getServletResponse()).andReturn(mockResponse).anyTimes(); |
| |
| CookieRememberMeManager mgr = new CookieRememberMeManager(); |
| org.apache.shiro.web.servlet.Cookie cookie = createMock(org.apache.shiro.web.servlet.Cookie.class); |
| mgr.setCookie(cookie); |
| |
| //first remove any previous cookie |
| cookie.removeFrom(isA(HttpServletRequest.class), isA(HttpServletResponse.class)); |
| |
| //then ensure a new cookie is created by reading the template's attributes: |
| expect(cookie.getName()).andReturn("rememberMe"); |
| expect(cookie.getValue()).andReturn(null); |
| expect(cookie.getComment()).andReturn(null); |
| expect(cookie.getDomain()).andReturn(null); |
| expect(cookie.getPath()).andReturn(null); |
| expect(cookie.getMaxAge()).andReturn(SimpleCookie.DEFAULT_MAX_AGE); |
| expect(cookie.getVersion()).andReturn(SimpleCookie.DEFAULT_VERSION); |
| expect(cookie.isSecure()).andReturn(false); |
| expect(cookie.isHttpOnly()).andReturn(true); |
| |
| UsernamePasswordToken token = new UsernamePasswordToken("user", "secret"); |
| token.setRememberMe(true); |
| AuthenticationInfo account = new SimpleAuthenticationInfo("user", "secret", "test"); |
| |
| replay(mockSubject); |
| replay(mockRequest); |
| replay(cookie); |
| |
| mgr.onSuccessfulLogin(mockSubject, token, account); |
| |
| verify(mockRequest); |
| verify(mockSubject); |
| verify(cookie); |
| } |
| |
| // SHIRO-183 |
| @Test |
| public void getRememberedSerializedIdentityReturnsNullForDeletedCookie() { |
| HttpServletRequest mockRequest = createMock(HttpServletRequest.class); |
| HttpServletResponse mockResponse = createMock(HttpServletResponse.class); |
| WebSubjectContext context = new DefaultWebSubjectContext(); |
| context.setServletRequest(mockRequest); |
| context.setServletResponse(mockResponse); |
| |
| expect(mockRequest.getAttribute(ShiroHttpServletRequest.IDENTITY_REMOVED_KEY)).andReturn(null); |
| |
| Cookie[] cookies = new Cookie[]{ |
| new Cookie(CookieRememberMeManager.DEFAULT_REMEMBER_ME_COOKIE_NAME, org.apache.shiro.web.servlet.Cookie.DELETED_COOKIE_VALUE) |
| }; |
| |
| expect(mockRequest.getCookies()).andReturn(cookies); |
| replay(mockRequest); |
| |
| CookieRememberMeManager mgr = new CookieRememberMeManager(); |
| assertNull(mgr.getRememberedSerializedIdentity(context)); |
| } |
| |
| |
| // SHIRO-69 |
| @Test |
| public void getRememberedPrincipals() { |
| HttpServletRequest mockRequest = createMock(HttpServletRequest.class); |
| HttpServletResponse mockResponse = createMock(HttpServletResponse.class); |
| WebSubjectContext context = new DefaultWebSubjectContext(); |
| context.setServletRequest(mockRequest); |
| context.setServletResponse(mockResponse); |
| |
| expect(mockRequest.getAttribute(ShiroHttpServletRequest.IDENTITY_REMOVED_KEY)).andReturn(null); |
| |
| //The following base64 string was determined from the log output of the above 'onSuccessfulLogin' test. |
| //This will have to change any time the PrincipalCollection implementation changes: |
| final String userPCAesBase64 = "WlD5MLzzZznN3dQ1lPJO/eScSuY245k29aECNmjUs31o7Yu478hWhaM5Sj" + |
| "jmoe900/72JNu3hcJaPG6Q17Vuz4F8x0kBjbFnPVx4PqzsZYT6yreeS2jwO6OwfI+efqXOKyB2a5KPtnr" + |
| "7jt5kZsyH38XJISb81cf6xqTGUru8zC+kNqJFz7E5RpO0kraBofS5jhMm45gDVjDRkjgPJAzocVWMtrza" + |
| "zy67P8eb+kMSBCqGI251JTNAGboVgQ28KjfaAJ/6LXRJUj7kB7CGia7mgRk+hxzEJGDs81at5VOPqODJr" + |
| "xb8tcIdemFUFIkiYVP9bGs4dP3ECtmw7aNrCzv+84sx3vRFUrd5DbDYpEuE12hF2Y9owDK9sxStbXoF0y" + |
| "A32dhfGDIqS+agsass0sWn8WX2TM9i8SxrUjiFbxqyIG49HbqGrZp5QLM9IuIwO+TzGfF1FzumQGdwmWT" + |
| "xkVapw5UESl34YvA615cb+82ue1I="; |
| |
| Cookie[] cookies = new Cookie[]{ |
| new Cookie(CookieRememberMeManager.DEFAULT_REMEMBER_ME_COOKIE_NAME, userPCAesBase64) |
| }; |
| |
| expect(mockRequest.getCookies()).andReturn(cookies); |
| replay(mockRequest); |
| |
| CookieRememberMeManager mgr = new CookieRememberMeManager(); |
| mgr.setCipherKey( Base64.decode("kPH+bIxk5D2deZiIxcaaaA==")); |
| PrincipalCollection collection = mgr.getRememberedPrincipals(context); |
| |
| verify(mockRequest); |
| |
| assertTrue(collection != null); |
| //noinspection ConstantConditions |
| assertTrue(collection.iterator().next().equals("user")); |
| } |
| |
| @Test(expected = CryptoException.class) |
| public void getRememberedPrincipalsNoMoreDefaultCipher() { |
| HttpServletRequest mockRequest = createMock(HttpServletRequest.class); |
| HttpServletResponse mockResponse = createMock(HttpServletResponse.class); |
| WebSubjectContext context = new DefaultWebSubjectContext(); |
| context.setServletRequest(mockRequest); |
| context.setServletResponse(mockResponse); |
| |
| expect(mockRequest.getAttribute(ShiroHttpServletRequest.IDENTITY_REMOVED_KEY)).andReturn(null); |
| expect(mockRequest.getContextPath()).andReturn( "/test" ); |
| |
| |
| //The following base64 string was determined from the log output of the above 'onSuccessfulLogin' test. |
| //This will have to change any time the PrincipalCollection implementation changes: |
| final String userPCAesBase64 = "WlD5MLzzZznN3dQ1lPJO/eScSuY245k29aECNmjUs31o7Yu478hWhaM5Sj" + |
| "jmoe900/72JNu3hcJaPG6Q17Vuz4F8x0kBjbFnPVx4PqzsZYT6yreeS2jwO6OwfI+efqXOKyB2a5KPtnr" + |
| "7jt5kZsyH38XJISb81cf6xqTGUru8zC+kNqJFz7E5RpO0kraBofS5jhMm45gDVjDRkjgPJAzocVWMtrza" + |
| "zy67P8eb+kMSBCqGI251JTNAGboVgQ28KjfaAJ/6LXRJUj7kB7CGia7mgRk+hxzEJGDs81at5VOPqODJr" + |
| "xb8tcIdemFUFIkiYVP9bGs4dP3ECtmw7aNrCzv+84sx3vRFUrd5DbDYpEuE12hF2Y9owDK9sxStbXoF0y" + |
| "A32dhfGDIqS+agsass0sWn8WX2TM9i8SxrUjiFbxqyIG49HbqGrZp5QLM9IuIwO+TzGfF1FzumQGdwmWT" + |
| "xkVapw5UESl34YvA615cb+82ue1I="; |
| |
| Cookie[] cookies = new Cookie[]{ |
| new Cookie(CookieRememberMeManager.DEFAULT_REMEMBER_ME_COOKIE_NAME, userPCAesBase64) |
| }; |
| |
| expect(mockRequest.getCookies()).andReturn(cookies); |
| replay(mockRequest); |
| |
| CookieRememberMeManager mgr = new CookieRememberMeManager(); |
| // without the old default cipher set, this will fail (expected) |
| // mgr.setCipherKey( Base64.decode("kPH+bIxk5D2deZiIxcaaaA==")); |
| // this will throw a CryptoException |
| mgr.getRememberedPrincipals(context); |
| } |
| |
| // SHIRO-69 |
| |
| @Test |
| public void getRememberedPrincipalsDecryptionError() { |
| HttpServletRequest mockRequest = createNiceMock(HttpServletRequest.class); |
| HttpServletResponse mockResponse = createNiceMock(HttpServletResponse.class); |
| |
| WebSubjectContext context = new DefaultWebSubjectContext(); |
| context.setServletRequest(mockRequest); |
| context.setServletResponse(mockResponse); |
| |
| expect(mockRequest.getAttribute(ShiroHttpServletRequest.IDENTITY_REMOVED_KEY)).andReturn(null); |
| |
| // Simulate a bad return value here (for example if this was encrypted with a different key |
| final String userPCAesBase64 = "garbage"; |
| Cookie[] cookies = new Cookie[]{ |
| new Cookie(CookieRememberMeManager.DEFAULT_REMEMBER_ME_COOKIE_NAME, userPCAesBase64) |
| }; |
| |
| expect(mockRequest.getCookies()).andReturn(cookies).anyTimes(); |
| replay(mockRequest); |
| |
| CookieRememberMeManager mgr = new CookieRememberMeManager(); |
| try { |
| mgr.getRememberedPrincipals(context); |
| } catch (CryptoException expected) { |
| return; |
| } |
| fail("CryptoException was expected to be thrown"); |
| } |
| |
| @Test |
| public void onLogout() { |
| CookieRememberMeManager mgr = new CookieRememberMeManager(); |
| org.apache.shiro.web.servlet.Cookie cookie = createMock(org.apache.shiro.web.servlet.Cookie.class); |
| mgr.setCookie(cookie); |
| |
| HttpServletRequest mockRequest = createMock(HttpServletRequest.class); |
| HttpServletResponse mockResponse = createMock(HttpServletResponse.class); |
| WebSubject mockSubject = createNiceMock(WebSubject.class); |
| expect(mockSubject.getServletRequest()).andReturn(mockRequest).anyTimes(); |
| expect(mockSubject.getServletResponse()).andReturn(mockResponse).anyTimes(); |
| expect(mockRequest.getContextPath()).andReturn(null).anyTimes(); |
| |
| cookie.removeFrom(isA(HttpServletRequest.class), isA(HttpServletResponse.class)); |
| |
| replay(mockRequest); |
| replay(mockResponse); |
| replay(mockSubject); |
| replay(cookie); |
| |
| mgr.onLogout(mockSubject); |
| |
| verify(mockSubject); |
| verify(mockRequest); |
| verify(mockResponse); |
| verify(cookie); |
| } |
| } |