1 package com.atlassian.sal.core.xsrf;
2
3 import org.junit.Before;
4 import org.junit.Test;
5 import org.springframework.mock.web.MockHttpServletRequest;
6 import org.springframework.mock.web.MockHttpServletResponse;
7
8 import javax.servlet.http.Cookie;
9
10 import static com.atlassian.sal.core.xsrf.IndependentXsrfTokenAccessor.XSRF_COOKIE_KEY;
11 import static org.junit.Assert.*;
12
13
14
15
16 public class TestIndependentXsrfTokenAccessor
17 {
18 private IndependentXsrfTokenAccessor accessor;
19 private MockHttpServletRequest request;
20 private MockHttpServletResponse response;
21
22 @Before
23 public void setUp()
24 {
25 accessor = new IndependentXsrfTokenAccessor();
26 request = new MockHttpServletRequest();
27 response = new MockHttpServletResponse();
28 }
29
30 @Test
31 public void testGetExistingToken()
32 {
33 request.setCookies(new Cookie[] {new Cookie(XSRF_COOKIE_KEY, "cookievalue")});
34 assertEquals("cookievalue", accessor.getXsrfToken(request, response, true));
35 assertNull(response.getCookie(XSRF_COOKIE_KEY));
36 }
37
38 @Test
39 public void testGetExistingTokenNoCreate()
40 {
41 request.setCookies(new Cookie[] {new Cookie(XSRF_COOKIE_KEY, "cookievalue")});
42 assertEquals("cookievalue", accessor.getXsrfToken(request, response, false));
43 assertNull(response.getCookie(XSRF_COOKIE_KEY));
44 }
45
46 @Test
47 public void testCreateToken()
48 {
49 String token = accessor.getXsrfToken(request, response, true);
50 assertNotNull(token);
51 Cookie cookie = response.getCookie(XSRF_COOKIE_KEY);
52 assertNotNull(cookie);
53 assertEquals(token, cookie.getValue());
54 }
55
56 @Test
57 public void testGetTokenNoCreate()
58 {
59 assertNull(accessor.getXsrfToken(request, response, false));
60 assertNull(response.getCookie(XSRF_COOKIE_KEY));
61 }
62 }