Examples of org.apache.shindig.common.testing.FakeHttpServletRequest

• org.apache.shindig.common.testing.FakeHttpServletRequest
  This class fakes a HttpServletRequest for unit test purposes. Currently, it supports servlet API 2.4.

  To use this class, you specify the request info (URL, parameters) in the constructors.

  Lots of stuff are still not implemented here. Feel free to implement them.

    expectConsumer();
    expectSecurityToken();
    replay();
    FakeOAuthRequest get =
        new FakeOAuthRequest("GET", TEST_URL, null, null);
    FakeHttpServletRequest request = get.sign(null,
        FakeOAuthRequest.OAuthParamLocation.AUTH_HEADER, FakeOAuthRequest.BodySigning.NONE);
    assertNotNull(reqHandler.getSecurityTokenFromRequest(request));
  }

  }

  @Test
  public void testNoSignature() throws Exception {
    replay();
    FakeHttpServletRequest request = formEncodedPost.sign(null,
        FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.NONE);
    // A request without a signature is not an OAuth request
    request.setParameter(OAuth.OAUTH_SIGNATURE, "");
    SecurityToken st = reqHandler.getSecurityTokenFromRequest(request);
    assertNull(st);
  }

  public void testBodyHashSigning() throws Exception {
    expectConsumer();
    expectSecurityToken();
    replay();

    FakeHttpServletRequest request = nonFormEncodedPost.sign(null,
        FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.HASH);
    assertNotNull(reqHandler.getSecurityTokenFromRequest(request));
  }

  @Test
  public void testLegacyBodySigning() throws Exception {
    expectConsumer();
    expectSecurityToken();
    replay();
    FakeHttpServletRequest request = nonFormEncodedPost.sign(null,
        FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.LEGACY);
    assertNotNull(reqHandler.getSecurityTokenFromRequest(request));
  }

  public void testLegacyBodySigningNotEnabled() throws Exception {
    reqHandler = new OAuthAuthenticationHandler(mockStore, false);
    expectConsumer();
    expectSecurityToken();
    replay();
    FakeHttpServletRequest request = nonFormEncodedPost.sign(null,
        FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.LEGACY);
    try {
      reqHandler.getSecurityTokenFromRequest(request);
      fail("Legacy signing not enabled");
    } catch (AuthenticationHandler.InvalidAuthenticationException iae) {

  public void testConsumerFailBodyHashSigningWithFormEncoding() throws Exception {
    replay();
    FakeOAuthRequest bodyHashPost =
        new FakeOAuthRequest("POST", TEST_URL, "a=b&c=d&oauth_body_hash=hash",
        OAuth.FORM_ENCODED);
    FakeHttpServletRequest request = bodyHashPost
        .sign(null, FakeOAuthRequest.OAuthParamLocation.URI_QUERY,
            FakeOAuthRequest.BodySigning.NONE);
    try {
      reqHandler.getSecurityTokenFromRequest(request);
      fail("Cant have body signing with form-encoded post bodies");

    replay();
    FakeOAuthRequest jsonPost =
        new FakeOAuthRequest("POST", TEST_URL,
        "{a:b,b:'c=d&d==f&&g=y'}",
        "application/json");
    FakeHttpServletRequest request = jsonPost.sign(null,
        FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.LEGACY);
    assertNotNull(reqHandler.getSecurityTokenFromRequest(request));
  }

    assertNotNull(reqHandler.getSecurityTokenFromRequest(request));
  }

  @Test
  public void testStashBody() throws Exception {
    FakeHttpServletRequest req = new FakeHttpServletRequest();
    String body = "BODY";
    req.setPostData(CharsetUtil.getUtf8Bytes(body));
    byte[] bytes = OAuthAuthenticationHandler.readBody(req);
    assertTrue(Arrays.equals(bytes, CharsetUtil.getUtf8Bytes(body)));
    assertEquals(req.getAttribute(AuthenticationHandler.STASHED_BODY), bytes);
  }

    assertEquals(req.getAttribute(AuthenticationHandler.STASHED_BODY), bytes);
  }

  @Test
  public void testBodySigning() throws Exception {
    FakeHttpServletRequest req = new FakeHttpServletRequest();
    req.setContentType("text/plain");
    String body = "BODY";
    req.setPostData(CharsetUtil.getUtf8Bytes(body));
    String hash = new String(Base64.encodeBase64(DigestUtils.sha(CharsetUtil.getUtf8Bytes(body))),
        "UTF-8");
    req.setParameter(OAuthConstants.OAUTH_BODY_HASH, hash);
    OAuthAuthenticationHandler.verifyBodyHash(req, hash);
  }

    mockControl.reset();
  }

  private void setupRequest(String pathInfo, String actualMethod, String overrideMethod)
      throws IOException {
    FakeHttpServletRequest fakeReq = new FakeHttpServletRequest("/social/rest", pathInfo, "");
    fakeReq.setPathInfo(pathInfo);
    fakeReq.setParameter(DataServiceServlet.X_HTTP_METHOD_OVERRIDE, overrideMethod);
    fakeReq.setCharacterEncoding("UTF-8");
    if (!("GET").equals(actualMethod) && !("HEAD").equals(actualMethod)) {
      fakeReq.setPostData("", "UTF-8");
    }
    fakeReq.setMethod(actualMethod);
    fakeReq.setAttribute(AuthInfo.Attribute.SECURITY_TOKEN.getId(), FAKE_GADGET_TOKEN);
    fakeReq.setContentType(ContentTypes.OUTPUT_JSON_CONTENT_TYPE);
    req = fakeReq;
  }