1 package com.atlassian.sal.core.xsrf;
2
3 import com.atlassian.sal.api.xsrf.XsrfHeaderValidator;
4 import com.atlassian.sal.api.xsrf.XsrfRequestValidator;
5 import com.atlassian.sal.api.xsrf.XsrfTokenValidator;
6 import org.junit.Before;
7 import org.junit.Test;
8 import org.junit.runner.RunWith;
9 import org.mockito.Mock;
10 import org.mockito.runners.MockitoJUnitRunner;
11
12 import javax.servlet.http.HttpServletRequest;
13
14 import static org.junit.Assert.assertFalse;
15 import static org.junit.Assert.assertTrue;
16 import static org.mockito.Mockito.when;
17
18 @RunWith(MockitoJUnitRunner.class)
19 public class TestXsrfRequestValidator
20 {
21 private static final String TOKEN_VALUE = "no-check";
22 private XsrfRequestValidator validator;
23
24 @Mock
25 private HttpServletRequest mockRequest;
26 @Mock
27 private XsrfTokenValidator mockValidator;
28
29 @Before
30 public void setUp()
31 {
32 validator = new XsrfRequestValidatorImpl(mockValidator);
33 }
34
35 @Test
36 public void testNoTokenAndNoHeader()
37 {
38 when(mockValidator.validateFormEncodedToken(mockRequest))
39 .thenReturn(false);
40 assertFalse(validator.validateRequestPassesXsrfChecks(mockRequest));
41 }
42
43 @Test
44 public void testValidTokenAndNoHeader()
45 {
46 when(mockValidator.validateFormEncodedToken(mockRequest))
47 .thenReturn(true);
48 assertTrue(validator.validateRequestPassesXsrfChecks(mockRequest));
49 }
50
51 @Test
52 public void testInvalidTokenValidHeader()
53 {
54 when(mockValidator.validateFormEncodedToken(mockRequest))
55 .thenReturn(false);
56 when(mockRequest.getHeader(XsrfHeaderValidator.TOKEN_HEADER))
57 .thenReturn(TOKEN_VALUE);
58 assertTrue(validator.validateRequestPassesXsrfChecks(mockRequest));
59 }
60
61 @Test
62 public void testValidTokenInvalidHeader()
63 {
64 when(mockValidator.validateFormEncodedToken(mockRequest))
65 .thenReturn(true);
66 when(mockRequest.getHeader(XsrfHeaderValidator.TOKEN_HEADER))
67 .thenReturn("INVALID_HEADER_VALUE");
68 assertTrue(validator.validateRequestPassesXsrfChecks(mockRequest));
69 }
70 }