com.atlassian.crowd.acceptance.tests.applications.crowdid.server

Class OpenIDServerTest

java.lang.Object

com.atlassian.crowd.acceptance.tests.applications.crowd.CrowdWebDriverTest

com.atlassian.crowd.acceptance.utils.CrowdWebTestCase

com.atlassian.crowd.acceptance.tests.ApplicationAcceptanceTestCase

com.atlassian.crowd.acceptance.tests.applications.crowdid.server.CrowdIDServerAcceptanceTestCase

com.atlassian.crowd.acceptance.tests.applications.crowdid.server.OpenIDServerTest

public class OpenIDServerTest
extends CrowdIDServerAcceptanceTestCase

Nested Class Summary

Nested classes/interfaces inherited from class com.atlassian.crowd.acceptance.utils.CrowdWebTestCase

CrowdWebTestCase.GenericPage, CrowdWebTestCase.TestContext

Field Summary

Fields

Modifier and Type	Field and Description
protected static String	CLIENT_NAME
protected static String	OPENID_CLIENT_LOGIN
protected static String	OPENID_SERVER_URL
protected static String	OPENIDSERVER_LOGIN_URL_ADMIN

Fields inherited from class com.atlassian.crowd.acceptance.tests.ApplicationAcceptanceTestCase

ADMIN_PW, baseUrl, CROWD_ADMIN_EMAIL_ADDRESS, CROWD_ADMIN_FULLNAME, CROWD_ADMIN_USER, CROWD_ADMINISTRATORS_GROUP, crowdBaseUrl, crowdConsole, crowdResourceBundle, specProperties

Fields inherited from class com.atlassian.crowd.acceptance.tests.applications.crowd.CrowdWebDriverTest

BACKUP_RESOURCE, BATCHED_TEST_RULE, COOKIE_ABSENT, i18n, IMMUTABLE_USER_NAME, IMMUTABLE_USER_PW, JSESSIONID_COOKIE, log, REMEMBER_ME_COOKIE, restAdminClient, SSO_COOKIE, TEST_USER_DISPLAYNAME, TEST_USER_NAME, TEST_USER_PW, testedProduct, testkitClient, webDriverRules

Constructor Summary

Constructors

Constructor and Description
OpenIDServerTest()

Method Summary

Modifier and Type	Method and Description
void	aboutPageAccessible()
void	adminTrustRelationships()
void	approvedSites()
void	editProfilesCanSetNewDefaultProfileForUser()
void	editProfilesPageCorrectlyEscapesProfileNameToProtectAgainstPersistedXSS()
void	editProfilesPageIsNotVulnerableToReflectedXSS() Regression test for CWD-3428
void	editProfilesSetDefaultProfileForUserIsCsrfProtected()
void	editProfilesXsrfProtectionRejectsActionWithNoXsrfToken()
void	footerShowsVersion()
void	headerUserInfoContainsFullName()
void	includeFilesAreNotDirectlyAccessible()
void	internalOpenIDProfilePageShowsURLInEncodedFormat()
void	loginHistory()
void	loginPageHasCsrfProtection()
void	pathTraversalShouldBePrevented()
void	pathTraversalShouldBePreventedOnUsersEndpoint()
void	profile()
void	rejectedAuthenticationRepeatsCorrectlyEncodedUsername()
void	setUp()
void	unableToEditProfileForAnotherUser()
void	unableToViewProfileForAnotherUser()
void	viewPublicProfilePageWithEncodedCharactersShowsOpenIdUrlInEncodedFormat()

Methods inherited from class com.atlassian.crowd.acceptance.tests.applications.crowdid.server.CrowdIDServerAcceptanceTestCase

getApplicationName, getLocalTestPropertiesFileName, getResourceBundleName

Methods inherited from class com.atlassian.crowd.acceptance.tests.ApplicationAcceptanceTestCase

getBaseUrl, getCrowdHome, getCurrentlyLoggedInCrowdUserFullName, getTestProperty, loginToCrowd, loginToCrowd, logoutFromCrowd, restoreBaseSetup, restoreCrowdFromXML, tearDown, useApp, useCrowd, verifyGroupDoesNotExistInCrowd, verifyGroupDoesNotExistInCrowdWithCaseSensitiveName, verifyGroupExistsInCrowd, verifyUserDoesNotExistInCrowd, verifyUserExistsInCrowd

Methods inherited from class com.atlassian.crowd.acceptance.utils.CrowdWebTestCase

addRequestHeader, assertButtonNotPresent, assertCheckboxNotPresent, assertCheckboxNotSelected, assertCheckboxPresent, assertCheckboxSelected, assertElementIsDisabled, assertElementIsEnabled, assertElementNotPresent, assertElementNotPresentByXPath, assertElementPresent, assertElementPresentByXPath, assertErrorNotPresent, assertErrorPresent, assertErrorPresentWithKey, assertFieldErrorPresentWithKey, assertInfoPresent, assertKeyInElement, assertKeyNotPresent, assertKeyPresent, assertKeyPresent, assertKeyPresent, assertLinkNotPresent, assertLinkPresent, assertLinkPresentWithKey, assertMatchInTable, assertRadioOptionNotPresent, assertSelectedOptionEquals, assertSelectedOptionValueEquals, assertSelectOptionsEqual, assertSuccessPresent, assertTableNotPresent, assertTablePresent, assertTableRowCountEquals, assertTextFieldEquals, assertTextInElement, assertTextInTable, assertTextInTable, assertTextNotInTable, assertTextNotInTable, assertTextNotPresent, assertTextPresent, assertTitleEquals, assertTitleMatch, assertTitleNotEquals, assertWarningAndErrorNotPresent, assertWarningNotPresent, beginAt, checkCheckbox, checkCheckbox, clearCookies, clickButton, clickButtonWithText, clickElementByXPath, clickLink, clickLinkInNavbar, clickLinkWithExactText, clickLinkWithKey, clickLinkWithText, clickRadioOption, closeBrowser, disableIpAddressValidation, equalToIgnoringWhiteSpace, findElementWithText, getBaseUrlIPv6, getElementById, getElementByXPath, getElementsByXPath, getElementTextById, getElementTextByXPath, getElementValueByID, getFinder, getMessage, getMessage, getName, getPageSource, getPageText, getPoller, getRestAssuredCookies, getTable, getTestContext, getText, getTextForList, gotoPage, isElementWithIdPresent, isTextPresent, log, scrapeTable, scrapeTable, scrapeTable, selectOption, selectOption, selectOptionBy, selectOptionByValue, seleniumCookieToRestAssuredCookie, setRadioButton, setResourceBundleName, setTextField, setWorkingForm, setWorkingForm, submit, submit, uncheckCheckbox, waitForElementById, waitUntilPageLoad

Methods inherited from class com.atlassian.crowd.acceptance.tests.applications.crowd.CrowdWebDriverTest

assertAtRelativePath, assertAtURIContaining, assertAtURIEndingWith, assertAtUrl, assertHasError, assertHasErrorKey, bind, bind, clearAndInvalidateSsoCookieIfPresent, clearAndInvalidateSsoCookieOrFail, deleteAllCookies, deleteCookie, expectState, getBaseUrlWithoutPort, getCookie, getCookieOrThrow, getCurrentUrl, getDriver, getSsoCookieOrFail, getTestkitClient, hasCookie, hasSsoCookie, intendToModifyLdapData, loginAsExpiredPasswordUser, loginAsNonAdmin, loginAsNonAdmin, loginAsSysAdmin, loginAsSysAdmin, loginAsSysAdminWithRememberMe, loginAsUser, loginExpectingFailure, loginImmutableUser, loginImmutableUser, loginTestUser, loginTestUser, logout, manage, navigateToAndBind, navigateToUrl, restoreCrowdFromXML, waitForUrl, waitUntilAsyncFinished

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

OPENIDSERVER_LOGIN_URL_ADMIN

protected static String OPENIDSERVER_LOGIN_URL_ADMIN

OPENID_CLIENT_LOGIN

protected static String OPENID_CLIENT_LOGIN

OPENID_SERVER_URL

protected static String OPENID_SERVER_URL

CLIENT_NAME

protected static final String CLIENT_NAME

See Also:

Constant Field Values

Constructor Detail

OpenIDServerTest

public OpenIDServerTest()

Method Detail

setUp

public void setUp()
           throws Exception

Overrides:

setUp in class ApplicationAcceptanceTestCase

Throws:

Exception

headerUserInfoContainsFullName

public void headerUserInfoContainsFullName()

profile

public void profile()

approvedSites

public void approvedSites()

loginHistory

public void loginHistory()

adminTrustRelationships

public void adminTrustRelationships()

internalOpenIDProfilePageShowsURLInEncodedFormat

public void internalOpenIDProfilePageShowsURLInEncodedFormat()

viewPublicProfilePageWithEncodedCharactersShowsOpenIdUrlInEncodedFormat

public void viewPublicProfilePageWithEncodedCharactersShowsOpenIdUrlInEncodedFormat()

editProfilesXsrfProtectionRejectsActionWithNoXsrfToken

public void editProfilesXsrfProtectionRejectsActionWithNoXsrfToken()

editProfilesSetDefaultProfileForUserIsCsrfProtected

public void editProfilesSetDefaultProfileForUserIsCsrfProtected()

editProfilesCanSetNewDefaultProfileForUser

public void editProfilesCanSetNewDefaultProfileForUser()

rejectedAuthenticationRepeatsCorrectlyEncodedUsername

public void rejectedAuthenticationRepeatsCorrectlyEncodedUsername()

footerShowsVersion

public void footerShowsVersion()

editProfilesPageCorrectlyEscapesProfileNameToProtectAgainstPersistedXSS

public void editProfilesPageCorrectlyEscapesProfileNameToProtectAgainstPersistedXSS()

editProfilesPageIsNotVulnerableToReflectedXSS

public void editProfilesPageIsNotVulnerableToReflectedXSS()

Regression test for CWD-3428

includeFilesAreNotDirectlyAccessible

public void includeFilesAreNotDirectlyAccessible()

unableToViewProfileForAnotherUser

public void unableToViewProfileForAnotherUser()

unableToEditProfileForAnotherUser

public void unableToEditProfileForAnotherUser()

loginPageHasCsrfProtection

public void loginPageHasCsrfProtection()
                                throws Exception

Throws:

Exception

pathTraversalShouldBePrevented

public void pathTraversalShouldBePrevented()

pathTraversalShouldBePreventedOnUsersEndpoint

public void pathTraversalShouldBePreventedOnUsersEndpoint()

aboutPageAccessible

public void aboutPageAccessible()