"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "flow-server/src/test/java/com/vaadin/flow/server/connect/auth/VaadinConnectAccessCheckerTest.java" between
vaadin-flow-4.0.6.tar.gz and vaadin-flow-4.0.7.tar.gz

About: Vaadin flow is a Java framework binding Vaadin web components to Java.

VaadinConnectAccessCheckerTest.java  (vaadin-flow-4.0.6):VaadinConnectAccessCheckerTest.java  (vaadin-flow-4.0.7)
skipping to change at line 41 skipping to change at line 41
private HttpServletRequest requestMock; private HttpServletRequest requestMock;
private HttpSession sessionMock; private HttpSession sessionMock;
@Before @Before
public void before() { public void before() {
checker = new VaadinConnectAccessChecker(); checker = new VaadinConnectAccessChecker();
requestMock = mock(HttpServletRequest.class); requestMock = mock(HttpServletRequest.class);
sessionMock = mock(HttpSession.class); sessionMock = mock(HttpSession.class);
when(sessionMock.getAttribute(VaadinService.getCsrfTokenAttributeName()) ) when(sessionMock.getAttribute(VaadinService.getCsrfTokenAttributeName()) )
.thenReturn("Vaadin CCDM"); .thenReturn("Vaadin CCDM");
when(requestMock.getSession()).thenReturn(sessionMock); when(requestMock.getSession(false)).thenReturn(sessionMock);
when(requestMock.getUserPrincipal()).thenReturn(mock(Principal.class)); when(requestMock.getUserPrincipal()).thenReturn(mock(Principal.class));
when(requestMock.getHeader("X-CSRF-Token")) when(requestMock.getHeader("X-CSRF-Token"))
.thenReturn("Vaadin CCDM"); .thenReturn("Vaadin CCDM");
when(requestMock.isUserInRole("ROLE_USER")).thenReturn(true); when(requestMock.isUserInRole("ROLE_USER")).thenReturn(true);
} }
private void createAnonymousContext() { private void createAnonymousContext() {
when(requestMock.getUserPrincipal()).thenReturn(null); when(requestMock.getUserPrincipal()).thenReturn(null);
} }
private void createDifferentSessionToken() { private void createDifferentSessionToken() {
when(sessionMock.getAttribute(VaadinService.getCsrfTokenAttributeName()) ) when(sessionMock.getAttribute(VaadinService.getCsrfTokenAttributeName()) )
.thenReturn("CCDM Token"); .thenReturn("CCDM Token");
} }
private void createNullTokenContextInHeaderRequest() { private void createNullTokenContextInHeaderRequest() {
when(requestMock.getHeader("X-CSRF-Token")) when(requestMock.getHeader("X-CSRF-Token"))
.thenReturn(null); .thenReturn(null);
} }
private void createNullTokenSession() {
when(sessionMock.getAttribute(VaadinService.getCsrfTokenAttributeName())
).thenReturn(null);
}
private void createNullSession() {
when(requestMock.getSession(false)).thenReturn(null);
when(requestMock.getSession()).thenReturn(null);
}
private void shouldPass(Class<?> test) throws Exception { private void shouldPass(Class<?> test) throws Exception {
Method method = test.getMethod("test"); Method method = test.getMethod("test");
assertNull(checker.check(method, requestMock)); assertNull(checker.check(method, requestMock));
} }
private void shouldFail(Class<?> test) throws Exception { private void shouldFail(Class<?> test) throws Exception {
Method method = test.getMethod("test"); Method method = test.getMethod("test");
assertNotNull(checker.check(method, requestMock)); assertNotNull(checker.check(method, requestMock));
} }
skipping to change at line 83 skipping to change at line 92
public void should_fail_When_not_having_token_in_headerRequest() throws Exce ption { public void should_fail_When_not_having_token_in_headerRequest() throws Exce ption {
class Test { class Test {
public void test() { public void test() {
} }
} }
createNullTokenContextInHeaderRequest(); createNullTokenContextInHeaderRequest();
shouldFail(Test.class); shouldFail(Test.class);
} }
@Test @Test
public void should_fail_When_not_having_token_in_session_but_have_token_in_r
equest_header() throws Exception {
class Test {
public void test() {
}
}
createNullTokenSession();
shouldFail(Test.class);
}
@Test
public void should_fail_When_not_having_token_in_session_but_have_token_in_r
equest_header_And_AnonymousAllowed() throws Exception {
@AnonymousAllowed
class Test {
public void test() {
}
}
createNullTokenSession();
shouldFail(Test.class);
}
@Test
public void should_pass_When_not_having_session_And_not_having_token_in_requ
est_header() throws Exception {
class Test {
public void test() {
}
}
createNullSession();
createNullTokenContextInHeaderRequest();
shouldPass(Test.class);
}
@Test
public void should_pass_When_not_having_session_And_not_having_token_in_requ
est_header_And_AnonymousAllowed() throws Exception {
@AnonymousAllowed
class Test {
public void test() {
}
}
createNullSession();
createNullTokenContextInHeaderRequest();
shouldPass(Test.class);
}
@Test
public void should_pass_When_csrf_disabled() throws Exception { public void should_pass_When_csrf_disabled() throws Exception {
class Test { class Test {
public void test() { public void test() {
} }
} }
createNullTokenContextInHeaderRequest(); createNullTokenContextInHeaderRequest();
checker.enableCsrf(false); checker.enableCsrf(false);
shouldPass(Test.class); shouldPass(Test.class);
} }
skipping to change at line 104 skipping to change at line 157
public void should_fail_When_having_different_token_between_session_and_head erRequest() throws Exception { public void should_fail_When_having_different_token_between_session_and_head erRequest() throws Exception {
class Test { class Test {
public void test() { public void test() {
} }
} }
createDifferentSessionToken(); createDifferentSessionToken();
shouldFail(Test.class); shouldFail(Test.class);
} }
@Test @Test
public void should_fail_When_having_different_token_between_session_and_head
erRequest_and_NoAuthentication_AnonymousAllowed() throws Exception {
class Test {
@AnonymousAllowed
public void test() {
}
}
createAnonymousContext();
createDifferentSessionToken();
shouldFail(Test.class);
}
@Test
public void should_Fail_When_NoAuthentication() throws Exception { public void should_Fail_When_NoAuthentication() throws Exception {
class Test { class Test {
public void test() { public void test() {
} }
} }
createAnonymousContext(); createAnonymousContext();
shouldFail(Test.class); shouldFail(Test.class);
} }
@Test @Test
 End of changes. 4 change blocks. 
1 lines changed or deleted 72 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)