You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2017/03/01 14:31:57 UTC
svn commit: r1784954 - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/
oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/
oak-core/src/test/java/org/apache/jackrabbit/oa...
Author: angela
Date: Wed Mar 1 14:31:57 2017
New Revision: 1784954
URL: http://svn.apache.org/viewvc?rev=1784954&view=rev
Log:
OAK-5793 : Improve coverage for security code in oak-core (wip)
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallbackTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallbackTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallbackTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/UserManagerCallbackTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java
jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/JaasConfigSpiTest.groovy
jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java?rev=1784954&r1=1784953&r2=1784954&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java Wed Mar 1 14:31:57 2017
@@ -385,13 +385,17 @@ public abstract class AbstractLoginModul
callbackHandler.handle(new Callback[]{rcb});
final ContentRepository repository = rcb.getContentRepository();
- systemSession = Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction<ContentSession>() {
- @Override
- public ContentSession run() throws LoginException, NoSuchWorkspaceException {
- return repository.login(null, rcb.getWorkspaceName());
- }
- });
- root = systemSession.getLatestRoot();
+ if (repository != null) {
+ systemSession = Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction<ContentSession>() {
+ @Override
+ public ContentSession run() throws LoginException, NoSuchWorkspaceException {
+ return repository.login(null, rcb.getWorkspaceName());
+ }
+ });
+ root = systemSession.getLatestRoot();
+ } else {
+ log.debug("Unable to retrieve the Root via RepositoryCallback; ContentRepository not available.");
+ }
} catch (UnsupportedCallbackException e) {
log.debug(e.getMessage());
} catch (IOException e) {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java?rev=1784954&r1=1784953&r2=1784954&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java Wed Mar 1 14:31:57 2017
@@ -19,10 +19,10 @@ package org.apache.jackrabbit.oak.spi.se
import java.security.Principal;
import java.util.Collections;
import java.util.HashMap;
-import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
import javax.jcr.Credentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.Subject;
@@ -34,19 +34,29 @@ import javax.security.auth.login.LoginEx
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import org.apache.jackrabbit.api.security.user.Authorizable;
-import org.apache.jackrabbit.api.security.user.Group;
-import org.apache.jackrabbit.api.security.user.Query;
-import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.api.AuthInfo;
+import org.apache.jackrabbit.oak.api.ContentRepository;
+import org.apache.jackrabbit.oak.api.ContentSession;
+import org.apache.jackrabbit.oak.api.Descriptors;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.plugins.memory.EmptyNodeState;
+import org.apache.jackrabbit.oak.plugins.tree.RootFactory;
+import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback;
+import org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback;
+import org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.UserManagerCallback;
+import org.apache.jackrabbit.oak.spi.security.authentication.callback.WhiteboardCallback;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.apache.jackrabbit.oak.spi.security.principal.TestPrincipalProvider;
+import org.apache.jackrabbit.oak.spi.whiteboard.DefaultWhiteboard;
+import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
import org.junit.Test;
+import org.mockito.Mockito;
import static junit.framework.Assert.assertEquals;
import static junit.framework.Assert.assertNull;
@@ -117,8 +127,17 @@ public class AbstractLoginModuleTest {
}
@Test
+ public void testAbortWithFailedSystemLogout() throws LoginException {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler(new TestContentRepository(), null, null));
+
+ // trigger creation of system-session
+ loginModule.getRoot();
+ assertTrue(loginModule.abort());
+ }
+
+ @Test
public void testGetSharedLoginName() {
- Map<String, String> sharedState = new HashMap<String, String>();
+ Map<String, String> sharedState = new HashMap();
sharedState.put(AbstractLoginModule.SHARED_KEY_LOGIN_NAME, "test");
AbstractLoginModule lm = initLoginModule(TestCredentials.class, sharedState);
@@ -131,7 +150,7 @@ public class AbstractLoginModuleTest {
@Test
public void testGetSharedCredentials() {
- Map<String, Object> sharedState = new HashMap<String, Object>();
+ Map<String, Object> sharedState = new HashMap();
sharedState.put(AbstractLoginModule.SHARED_KEY_CREDENTIALS, new TestCredentials());
AbstractLoginModule lm = initLoginModule(TestCredentials.class, sharedState);
@@ -155,7 +174,7 @@ public class AbstractLoginModuleTest {
@Test
public void testGetCredentialsFromSharedState() {
- Map<String, Credentials> sharedState = new HashMap<String, Credentials>();
+ Map<String, Credentials> sharedState = new HashMap();
sharedState.put(AbstractLoginModule.SHARED_KEY_CREDENTIALS, new TestCredentials());
AbstractLoginModule lm = initLoginModule(TestCredentials.class, sharedState);
@@ -259,10 +278,101 @@ public class AbstractLoginModuleTest {
}
@Test
+ public void testIncompleteRepositoryCallback() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler());
+
+ assertNull(loginModule.getSecurityProvider());
+ assertNull(loginModule.getRoot());
+ }
+
+ @Test
+ public void testGetRoot() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler(new TestContentRepository(), null, null));
+
+ Root root = loginModule.getRoot();
+ assertNotNull(root);
+ // root is stored as field -> second access returns the same object
+ assertSame(root, loginModule.getRoot());
+ }
+
+ @Test
+ public void testGetRootIOException() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new ThrowingCallbackHandler(true));
+
+ assertNull(loginModule.getRoot());
+ }
+
+ @Test
+ public void testGetRootUnsupportedCallbackException() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new ThrowingCallbackHandler(false));
+
+ assertNull(loginModule.getRoot());
+ }
+
+ @Test
+ public void testGetSecurityProvider() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler(null, new OpenSecurityProvider(), null));
+
+ SecurityProvider securityProvider = loginModule.getSecurityProvider();
+ assertNotNull(securityProvider);
+ // securityProvider is stored as field -> second access returns the same object
+ assertSame(securityProvider, loginModule.getSecurityProvider());
+ }
+
+ @Test
+ public void testGetSecurityProviderIOException() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new ThrowingCallbackHandler(true));
+
+ assertNull(loginModule.getSecurityProvider());
+ }
+
+ @Test
+ public void testGetSecurityProviderUnsupportedCallbackException() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new ThrowingCallbackHandler(false));
+
+ assertNull(loginModule.getRoot());
+ }
+
+ @Test
+ public void testGetWhiteboardFromCallback() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler(new DefaultWhiteboard()));
+
+ Whiteboard wb = loginModule.getWhiteboard();
+ assertNotNull(wb);
+ // whiteboard is stored as field -> second access returns the same object
+ assertSame(wb, loginModule.getWhiteboard());
+
+ }
+
+ @Test
+ public void testGetWhiteboardFromIncompleteCallback() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler());
+
+ assertNull(loginModule.getWhiteboard());
+ }
+
+ @Test
+ public void testGetWhiteboardIOException() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new ThrowingCallbackHandler(true));
+
+ assertNull(loginModule.getWhiteboard());
+ }
+
+ @Test
+ public void testGetWhiteboardUnsupportedCallbackException() {
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new ThrowingCallbackHandler(false));
+
+ assertNull(loginModule.getWhiteboard());
+ }
+
+ @Test
public void testGetUserManagerFromCallback() {
- AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler(new TestUserManager()));
+ AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler(Mockito.mock(UserManager.class)));
- assertNotNull(loginModule.getUserManager());
+ UserManager userManager = loginModule.getUserManager();
+ assertNotNull(userManager);
+ // usermanager is stored as field -> second access returns the same object
+ assertSame(userManager, loginModule.getUserManager());
}
@Test
@@ -291,6 +401,11 @@ public class AbstractLoginModuleTest {
AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler(new TestPrincipalProvider()));
assertNotNull(loginModule.getPrincipalProvider());
+
+ PrincipalProvider principalProvider = loginModule.getPrincipalProvider();
+ assertNotNull(principalProvider);
+ // principalProvider is stored as field -> second access returns the same object
+ assertSame(principalProvider, loginModule.getPrincipalProvider());
}
@Test
@@ -392,12 +507,20 @@ public class AbstractLoginModuleTest {
private final class TestCallbackHandler implements CallbackHandler {
+ private Whiteboard whiteboard = null;
private UserManager userManager = null;
private PrincipalProvider principalProvider = null;
+ private ContentRepository contentRepository = null;
+ private SecurityProvider securityProvider = null;
+ private String workspaceName = null;
private TestCallbackHandler() {
}
+ private TestCallbackHandler(@Nonnull Whiteboard whiteboard) {
+ this.whiteboard = whiteboard;
+ }
+
private TestCallbackHandler(@Nonnull UserManager userManager) {
this.userManager = userManager;
}
@@ -406,13 +529,27 @@ public class AbstractLoginModuleTest {
this.principalProvider = principalProvider;
}
+ private TestCallbackHandler(@Nullable ContentRepository contentRepository, @Nullable SecurityProvider securityProvider, @Nullable String workspaceName) {
+ this.contentRepository = contentRepository;
+ this.securityProvider = securityProvider;
+ }
+
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback cb : callbacks) {
- if (cb instanceof PrincipalProviderCallback) {
+ if (cb instanceof WhiteboardCallback) {
+ ((WhiteboardCallback) cb).setWhiteboard(whiteboard);
+ } else if (cb instanceof PrincipalProviderCallback) {
((PrincipalProviderCallback) cb).setPrincipalProvider(principalProvider);
} else if (cb instanceof UserManagerCallback) {
((UserManagerCallback) cb).setUserManager(userManager);
+ } else if (cb instanceof SecurityProviderCallback) {
+ ((SecurityProviderCallback) cb).setSecurityProvider(securityProvider);
+ } else if (cb instanceof RepositoryCallback) {
+ RepositoryCallback rcb = (RepositoryCallback) cb;
+ rcb.setContentRepository(contentRepository);
+ rcb.setSecurityProvider(securityProvider);
+ rcb.setWorkspaceName(workspaceName);
} else {
throw new UnsupportedCallbackException(cb);
}
@@ -422,86 +559,21 @@ public class AbstractLoginModuleTest {
}
- private final class TestUserManager implements UserManager {
- @Override
- public Authorizable getAuthorizable(String s) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public <T extends Authorizable> T getAuthorizable(String s, Class<T> aClass) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Authorizable getAuthorizable(Principal principal) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Authorizable getAuthorizableByPath(String s) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Iterator<Authorizable> findAuthorizables(String s, String s1) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Iterator<Authorizable> findAuthorizables(String s, String s1, int i) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Iterator<Authorizable> findAuthorizables(Query query) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public User createUser(String s, String s1) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public User createUser(String s, String s1, Principal principal, String s2) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public User createSystemUser(String s, String s1) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Group createGroup(String s) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Group createGroup(Principal principal) {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public Group createGroup(Principal principal, String s) {
- throw new UnsupportedOperationException();
- }
+ private final class TestContentRepository implements ContentRepository {
+ @Nonnull
@Override
- public Group createGroup(String s, Principal principal, String s1) {
- throw new UnsupportedOperationException();
- }
+ public ContentSession login(@Nullable Credentials credentials, @Nullable String workspaceName) {
+ ContentSession cs = Mockito.mock(ContentSession.class);
+ Mockito.when(cs.getLatestRoot()).thenReturn(RootFactory.createReadOnlyRoot(EmptyNodeState.EMPTY_NODE));
+ return cs;
- @Override
- public boolean isAutoSave() {
- throw new UnsupportedOperationException();
}
+ @Nonnull
@Override
- public void autoSave(boolean b) {
+ public Descriptors getDescriptors() {
throw new UnsupportedOperationException();
-
}
}
}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallbackTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallbackTest.java?rev=1784954&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallbackTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallbackTest.java Wed Mar 1 14:31:57 2017
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.callback;
+
+import javax.jcr.Credentials;
+
+import org.junit.Test;
+
+import static org.junit.Assert.assertSame;
+
+public class CredentialsCallbackTest {
+
+ @Test
+ public void testCallback() {
+ CredentialsCallback cb = new CredentialsCallback();
+
+ Credentials creds = new Credentials() {};
+ cb.setCredentials(creds);
+
+ assertSame(creds, cb.getCredentials());
+ }
+
+}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallbackTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallbackTest.java?rev=1784954&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallbackTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallbackTest.java Wed Mar 1 14:31:57 2017
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.callback;
+
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import static org.junit.Assert.assertSame;
+
+public class PrincipalProviderCallbackTest {
+
+ @Test
+ public void testCallback() {
+ PrincipalProviderCallback cb = new PrincipalProviderCallback();
+
+ PrincipalProvider principalProvider = Mockito.mock(PrincipalProvider.class);
+ cb.setPrincipalProvider(principalProvider);
+
+ assertSame(principalProvider, cb.getPrincipalProvider());
+ }
+
+}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallbackTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallbackTest.java?rev=1784954&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallbackTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallbackTest.java Wed Mar 1 14:31:57 2017
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.callback;
+
+import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.junit.Test;
+
+import static org.junit.Assert.assertSame;
+
+public class SecurityProviderCallbackTest {
+
+ @Test
+ public void testCallback() {
+ SecurityProviderCallback cb = new SecurityProviderCallback();
+
+ SecurityProvider sp = new OpenSecurityProvider();
+ cb.setSecurityProvider(sp);
+
+ assertSame(sp, cb.getSecurityProvider());
+ }
+
+}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java?rev=1784954&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallbackTest.java Wed Mar 1 14:31:57 2017
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.callback;
+
+import java.util.Map;
+import javax.annotation.CheckForNull;
+import javax.annotation.Nonnull;
+import javax.jcr.Credentials;
+
+import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
+import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
+import org.junit.Test;
+
+import static org.junit.Assert.assertSame;
+
+public class TokenProviderCallbackTest {
+
+ @Test
+ public void testCallback() {
+ TokenProviderCallback cb = new TokenProviderCallback();
+
+ TokenProvider tp = new TokenProvider() {
+
+ @Override
+ public boolean doCreateToken(@Nonnull Credentials credentials) {
+ throw new UnsupportedOperationException();
+ }
+
+ @CheckForNull
+ @Override
+ public TokenInfo createToken(@Nonnull Credentials credentials) {
+ throw new UnsupportedOperationException();
+ }
+
+ @CheckForNull
+ @Override
+ public TokenInfo createToken(@Nonnull String userId, @Nonnull Map<String, ?> attributes) {
+ throw new UnsupportedOperationException();
+ }
+
+ @CheckForNull
+ @Override
+ public TokenInfo getTokenInfo(@Nonnull String token) {
+ throw new UnsupportedOperationException();
+ }
+ };
+ cb.setTokenProvider(tp);
+
+ assertSame(tp, cb.getTokenProvider());
+ }
+
+}
\ No newline at end of file
Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/UserManagerCallbackTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/UserManagerCallbackTest.java?rev=1784954&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/UserManagerCallbackTest.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/UserManagerCallbackTest.java Wed Mar 1 14:31:57 2017
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authentication.callback;
+
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import static org.junit.Assert.assertSame;
+
+public class UserManagerCallbackTest {
+
+ @Test
+ public void testCallback() {
+ UserManagerCallback cb = new UserManagerCallback();
+
+ UserManager uMgr = Mockito.mock(UserManager.class);
+ cb.setUserManager(uMgr);
+
+ assertSame(uMgr, cb.getUserManager());
+ }
+
+}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/JaasConfigSpiTest.groovy
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/JaasConfigSpiTest.groovy?rev=1784954&r1=1784953&r2=1784954&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/JaasConfigSpiTest.groovy (original)
+++ jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/JaasConfigSpiTest.groovy Wed Mar 1 14:31:57 2017
@@ -27,6 +27,7 @@ import org.junit.Before
import org.junit.Ignore
import org.junit.Test
+import javax.annotation.Nonnull
import javax.jcr.Credentials
import javax.jcr.Session
import javax.jcr.SimpleCredentials
@@ -85,6 +86,7 @@ class JaasConfigSpiTest extends Abstract
private Set<? extends Principal> principals;
private String userId;
+ @Nonnull
@Override
protected Set<Class> getSupportedCredentials() {
return ImmutableSet.of(SimpleCredentials.class)
Modified: jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy?rev=1784954&r1=1784953&r2=1784954&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy (original)
+++ jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy Wed Mar 1 14:31:57 2017
@@ -28,6 +28,7 @@ import org.junit.Before
import org.junit.Ignore
import org.junit.Test
+import javax.annotation.Nonnull
import javax.jcr.Credentials
import javax.jcr.Session
import javax.jcr.SimpleCredentials
@@ -71,6 +72,7 @@ class TokenAuthenticationTest extends Ab
@Slf4j
private static class PreAuthLoginModule extends AbstractLoginModule {
private MyCredential credential
+ @Nonnull
@Override
protected Set<Class> getSupportedCredentials() {
return Sets.newHashSet(MyCredential.class)