Skip to content
Permalink
Browse files

Making tests fail.

  • Loading branch information...
ajs6f committed Jun 10, 2013
1 parent 3204dec commit 74794a1d0a9b941e50b9e2402cc586ac3a3c1f24
@@ -1,7 +1,6 @@

package org.fcrepo.auth.oauth.filter;

import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import static org.slf4j.LoggerFactory.getLogger;

@@ -22,6 +21,8 @@

private static final Logger LOGGER = getLogger(RestrictToAuthNFilter.class);

private static final String AUTHENTICATED_SECTION = "/authenticated/";

@Override
public void init(final FilterConfig filterConfig) throws ServletException {
LOGGER.debug("Initialized {}", this.getClass().getName());
@@ -41,14 +42,22 @@ public void doFilter(final ServletRequest request,
throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) request;
final HttpServletResponse res = (HttpServletResponse) response;
if (req.getUserPrincipal() != null) {
res.sendError(SC_UNAUTHORIZED);
}
if (req.isUserInRole("kosher")) {
chain.doFilter(request, response);
return;
final String requestURI = req.getRequestURI();
LOGGER.debug("Received request at URI: {}", requestURI);
if (requestURI.contains(AUTHENTICATED_SECTION)) {
// a protected resource
LOGGER.debug("{} is a protected resource.", requestURI);
if (req.getUserPrincipal() != null) {
LOGGER.debug("Couldn't find authenticated user!");
res.sendError(SC_UNAUTHORIZED);
} else {
LOGGER.debug("Found authenticated user.");
chain.doFilter(request, response);
}
} else {
res.sendError(SC_FORBIDDEN);
// not a protected resource
LOGGER.debug("{} is not a protected resource.", requestURI);
chain.doFilter(request, response);
}

}
@@ -1,6 +1,7 @@

package org.fcrepo.auth.oauth.integration.api;

import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import static javax.ws.rs.core.MediaType.APPLICATION_FORM_URLENCODED;
import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.junit.Assert.assertEquals;
@@ -38,6 +39,14 @@ public void testGetToken() throws Exception {
@Test
public void testUseToken() throws ClientProtocolException, IOException {
logger.trace("Entering testUseToken()...");
logger.debug("Trying to write an object to authenticated area without authentication via token...");
final HttpResponse failure =
client.execute(postObjMethod("authenticated/testUseToken"));
assertEquals(
"Was able to write to an authenticated area when I shouldn't be able to",
SC_UNAUTHORIZED, failure.getStatusLine().getStatusCode());
logger.debug("Failed as expected.");
logger.debug("Now trying with authentication via token...");
final HttpPost post =
new HttpPost(
tokenEndpoint +
@@ -15,8 +15,6 @@
<!-- Mints PIDs-->
<bean class="org.fcrepo.identifiers.UUIDPidMinter"/>

<!-- AuthN filters -->

<!-- used by (de)serialization endpoints -->
<util:map id="serializers" key-type="java.lang.String" map-class="java.util.HashMap"
value-type="org.fcrepo.serialization.FedoraObjectSerializer">

0 comments on commit 74794a1

Please sign in to comment.
You can’t perform that action at this time.