Skip to content

Commit

Permalink
Refactored away duplicated code.
Browse files Browse the repository at this point in the history
  • Loading branch information
@fickludd
fickludd committed Jul 14, 2016
1 parent 4389306 commit 28bfa93
Showing 1 changed file with 61 additions and 82 deletions.
143 changes: 61 additions & 82 deletions community/security/src/test/java/org/neo4j/server/security/auth/BasicAuthManagerTest.java
View file
Expand Up @@ -19,11 +19,16 @@
*/
package org.neo4j.server.security.auth;

import org.junit.After;
import org.junit.Before;
import org.junit.Test;

import java.io.IOException;

import org.neo4j.kernel.api.security.AuthSubject;
import org.neo4j.kernel.api.security.AuthenticationResult;
import org.neo4j.kernel.api.security.exception.InvalidArgumentsException;
import org.neo4j.kernel.api.security.exception.InvalidAuthTokenException;

import static org.hamcrest.Matchers.equalTo;
import static org.junit.Assert.assertNotNull;
Expand All @@ -33,23 +38,36 @@
import static org.junit.Assert.fail;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import static org.neo4j.kernel.api.security.AuthenticationResult.*;
import static org.neo4j.server.security.auth.SecurityTestUtils.authToken;

public class BasicAuthManagerTest
{
@Test
public void shouldCreateDefaultUserIfNoneExist() throws Throwable
private InMemoryUserRepository users;
private BasicAuthManager manager;
private AuthenticationStrategy authStrategy = mock( AuthenticationStrategy.class );;

@Before
public void setup() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final BasicAuthManager manager =
new BasicAuthManager( users, mock( PasswordPolicy.class ), mock( AuthenticationStrategy.class ) );
users = new InMemoryUserRepository();
manager = new BasicAuthManager( users, mock( PasswordPolicy.class ), authStrategy );
manager.start();
}

@After
public void teardown() throws Throwable
{
manager.stop();
}

@Test
public void shouldCreateDefaultUserIfNoneExist()
{
// When
manager.start();
final User user = users.getUserByName( "neo4j" );

// Then
final User user = users.getUserByName( "neo4j" );
assertNotNull( user );
assertTrue( user.credentials().matchesPassword( "neo4j" ) );
assertTrue( user.passwordChangeRequired() );
Expand All @@ -59,90 +77,54 @@ public void shouldCreateDefaultUserIfNoneExist() throws Throwable
public void shouldFindAndAuthenticateUserSuccessfully() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final User user = new User.Builder( "jake", Credential.forPassword( "abc123" )).build();
users.create( user );
final AuthenticationStrategy authStrategy = mock( AuthenticationStrategy.class );
final BasicAuthManager manager = new BasicAuthManager( users, mock( PasswordPolicy.class ), authStrategy );
manager.start();
when( authStrategy.authenticate( user, "abc123" )).thenReturn( AuthenticationResult.SUCCESS );
final User user = createUser( "jake", "abc123", false );

// When
AuthSubject authSubject = manager.login( authToken( "jake", "abc123" ) );
AuthenticationResult result = authSubject.getAuthenticationResult();
when( authStrategy.authenticate( user, "abc123" )).thenReturn( SUCCESS );

// Then
assertThat( result, equalTo( AuthenticationResult.SUCCESS ) );
assertLoginGivesResult( "jake", "abc123", SUCCESS );
}

@Test
public void shouldFindAndAuthenticateUserAndReturnAuthStrategyResult() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final User user = new User.Builder( "jake", Credential.forPassword( "abc123" )).withRequiredPasswordChange( true ).build();
users.create( user );
final AuthenticationStrategy authStrategy = mock( AuthenticationStrategy.class );
final BasicAuthManager manager = new BasicAuthManager( users, mock( PasswordPolicy.class ), authStrategy );
manager.start();
when( authStrategy.authenticate( user, "abc123" )).thenReturn( AuthenticationResult.TOO_MANY_ATTEMPTS );
final User user = createUser( "jake", "abc123", true );

// When
AuthSubject authSubject = manager.login( authToken( "jake", "abc123" ) );
AuthenticationResult result = authSubject.getAuthenticationResult();
when( authStrategy.authenticate( user, "abc123" )).thenReturn( TOO_MANY_ATTEMPTS );

// Then
assertThat( result, equalTo( AuthenticationResult.TOO_MANY_ATTEMPTS ) );
assertLoginGivesResult( "jake", "abc123", TOO_MANY_ATTEMPTS );
}

@Test
public void shouldFindAndAuthenticateUserAndReturnPasswordChangeIfRequired() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final User user = new User.Builder( "jake", Credential.forPassword( "abc123" )).withRequiredPasswordChange( true ).build();
users.create( user );
final AuthenticationStrategy authStrategy = mock( AuthenticationStrategy.class );
final BasicAuthManager manager = new BasicAuthManager( users, mock( PasswordPolicy.class ), authStrategy );
manager.start();
when( authStrategy.authenticate( user, "abc123" )).thenReturn( AuthenticationResult.SUCCESS );
final User user = createUser( "jake", "abc123", true );

// When
AuthSubject authSubject = manager.login( authToken( "jake", "abc123" ) );
AuthenticationResult result = authSubject.getAuthenticationResult();
when( authStrategy.authenticate( user, "abc123" )).thenReturn( SUCCESS );

// Then
assertThat( result, equalTo( AuthenticationResult.PASSWORD_CHANGE_REQUIRED ) );
assertLoginGivesResult( "jake", "abc123", PASSWORD_CHANGE_REQUIRED );
}

@Test
public void shouldFailAuthenticationIfUserIsNotFound() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final User user = new User.Builder( "jake", Credential.forPassword( "abc123" )).withRequiredPasswordChange( true ).build();
users.create( user );
final AuthenticationStrategy authStrategy = mock( AuthenticationStrategy.class );
final BasicAuthManager manager = new BasicAuthManager( users, mock( PasswordPolicy.class ), authStrategy );
manager.start();

// When
AuthSubject authSubject = manager.login( authToken( "unknown", "abc123" ) );
AuthenticationResult result = authSubject.getAuthenticationResult();
createUser( "jake", "abc123", true );

// Then
assertThat( result, equalTo( AuthenticationResult.FAILURE ) );
assertLoginGivesResult( "unknown", "abc123", FAILURE );
}

@Test
public void shouldCreateUser() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final BasicAuthManager manager =
new BasicAuthManager( users, mock( PasswordPolicy.class ), mock( AuthenticationStrategy.class ) );
manager.start();

// When
manager.newUser( "foo", "bar", true );

Expand All @@ -157,12 +139,7 @@ public void shouldCreateUser() throws Throwable
public void shouldDeleteUser() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final User user = new User.Builder( "jake", Credential.forPassword( "abc123" )).withRequiredPasswordChange( true ).build();
users.create( user );
final BasicAuthManager manager =
new BasicAuthManager( users, mock( PasswordPolicy.class ), mock( AuthenticationStrategy.class ) );
manager.start();
manager.newUser( "jake", "abc123", true );

// When
manager.deleteUser( "jake" );
Expand All @@ -175,12 +152,7 @@ public void shouldDeleteUser() throws Throwable
public void shouldDeleteUnknownUser() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final User user = new User.Builder( "jake", Credential.forPassword( "abc123" )).withRequiredPasswordChange( true ).build();
users.create( user );
final BasicAuthManager manager =
new BasicAuthManager( users, mock( PasswordPolicy.class ), mock( AuthenticationStrategy.class ) );
manager.start();
manager.newUser( "jake", "abc123", true );

// When
manager.deleteUser( "unknown" );
Expand All @@ -193,11 +165,7 @@ public void shouldDeleteUnknownUser() throws Throwable
public void shouldSetPassword() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
users.create( new User.Builder( "jake", Credential.forPassword( "abc123" )).withRequiredPasswordChange( true ).build() );
final BasicAuthManager manager =
new BasicAuthManager( users, mock( PasswordPolicy.class ), mock( AuthenticationStrategy.class ) );
manager.start();
manager.newUser( "jake", "abc123", true );

// When
manager.setUserPassword( "jake", "hello, world!" );
Expand All @@ -211,12 +179,6 @@ public void shouldSetPassword() throws Throwable
@Test
public void shouldReturnNullWhenSettingPasswordForUnknownUser() throws Throwable
{
// Given
final InMemoryUserRepository users = new InMemoryUserRepository();
final BasicAuthManager manager =
new BasicAuthManager( users, mock( PasswordPolicy.class ), mock( AuthenticationStrategy.class ) );
manager.start();

// When
try
{
Expand All @@ -232,9 +194,10 @@ public void shouldReturnNullWhenSettingPasswordForUnknownUser() throws Throwable
@Test
public void shouldThrowWhenAuthIsDisabled() throws Throwable
{
final InMemoryUserRepository users = new InMemoryUserRepository();
final BasicAuthManager manager =
new BasicAuthManager( users, mock( PasswordPolicy.class ), mock( AuthenticationStrategy.class ), false );
manager.stop();
users = new InMemoryUserRepository();
manager = new BasicAuthManager( users, mock( PasswordPolicy.class ),
mock( AuthenticationStrategy.class ), false );
manager.start();

try
Expand Down Expand Up @@ -282,6 +245,22 @@ public void shouldThrowWhenAuthIsDisabled() throws Throwable
// expected
}

assertTrue( users.numberOfUsers() == 0 );
assertThat( users.numberOfUsers(), equalTo( 0 ) );
}

private User createUser( String username, String password, boolean pwd_change )
throws IOException, InvalidArgumentsException
{
User user = new User.Builder( username, Credential.forPassword( password ))
.withRequiredPasswordChange( pwd_change ).build();
users.create(user);
return user;
}

private void assertLoginGivesResult( String username, String password, AuthenticationResult expectedResult )
throws InvalidAuthTokenException
{
AuthSubject authSubject = manager.login( authToken( username, password ) );
assertThat( authSubject.getAuthenticationResult(), equalTo( expectedResult ) );
}
}

0 comments on commit 28bfa93

Please sign in to comment.