Download as
Browse Code »

Commit 28d7743f92be5505eb195d1dbbaf161ad390026f

Authored by Cleverson Sacramento
1 parent fdc5ca4f
Exists in master

IN PROGRESS - issue FWK-119: Testes da extensão Servlet 

https://demoiselle.atlassian.net/browse/FWK-119
Showing 3 changed files with 78 additions and 11 deletions   Show diff stats
impl/extension/servlet/src/test/java/security/authentication/form/HelperServlet.java
  Diff comments   View file @28d7743
1 package security.authentication.form; 1 package security.authentication.form;
2 2
  3 +import static org.apache.http.HttpStatus.SC_EXPECTATION_FAILED;
3 import static org.apache.http.HttpStatus.SC_FORBIDDEN; 4 import static org.apache.http.HttpStatus.SC_FORBIDDEN;
  5 +import static org.apache.http.HttpStatus.SC_NOT_FOUND;
4 import static org.apache.http.HttpStatus.SC_OK; 6 import static org.apache.http.HttpStatus.SC_OK;
5 7
6 import java.io.IOException; 8 import java.io.IOException;
  9 +import java.security.InvalidParameterException;
  10 +import java.util.regex.Matcher;
  11 +import java.util.regex.Pattern;
7 12
8 import javax.servlet.ServletException; 13 import javax.servlet.ServletException;
9 import javax.servlet.http.HttpServlet; 14 import javax.servlet.http.HttpServlet;
10 import javax.servlet.http.HttpServletRequest; 15 import javax.servlet.http.HttpServletRequest;
11 import javax.servlet.http.HttpServletResponse; 16 import javax.servlet.http.HttpServletResponse;
12 17
13 -import br.gov.frameworkdemoiselle.security.AuthenticationException;  
14 import br.gov.frameworkdemoiselle.security.Credentials; 18 import br.gov.frameworkdemoiselle.security.Credentials;
  19 +import br.gov.frameworkdemoiselle.security.InvalidCredentialsException;
15 import br.gov.frameworkdemoiselle.security.SecurityContext; 20 import br.gov.frameworkdemoiselle.security.SecurityContext;
16 import br.gov.frameworkdemoiselle.util.Beans; 21 import br.gov.frameworkdemoiselle.util.Beans;
17 22
@@ -21,19 +26,63 @@ public class HelperServlet extends HttpServlet { @@ -21,19 +26,63 @@ public class HelperServlet extends HttpServlet {
21 26
22 @Override 27 @Override
23 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 28 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
24 - String result = request.getHeader("Authorization");  
25 - result = (result == null ? request.getHeader("authorization") : result); 29 + String action = getAction(request);
26 30
  31 + if ("login".equals(action)) {
  32 + login(request, response);
  33 + } else if ("logout".equals(action)) {
  34 + logout(request, response);
  35 + } else {
  36 + response.setStatus(SC_NOT_FOUND);
  37 + }
  38 + }
  39 +
  40 + private void login(HttpServletRequest request, HttpServletResponse response) {
  41 + loadCredentials(request);
  42 + SecurityContext securityContext = Beans.getReference(SecurityContext.class);
  43 +
  44 + try {
  45 + securityContext.login();
  46 +
  47 + if (securityContext.isLoggedIn()) {
  48 + response.setStatus(SC_OK);
  49 + } else {
  50 + response.setStatus(SC_FORBIDDEN);
  51 + }
  52 +
  53 + } catch (InvalidCredentialsException e) {
  54 + response.setStatus(SC_FORBIDDEN);
  55 + }
  56 + }
  57 +
  58 + private void logout(HttpServletRequest request, HttpServletResponse response) {
  59 + loadCredentials(request);
  60 + SecurityContext securityContext = Beans.getReference(SecurityContext.class);
  61 +
  62 + securityContext.login();
  63 + securityContext.logout();
  64 +
  65 + if (!securityContext.isLoggedIn()) {
  66 + response.setStatus(SC_OK);
  67 + } else {
  68 + response.setStatus(SC_EXPECTATION_FAILED);
  69 + }
  70 + }
  71 +
  72 + private void loadCredentials(HttpServletRequest request) {
27 Credentials credentials = Beans.getReference(Credentials.class); 73 Credentials credentials = Beans.getReference(Credentials.class);
28 credentials.setUsername(request.getParameter("username")); 74 credentials.setUsername(request.getParameter("username"));
29 credentials.setPassword(request.getParameter("password")); 75 credentials.setPassword(request.getParameter("password"));
  76 + }
30 77
31 - try {  
32 - Beans.getReference(SecurityContext.class).login();  
33 - response.setStatus(SC_OK); 78 + private String getAction(HttpServletRequest request) {
  79 + Pattern pattern = Pattern.compile("^.+/(.+)$");
  80 + Matcher matcher = pattern.matcher(request.getRequestURI());
34 81
35 - } catch (AuthenticationException e) {  
36 - response.setStatus(SC_FORBIDDEN); 82 + if (matcher.matches()) {
  83 + return matcher.group(1).toLowerCase();
  84 + } else {
  85 + throw new InvalidParameterException("Está faltando o parâmetro de ação na URL");
37 } 86 }
38 } 87 }
39 } 88 }
impl/extension/servlet/src/test/java/security/authentication/form/ServletAuthenticatorTest.java
  Diff comments   View file @28d7743
@@ -40,7 +40,7 @@ public class ServletAuthenticatorTest { @@ -40,7 +40,7 @@ public class ServletAuthenticatorTest {
40 40
41 @Test 41 @Test
42 public void loginSucessfull() throws ClientProtocolException, IOException, URISyntaxException { 42 public void loginSucessfull() throws ClientProtocolException, IOException, URISyntaxException {
43 - URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper"); 43 + URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/login");
44 uriBuilder.setParameter("username", "demoiselle"); 44 uriBuilder.setParameter("username", "demoiselle");
45 uriBuilder.setParameter("password", "changeit"); 45 uriBuilder.setParameter("password", "changeit");
46 46
@@ -53,7 +53,7 @@ public class ServletAuthenticatorTest { @@ -53,7 +53,7 @@ public class ServletAuthenticatorTest {
53 53
54 @Test 54 @Test
55 public void loginFailed() throws ClientProtocolException, IOException, URISyntaxException { 55 public void loginFailed() throws ClientProtocolException, IOException, URISyntaxException {
56 - URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper"); 56 + URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/login");
57 uriBuilder.setParameter("username", "invalid"); 57 uriBuilder.setParameter("username", "invalid");
58 uriBuilder.setParameter("password", "invalid"); 58 uriBuilder.setParameter("password", "invalid");
59 59
@@ -63,4 +63,22 @@ public class ServletAuthenticatorTest { @@ -63,4 +63,22 @@ public class ServletAuthenticatorTest {
63 int status = response.getStatusLine().getStatusCode(); 63 int status = response.getStatusLine().getStatusCode();
64 assertEquals(SC_FORBIDDEN, status); 64 assertEquals(SC_FORBIDDEN, status);
65 } 65 }
  66 +
  67 + @Test
  68 + public void logoutSucessfull() throws ClientProtocolException, IOException, URISyntaxException {
  69 + URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/logout");
  70 + uriBuilder.setParameter("username", "demoiselle");
  71 + uriBuilder.setParameter("password", "changeit");
  72 +
  73 + HttpGet httpGet = new HttpGet(uriBuilder.build());
  74 + HttpResponse httpResponse = HttpClientBuilder.create().build().execute(httpGet);
  75 +
  76 + int status = httpResponse.getStatusLine().getStatusCode();
  77 + assertEquals(SC_OK, status);
  78 + }
  79 +
  80 + @Test
  81 + public void logoutFailed() throws ClientProtocolException, IOException, URISyntaxException {
  82 + URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/logout");
  83 + }
66 } 84 }
impl/extension/servlet/src/test/resources/security/authentication/form/web.xml
  Diff comments   View file @28d7743
@@ -56,6 +56,6 @@ @@ -56,6 +56,6 @@
56 </servlet> 56 </servlet>
57 <servlet-mapping> 57 <servlet-mapping>
58 <servlet-name>Helper Servlet</servlet-name> 58 <servlet-name>Helper Servlet</servlet-name>
59 - <url-pattern>/helper</url-pattern> 59 + <url-pattern>/helper/*</url-pattern>
60 </servlet-mapping> 60 </servlet-mapping>
61 </web-app> 61 </web-app>
62 \ No newline at end of file 62 \ No newline at end of file