Added tests for SpringSecurityAuthenticationSource.

19 years ago · ca996de2dc
3 changed files with 82 additions and 4 deletions
--- a/core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
+++ b/core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
@ -59,11 +59,11 @@ public class SpringSecurityAuthenticationSource implements AuthenticationSource
				@@ -59,11 +59,11 @@ public class SpringSecurityAuthenticationSource implements AuthenticationSource
    public String getCredentials() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

-        if (authentication != null) {
-            return (String) authentication.getCredentials();
-        } else {
+        if (authentication == null) {
            log.warn("No Authentication object set in SecurityContext - returning empty String as Credentials");
            return "";
        }
+
+        return (String) authentication.getCredentials();        
    }
 }
--- a/core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java
+++ b/core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java
@ -20,6 +20,7 @@ import org.springframework.security.util.AuthorityUtils;
				@@ -20,6 +20,7 @@ import org.springframework.security.util.AuthorityUtils;
 import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.util.Assert;

+import javax.naming.Name;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.BasicAttributes;
 import java.util.ArrayList;
@ -110,7 +111,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
				@@ -110,7 +111,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
        public Essence() { }

        public Essence(DirContextOperations ctx) {
-            setDn(ctx.getDn().toString());
+            setDn(ctx.getDn());
        }

        public Essence(LdapUserDetails copyMe) {
@ -190,6 +191,10 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
				@@ -190,6 +191,10 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
            instance.dn = dn;
        }

+        public void setDn(Name dn) {
+            instance.dn = dn.toString();
+        }
+
        public void setEnabled(boolean enabled) {
            instance.enabled = enabled;
        }
--- a/core/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java
+++ b/core/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java
@ -0,0 +1,73 @@
				@@ -0,0 +1,73 @@
+package org.springframework.security.ldap;
+
+import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.providers.TestingAuthenticationToken;
+import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
+import org.springframework.security.userdetails.ldap.LdapUserDetailsImpl;
+import org.springframework.security.util.AuthorityUtils;
+import org.springframework.ldap.core.AuthenticationSource;
+import org.springframework.ldap.core.DistinguishedName;
+
+import org.junit.After;
+import static org.junit.Assert.assertEquals;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public class SpringSecurityAuthenticationSourceTests {
+    @Before
+    @After
+    public void clearContext() {
+        SecurityContextHolder.clearContext();
+    }
+
+    @Test
+    public void principalAndCredentialsAreEmptyWithNoAuthentication() {
+        AuthenticationSource source = new SpringSecurityAuthenticationSource();
+        assertEquals("", source.getPrincipal());
+        assertEquals("", source.getCredentials());
+    }
+
+    @Test
+    public void principalIsEmptyForAnonymousUser() {
+        AuthenticationSource source = new SpringSecurityAuthenticationSource();
+
+        SecurityContextHolder.getContext().setAuthentication(
+                new AnonymousAuthenticationToken("key", "anonUser",
+                        AuthorityUtils.commaSeparatedStringToAuthorityArray("ignored")));
+        assertEquals("", source.getPrincipal());
+    }
+
+    @Test(expected=IllegalArgumentException.class)
+    public void getPrincipalRejectsNonLdapUserDetailsObject() {
+        AuthenticationSource source = new SpringSecurityAuthenticationSource();
+        SecurityContextHolder.getContext().setAuthentication(
+                new TestingAuthenticationToken(new Object(), "password", null));
+
+        source.getPrincipal();
+    }
+
+    @Test
+    public void expectedCredentialsAreReturned() {
+        AuthenticationSource source = new SpringSecurityAuthenticationSource();
+        SecurityContextHolder.getContext().setAuthentication(
+                new TestingAuthenticationToken(new Object(), "password", null));
+
+        assertEquals("password", source.getCredentials());
+    }
+
+    @Test
+    public void expectedPrincipalIsReturned() {
+        LdapUserDetailsImpl.Essence user = new LdapUserDetailsImpl.Essence();
+        user.setUsername("joe");
+        user.setDn(new DistinguishedName("uid=joe,ou=users"));
+        AuthenticationSource source = new SpringSecurityAuthenticationSource();
+        SecurityContextHolder.getContext().setAuthentication(
+                new TestingAuthenticationToken(user.createUserDetails(), null, null));
+
+        assertEquals("uid=joe, ou=users", source.getPrincipal());
+    }
+}