Examples of org.springframework.security.authentication.TestingAuthenticationToken

• org.springframework.security.authentication.TestingAuthenticationToken
  An {@link org.springframework.security.core.Authentication} implementation that is designed for use whilst unit testing.

  The corresponding authentication provider is {@link TestingAuthenticationProvider}. @author Ben Alex

        assertEquals("rodUserDetails", authz.getPrincipal());
    }

    public void testOperationWhenPrincipalIsNull() {
        Authentication auth = new TestingAuthenticationToken(null, "koala", AuthorityUtils.NO_AUTHORITIES );
        SecurityContextHolder.getContext().setAuthentication(auth);

        assertNull(authz.getPrincipal());
    }

    @Test
    public void loadedContextContextIsCopiedToSecurityContextHolderAndUpdatedContextIsStored() throws Exception {
        final MockHttpServletRequest request = new MockHttpServletRequest();
        final MockHttpServletResponse response = new MockHttpServletResponse();
        SecurityContextPersistenceFilter filter = new SecurityContextPersistenceFilter();
        final TestingAuthenticationToken beforeAuth = new TestingAuthenticationToken("someoneelse", "passwd", "ROLE_B");
        final SecurityContext scBefore = new SecurityContextImpl();
        final SecurityContext scExpectedAfter = new SecurityContextImpl();
        scExpectedAfter.setAuthentication(testToken);
        scBefore.setAuthentication(beforeAuth);
        final SecurityContextRepository repo = mock(SecurityContextRepository.class);

    //~ Methods ========================================================================================================

    protected void setUp() throws Exception {
        SecurityContextHolder.getContext().setAuthentication(
                new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED"));
    }

        TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.addParameter(DEFAULT_PARAMETER, "false");

        MockHttpServletResponse response = new MockHttpServletResponse();
        services.loginSuccess(request, response, new TestingAuthenticationToken("someone", "password","ROLE_ABC"));

        Cookie cookie = response.getCookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
        assertNull(cookie);
    }

        services.setTokenValiditySeconds(500000000);
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");

        MockHttpServletResponse response = new MockHttpServletResponse();
        services.loginSuccess(request, response, new TestingAuthenticationToken("someone", "password","ROLE_ABC"));

        Cookie cookie = response.getCookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
        String expiryTime = services.decodeCookie(cookie.getValue())[1];
        long expectedExpiryTime = 1000L * 500000000;
        expectedExpiryTime += System.currentTimeMillis();

    public void loginSuccessNormalWithUserDetailsBasedPrincipalSetsExpectedCookie() {
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");

        MockHttpServletResponse response = new MockHttpServletResponse();
        services.loginSuccess(request, response, new TestingAuthenticationToken("someone", "password","ROLE_ABC"));

        Cookie cookie = response.getCookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
        assertNotNull(cookie);
        assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge());
        assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));

    }

    // SEC-933
    @Test
    public void obtainPasswordReturnsNullForTokenWithNullCredentials() throws Exception {
        TestingAuthenticationToken token = new TestingAuthenticationToken("username", null);
        assertNull(services.retrievePassword(token));
    }

        MockHttpServletRequest request = new MockHttpServletRequest();
        request.addParameter(DEFAULT_PARAMETER, "true");

        MockHttpServletResponse response = new MockHttpServletResponse();
        services.setTokenValiditySeconds(-1);
        services.loginSuccess(request, response, new TestingAuthenticationToken("someone", "password","ROLE_ABC"));

        Cookie cookie = response.getCookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
        assertNotNull(cookie);
        // Check the expiry time is within 50ms of two weeks from current time
        assertTrue(determineExpiryTimeFromBased64EncodedToken(cookie.getValue()) - System.currentTimeMillis() >

    }

    @Test
    public void testOperationWhenAuthenticationExistsInContextHolder() throws Exception {
        // Put an Authentication object into the SecurityContextHolder
        Authentication originalAuth = new TestingAuthenticationToken("user", "password","ROLE_A");
        SecurityContextHolder.getContext().setAuthentication(originalAuth);

        // Setup our filter correctly
        RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter();
        filter.setAuthenticationManager(mock(AuthenticationManager.class));

        verify(fc).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
    }

    @Test
    public void onUnsuccessfulLoginIsCalledWhenProviderRejectsAuth() throws Exception {
        final Authentication failedAuth = new TestingAuthenticationToken("failed", "");

        RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter() {
            protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) {
                super.onUnsuccessfulAuthentication(request, response, failed);
                SecurityContextHolder.getContext().setAuthentication(failedAuth);