-
-
Notifications
You must be signed in to change notification settings - Fork 3.9k
/
RegisteredServiceAccessStrategyUtilsTests.java
57 lines (48 loc) · 2.3 KB
/
RegisteredServiceAccessStrategyUtilsTests.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
package org.apereo.cas.services;
import org.apereo.cas.authentication.PrincipalException;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.apereo.cas.util.CollectionUtils;
import lombok.val;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import java.time.LocalDate;
import java.time.ZoneOffset;
import java.util.Map;
import static org.junit.jupiter.api.Assertions.*;
import static org.mockito.Mockito.*;
/**
* This is {@link RegisteredServiceAccessStrategyUtilsTests}.
*
* @author Misagh Moayyed
* @since 6.2.0
*/
@Tag("Utility")
public class RegisteredServiceAccessStrategyUtilsTests {
@Test
public void verifyExpired() {
val service = RegisteredServiceTestUtils.getRegisteredService();
service.setExpirationPolicy(new DefaultRegisteredServiceExpirationPolicy(false,
LocalDate.now(ZoneOffset.UTC).minusDays(1)));
assertThrows(UnauthorizedServiceException.class, () ->
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(RegisteredServiceTestUtils.getService().getId(), service));
}
@Test
public void verifySsoAccess() {
val service = RegisteredServiceTestUtils.getRegisteredService();
service.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(true, false));
val tgt = mock(TicketGrantingTicket.class);
when(tgt.getAuthentication()).thenReturn(RegisteredServiceTestUtils.getAuthentication());
when(tgt.getProxiedBy()).thenReturn(RegisteredServiceTestUtils.getService());
assertThrows(UnauthorizedSsoServiceException.class, () ->
RegisteredServiceAccessStrategyUtils.ensureServiceSsoAccessIsAllowed(service, RegisteredServiceTestUtils.getService(), tgt, false));
}
@Test
public void verifyPrincipalAccess() {
val service = RegisteredServiceTestUtils.getRegisteredService();
val authentication = RegisteredServiceTestUtils.getAuthentication();
assertThrows(PrincipalException.class, () ->
RegisteredServiceAccessStrategyUtils.ensurePrincipalAccessIsAllowedForService(
RegisteredServiceTestUtils.getService(), service, authentication.getPrincipal().getId(),
(Map) CollectionUtils.merge(authentication.getAttributes(), authentication.getPrincipal().getAttributes())));
}
}