-
Notifications
You must be signed in to change notification settings - Fork 0
/
PasswordResetTest.java
133 lines (116 loc) · 4.85 KB
/
PasswordResetTest.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
/*
* Copyright 2011-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.appng.application.authentication.webform;
import org.appng.api.FieldProcessor;
import org.appng.api.auth.PasswordPolicy;
import org.appng.api.support.CallableAction;
import org.appng.application.authentication.BaseLoginTest;
import org.junit.Assert;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;
import org.mockito.Mockito;
import org.springframework.transaction.annotation.Transactional;
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
public class PasswordResetTest extends BaseLoginTest {
private static final String SUBJECT = "subject-3";
private static final String USERNAME = "username";
private static final String ACTION = "action";
private static final String FORGOT_PASSWORD = "forgotPassword";
private static final String RESET_PASSWORD = "resetPassword";
private static final String FORM_AUTH = "form-auth";
@Test
@Transactional
public void testForgotPassword() throws Exception {
new AuthenticationTestDataProvider().writeTestData(em);
addParameter(ACTION, FORGOT_PASSWORD);
initParameters();
LoginData loginData = new LoginData();
loginData.setUsername(SUBJECT);
CallableAction callableAction = getAction(FORM_AUTH, FORGOT_PASSWORD).withParam(FORM_ACTION, FORGOT_PASSWORD)
.getCallableAction(loginData);
FieldProcessor fp = callableAction.perform();
String content = fp.getMessages().getMessageList().get(0).getContent();
Assert.assertEquals("Eine E-Mail mit weiteren Anweisungen wurde an subject-3 gesendet.", content);
}
@Test
public void testForgotPasswordNoUser() throws Exception {
addParameter(ACTION, FORGOT_PASSWORD);
initParameters();
LoginData loginData = new LoginData();
loginData.setUsername("foobar");
CallableAction callableAction = getAction(FORM_AUTH, FORGOT_PASSWORD).withParam(FORM_ACTION, FORGOT_PASSWORD)
.getCallableAction(loginData);
FieldProcessor fp = callableAction.perform();
String content = fp.getMessages().getMessageList().get(0).getContent();
Assert.assertEquals("Unknown user", content);
}
@Test
@Transactional
public void testResetPassword() throws Exception {
new AuthenticationTestDataProvider(true).writeTestData(em);
addParameter(ACTION, RESET_PASSWORD);
addParameter("hash", "5Lfn2+jDr/jezUlvrMiPfYH4kI8=");
initParameters();
Mockito.when(site.getPasswordPolicy()).thenReturn(new PasswordPolicy() {
public boolean isValidPassword(char[] password) {
return true;
}
public String getErrorMessageKey() {
return null;
}
public String generatePassword() {
return "123456";
}
});
LoginData loginData = new LoginData();
loginData.setUsername(SUBJECT);
CallableAction callableAction = getAction(FORM_AUTH, RESET_PASSWORD).withParam(ACTION, RESET_PASSWORD)
.withParam(USERNAME, SUBJECT).getCallableAction(loginData);
FieldProcessor fp = callableAction.perform();
String content = fp.getMessages().getMessageList().get(0).getContent();
Assert.assertEquals("Eine E-Mail mit dem neuen Passwort wurde an subject-3 gesendet.", content);
}
@Test
@Transactional
public void testResetPasswordNoUser() throws Exception {
addParameter(ACTION, RESET_PASSWORD);
initParameters();
LoginData loginData = new LoginData();
loginData.setUsername(SUBJECT);
CallableAction callableAction = getAction(FORM_AUTH, RESET_PASSWORD).withParam(ACTION, RESET_PASSWORD)
.withParam(USERNAME, SUBJECT).getCallableAction(loginData);
FieldProcessor fp = callableAction.perform();
String content = fp.getMessages().getMessageList().get(0).getContent();
Assert.assertEquals("Unknown user", content);
}
@Test
@Transactional
public void testResetPasswordWrongHash() throws Exception {
new AuthenticationTestDataProvider().writeTestData(em);
addParameter(ACTION, RESET_PASSWORD);
initParameters();
LoginData loginData = new LoginData();
loginData.setUsername(SUBJECT);
CallableAction callableAction = getAction(FORM_AUTH, RESET_PASSWORD).withParam(ACTION, RESET_PASSWORD)
.withParam(USERNAME, SUBJECT).getCallableAction(loginData);
FieldProcessor fp = callableAction.perform();
String content = fp.getMessages().getMessageList().get(0).getContent();
Assert.assertEquals(
"Das Passwort konnte nicht zurückgesetzt werden.\nWahrscheinlich ist der verwendete Link veraltet.",
content);
}
}