View Javadoc

1   package com.atlassian.sal.core.xsrf;
2   
3   import com.atlassian.sal.api.xsrf.XsrfTokenAccessor;
4   import junit.framework.TestCase;
5   import org.junit.After;
6   import org.junit.Before;
7   import org.junit.Test;
8   import org.mockito.Mock;
9   
10  import javax.servlet.http.HttpServletRequest;
11  
12  import static org.mockito.Mockito.mock;
13  import static org.mockito.Mockito.when;
14  
15  public class TestIndependentXsrfTokenValidator extends TestCase
16  {
17      private IndependentXsrfTokenValidator validator;
18  
19      @Mock
20      private HttpServletRequest mockRequest;
21      @Mock
22      private XsrfTokenAccessor mockAccessor;
23  
24      @Before
25      public void setUp()
26      {
27          mockAccessor = mock(XsrfTokenAccessor.class);
28          mockRequest = mock(HttpServletRequest.class);
29          validator = new IndependentXsrfTokenValidator(mockAccessor);
30      }
31  
32      @After
33      public void tearDown()
34      {
35          validator = null;
36          mockRequest = null;
37          mockAccessor = null;
38      }
39  
40      @Test
41      public void testValidToken()
42      {
43          when(mockAccessor.getXsrfToken(mockRequest, null, false)).thenReturn("cookievalue");
44          when(mockRequest.getParameter(validator.getXsrfParameterName())).thenReturn("cookievalue");
45  
46          assertTrue(validator.validateFormEncodedToken(mockRequest));
47      }
48  
49      @Test
50      public void testInvalidToken()
51      {
52          when(mockAccessor.getXsrfToken(mockRequest, null, false)).thenReturn("cookievalue");
53          when(mockRequest.getParameter(validator.getXsrfParameterName())).thenReturn("somethingelse");
54  
55          assertFalse(validator.validateFormEncodedToken(mockRequest));
56      }
57  
58      @Test
59      public void testNoXsrfParameter()
60      {
61          when(mockAccessor.getXsrfToken(mockRequest, null, false)).thenReturn("cookievalue");
62  
63          assertFalse(validator.validateFormEncodedToken(mockRequest));
64      }
65  
66      @Test
67      public void testNoXsrfCookie()
68      {
69          when(mockRequest.getParameter(validator.getXsrfParameterName())).thenReturn("cookievalue");
70  
71          assertFalse(validator.validateFormEncodedToken(mockRequest));
72      }
73  
74      @Test
75      public void testNoXsrfAtAll()
76      {
77          assertFalse(validator.validateFormEncodedToken(mockRequest));
78      }
79  }