3 * Copyright (C) 2009-2022 SonarSource SA
4 * mailto:info AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
21 package org.sonar.server.saml.ws;
23 import java.io.IOException;
24 import java.io.PrintWriter;
25 import java.io.StringWriter;
26 import javax.servlet.FilterChain;
27 import javax.servlet.ServletException;
28 import javax.servlet.http.HttpServletRequest;
29 import javax.servlet.http.HttpServletResponse;
30 import org.junit.Before;
31 import org.junit.Test;
32 import org.sonar.auth.saml.SamlAuthenticator;
33 import org.sonar.server.authentication.OAuth2ContextFactory;
34 import org.sonar.server.user.ThreadLocalUserSession;
36 import static org.assertj.core.api.Assertions.assertThat;
37 import static org.mockito.ArgumentMatchers.any;
38 import static org.mockito.Mockito.doReturn;
39 import static org.mockito.Mockito.mock;
40 import static org.mockito.Mockito.spy;
41 import static org.mockito.Mockito.verify;
42 import static org.mockito.Mockito.verifyNoInteractions;
44 public class SamlValidationCallbackFilterTest {
46 private SamlValidationCallbackFilter underTest;
47 private SamlAuthenticator samlAuthenticator;
48 private ThreadLocalUserSession userSession;
52 samlAuthenticator = mock(SamlAuthenticator.class);
53 userSession = mock(ThreadLocalUserSession.class);
54 var oAuth2ContextFactory = mock(OAuth2ContextFactory.class);
55 underTest = new SamlValidationCallbackFilter(userSession, samlAuthenticator, oAuth2ContextFactory);
59 public void do_get_pattern() {
60 assertThat(underTest.doGetPattern().matches("/saml/validation_callback")).isTrue();
61 assertThat(underTest.doGetPattern().matches("/saml/validation_callback2")).isFalse();
62 assertThat(underTest.doGetPattern().matches("/saml/")).isFalse();
66 public void do_filter_admin() throws ServletException, IOException {
67 HttpServletRequest servletRequest = mock(HttpServletRequest.class);
68 HttpServletResponse servletResponse = mock(HttpServletResponse.class);
69 StringWriter stringWriter = new StringWriter();
70 doReturn(new PrintWriter(stringWriter)).when(servletResponse).getWriter();
71 FilterChain filterChain = mock(FilterChain.class);
73 doReturn(true).when(userSession).hasSession();
74 doReturn(true).when(userSession).isSystemAdministrator();
76 underTest.doFilter(servletRequest, servletResponse, filterChain);
78 verify(samlAuthenticator).getAuthenticationStatusPage(any(), any());
79 verify(servletResponse).getWriter();
83 public void do_filter_not_authorized() throws ServletException, IOException {
84 HttpServletRequest servletRequest = spy(HttpServletRequest.class);
85 HttpServletResponse servletResponse = mock(HttpServletResponse.class);
86 StringWriter stringWriter = new StringWriter();
87 doReturn(new PrintWriter(stringWriter)).when(servletResponse).getWriter();
88 FilterChain filterChain = mock(FilterChain.class);
90 doReturn(true).when(userSession).hasSession();
91 doReturn(false).when(userSession).isSystemAdministrator();
93 underTest.doFilter(servletRequest, servletResponse, filterChain);
95 verifyNoInteractions(samlAuthenticator);
projects / sonarqube.git / blob