2009-10-24 22:34:29 +02:00
|
|
|
/**
|
2009-12-27 16:01:53 +01:00
|
|
|
* Copyright (C) 2009-2010 Scalable Solutions AB <http://scalablesolutions.se>
|
2009-10-24 22:34:29 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
package se.scalablesolutions.akka.security
|
|
|
|
|
|
|
|
|
|
import config.ScalaConfig._
|
|
|
|
|
|
|
|
|
|
import org.scalatest.Suite
|
|
|
|
|
import org.scalatest.junit.JUnitSuite
|
|
|
|
|
import org.scalatest.matchers.MustMatchers
|
|
|
|
|
import org.scalatest.mock.MockitoSugar
|
|
|
|
|
import org.mockito.Mockito._
|
|
|
|
|
import org.mockito.Matchers._
|
|
|
|
|
import org.junit.{Before, After, Test}
|
|
|
|
|
|
2010-03-10 22:38:52 +01:00
|
|
|
import javax.ws.rs.core.{SecurityContext, Context, Response}
|
|
|
|
|
import com.sun.jersey.spi.container.{ResourceFilterFactory, ContainerRequest, ContainerRequestFilter, ContainerResponse, ContainerResponseFilter, ResourceFilter}
|
|
|
|
|
import com.sun.jersey.core.util.Base64
|
2009-10-24 22:34:29 +02:00
|
|
|
|
2009-11-17 22:26:25 +01:00
|
|
|
class BasicAuthenticatorSpec extends junit.framework.TestCase
|
|
|
|
|
with Suite with MockitoSugar with MustMatchers {
|
2009-10-24 22:34:29 +02:00
|
|
|
val authenticator = new BasicAuthenticator
|
|
|
|
|
authenticator.start
|
|
|
|
|
|
|
|
|
|
@Test def testChallenge = {
|
|
|
|
|
val req = mock[ContainerRequest]
|
|
|
|
|
|
2009-11-21 20:51:03 +01:00
|
|
|
val result: Response = (authenticator !! (Authenticate(req, List("foo")), 10000)).get
|
2009-10-24 22:34:29 +02:00
|
|
|
|
|
|
|
|
// the actor replies with a challenge for the browser
|
2009-11-17 22:26:25 +01:00
|
|
|
result.getStatus must equal(Response.Status.UNAUTHORIZED.getStatusCode)
|
|
|
|
|
result.getMetadata.get("WWW-Authenticate").get(0).toString must startWith("Basic")
|
2009-10-24 22:34:29 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test def testAuthenticationSuccess = {
|
|
|
|
|
val req = mock[ContainerRequest]
|
|
|
|
|
// fake a basic auth header -> this will authenticate the user
|
|
|
|
|
when(req.getHeaderValue("Authorization")).thenReturn("Basic " + new String(Base64.encode("foo:bar")))
|
2009-11-17 22:26:25 +01:00
|
|
|
|
2009-10-24 22:34:29 +02:00
|
|
|
// fake a request authorization -> this will authorize the user
|
|
|
|
|
when(req.isUserInRole("chef")).thenReturn(true)
|
|
|
|
|
|
2009-11-21 20:51:03 +01:00
|
|
|
val result: AnyRef = (authenticator !! (Authenticate(req, List("chef")), 10000)).get
|
2009-10-24 22:34:29 +02:00
|
|
|
|
2009-11-17 22:26:25 +01:00
|
|
|
result must be(OK)
|
2009-10-24 22:34:29 +02:00
|
|
|
// the authenticator must have set a security context
|
|
|
|
|
verify(req).setSecurityContext(any[SecurityContext])
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test def testUnauthorized = {
|
2009-11-17 22:26:25 +01:00
|
|
|
val req = mock[ContainerRequest]
|
|
|
|
|
|
2009-10-24 22:34:29 +02:00
|
|
|
// fake a basic auth header -> this will authenticate the user
|
|
|
|
|
when(req.getHeaderValue("Authorization")).thenReturn("Basic " + new String(Base64.encode("foo:bar")))
|
|
|
|
|
when(req.isUserInRole("chef")).thenReturn(false) // this will deny access
|
|
|
|
|
|
2009-11-21 20:51:03 +01:00
|
|
|
val result: Response = (authenticator !! (Authenticate(req, List("chef")), 10000)).get
|
2009-10-24 22:34:29 +02:00
|
|
|
|
2009-11-17 22:26:25 +01:00
|
|
|
result.getStatus must equal(Response.Status.FORBIDDEN.getStatusCode)
|
2009-10-24 22:34:29 +02:00
|
|
|
|
2009-11-17 22:26:25 +01:00
|
|
|
// the authenticator must have set a security context
|
|
|
|
|
verify(req).setSecurityContext(any[SecurityContext])
|
2009-10-24 22:34:29 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
class BasicAuthenticator extends BasicAuthenticationActor {
|
2009-11-17 22:26:25 +01:00
|
|
|
def verify(odc: Option[BasicCredentials]): Option[UserInfo] = odc match {
|
|
|
|
|
case Some(dc) => Some(UserInfo("foo", "bar", "ninja" :: "chef" :: Nil))
|
|
|
|
|
case _ => None
|
2009-10-24 22:34:29 +02:00
|
|
|
}
|
|
|
|
|
override def realm = "test"
|
2009-11-17 22:26:25 +01:00
|
|
|
}
|
2009-10-24 22:34:29 +02:00
|
|
|
}
|
|
|
|
|
|
