Examples of org.springframework.security.authentication.TestingAuthenticationToken

• org.springframework.security.authentication.TestingAuthenticationToken
  An {@link org.springframework.security.core.Authentication} implementation that is designed for use whilst unit testing.

  The corresponding authentication provider is {@link TestingAuthenticationProvider}. @author Ben Alex

    @Test
    public void testDoFilterAuthenticateAll() throws Exception {
        AuthenticationSuccessHandler successHandler = mock(AuthenticationSuccessHandler.class);
        AuthenticationManager manager = mock(AuthenticationManager.class);
        Authentication authentication = new TestingAuthenticationToken("un", "pwd","ROLE_USER");
        when(manager.authenticate(any(Authentication.class))).thenReturn(authentication);
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setAuthenticateAllArtifacts(true);
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.setParameter("ticket", "ST-1-123");

        request.setCookies(cookie);
        MockHttpServletResponse response = new MockHttpServletResponse();
        MockTokenRepository repo =
            new MockTokenRepository(new PersistentRememberMeToken("joe", "series","token", new Date()));
        services.setTokenRepository(repo);
        services.logout(request, response, new TestingAuthenticationToken("joe","somepass","SOME_AUTH"));
        Cookie returnedCookie = response.getCookie("mycookiename");
        assertNotNull(returnedCookie);
        assertEquals(0, returnedCookie.getMaxAge());

        // SEC-1280

        request.setSession(session);
        HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, new MockHttpServletResponse());
        assertSame(ctx, repo.loadContext(holder));

        // Modify context contents. Same user, different role
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("someone", "passwd", "ROLE_B"));
        repo.saveContext(ctx, holder.getRequest(), holder.getResponse());

        // Must be called even though the value in the local VM is already the same
        verify(session).setAttribute(SPRING_SECURITY_CONTEXT_KEY, ctx);
    }

    //~ Methods ========================================================================================================

    @Before
    public void setUp() {
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", "ROLE_TELLER"));
    }

        authorities.add(new GrantedAuthority() {
                    public String getAuthority() {
                        return null;
                    }
                });
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", authorities));

        try {
            authorizeTag.doStartTag();
            fail("Failed to reject GrantedAuthority with NULL getAuthority()");
        } catch (IllegalArgumentException expected) {

        authorities.add(new GrantedAuthority() {
            public String getAuthority() {
                return "ROLE_TEST";
            }
        });
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", authorities));
        assertEquals("Expected to be authorized", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
    }

        authorizeTag.setIfAnyGranted(null);
        authorizeTag.setIfNotGranted(null);
        authorizeTag.setIfAllGranted("ROLE_TEST");
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        authorities.add(new GrantedAuthorityImpl("ROLE_TEST") {});
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", authorities));
        assertEquals("Expected to be authorized", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
    }

        authorizeTag.setIfAnyGranted(null);
        authorizeTag.setIfNotGranted(null);
        authorizeTag.setIfAllGranted("ROLE_TEST");
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        authorities.add(new GrantedAuthorityImpl("ROLE_TEST"));
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", authorities));
        assertEquals("Expected to be authorized", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
    }

        authorizeTag.setIfAnyGranted(null);
        authorizeTag.setIfNotGranted(null);
        authorizeTag.setIfAllGranted("ROLE_ADMIN");
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        authorities.add(new GrantedAuthorityImpl("ROLE_TEST"));
        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", authorities));
        assertEquals("Expected to not be authorized", Tag.SKIP_BODY, authorizeTag.doStartTag());
    }

    }

    @Test
    public void testOperationWhenPrincipalIsAString() throws JspException {
        SecurityContextHolder.getContext().setAuthentication(
                new TestingAuthenticationToken("rodAsString", "koala", AuthorityUtils.NO_AUTHORITIES ));

        authenticationTag.setProperty("principal");
        assertEquals(Tag.SKIP_BODY, authenticationTag.doStartTag());
        assertEquals(Tag.EVAL_PAGE, authenticationTag.doEndTag());
        assertEquals("rodAsString", authenticationTag.getLastMessage());