1 package com.atlassian.sal.api.xsrf;
2
3 import org.junit.Before;
4 import org.junit.Test;
5 import org.junit.runner.RunWith;
6 import org.mockito.Mock;
7 import org.mockito.junit.MockitoJUnitRunner;
8
9 import javax.servlet.http.HttpServletRequest;
10
11 import static org.junit.Assert.assertFalse;
12 import static org.junit.Assert.assertTrue;
13 import static org.mockito.Mockito.when;
14
15 @RunWith(MockitoJUnitRunner.class)
16 public class TestXsrfHeaderValidator {
17 private static final String TOKEN_VALUE = "no-check";
18 private XsrfHeaderValidator xsrfHeaderValidator;
19
20 private
21 @Mock
22 HttpServletRequest request;
23
24 @Before
25 public void setUp() {
26 xsrfHeaderValidator = new XsrfHeaderValidator();
27 }
28
29 @Test
30 public void testIsValidHeaderValueWithNull() {
31 assertFalse(xsrfHeaderValidator.isValidHeaderValue(null));
32 }
33
34 @Test
35 public void testIsValidHeaderValueWithIncorrectValue() {
36 assertFalse(xsrfHeaderValidator.isValidHeaderValue("a"));
37 }
38
39 @Test
40 public void testIsValidHeaderValueWithCorrectValue() {
41 assertTrue(xsrfHeaderValidator.isValidHeaderValue(TOKEN_VALUE));
42 }
43
44 @Test
45 public void testRequestHasValidXsrfHeaderWithValidValue() {
46 when(request.getHeader(XsrfHeaderValidator.TOKEN_HEADER)).thenReturn(TOKEN_VALUE);
47 assertTrue(xsrfHeaderValidator.requestHasValidXsrfHeader(request));
48 }
49
50 @Test
51 public void testRequestHasValidXsrfHeaderWithInvalidValue() {
52 when(request.getHeader(XsrfHeaderValidator.TOKEN_HEADER)).thenReturn("a");
53 assertFalse(xsrfHeaderValidator.requestHasValidXsrfHeader(request));
54 }
55
56 }