/*
* Licensed to Jasig under one or more contributor license
* agreements. See the NOTICE file distributed with this work
* for additional information regarding copyright ownership.
* Jasig licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a
* copy of the License at the following location:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.jasig.cas.authentication;
import javax.security.auth.login.FailedLoginException;
import org.jasig.cas.authentication.principal.SimplePrincipal;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.*;
/**
* Unit test for {@link PolicyBasedAuthenticationManager}.
*
* @author Marvin S. Addison
*/
public class PolicyBasedAuthenticationManagerTests {
@Test
public void testAuthenticateAnySuccess() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler(true),
newMockHandler(false));
final Authentication auth = manager.authenticate(mock(Credential.class), mock(Credential.class));
assertEquals(1, auth.getSuccesses().size());
assertEquals(0, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
@Test
public void testAuthenticateAnyButTryAllSuccess() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler(true),
newMockHandler(false));
final AnyAuthenticationPolicy any = new AnyAuthenticationPolicy();
any.setTryAll(true);
manager.setAuthenticationPolicy(any);
final Authentication auth = manager.authenticate(mock(Credential.class), mock(Credential.class));
assertEquals(1, auth.getSuccesses().size());
assertEquals(1, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
@Test(expected = AuthenticationException.class)
public void testAuthenticateAnyFailure() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler(false),
newMockHandler(false));
manager.authenticate(mock(Credential.class), mock(Credential.class));
fail("Should have thrown AuthenticationException");
}
@Test
public void testAuthenticateAllSuccess() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler(true),
newMockHandler(true));
manager.setAuthenticationPolicy(new AllAuthenticationPolicy());
final Authentication auth = manager.authenticate(mock(Credential.class), mock(Credential.class));
assertEquals(2, auth.getSuccesses().size());
assertEquals(0, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
@Test(expected = AuthenticationException.class)
public void testAuthenticateAllFailure() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler(false),
newMockHandler(false));
manager.setAuthenticationPolicy(new AllAuthenticationPolicy());
manager.authenticate(mock(Credential.class), mock(Credential.class));
fail("Should have thrown AuthenticationException");
}
@Test
public void testAuthenticateRequiredHandlerSuccess() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler("HandlerA", true),
newMockHandler("HandlerB", false));
manager.setAuthenticationPolicy(new RequiredHandlerAuthenticationPolicy("HandlerA"));
final Authentication auth = manager.authenticate(mock(Credential.class), mock(Credential.class));
assertEquals(1, auth.getSuccesses().size());
assertEquals(0, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
@Test(expected = AuthenticationException.class)
public void testAuthenticateRequiredHandlerFailure() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler("HandlerA", true),
newMockHandler("HandlerB", false));
manager.setAuthenticationPolicy(new RequiredHandlerAuthenticationPolicy("HandlerB"));
manager.authenticate(mock(Credential.class), mock(Credential.class));
fail("Should have thrown AuthenticationException");
}
@Test
public void testAuthenticateRequiredHandlerTryAllSuccess() throws Exception {
final PolicyBasedAuthenticationManager manager = new PolicyBasedAuthenticationManager(
newMockHandler("HandlerA", true),
newMockHandler("HandlerB", false));
final RequiredHandlerAuthenticationPolicy policy = new RequiredHandlerAuthenticationPolicy("HandlerA");
policy.setTryAll(true);
manager.setAuthenticationPolicy(policy);
final Authentication auth = manager.authenticate(mock(Credential.class), mock(Credential.class));
assertEquals(1, auth.getSuccesses().size());
assertEquals(1, auth.getFailures().size());
assertEquals(2, auth.getCredentials().size());
}
/**
* Creates a new mock authentication handler that either successfully validates all credentials or fails to
* validate all credentials.
*
* @param success True to authenticate all credentials, false to fail all credentials.
*
* @return New mock authentication handler instance.
*
* @throws Exception On errors.
*/
private static AuthenticationHandler newMockHandler(final boolean success) throws Exception {
return newMockHandler("MockAuthenticationHandler" + System.nanoTime(), success);
}
/**
* Creates a new named mock authentication handler that either successfully validates all credentials or fails to
* validate all credentials.
*
* @param name Authentication handler name.
* @param success True to authenticate all credentials, false to fail all credentials.
*
* @return New mock authentication handler instance.
*
* @throws Exception On errors.
*/
private static AuthenticationHandler newMockHandler(final String name, final boolean success) throws Exception {
final AuthenticationHandler mock = mock(AuthenticationHandler.class);
when(mock.getName()).thenReturn(name);
when(mock.supports(any(Credential.class))).thenReturn(true);
if (success) {
final HandlerResult result = new HandlerResult(
mock,
mock(CredentialMetaData.class),
new SimplePrincipal("nobody"));
when(mock.authenticate(any(Credential.class))).thenReturn(result);
} else {
when(mock.authenticate(any(Credential.class))).thenThrow(new FailedLoginException());
}
return mock;
}
}