TokenResourceTest (Atlassian Crowd 4.3.0 API)

java.lang.Object
- junit.framework.Assert
- - junit.framework.TestCase
  - - com.atlassian.crowd.acceptance.tests.rest.service.RestCrowdServiceAcceptanceTestCase
    - - com.atlassian.crowd.acceptance.tests.rest.service.TokenResourceTest

All Implemented Interfaces:: junit.framework.Test

public class TokenResourceTest
extends RestCrowdServiceAcceptanceTestCase

Field Summary
- Fields inherited from class com.atlassian.crowd.acceptance.tests.rest.service.RestCrowdServiceAcceptanceTestCase
  ADMIN_PASSWORD, ADMIN_USERNAME, APPLICATION_NAME, APPLICATION_PASSWORD, ATTRIBUTES_RESOURCE, AUTHENTICATION_RESOURCE, EEEEP_PASSWORD, EEEEP_USERNAME, EVENTS_RESOURCE, GROUP_BADGERS, GROUP_BADGERS_DESCRIPTION, GROUP_CROWD_ADMINS, GROUP_CROWD_TESTERS, GROUP_CROWD_USERS, GROUPS_RESOURCE, MT, NON_ADMIN_USER_NAME, NON_ADMIN_USER_PASSWORD, NON_CROWD_USER_PASSWORD, NON_CROWD_USER_USERNAME, NON_EXISTENT_GROUP, NON_EXISTENT_USER, PENNY_USERNAME, REST_SERVICE_NAME, restServer, SECOND_ADMIN_PASSWORD, SECOND_ADMIN_USERNAME, SESSION_RESOURCE, USERNAME_PARAM, USERS_RESOURCE, WEBHOOKS_RESOURCE

Constructor Summary

Constructors
Constructor and Description
`TokenResourceTest(String name)` Constructs a test case with the given name.
`TokenResourceTest(String name, RestServer restServer)` Constructs a test case with the given name, using the given RestServer.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`setAliasForUsername(String alias)`
`void`	`setUp()`
`void`	`testAliasChangesAreReflectedInSessionUsername()`
`void`	`testAliasedApplicationAlsoAcceptsUnaliasedUsername()` Log in to an aliased application using the original username.
`void`	`testAllSessionsForUserAreInvalidatedByDeleteWithUsernameSpecified()`
`void`	`testCreatedTokenUsesDirectoryCaseForUsername()`
`void`	`testGetUserFromToken()` Tests that getUserFromToken returns the correct user.
`void`	`testGetUserFromTokenEnforcesApplicationAuthenticationChecks()` Tests that a token from a login against one application cannot be used with another application where that user has no permission.
`void`	`testInvalidateAllTokens()` Tests that all tokens get invalidated when called
`void`	`testInvalidateToken()` Tests that the token really is invalidated.
`void`	`testMultipleShortLivedSessionsShouldNotDeadlock()` See CWD-3768.
`void`	`testMultipleTokensWithDifferentPrivilegesDoNotInterfereWithEachOther()` Tests the scenario in which different tokens are issued for the same user with different privileges.
`void`	`testSessionCannotBeCreatedWithAliasThroughUnaliasedApplication()`
`void`	`testSessionCreatedThroughAliasedApplicationShowsOriginalNameWhenRetrievedWithNonAliasingApplication()`
`void`	`testSessionCreatedThroughAliasWithDifferentCaseReturnsCorrectCase()`
`void`	`testSessionCreatedWithDifferentCaseReturnsCorrectCaseForUsername()`
`void`	`testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenRetrievedWithAliasingApplication()`
`void`	`testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenValidatedWithAliasingApplication()` The other alias tests GET the session.
`void`	`testSessionForAliasedApplicationIncludesUnaliasedUsernameAsAnExtraField()`
`void`	`testShortLivedTokenExpiresImmediately()`
`void`	`testSpecifiedUserSessionIsExcludedFromDeletionByUsername()`
`void`	`testStatusNotFoundWhenDeletingTokensForNonexistentUser()`
`void`	`testTokenIsDeletedWhenUserChangesPassword()` Tests that the token is invalidated when the user changes their own password
`void`	`testTokenIsDeletedWhenUserIsMadeInactive()` Test that the token is invalidated if the user is deactivated
`void`	`testTokenIsDeletedWhenUserIsRemoved()` Tests that the token is invalidated if the user is deleted
`void`	`testUserAuthentication_BadPassword()` Tests that if a bad user credential is given, an error response is returned.
`void`	`testUserAuthentication_InactiveUser()` Tests that an inactive user cannot create a session.
`void`	`testUserAuthentication_WithoutPasswordValidation()` Tests that a user can successfully authenticate with an application without password validation when the query parameter "validate-password" is false.
`void`	`testUserAuthentication()` Tests that a user can successfully authenticate with an application.
`void`	`testValidateToken_InvalidToken()` Tests that when the token is invalid, a 404 (Not Found) status is returned.
`void`	`testValidateToken_InvalidValidationFactors()` Tests that when the validation factors are not correct, a 400 (Bad request) response is returned.
`void`	`testValidateToken()` Tests that when the validation factors are correct, and the token is correct, no errors are thrown.

Methods inherited from class com.atlassian.crowd.acceptance.tests.rest.service.RestCrowdServiceAcceptanceTestCase
authenticateUser, authenticateUser, deactivateUser, getBaseUriBuilder, getBaseUriBuilder, getBaseUriBuilder, getRootWebResource, getServerUriBuilder, getWebResource, getWebResource, requestEvents, requestEventToken, setRestServer, tearDown

Methods inherited from class junit.framework.TestCase
assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertTrue, assertTrue, countTestCases, createResult, fail, fail, failNotEquals, failNotSame, failSame, format, getName, run, run, runBare, runTest, setName, toString

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - TokenResourceTest
```
public TokenResourceTest(String name)
```
    Constructs a test case with the given name.
    
    Parameters:
    
    name - the test name
  - TokenResourceTest
```
public TokenResourceTest(String name,
                         RestServer restServer)
```
    Constructs a test case with the given name, using the given RestServer.
    
    Parameters:
    
    name - the test name
    
    restServer - the RestServer
- Method Detail
  - setUp
```
public void setUp()
           throws Exception
```
    Overrides:
    
    setUp in class RestCrowdServiceAcceptanceTestCase
    
    Throws:
    
    Exception
  - testUserAuthentication
```
public void testUserAuthentication()
```
    Tests that a user can successfully authenticate with an application.
  - testUserAuthentication_WithoutPasswordValidation
```
public void testUserAuthentication_WithoutPasswordValidation()
```
    Tests that a user can successfully authenticate with an application without password validation when the query parameter "validate-password" is false.
  - testUserAuthentication_InactiveUser
```
public void testUserAuthentication_InactiveUser()
```
    Tests that an inactive user cannot create a session.
  - testUserAuthentication_BadPassword
```
public void testUserAuthentication_BadPassword()
```
    Tests that if a bad user credential is given, an error response is returned.
  - testGetUserFromToken
```
public void testGetUserFromToken()
```
    Tests that getUserFromToken returns the correct user.
  - testValidateToken
```
public void testValidateToken()
```
    Tests that when the validation factors are correct, and the token is correct, no errors are thrown.
  - testShortLivedTokenExpiresImmediately
```
public void testShortLivedTokenExpiresImmediately()
```
  - testMultipleShortLivedSessionsShouldNotDeadlock
```
public void testMultipleShortLivedSessionsShouldNotDeadlock()
                                                     throws Exception
```
    See CWD-3768. Requesting a new token should not deadlock if there is an expired token in database.
    
    Throws:
    
    Exception
  - testMultipleTokensWithDifferentPrivilegesDoNotInterfereWithEachOther
```
public void testMultipleTokensWithDifferentPrivilegesDoNotInterfereWithEachOther()
```
    Tests the scenario in which different tokens are issued for the same user with different privileges.
  - testCreatedTokenUsesDirectoryCaseForUsername
```
public void testCreatedTokenUsesDirectoryCaseForUsername()
```
  - testValidateToken_InvalidToken
```
public void testValidateToken_InvalidToken()
```
    Tests that when the token is invalid, a 404 (Not Found) status is returned.
  - testValidateToken_InvalidValidationFactors
```
public void testValidateToken_InvalidValidationFactors()
```
    Tests that when the validation factors are not correct, a 400 (Bad request) response is returned.
  - testInvalidateToken
```
public void testInvalidateToken()
```
    Tests that the token really is invalidated.
  - testInvalidateAllTokens
```
public void testInvalidateAllTokens()
```
    Tests that all tokens get invalidated when called
  - testTokenIsDeletedWhenUserIsRemoved
```
public void testTokenIsDeletedWhenUserIsRemoved()
```
    Tests that the token is invalidated if the user is deleted
  - testTokenIsDeletedWhenUserChangesPassword
```
public void testTokenIsDeletedWhenUserChangesPassword()
```
    Tests that the token is invalidated when the user changes their own password
  - testTokenIsDeletedWhenUserIsMadeInactive
```
public void testTokenIsDeletedWhenUserIsMadeInactive()
```
    Test that the token is invalidated if the user is deactivated
  - testGetUserFromTokenEnforcesApplicationAuthenticationChecks
```
public void testGetUserFromTokenEnforcesApplicationAuthenticationChecks()
```
    Tests that a token from a login against one application cannot be used with another application where that user has no permission.
  - testAllSessionsForUserAreInvalidatedByDeleteWithUsernameSpecified
```
public void testAllSessionsForUserAreInvalidatedByDeleteWithUsernameSpecified()
```
  - testSpecifiedUserSessionIsExcludedFromDeletionByUsername
```
public void testSpecifiedUserSessionIsExcludedFromDeletionByUsername()
```
  - testStatusNotFoundWhenDeletingTokensForNonexistentUser
```
public void testStatusNotFoundWhenDeletingTokensForNonexistentUser()
```
  - testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenRetrievedWithAliasingApplication
```
public void testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenRetrievedWithAliasingApplication()
```
  - testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenValidatedWithAliasingApplication
```
public void testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenValidatedWithAliasingApplication()
```
    The other alias tests GET the session. Ensure that aliases are also resolved for a POST validation.
  - testSessionCreatedThroughAliasedApplicationShowsOriginalNameWhenRetrievedWithNonAliasingApplication
```
public void testSessionCreatedThroughAliasedApplicationShowsOriginalNameWhenRetrievedWithNonAliasingApplication()
```
  - testSessionCreatedWithDifferentCaseReturnsCorrectCaseForUsername
```
public void testSessionCreatedWithDifferentCaseReturnsCorrectCaseForUsername()
```
  - testSessionCreatedThroughAliasWithDifferentCaseReturnsCorrectCase
```
public void testSessionCreatedThroughAliasWithDifferentCaseReturnsCorrectCase()
```
  - testSessionCannotBeCreatedWithAliasThroughUnaliasedApplication
```
public void testSessionCannotBeCreatedWithAliasThroughUnaliasedApplication()
```
  - testAliasedApplicationAlsoAcceptsUnaliasedUsername
```
public void testAliasedApplicationAlsoAcceptsUnaliasedUsername()
```
    Log in to an aliased application using the original username. This succeeds but, arguably, shouldn't: that user is aliased so the original username should be invisible.
  - setAliasForUsername
```
protected void setAliasForUsername(String alias)
```
  - testAliasChangesAreReflectedInSessionUsername
```
public void testAliasChangesAreReflectedInSessionUsername()
```
  - testSessionForAliasedApplicationIncludesUnaliasedUsernameAsAnExtraField
```
public void testSessionForAliasedApplicationIncludesUnaliasedUsernameAsAnExtraField()
```

Class TokenResourceTest

Field Summary

Fields inherited from class com.atlassian.crowd.acceptance.tests.rest.service.RestCrowdServiceAcceptanceTestCase

Constructor Summary

Method Summary

Methods inherited from class com.atlassian.crowd.acceptance.tests.rest.service.RestCrowdServiceAcceptanceTestCase

Methods inherited from class junit.framework.TestCase

Methods inherited from class java.lang.Object

Constructor Detail

TokenResourceTest

TokenResourceTest

Method Detail

setUp

testUserAuthentication

testUserAuthentication_WithoutPasswordValidation

testUserAuthentication_InactiveUser

testUserAuthentication_BadPassword

testGetUserFromToken

testValidateToken

testShortLivedTokenExpiresImmediately

testMultipleShortLivedSessionsShouldNotDeadlock

testMultipleTokensWithDifferentPrivilegesDoNotInterfereWithEachOther

testCreatedTokenUsesDirectoryCaseForUsername

testValidateToken_InvalidToken

testValidateToken_InvalidValidationFactors

testInvalidateToken

testInvalidateAllTokens

testTokenIsDeletedWhenUserIsRemoved

testTokenIsDeletedWhenUserChangesPassword

testTokenIsDeletedWhenUserIsMadeInactive

testGetUserFromTokenEnforcesApplicationAuthenticationChecks

testAllSessionsForUserAreInvalidatedByDeleteWithUsernameSpecified

testSpecifiedUserSessionIsExcludedFromDeletionByUsername

testStatusNotFoundWhenDeletingTokensForNonexistentUser

testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenRetrievedWithAliasingApplication

testSessionCreatedWithUnaliasedApplicationShowsAliasedNameWhenValidatedWithAliasingApplication

testSessionCreatedThroughAliasedApplicationShowsOriginalNameWhenRetrievedWithNonAliasingApplication

testSessionCreatedWithDifferentCaseReturnsCorrectCaseForUsername

testSessionCreatedThroughAliasWithDifferentCaseReturnsCorrectCase

testSessionCannotBeCreatedWithAliasThroughUnaliasedApplication

testAliasedApplicationAlsoAcceptsUnaliasedUsername

setAliasForUsername

testAliasChangesAreReflectedInSessionUsername

testSessionForAliasedApplicationIncludesUnaliasedUsernameAsAnExtraField