Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package se.nabor.component.user.impl;
- import org.apache.commons.lang.StringUtils;
- import org.junit.Test;
- import org.junit.runner.RunWith;
- import org.mockito.InjectMocks;
- import org.mockito.Mock;
- import org.mockito.runners.MockitoJUnitRunner;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.ldap.ServiceUnavailableException;
- import org.springframework.security.authentication.BadCredentialsException;
- import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
- import org.springframework.security.core.Authentication;
- import org.springframework.security.core.AuthenticationException;
- import se.nabor.component.audit.AuditService;
- import se.nabor.component.audit.model.data.MessageData;
- import se.nabor.component.audit.model.data.auth.LoginFailMessageData;
- import se.nabor.component.authority.AuthorityService;
- import se.nabor.component.common.ApplicationSettingsService;
- import se.nabor.component.common.log.syslog.SyslogNotificationPreparation;
- import se.nabor.component.common.log.syslog.SyslogNotificationsService;
- import se.nabor.component.security.ad.ActiveDirectoryLdapAuthenticationProvider;
- import se.nabor.component.user.UserService;
- import se.nabor.exception.authentication.WrongPassword;
- import static org.junit.Assert.assertEquals;
- import static org.junit.Assert.assertSame;
- import static org.junit.Assert.fail;
- import static org.mockito.Matchers.anyString;
- import static org.mockito.Mockito.*;
- @RunWith(MockitoJUnitRunner.class)
- public class MainAuthenticationProviderTest {
- private static final String LOGIN_THROUGH_ACTIVE_DIRECTORY = "ActiveDirectory";
- private static final String LOGIN_THROUGH_DATABASE = "Database";
- private static final String DOMAIN = "domain.com";
- private static final String URL1 = "ldap://localhost";
- private static final String URL2 = "ldap://localhost";
- private static final String AUTHENTICATION_NAME = "test name";
- private static final String AUTHENTICATION_CREDENTIALS = "test credentials";
- public static final String AUTHENTICATION_FAILED_ERROR_MESSAGE = "Authentication failed";
- public static final String BAD_CREDENTIALS_ERROR_MESSAGE = "Bad credentials";
- @Mock
- private ActiveDirectoryLdapAuthenticationProvider ldapAuthProvider;
- @Mock
- private ActiveDirectoryLdapAuthenticationProvider ldapAuthProviderReserve;
- @Mock
- private AuthorityService authorityService;
- @Mock
- private UserService userService;
- @Mock
- private DaoAuthenticationProvider daoAuthenticationProvider;
- @Mock
- private AuditService auditService;
- @Mock
- private SyslogNotificationsService syslogNotificationsService;
- @InjectMocks
- private final MainAuthenticationProvider adAuthProvider = getMainAuthenticationProvider(LOGIN_THROUGH_ACTIVE_DIRECTORY, DOMAIN, URL1, URL2);
- @InjectMocks
- private final MainAuthenticationProvider dbAuthProvider = getMainAuthenticationProvider(LOGIN_THROUGH_DATABASE, DOMAIN, URL1, URL2);
- @Test
- public void testInvalidSuppliedPassword() {
- MainAuthenticationProvider mainAuthenticationProvider = adAuthProvider;
- Authentication authentication = mock(Authentication.class);
- when(authentication.getCredentials()).thenReturn(StringUtils.EMPTY);
- when(authentication.getName()).thenReturn(AUTHENTICATION_NAME);
- try {
- mainAuthenticationProvider.authenticate(authentication);
- fail();
- } catch (WrongPassword e) {
- assertEquals("Empty password.", e.getMessage());
- }
- verify(auditService).addMessage(new LoginFailMessageData(anyString(), "AD1",
- "Supplied password was invalid."));
- }
- @Test
- public void testLdapBadCredentials() {
- MainAuthenticationProvider mainAuthenticationProvider = adAuthProvider;
- Authentication authentication = mock(Authentication.class);
- when(authentication.getCredentials()).thenReturn(AUTHENTICATION_CREDENTIALS);
- when(authentication.getName()).thenReturn(AUTHENTICATION_NAME);
- when(ldapAuthProvider.authenticate(authentication)).thenThrow(
- new BadCredentialsException(BAD_CREDENTIALS_ERROR_MESSAGE));
- try {
- mainAuthenticationProvider.authenticate(authentication);
- fail();
- } catch (BadCredentialsException e) {
- assertEquals(BAD_CREDENTIALS_ERROR_MESSAGE, e.getMessage());
- }
- verify(auditService).addMessage(new LoginFailMessageData(anyString(), "AD1",
- "User has invalid registration data"));
- }
- @Test
- public void testDbAuthenticationFailed() {
- MainAuthenticationProvider mainAuthenticationProvider = dbAuthProvider;
- Authentication authentication = mock(Authentication.class);
- when(authentication.getCredentials()).thenReturn(AUTHENTICATION_CREDENTIALS);
- when(authentication.getName()).thenReturn(AUTHENTICATION_NAME);
- AuthenticationException authenticationException = mock(AuthenticationException.class);
- when(authenticationException.getMessage()).thenReturn(AUTHENTICATION_FAILED_ERROR_MESSAGE);
- when(daoAuthenticationProvider.authenticate(authentication)).thenThrow(authenticationException);
- try {
- mainAuthenticationProvider.authenticate(authentication);
- fail();
- } catch (AuthenticationException e) {
- assertSame(authenticationException, e);
- }
- verify(auditService).addMessage(new LoginFailMessageData(anyString(), "DB", AUTHENTICATION_FAILED_ERROR_MESSAGE));
- }
- @Test
- public void testLdapBadCredentialsUrl2() {
- MainAuthenticationProvider mainAuthenticationProvider = adAuthProvider;
- SyslogNotificationPreparation syslogNotificationPreparation = mock(SyslogNotificationPreparation.class);
- when(syslogNotificationPreparation.setProperty("ADName", "AD1")).thenReturn(syslogNotificationPreparation);
- when(syslogNotificationsService.prepareNotification("0232")).thenReturn(syslogNotificationPreparation);
- Authentication authentication = mock(Authentication.class);
- when(authentication.getCredentials()).thenReturn(AUTHENTICATION_CREDENTIALS);
- when(authentication.getName()).thenReturn(AUTHENTICATION_NAME);
- when(ldapAuthProvider.authenticate(authentication)).thenThrow(
- new ServiceUnavailableException(new javax.naming.ServiceUnavailableException()));
- when(ldapAuthProviderReserve.authenticate(authentication)).thenThrow(
- new BadCredentialsException(BAD_CREDENTIALS_ERROR_MESSAGE));
- try {
- mainAuthenticationProvider.authenticate(authentication);
- fail();
- } catch (BadCredentialsException e) {
- assertEquals(BAD_CREDENTIALS_ERROR_MESSAGE, e.getMessage());
- }
- verify(auditService, times(2)).addMessage((MessageData) any());
- }
- private MainAuthenticationProvider getMainAuthenticationProvider(String loginThrough, String domain,
- String url1, String url2) {
- ApplicationSettingsService applicationSettingsService = mock(ApplicationSettingsService.class);
- when(applicationSettingsService.getValue(ApplicationSettingsService.LOGIN_THROUGH_KEY, false))
- .thenReturn(loginThrough);
- when(applicationSettingsService.getValue(ApplicationSettingsService.DOMAIN_AD_KEY, false)).thenReturn(domain);
- when(applicationSettingsService.getValue(ApplicationSettingsService.URL_AD_KEY, false)).thenReturn(url1);
- when(applicationSettingsService.getValue(ApplicationSettingsService.URL_AD_KEY2, false)).thenReturn(url2);
- return new MainAuthenticationProvider(applicationSettingsService);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement