You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by en...@apache.org on 2021/05/23 22:01:13 UTC

[sling-org-apache-sling-auth-form] branch master updated: SLING-10411 resolve code quality warnings and issues reported by sonar

This is an automated email from the ASF dual-hosted git repository.

enorman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-form.git


The following commit(s) were added to refs/heads/master by this push:
     new 0260bd9  SLING-10411 resolve code quality warnings and issues reported by sonar
0260bd9 is described below

commit 0260bd9d92c29357a7af81d2d0af52a911c256e8
Author: Eric Norman <en...@apache.org>
AuthorDate: Sun May 23 15:01:03 2021 -0700

    SLING-10411 resolve code quality warnings and issues reported by sonar
    
    add integration test for covering the login form renderer and logout
    cookie handling
    exclude o.a.commons.codec.* from the jacoco report
---
 pom.xml                                            | 18 +++++++++++
 .../org/apache/sling/auth/form/FormReasonTest.java |  4 +++
 .../apache/sling/auth/form/it/SLING10290IT.java    | 35 ++++++++++++++++++++--
 3 files changed, 55 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 745ade1..2005a4d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -279,4 +279,22 @@
             <scope>test</scope>
         </dependency>
     </dependencies>
+    <profiles>
+        <profile>
+            <id>jacoco-report</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.jacoco</groupId>
+                        <artifactId>jacoco-maven-plugin</artifactId>
+                        <configuration>
+                            <excludes>
+                                <exclude>org/apache/commons/codec/**/*</exclude>
+                            </excludes>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
 </project>
diff --git a/src/test/java/org/apache/sling/auth/form/FormReasonTest.java b/src/test/java/org/apache/sling/auth/form/FormReasonTest.java
index cfe9c9f..dd03e78 100644
--- a/src/test/java/org/apache/sling/auth/form/FormReasonTest.java
+++ b/src/test/java/org/apache/sling/auth/form/FormReasonTest.java
@@ -28,11 +28,15 @@ public class FormReasonTest {
     @Test public void testTimeout() {
         assertEquals(FormReason.TIMEOUT,
             FormReason.valueOf(FormReason.TIMEOUT.name()));
+        assertEquals("Session timed out, please login again", 
+                FormReason.TIMEOUT.toString());
     }
 
     @Test public void testInvalidCredentials() {
         assertEquals(FormReason.INVALID_CREDENTIALS,
             FormReason.valueOf(FormReason.INVALID_CREDENTIALS.name()));
+        assertEquals("Username and Password do not match", 
+                FormReason.INVALID_CREDENTIALS.toString());
     }
 
     @Test public void testInvalid() {
diff --git a/src/test/java/org/apache/sling/auth/form/it/SLING10290IT.java b/src/test/java/org/apache/sling/auth/form/it/SLING10290IT.java
index c4561a4..8b16392 100644
--- a/src/test/java/org/apache/sling/auth/form/it/SLING10290IT.java
+++ b/src/test/java/org/apache/sling/auth/form/it/SLING10290IT.java
@@ -34,6 +34,7 @@ import java.nio.charset.StandardCharsets;
 import java.time.Duration;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Date;
 import java.util.Dictionary;
 import java.util.List;
 
@@ -43,6 +44,8 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.http.Header;
 import org.apache.http.HttpResponse;
 import org.apache.http.NameValuePair;
+import org.apache.http.client.config.CookieSpecs;
+import org.apache.http.client.config.RequestConfig;
 import org.apache.http.client.entity.UrlEncodedFormEntity;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
@@ -55,7 +58,7 @@ import org.apache.http.cookie.MalformedCookieException;
 import org.apache.http.impl.client.BasicCookieStore;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
-import org.apache.http.impl.cookie.DefaultCookieSpec;
+import org.apache.http.impl.cookie.RFC6265StrictSpec;
 import org.apache.http.message.BasicNameValuePair;
 import org.apache.http.util.EntityUtils;
 import org.junit.After;
@@ -143,6 +146,8 @@ public class SLING10290IT extends AuthFormTestSupport {
         // prepare the http client for the test user
         httpContext = HttpClientContext.create();
         httpContext.setCookieStore(new BasicCookieStore());
+        RequestConfig requestConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD_STRICT).build();
+        httpContext.setRequestConfig(requestConfig);
         httpClient = HttpClients.custom()
                 .disableRedirectHandling()
                 .build();
@@ -161,6 +166,32 @@ public class SLING10290IT extends AuthFormTestSupport {
         baseServerUri = null;
     }
 
+    @Test
+    public void testLoginFormRenders() throws IOException {
+        HttpGet loginformRequest = new HttpGet(String.format("%s/system/sling/form/login", baseServerUri));
+        try (CloseableHttpResponse loginformResponse = httpClient.execute(loginformRequest, httpContext)) {
+            assertEquals(HttpServletResponse.SC_OK, loginformResponse.getStatusLine().getStatusCode());
+            String content = EntityUtils.toString(loginformResponse.getEntity());
+            assertTrue(content.contains("Login to Apache Sling"));
+            assertTrue(content.contains("loginform"));
+        }
+    }
+
+    @Test
+    public void testLogout() throws IOException, MalformedCookieException {
+        doFormsLogin();
+        HttpGet logoutRequest = new HttpGet(String.format("%s/system/sling/logout", baseServerUri));
+        try (CloseableHttpResponse logoutResponse = httpClient.execute(logoutRequest, httpContext)) {
+            assertEquals(HttpServletResponse.SC_MOVED_TEMPORARILY, logoutResponse.getStatusLine().getStatusCode());
+            Cookie parsedFormauthCookie = parseFormAuthCookieFromHeaders(logoutResponse);
+            assertNotNull("Expected a formauth cookie in the response", parsedFormauthCookie);
+            assertEquals("Expected the formauth cookie value to be empty", "", parsedFormauthCookie.getValue());
+            assertTrue("Expected the formauth cookie to be expired", parsedFormauthCookie.isExpired(new Date()));
+            Cookie formauthCookie2 = getFormAuthCookieFromCookieStore();
+            assertNull("Did not expected a formauth cookie in the cookie store", formauthCookie2);
+        }
+    }
+
     /**
      * Verify that the formauth cookie is sent appropriately after login
      */
@@ -349,7 +380,7 @@ public class SLING10290IT extends AuthFormTestSupport {
         assertNotNull(cookieHeaders);
 
         Cookie parsedFormauthCookie = null;
-        CookieSpec cookieSpec = new DefaultCookieSpec();
+        CookieSpec cookieSpec = new RFC6265StrictSpec();
         CookieOrigin origin = new CookieOrigin(baseServerUri.getHost(), baseServerUri.getPort(),
                 baseServerUri.getPath(), "https".equals(baseServerUri.getScheme()));
         for (Header cookieHeader : cookieHeaders) {