AuthFilterTest.java

/**
 * Copyright (c) 2009--2014 Red Hat, Inc.
 *
 * This software is licensed to you under the GNU General Public License,
 * version 2 (GPLv2). There is NO WARRANTY for this software, express or
 * implied, including the implied warranties of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
 * along with this software; if not, see
 * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
 *
 * Red Hat trademarks are not licensed under GPLv2. No permission is
 * granted to use or replicate Red Hat trademarks that are incorporated
 * in this software or its documentation.
 */
package com.redhat.rhn.frontend.servlets.test;

import com.redhat.rhn.frontend.security.AuthenticationService;
import com.redhat.rhn.frontend.servlets.AuthFilter;

import org.jmock.Expectations;
import org.jmock.integration.junit3.MockObjectTestCase;

import java.util.Vector;
import javax.servlet.FilterChain;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * AuthFilterTest
 * @version $Rev$
 */
public class AuthFilterTest extends MockObjectTestCase {

    private class AuthFilterStub extends AuthFilter {
        public void setAuthenticationService(AuthenticationService service) {
            super.setAuthenticationService(service);
        }
    }

    private AuthFilterStub filter;

    private HttpServletRequest mockRequest;
    private HttpServletResponse mockResponse;
    private FilterChain mockFilterChain;
    private RequestDispatcher mockDispatcher;

    private AuthenticationService mockAuthService;

    protected void setUp() throws Exception {
        super.setUp();

        filter = new AuthFilterStub();

        mockRequest = mock(HttpServletRequest.class);
        mockResponse = mock(HttpServletResponse.class);
        mockFilterChain = mock(FilterChain.class);
        mockAuthService = mock(AuthenticationService.class);
        mockDispatcher = mock(RequestDispatcher.class);

        setDefaultStubs();
    }

    private void setDefaultStubs() {
        context().checking(new Expectations() { {
            allowing(mockRequest).getRequestURI();
            will(returnValue("/rhn/YourRhn.do"));
            allowing(mockRequest).getRequestDispatcher(with(any(String.class)));
            will(returnValue(mockDispatcher));
            allowing(mockRequest).getHeaders(with(any(String.class)));
            returnValue(new Vector<String>().elements());
            allowing(mockRequest).getRemoteAddr();
            returnValue("aaa.bbb.ccc.ddd");
            allowing(mockRequest).getMethod();
            will(returnValue("GET"));
            allowing(mockRequest).getContentType();
            will(returnValue(null));
            allowing(mockRequest).getAttribute("session");
            will(returnValue(null));
            allowing(mockRequest).setAttribute(
                    with(any(String.class)),
                    with(any(Object.class)));
            allowing(mockRequest).getCookies();
            will(returnValue(null));
        } });

        filter.setAuthenticationService(mockAuthService);
    }

    private HttpServletRequest getRequest() {
        return mockRequest;
    }

    private HttpServletResponse getResponse() {
        return mockResponse;
    }

    private FilterChain getFilterChain() {
        return mockFilterChain;
    }

    public final void testDoFilterWhenAuthenticationSucceeds() throws Exception {
        context().checking(new Expectations() { {
            allowing(mockRequest).setAttribute(with("session"),
                    with(aNull(String.class)));
            atLeast(1).of(mockAuthService).validate(with(any(HttpServletRequest.class)),
                    with(any(HttpServletResponse.class)));
            will(returnValue(true));
            oneOf(mockFilterChain).doFilter(with(any(HttpServletRequest.class)),
                    with(any(HttpServletResponse.class)));
        } });

        filter.doFilter(getRequest(), getResponse(), getFilterChain());
    }

    public final void testDoFilterWhenAuthenticationFails() throws Exception {
        context().checking(new Expectations() { {
            atLeast(1).of(mockAuthService).validate(with(any(HttpServletRequest.class)),
                    with(any(HttpServletResponse.class)));
            will(returnValue(false));
            oneOf(mockAuthService).redirectToLogin(with(any(HttpServletRequest.class)),
                    with(any(HttpServletResponse.class)));
        } });

        filter.doFilter(getRequest(), getResponse(), getFilterChain());
    }

    public final void testDoFilterWhenAuthServiceThrowsException() throws Exception {
        context().checking(new Expectations() { {
            atLeast(1).of(mockAuthService).validate(with(any(HttpServletRequest.class)),
                    with(any(HttpServletResponse.class)));
            will(throwException(new ServletException()));
        } });

        try {
            filter.doFilter(getRequest(), getResponse(), getFilterChain());
            fail();
        }
        catch (ServletException e) {
            //should throw same exception.
            //AuthFilter should not be eating the exception
        }
    }
}