You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2016/08/10 09:57:05 UTC
svn commit: r1755703 -
/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
Author: angela
Date: Wed Aug 10 09:57:05 2016
New Revision: 1755703
URL: http://svn.apache.org/viewvc?rev=1755703&view=rev
Log:
minor improvement: test coverage for authentication
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java?rev=1755703&r1=1755702&r2=1755703&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java Wed Aug 10 09:57:05 2016
@@ -20,22 +20,27 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.UUID;
+import javax.annotation.Nonnull;
import javax.jcr.Credentials;
import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginException;
+import com.google.common.collect.ImmutableMap;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.authentication.Authentication;
+import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
+import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
@@ -113,4 +118,42 @@ public class TokenAuthenticationTest ext
assertNotNull(info2);
assertEquals(info.getUserId(), info2.getUserId());
}
+
+ @Test
+ public void testAuthenticateNotMatchingToken() throws Exception {
+ TokenInfo info = tokenProvider.createToken(userId, ImmutableMap.of(TokenConstants.TOKEN_ATTRIBUTE + "_mandatory", "val"));
+ try {
+ authentication.authenticate(new TokenCredentials(info.getToken()));
+ fail("LoginException expected");
+ } catch (LoginException e) {
+ // success
+ }
+ }
+
+ @Test
+ public void testAuthenticateExpiredToken() throws Exception {
+ TokenProvider tp = new TokenProviderImpl(root,
+ ConfigurationParameters.of(TokenProvider.PARAM_TOKEN_EXPIRATION, 1),
+ getUserConfiguration());
+
+ TokenInfo info = tp.createToken(userId, Collections.<String, Object>emptyMap());
+ waitUntilExpired(info);
+
+ try {
+ new TokenAuthentication(tp).authenticate(new TokenCredentials(info.getToken()));
+ fail("LoginException expected");
+ } catch (LoginException e) {
+ // success
+ }
+
+ // expired token must have been removed
+ assertNull(tp.getTokenInfo(info.getToken()));
+ }
+
+ private void waitUntilExpired(@Nonnull TokenInfo info) {
+ long now = System.currentTimeMillis();
+ while (!info.isExpired(now)) {
+ now = waitForSystemTimeIncrement(now);
+ }
+ }
}
\ No newline at end of file