[sling-org-apache-sling-auth-core] branch master updated: SLING-10319 : Use the equals method if value comparison was intended. Add another test case for cookies

Tue, 20 Apr 2021 01:00:02 -0700 

This is an automated email from the ASF dual-hosted git repository.

cziegeler pushed a commit to branch master
in repository 
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-core.git


The following commit(s) were added to refs/heads/master by this push:
     new 95936fe  SLING-10319 : Use the equals method if value comparison was 
intended. Add another test case for cookies
95936fe is described below

commit 95936fefa97f3928ed42e368a458a9fab3a4057c
Author: Carsten Ziegeler <[email protected]>
AuthorDate: Tue Apr 20 09:59:45 2021 +0200

    SLING-10319 : Use the equals method if value comparison was intended. Add 
another test case for cookies
---
 .../core/impl/AuthenticatorWebConsolePlugin.java   |  4 ++--
 .../apache/sling/auth/core/impl/LoginServlet.java  |  2 +-
 .../apache/sling/auth/core/impl/LogoutServlet.java |  2 +-
 .../auth/core/impl/SlingAuthenticatorTest.java     | 24 ++++++++++++++++++++++
 4 files changed, 28 insertions(+), 4 deletions(-)

diff --git 
a/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java
 
b/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java
index b01a85f..a47f443 100644
--- 
a/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java
+++ 
b/src/main/java/org/apache/sling/auth/core/impl/AuthenticatorWebConsolePlugin.java
@@ -54,10 +54,10 @@ public class AuthenticatorWebConsolePlugin extends 
HttpServlet {
     public static final String TITLE = "Authenticator";
 
     @Reference(service = AuthenticationRequirementsManager.class)
-    private PathBasedHolderCache<AuthenticationRequirementHolder> 
authenticationRequirementsManager;
+    private PathBasedHolderCache<AuthenticationRequirementHolder> 
authenticationRequirementsManager; // NOSONAR
     
     @Reference
-    private AuthenticationHandlersManager authenticationHoldersManager;
+    private AuthenticationHandlersManager authenticationHoldersManager; // 
NOSONAR
 
     private final SlingAuthenticator.Config config;
 
diff --git a/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java 
b/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java
index bbf7409..2e17d5c 100644
--- a/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java
+++ b/src/main/java/org/apache/sling/auth/core/impl/LoginServlet.java
@@ -58,7 +58,7 @@ public class LoginServlet extends SlingAllMethodsServlet {
     private final Logger log = LoggerFactory.getLogger(getClass());
 
     @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = 
ReferenceCardinality.OPTIONAL)
-    private volatile Authenticator authenticator;
+    private volatile Authenticator authenticator; // NOSONAR
 
     /**
      * The servlet is registered on this path, and the authenticator allows any
diff --git a/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java 
b/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java
index a2de3fe..de5a740 100644
--- a/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java
+++ b/src/main/java/org/apache/sling/auth/core/impl/LogoutServlet.java
@@ -66,7 +66,7 @@ public class LogoutServlet extends SlingAllMethodsServlet {
     private final Logger log = LoggerFactory.getLogger(getClass());
 
     @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = 
ReferenceCardinality.OPTIONAL)
-    private volatile Authenticator authenticator;
+    private volatile Authenticator authenticator; // NOSONAR
 
     /**
      * The servlet is registered on this path.
diff --git 
a/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java 
b/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
index 52ae29c..55423e0 100644
--- a/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
+++ b/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
@@ -434,6 +434,30 @@ public class SlingAuthenticatorTest {
         assertEquals("\"\"", argument.getValue().getValue());
     }
 
+    @Test public void testSudoCookieFlags() {
+        final SlingAuthenticator slingAuthenticator = 
this.createSlingAuthenticator();
+        final AuthenticationInfo info = new AuthenticationInfo("basic");
+        info.put(ResourceResolverFactory.USER_IMPERSONATION, "newsudo");
+        
+        final SlingHttpServletRequest req = 
Mockito.mock(SlingHttpServletRequest.class);
+        Mockito.when(req.isSecure()).thenReturn(true);
+        SlingHttpServletResponse res = 
Mockito.mock(SlingHttpServletResponse.class);
+
+        assertTrue(slingAuthenticator.setSudoCookie(req, res, info));
+        ArgumentCaptor<Cookie> argument1 = 
ArgumentCaptor.forClass(Cookie.class);
+        Mockito.verify(res).addCookie(argument1.capture());
+        assertTrue(argument1.getValue().isHttpOnly());
+        assertTrue(argument1.getValue().getSecure());
+
+        res = Mockito.mock(SlingHttpServletResponse.class);
+        Mockito.when(req.isSecure()).thenReturn(false);
+        assertTrue(slingAuthenticator.setSudoCookie(req, res, info));
+        ArgumentCaptor<Cookie> argument2 = 
ArgumentCaptor.forClass(Cookie.class);
+        Mockito.verify(res).addCookie(argument2.capture());
+        assertTrue(argument2.getValue().isHttpOnly());
+        assertFalse(argument2.getValue().getSecure());
+    }
+
     //---------------------------- PRIVATE METHODS 
-----------------------------
 
     /**

Reply via email to