SLING-10319 : Use the equals method if value comparison was intended. Add another test case for cookies
diff --git a/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java b/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java
index b01a85f..a47f443 100644
--- a/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java
+++ b/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java
@@ -54,10 +54,10 @@
public static final String TITLE = "Authenticator";
@Reference(service = AuthenticationRequirementsManager.class)
- private PathBasedHolderCache<AuthenticationRequirementHolder> authenticationRequirementsManager;
+ private PathBasedHolderCache<AuthenticationRequirementHolder> authenticationRequirementsManager; // NOSONAR
@Reference
- private AuthenticationHandlersManager authenticationHoldersManager;
+ private AuthenticationHandlersManager authenticationHoldersManager; // NOSONAR
private final SlingAuthenticator.Config config;
diff --git a/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java b/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java
index bbf7409..2e17d5c 100644
--- a/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java
+++ b/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java
@@ -58,7 +58,7 @@
private final Logger log = LoggerFactory.getLogger(getClass());
@Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
- private volatile Authenticator authenticator;
+ private volatile Authenticator authenticator; // NOSONAR
/**
* The servlet is registered on this path, and the authenticator allows any
diff --git a/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java b/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java
index a2de3fe..de5a740 100644
--- a/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java
+++ b/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java
@@ -66,7 +66,7 @@
private final Logger log = LoggerFactory.getLogger(getClass());
@Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
- private volatile Authenticator authenticator;
+ private volatile Authenticator authenticator; // NOSONAR
/**
* The servlet is registered on this path.
diff --git a/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java b/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
index 52ae29c..55423e0 100644
--- a/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
+++ b/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
@@ -434,6 +434,30 @@
assertEquals("\"\"", argument.getValue().getValue());
}
+ @Test public void testSudoCookieFlags() {
+ final SlingAuthenticator slingAuthenticator = this.createSlingAuthenticator();
+ final AuthenticationInfo info = new AuthenticationInfo("basic");
+ info.put(ResourceResolverFactory.USER_IMPERSONATION, "newsudo");
+
+ final SlingHttpServletRequest req = Mockito.mock(SlingHttpServletRequest.class);
+ Mockito.when(req.isSecure()).thenReturn(true);
+ SlingHttpServletResponse res = Mockito.mock(SlingHttpServletResponse.class);
+
+ assertTrue(slingAuthenticator.setSudoCookie(req, res, info));
+ ArgumentCaptor<Cookie> argument1 = ArgumentCaptor.forClass(Cookie.class);
+ Mockito.verify(res).addCookie(argument1.capture());
+ assertTrue(argument1.getValue().isHttpOnly());
+ assertTrue(argument1.getValue().getSecure());
+
+ res = Mockito.mock(SlingHttpServletResponse.class);
+ Mockito.when(req.isSecure()).thenReturn(false);
+ assertTrue(slingAuthenticator.setSudoCookie(req, res, info));
+ ArgumentCaptor<Cookie> argument2 = ArgumentCaptor.forClass(Cookie.class);
+ Mockito.verify(res).addCookie(argument2.capture());
+ assertTrue(argument2.getValue().isHttpOnly());
+ assertFalse(argument2.getValue().getSecure());
+ }
+
//---------------------------- PRIVATE METHODS -----------------------------
/**