SecureCookieHandlerTestCase.java
/*
* JBoss, Home of Professional Open Source.
* Copyright 2014 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.undertow.server.handlers;
import java.io.IOException;
import java.security.GeneralSecurityException;
import io.undertow.util.Headers;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.testutils.DefaultServer;
import io.undertow.testutils.TestHttpClient;
import io.undertow.util.FileUtils;
import io.undertow.util.StatusCodes;
/**
* @author Stuart Douglas
*/
@RunWith(DefaultServer.class)
public class SecureCookieHandlerTestCase {
@Test
public void testSecureCookieHandler() throws IOException, GeneralSecurityException {
DefaultServer.setRootHandler(new SecureCookieHandler(new HttpHandler() {
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
exchange.setResponseCookie(new CookieImpl("foo", "bar"));
}
}));
DefaultServer.startSSLServer();
TestHttpClient client = new TestHttpClient();
client.setSSLContext(DefaultServer.getClientSSLContext());
try {
HttpGet get = new HttpGet(DefaultServer.getDefaultServerSSLAddress());
HttpResponse result = client.execute(get);
Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
Header header = result.getFirstHeader("set-cookie");
Assert.assertEquals("foo=bar; Secure", header.getValue());
FileUtils.readFile(result.getEntity().getContent());
get = new HttpGet(DefaultServer.getDefaultServerURL());
result = client.execute(get);
Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
header = result.getFirstHeader("set-cookie");
Assert.assertEquals("foo=bar", header.getValue());
} finally {
client.getConnectionManager().shutdown();
DefaultServer.stopSSLServer();
}
}
@Test
public void testSecureCookieHandlerWithManuallySetCookie() throws IOException, GeneralSecurityException {
DefaultServer.setRootHandler(new SecureCookieHandler(new HttpHandler() {
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
exchange.getResponseHeaders().put(Headers.SET_COOKIE, "cookie=value");
}
}));
DefaultServer.startSSLServer();
TestHttpClient client = new TestHttpClient();
client.setSSLContext(DefaultServer.getClientSSLContext());
try {
HttpGet get = new HttpGet(DefaultServer.getDefaultServerSSLAddress());
HttpResponse result = client.execute(get);
Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
Header header = result.getFirstHeader("set-cookie");
Assert.assertEquals("cookie=value; Secure", header.getValue());
FileUtils.readFile(result.getEntity().getContent());
} finally {
client.getConnectionManager().shutdown();
DefaultServer.stopSSLServer();
}
}
}