/**
* Copyright (c) Codice Foundation
* <p>
* This is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser
* General Public License as published by the Free Software Foundation, either version 3 of the
* License, or any later version.
* <p>
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details. A copy of the GNU Lesser General Public License
* is distributed along with this program and can be found at
* <http://www.gnu.org/licenses/lgpl.html>.
*/
package ddf.security.service.impl.cas;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationToken;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.junit.Test;
import ddf.security.service.SecurityServiceException;
import ddf.security.sts.client.configuration.STSClientConfiguration;
public class CASTokenRequestHandlerTest {
private static final String SAMPLE_TICKET = "ST-956-Lyg0BdLkgdrBO9W17bXS";
/**
* Tests that with no setting changes the ticket is returned.
*
* @throws SecurityServiceException
*/
@Test
public void testDefaultAddress() throws SecurityServiceException {
// setup mock classes
AttributePrincipal principal = mock(AttributePrincipal.class);
when(principal.getProxyTicketFor(anyString())).thenReturn(SAMPLE_TICKET);
HttpServletRequest request = mock(HttpServletRequest.class);
when(request.getUserPrincipal()).thenReturn(principal);
CASTokenRequestHandler handler = new CASTokenRequestHandler();
handler.setStsClientConfiguration(mock(STSClientConfiguration.class));
Object token = handler.createToken(request);
assertTrue(token instanceof AuthenticationToken);
assertEquals(SAMPLE_TICKET, ((AuthenticationToken) token).getCredentials());
}
/**
* Tests that an exception is thrown if there was no principal in the request.
*
* @throws SecurityServiceException
*/
@Test(expected = SecurityServiceException.class)
public void testNoAttribute() throws SecurityServiceException {
HttpServletRequest request = mock(HttpServletRequest.class);
CASTokenRequestHandler handler = new CASTokenRequestHandler();
handler.setStsClientConfiguration(mock(STSClientConfiguration.class));
handler.createToken(request);
fail("No Principal was added to request, code should throw an exception.");
}
}