1. Project Clover database Sat Feb 2 2019 06:45:20 CET
  2. Package com.xpn.xwiki.user.impl.xwiki

File XWikiAuthServiceImplTest.java

 

Code metrics

0
51
14
1
252
158
14
0.27
3.64
14
1

Classes

Class Line # Actions
XWikiAuthServiceImplTest 55 51 0% 14 0
1.0100%
 

Contributing tests

No tests hitting this source file were found.

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package com.xpn.xwiki.user.impl.xwiki;
21   
22    import java.net.URL;
23    import java.security.Principal;
24   
25    import org.junit.Before;
26    import org.junit.Rule;
27    import org.junit.Test;
28    import org.mockito.invocation.InvocationOnMock;
29    import org.mockito.stubbing.Answer;
30    import org.xwiki.model.reference.DocumentReference;
31    import org.xwiki.model.reference.LocalDocumentReference;
32   
33    import com.xpn.xwiki.XWikiContext;
34    import com.xpn.xwiki.doc.XWikiDocument;
35    import com.xpn.xwiki.objects.BaseObject;
36    import com.xpn.xwiki.test.MockitoOldcoreRule;
37    import com.xpn.xwiki.test.reference.ReferenceComponentList;
38    import com.xpn.xwiki.user.api.XWikiRightService;
39    import com.xpn.xwiki.web.XWikiResponse;
40   
41    import static org.junit.Assert.assertEquals;
42    import static org.junit.Assert.assertNotNull;
43    import static org.junit.Assert.assertNull;
44    import static org.mockito.ArgumentMatchers.any;
45    import static org.mockito.Mockito.doReturn;
46    import static org.mockito.Mockito.mock;
47    import static org.mockito.Mockito.when;
48   
49    /**
50    * Unit tests for {@link com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl}.
51    *
52    * @version $Id: 40f6a4b1b9af7631e7fc2e3085a9431c3388a0b9 $
53    */
54    @ReferenceComponentList
 
55    public class XWikiAuthServiceImplTest
56    {
57    @Rule
58    public MockitoOldcoreRule oldcore = new MockitoOldcoreRule();
59   
60    private XWikiAuthServiceImpl authService;
61   
 
62  12 toggle @Before
63    public void before() throws Exception
64    {
65  12 this.authService = new XWikiAuthServiceImpl();
66   
67    // Dummy response
68  12 XWikiResponse xwikiResponse = mock(XWikiResponse.class);
69  12 when(xwikiResponse.encodeURL(any())).then(new Answer<String>()
70    {
 
71  4 toggle @Override
72    public String answer(InvocationOnMock invocation) throws Throwable
73    {
74  4 return invocation.getArgument(0);
75    }
76    });
77  12 this.oldcore.getXWikiContext().setResponse(xwikiResponse);
78    }
79   
80    /**
81    * Test that it's not possible to log in with a superadmin user when the superadmin password configuration is turned
82    * off.
83    */
 
84  1 toggle @Test
85    public void testAuthenticateWithSuperAdminWhenSuperAdminPasswordIsTurnedOff() throws Exception
86    {
87  1 Principal principal = this.authService.authenticate(XWikiRightService.SUPERADMIN_USER, "whatever",
88    this.oldcore.getXWikiContext());
89   
90  1 assertNull(principal);
91    }
92   
93    /**
94    * Test that it's not possible to log in with a superadmin user when the superadmin password configuration is turned
95    * off.
96    */
 
97  1 toggle @Test
98    public void testAuthenticateWithSuperAdminPrefixedWithXWikiWhenSuperAdminPasswordIsTurnedOff() throws Exception
99    {
100  1 Principal principal = this.authService.authenticate(XWikiRightService.SUPERADMIN_USER_FULLNAME, "whatever",
101    this.oldcore.getXWikiContext());
102   
103  1 assertNull(principal);
104    }
105   
 
106  1 toggle @Test
107    public void testAuthenticateWithSuperAdminWithWhiteSpacesWhenSuperAdminPasswordIsTurnedOff() throws Exception
108    {
109  1 Principal principal = this.authService.authenticate(" " + XWikiRightService.SUPERADMIN_USER + " ", "whatever",
110    this.oldcore.getXWikiContext());
111   
112  1 assertNull(principal);
113    }
114   
115    /**
116    * Test that superadmin is authenticated as superadmin whatever the case.
117    */
 
118  1 toggle @Test
119    public void testAuthenticateWithSuperAdminWithDifferentCase() throws Exception
120    {
121  1 this.oldcore.getMockXWikiCfg().setProperty("xwiki.superadminpassword", "pass");
122   
123  1 Principal principal = this.authService.authenticate(XWikiRightService.SUPERADMIN_USER.toUpperCase(), "pass",
124    this.oldcore.getXWikiContext());
125   
126  1 assertNotNull(principal);
127  1 assertEquals(XWikiRightService.SUPERADMIN_USER_FULLNAME, principal.getName());
128    }
129   
130    /** Test that SomeUser is correctly authenticated as XWiki.SomeUser when xwiki:SomeUser is entered as username. */
 
131  1 toggle @Test
132    public void testLoginWithWikiPrefix() throws Exception
133    {
134    // Setup a simple user profile document
135  1 XWikiDocument userDoc =
136    new XWikiDocument(new DocumentReference(this.oldcore.getXWikiContext().getWikiId(), "XWiki", "SomeUser"));
137  1 BaseObject mockUserObj =
138    userDoc.newXObject(new LocalDocumentReference("XWiki", "XWikiUsers"), this.oldcore.getXWikiContext());
139  1 mockUserObj.setStringValue("password", "pass");
140   
141    // Save the user
142  1 this.oldcore.getSpyXWiki().saveDocument(userDoc, this.oldcore.getXWikiContext());
143   
144    // Finally run the test: Using xwiki:Admin should correctly authenticate the Admin user
145  1 Principal principal = this.authService.authenticate("xwiki:SomeUser", "pass", this.oldcore.getXWikiContext());
146  1 assertNotNull(principal);
147  1 assertEquals("xwiki:XWiki.SomeUser", principal.getName());
148    }
149   
150    /**
151    * Test that user is authenticated with a global account when a local one with the same name exists and the username
152    * contains a wiki prefix.
153    */
 
154  1 toggle @Test
155    public void testLogintoVirtualXwikiWithWikiPrefixUsername() throws Exception
156    {
157    // Setup simple user profile documents
158  1 XWikiDocument userDocLocal =
159    new XWikiDocument(new DocumentReference(this.oldcore.getXWikiContext().getMainXWiki(), "XWiki", "Admin"));
160  1 BaseObject mockUserObj =
161    userDocLocal.newXObject(new LocalDocumentReference("XWiki", "XWikiUsers"), this.oldcore.getXWikiContext());
162  1 mockUserObj.setStringValue("password", "admin");
163   
164    // Save the user
165  1 this.oldcore.getSpyXWiki().saveDocument(userDocLocal, this.oldcore.getXWikiContext());
166   
167    // Run the test: Using XWiki.Admin should correctly authenticate the Admin user
168  1 Principal principalLocal =
169    this.authService.authenticate("XWiki.Admin", "admin", this.oldcore.getXWikiContext());
170  1 assertNotNull(principalLocal);
171  1 assertEquals("XWiki.Admin", principalLocal.getName());
172   
173    // Set the database name to local.
174  1 this.oldcore.getXWikiContext().setWikiId("local");
175   
176    // Finally run the test: Using xwiki:Xwiki.Admin should correctly authenticate the Admin user
177  1 Principal principalVirtual =
178    this.authService.authenticate("xwiki:XWiki.Admin", "admin", this.oldcore.getXWikiContext());
179  1 assertNotNull(principalVirtual);
180  1 assertEquals("xwiki:XWiki.Admin", principalVirtual.getName());
181    }
182   
 
183  1 toggle @Test
184    public void testStripContextPathFromURLWithSlashAfter() throws Exception
185    {
186  1 doReturn("xwiki/").when(this.oldcore.getSpyXWiki()).getWebAppPath(any(XWikiContext.class));
187   
188  1 assertEquals("/something", this.authService
189    .stripContextPathFromURL(new URL("http://localhost:8080/xwiki/something"), this.oldcore.getXWikiContext()));
190    }
191   
 
192  1 toggle @Test
193    public void testStripContextPathFromURLWhenRootContextPathWithSlash() throws Exception
194    {
195  1 doReturn("/").when(this.oldcore.getSpyXWiki()).getWebAppPath(any(XWikiContext.class));
196   
197  1 assertEquals("/something", this.authService.stripContextPathFromURL(new URL("http://localhost:8080/something"),
198    this.oldcore.getXWikiContext()));
199    }
200   
 
201  1 toggle @Test
202    public void testStripContextPathFromURLWhenRootContextPathWithoutSlash() throws Exception
203    {
204  1 doReturn("").when(this.oldcore.getSpyXWiki()).getWebAppPath(any(XWikiContext.class));
205   
206  1 assertEquals("/something", this.authService.stripContextPathFromURL(new URL("http://localhost:8080/something"),
207    this.oldcore.getXWikiContext()));
208    }
209   
210    /**
211    * Simulates the use case when the {@code HttpServletResponse.encodeURL()} changes the context path.
212    */
 
213  1 toggle @Test
214    public void testStripContextPathFromURLWhenOutBoundRewriteRuleChangingContextPath() throws Exception
215    {
216  1 doReturn("xwiki/").when(this.oldcore.getSpyXWiki()).getWebAppPath(any(XWikiContext.class));
217   
218  1 XWikiResponse xwikiResponse = mock(XWikiResponse.class);
219  1 when(xwikiResponse.encodeURL(any()))
220    .thenReturn("http://localhost:8080/anothercontext;jsessionid=0AF95AFB8997826B936C0397DF6A0C7F?language=en");
221  1 this.oldcore.getXWikiContext().setResponse(xwikiResponse);
222   
223    // Note: the passed URL to stripContextPathFromURL() has also gone through encodeURL() which is why its
224    // context path has been changed from "xwiki" to "anothercontext".
225  1 assertEquals("/something", this.authService.stripContextPathFromURL(
226    new URL("http://localhost:8080/anothercontext/something"), this.oldcore.getXWikiContext()));
227    }
228   
 
229  1 toggle @Test
230    public void testStripContextPathFromURLWithSlashBefore() throws Exception
231    {
232  1 doReturn("xwiki/").when(this.oldcore.getSpyXWiki()).getWebAppPath(any(XWikiContext.class));
233   
234  1 assertEquals("/something", this.authService
235    .stripContextPathFromURL(new URL("http://localhost:8080/xwiki/something"), this.oldcore.getXWikiContext()));
236    }
237   
 
238  1 toggle @Test
239    public void testStripContextPathFromURLWhenRootWebAppAndJSessionId() throws Exception
240    {
241  1 doReturn("").when(this.oldcore.getSpyXWiki()).getWebAppPath(any(XWikiContext.class));
242   
243    // Simulate a rewrite filter that would add a jsession id and add a leading slash!
244  1 XWikiResponse xwikiResponse = mock(XWikiResponse.class);
245  1 when(xwikiResponse.encodeURL("http://localhost:8080"))
246    .thenReturn("http://localhost:8080/;jsessionid=0AF95AFB8997826B936C0397DF6A0C7F");
247  1 this.oldcore.getXWikiContext().setResponse(xwikiResponse);
248   
249  1 assertEquals("/something", this.authService.stripContextPathFromURL(new URL("http://localhost:8080/something"),
250    this.oldcore.getXWikiContext()));
251    }
252    }