package org.springframework.flex.security3;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.ServletException;
import org.springframework.flex.core.ExceptionTranslator;
import org.springframework.flex.core.io.domain.Person;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
import flex.messaging.MessageException;
import flex.messaging.io.MessageIOConstants;
import flex.messaging.io.SerializationContext;
import flex.messaging.io.amf.ActionContext;
import flex.messaging.io.amf.ActionMessage;
import flex.messaging.io.amf.AmfMessageDeserializer;
import flex.messaging.io.amf.AmfMessageSerializer;
import flex.messaging.io.amf.MessageBody;
import flex.messaging.messages.CommandMessage;
import flex.messaging.messages.ErrorMessage;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import org.junit.Before;
import org.junit.Test;
public class FlexAuthenticationEntryPointTests {
private MockHttpServletRequest request;
private MockHttpServletResponse response;
@Before
public void setUp() throws Exception {
this.request = new MockHttpServletRequest();
this.response = new MockHttpServletResponse();
}
@Test
public void amfActionMessage() throws IOException, ServletException, ClassNotFoundException {
ActionMessage requestMessage = new ActionMessage();
MessageBody body = new MessageBody();
body.setData(new CommandMessage(CommandMessage.CLIENT_PING_OPERATION));
body.setResponseURI("/1");
requestMessage.addBody(body);
requestMessage.setVersion(MessageIOConstants.AMF3);
ByteArrayOutputStream amfBytes = new ByteArrayOutputStream();
AmfMessageSerializer serializer = new AmfMessageSerializer();
serializer.setVersion(MessageIOConstants.AMF3);
serializer.initialize(new SerializationContext(), amfBytes, null);
serializer.writeMessage(requestMessage);
this.request.setContentType(MessageIOConstants.AMF_CONTENT_TYPE);
this.request.setContent(amfBytes.toByteArray());
FlexAuthenticationEntryPoint entryPoint = new FlexAuthenticationEntryPoint();
Set<ExceptionTranslator> translators = new HashSet<ExceptionTranslator>();
translators.add(new TestExceptionTranslator());
entryPoint.setExceptionTranslators(translators);
entryPoint.commence(this.request, this.response, new TestAuthenticationException());
assertEquals(MessageIOConstants.AMF_CONTENT_TYPE, this.response.getHeader("Content-Type"));
byte[] resultBytes = this.response.getContentAsByteArray();
assertTrue(resultBytes.length > 0);
AmfMessageDeserializer deserializer = new AmfMessageDeserializer();
deserializer.initialize(new SerializationContext(), new ByteArrayInputStream(resultBytes), null);
ActionMessage result = new ActionMessage();
deserializer.readMessage(result, new ActionContext());
assertNotNull(result);
assertEquals(1, result.getBodyCount());
assertTrue(result.getBody(0).getData() instanceof ErrorMessage);
assertEquals(3, result.getVersion());
assertEquals("/1"+MessageIOConstants.STATUS_METHOD, result.getBody(0).getTargetURI());
}
@Test
public void amfOther() throws IOException, ServletException {
Person person = Person.stubPerson();
ByteArrayOutputStream amfBytes = new ByteArrayOutputStream();
AmfMessageSerializer serializer = new AmfMessageSerializer();
serializer.setVersion(MessageIOConstants.AMF3);
serializer.initialize(new SerializationContext(), amfBytes, null);
serializer.writeObject(person);
this.request.setContentType(MessageIOConstants.AMF_CONTENT_TYPE);
this.request.setContent(amfBytes.toByteArray());
FlexAuthenticationEntryPoint entryPoint = new FlexAuthenticationEntryPoint();
entryPoint.commence(this.request, this.response, new TestAuthenticationException());
assertEquals(403, this.response.getStatus());
}
@Test
public void nonAMF() throws IOException, ServletException {
String json = "{id : '1', name : 'Bob'}";
this.request.setContent(json.getBytes());
this.request.setContentType("application/json");
FlexAuthenticationEntryPoint entryPoint = new FlexAuthenticationEntryPoint();
entryPoint.commence(this.request, this.response, new TestAuthenticationException());
assertEquals(403, this.response.getStatus());
}
public static class TestAuthenticationException extends AuthenticationCredentialsNotFoundException {
private static final long serialVersionUID = 1L;
public TestAuthenticationException() {
super("Test");
}
}
private static class TestExceptionTranslator implements ExceptionTranslator {
public boolean handles(Class<?> clazz) {
if (clazz.equals(TestAuthenticationException.class)) {
return true;
}
return false;
}
public MessageException translate(Throwable t) {
return new MessageException("Test");
}
}
}