View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.shiro.web.servlet;
20  
21  import junit.framework.TestCase;
22  import org.easymock.IArgumentMatcher;
23  import org.junit.Before;
24  import org.junit.Test;
25  
26  import javax.servlet.http.HttpServletRequest;
27  import javax.servlet.http.HttpServletResponse;
28  
29  import static org.easymock.EasyMock.*;
30  
31  /**
32   * TODO - Class JavaDoc
33   *
34   * @since Apr 22, 2010 9:40:47 PM
35   */
36  public class SimpleCookieTest extends TestCase {
37  
38      private SimpleCookie cookie;
39  
40      private HttpServletRequest mockRequest;
41      private HttpServletResponse mockResponse;
42  
43      @Before
44      public void setUp() throws Exception {
45          this.mockRequest = createMock(HttpServletRequest.class);
46          this.mockResponse = createMock(HttpServletResponse.class);
47          this.cookie = new SimpleCookie("test");
48      }
49  
50      @Test
51      //Verifies fix for JSEC-94
52      public void testRemoveValue() throws Exception {
53  
54          //verify that the cookie header starts with what we want
55          //we can't verify the exact date format string that is appended, so we resort to just
56          //simple 'startsWith' matching, which is good enough:
57          String name = "test";
58          String value = "deleteMe";
59          String path = "/somepath";
60  
61          String headerValue = this.cookie.buildHeaderValue(name, value, null, null, path,
62                  0, SimpleCookie.DEFAULT_VERSION, false, false);
63  
64          String expectedStart = new StringBuilder()
65                  .append(name).append(SimpleCookie.NAME_VALUE_DELIMITER).append(value)
66                  .append(SimpleCookie.ATTRIBUTE_DELIMITER)
67                  .append(SimpleCookie.PATH_ATTRIBUTE_NAME).append(SimpleCookie.NAME_VALUE_DELIMITER).append(path)
68                  .toString();
69  
70          assertTrue(headerValue.startsWith(expectedStart));
71  
72          expect(mockRequest.getContextPath()).andReturn(path).times(1);
73          mockResponse.addHeader(eq(SimpleCookie.COOKIE_HEADER_NAME), isA(String.class)); //can't calculate the date format in the test
74          replay(mockRequest);
75          replay(mockResponse);
76  
77          this.cookie.removeFrom(mockRequest, mockResponse);
78  
79          verify(mockRequest);
80          verify(mockResponse);
81      }
82  
83      private void testRootContextPath(String contextPath) {
84          this.cookie.setValue("blah");
85  
86          String expectedCookieValue = new StringBuilder()
87                  .append("test").append(SimpleCookie.NAME_VALUE_DELIMITER).append("blah")
88                  .append(SimpleCookie.ATTRIBUTE_DELIMITER)
89                  .append(SimpleCookie.PATH_ATTRIBUTE_NAME).append(SimpleCookie.NAME_VALUE_DELIMITER).append(Cookie.ROOT_PATH)
90                  .append(SimpleCookie.ATTRIBUTE_DELIMITER)
91                  .append(SimpleCookie.HTTP_ONLY_ATTRIBUTE_NAME)
92                  .toString();
93  
94          expect(mockRequest.getContextPath()).andReturn(contextPath);
95          mockResponse.addHeader(SimpleCookie.COOKIE_HEADER_NAME, expectedCookieValue);
96  
97          replay(mockRequest);
98          replay(mockResponse);
99  
100         this.cookie.saveTo(mockRequest, mockResponse);
101 
102         verify(mockRequest);
103         verify(mockResponse);
104     }
105 
106     @Test
107     /** Verifies fix for <a href="http://issues.apache.org/jira/browse/JSEC-34">JSEC-34</a> (1 of 2)*/
108     public void testEmptyContextPath() throws Exception {
109         testRootContextPath("");
110     }
111 
112 
113     @Test
114     /** Verifies fix for <a href="http://issues.apache.org/jira/browse/JSEC-34">JSEC-34</a> (2 of 2)*/
115     public void testNullContextPath() throws Exception {
116         testRootContextPath(null);
117     }
118 
119     @Test
120     public void testReadValueInvalidPath() throws Exception {
121         expect(mockRequest.getRequestURI()).andStubReturn("/foo/index.jsp");
122         expect(mockRequest.getCookies()).andStubReturn(new javax.servlet.http.Cookie[] { new javax.servlet.http.Cookie(this.cookie.getName(), "value") });
123         replay(mockRequest);
124         replay(mockResponse);
125 
126         this.cookie.setPath("/bar/index.jsp");
127         assertEquals(null, this.cookie.readValue(mockRequest, mockResponse));
128     }
129 
130     @Test
131     public void testReadValuePrefixPath() throws Exception {
132         expect(mockRequest.getRequestURI()).andStubReturn("/bar/index.jsp");
133         expect(mockRequest.getCookies()).andStubReturn(new javax.servlet.http.Cookie[] { new javax.servlet.http.Cookie(this.cookie.getName(), "value") });
134         replay(mockRequest);
135         replay(mockResponse);
136 
137         this.cookie.setPath("/bar");
138         assertEquals("value", this.cookie.readValue(mockRequest, mockResponse));
139     }
140 
141     @Test
142     public void testReadValueInvalidPrefixPath() throws Exception {
143         expect(mockRequest.getRequestURI()).andStubReturn("/foobar/index.jsp");
144         expect(mockRequest.getCookies()).andStubReturn(new javax.servlet.http.Cookie[] { new javax.servlet.http.Cookie(this.cookie.getName(), "value") });
145         replay(mockRequest);
146         replay(mockResponse);
147 
148         this.cookie.setPath("/foo");
149         assertEquals(null, this.cookie.readValue(mockRequest, mockResponse));
150     }
151 
152     private static <T extends javax.servlet.http.Cookie> T eqCookie(final T in) {
153         reportMatcher(new IArgumentMatcher() {
154             public boolean matches(Object o) {
155                 javax.servlet.http.Cookie c = (javax.servlet.http.Cookie) o;
156                 return c.getName().equals(in.getName()) &&
157                         c.getValue().equals(in.getValue()) &&
158                         c.getPath().equals(in.getPath()) &&
159                         c.getMaxAge() == in.getMaxAge() &&
160                         c.getSecure() == in.getSecure() &&
161                         c.getValue().equals(in.getValue());
162             }
163 
164             public void appendTo(StringBuffer sb) {
165                 sb.append("eqCookie(");
166                 sb.append(in.getClass().getName());
167                 sb.append(")");
168 
169             }
170         });
171         return null;
172     }
173 
174 }