Added JASPIC test for isMandatory

arjantijms · arjantijms · commit cca87f545c50 · 2016-10-03T11:52:27.000+02:00
Tests for calls to public and protected resources, not yet for
request.authenticate
diff --git a/jaspic/lifecycle/src/main/java/org/javaee7/jaspic/lifecycle/sam/TestLifecycleAuthModule.java b/jaspic/lifecycle/src/main/java/org/javaee7/jaspic/lifecycle/sam/TestLifecycleAuthModule.java
@@ -45,6 +45,10 @@ public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject
 
         try {
             response.getWriter().write("validateRequest invoked\n");
+            
+            boolean isMandatory = Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory"));
+            
+            response.getWriter().write("isMandatory: " + isMandatory + "\n");
 
             handler.handle(new Callback[] {
                 new CallerPrincipalCallback(clientSubject, "test"),
diff --git a/jaspic/lifecycle/src/main/java/org/javaee7/jaspic/lifecycle/servlet/PublicServlet.java b/jaspic/lifecycle/src/main/java/org/javaee7/jaspic/lifecycle/servlet/PublicServlet.java
@@ -0,0 +1,30 @@
+package org.javaee7.jaspic.lifecycle.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * 
+ * @author Arjan Tijms
+ * 
+ */
+@WebServlet(urlPatterns = "/public/servlet")
+public class PublicServlet extends HttpServlet {
+
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().write("Public resource invoked\n");
+
+        if (request.getParameter("doLogout") != null) {
+            request.logout();
+        }
+    }
+
+}
diff --git a/jaspic/lifecycle/src/test/java/org/javaee7/jaspic/lifecycle/AuthModuleMethodInvocationTest.java b/jaspic/lifecycle/src/test/java/org/javaee7/jaspic/lifecycle/AuthModuleMethodInvocationTest.java
@@ -56,10 +56,14 @@ public void testBasicSAMMethodsCalled() throws IOException, SAXException {
         assertTrue("SAM method secureResponse not called, but should have been.",
             response.contains("secureResponse invoked"));
 
+        int validateRequestIndex = response.indexOf("validateRequest invoked");
+        int resourceIndex = response.indexOf("Resource invoked");
+        int secureResponseIndex = response.indexOf("secureResponse invoked");
+        
         // Finally the order should be correct. More than a few implementations call secureResponse before the resource is
         // invoked.
         assertTrue("SAM methods called in wrong order",
-            response.contains("validateRequest invoked\nResource invoked\nsecureResponse invoked\n"));
+            validateRequestIndex < resourceIndex && resourceIndex <  secureResponseIndex);
     }
 
     /**
diff --git a/jaspic/lifecycle/src/test/java/org/javaee7/jaspic/lifecycle/IsMandatoryTest.java b/jaspic/lifecycle/src/test/java/org/javaee7/jaspic/lifecycle/IsMandatoryTest.java
@@ -0,0 +1,55 @@
+package org.javaee7.jaspic.lifecycle;
+
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+
+import org.javaee7.jaspic.common.ArquillianBase;
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.shrinkwrap.api.Archive;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.xml.sax.SAXException;
+
+/**
+ * This tests that the "javax.security.auth.message.MessagePolicy.isMandatory" key
+ * in the message info map is "true" for a protected resource, and not "true" for
+ * a public resource.
+ * 
+ * @author Arjan Tijms
+ * 
+ */
+@RunWith(Arquillian.class)
+public class IsMandatoryTest extends ArquillianBase {
+
+    @Deployment(testable = false)
+    public static Archive<?> createDeployment() {
+        return defaultArchive();
+    }
+
+    @Test
+    public void testPublicIsNonMandatory() throws IOException, SAXException {
+
+        String response = getFromServerPath("public/servlet");
+
+        assertTrue("Resource (Servlet) not invoked, but should have been.", response.contains("Public resource invoked"));
+        
+        assertTrue("isMandatory should be false for public resource, but was not.",
+            response.contains("isMandatory: false"));
+    }
+    
+    @Test
+    public void testProtectedIsMandatory() throws IOException, SAXException {
+
+        String response = getFromServerPath("protected/servlet");
+
+        assertTrue("Resource (Servlet) not invoked, but should have been.", response.contains("Resource invoked"));
+        
+        assertTrue("isMandatory should be true for protected resource, but was not.",
+                response.contains("isMandatory: true"));
+        
+    }
+
+
+}
