1
|
/**
|
2
|
* Copyright (C) 2021 EDIT
|
3
|
* European Distributed Institute of Taxonomy
|
4
|
* http://www.e-taxonomy.eu
|
5
|
*
|
6
|
* The contents of this file are subject to the Mozilla Public License Version 1.1
|
7
|
* See LICENSE.TXT at the top of this package for the full license terms.
|
8
|
*/
|
9
|
package eu.etaxonomy.cdm.api.security;
|
10
|
|
11
|
import static org.junit.Assert.assertEquals;
|
12
|
import static org.junit.Assert.assertFalse;
|
13
|
import static org.junit.Assert.assertTrue;
|
14
|
|
15
|
import java.io.FileNotFoundException;
|
16
|
import java.util.Optional;
|
17
|
|
18
|
import org.junit.Before;
|
19
|
import org.junit.Test;
|
20
|
import org.unitils.database.annotations.Transactional;
|
21
|
import org.unitils.database.util.TransactionMode;
|
22
|
import org.unitils.spring.annotation.SpringBeanByType;
|
23
|
|
24
|
import eu.etaxonomy.cdm.model.permission.User;
|
25
|
import eu.etaxonomy.cdm.test.integration.CdmTransactionalIntegrationTest;
|
26
|
|
27
|
/**
|
28
|
* @author a.kohlbecker
|
29
|
* @since Nov 5, 2021
|
30
|
*/
|
31
|
@Transactional(TransactionMode.DISABLED)
|
32
|
public class PasswordResetTokenStoreTest extends CdmTransactionalIntegrationTest {
|
33
|
|
34
|
private static final String USER_EMAIL = "dummy@cybertaxonomy.test";
|
35
|
private static final String USER_PWD = "dummy123";
|
36
|
private static final String USER_NAME = "dummy";
|
37
|
|
38
|
@SpringBeanByType
|
39
|
private IPasswordResetTokenStore passwordResetTokenStore;
|
40
|
|
41
|
private User testUser;
|
42
|
|
43
|
@Before
|
44
|
public void reset() {
|
45
|
passwordResetTokenStore.setTokenLifetimeMinutes(IPasswordResetTokenStore.TOKEN_LIFETIME_MINUTES_DEFAULT);
|
46
|
testUser = User.NewInstance(USER_NAME, USER_PWD);
|
47
|
testUser.setEmailAddress(USER_EMAIL);
|
48
|
}
|
49
|
|
50
|
@Test
|
51
|
public void testTokenStillValid() {
|
52
|
String token = passwordResetTokenStore.create(testUser).getToken();
|
53
|
assertTrue(passwordResetTokenStore.isEligibleToken(token));
|
54
|
Optional<PasswordResetRequest> resetRequest = passwordResetTokenStore.findResetRequest(token);
|
55
|
assertTrue(resetRequest.isPresent());
|
56
|
assertEquals(USER_NAME, resetRequest.get().getUserName());
|
57
|
assertEquals(USER_EMAIL, resetRequest.get().getUserEmail());
|
58
|
assertEquals(token, resetRequest.get().getToken());
|
59
|
}
|
60
|
|
61
|
@Test
|
62
|
public void testTokenExpired() {
|
63
|
passwordResetTokenStore.setTokenLifetimeMinutes(-10);
|
64
|
String token = passwordResetTokenStore.create(testUser).getToken();
|
65
|
assertFalse(passwordResetTokenStore.isEligibleToken(token));
|
66
|
Optional<PasswordResetRequest> resetRequest = passwordResetTokenStore.findResetRequest(token);
|
67
|
assertTrue(!resetRequest.isPresent());
|
68
|
}
|
69
|
|
70
|
@Test
|
71
|
public void testTokenUnknown() {
|
72
|
String unknownToken = "un-known-token";
|
73
|
assertFalse(passwordResetTokenStore.isEligibleToken(unknownToken));
|
74
|
Optional<PasswordResetRequest> resetRequest = passwordResetTokenStore.findResetRequest(unknownToken);
|
75
|
assertTrue(!resetRequest.isPresent());
|
76
|
}
|
77
|
|
78
|
@Test
|
79
|
public void testTokenNull() {
|
80
|
String nullToken = null;
|
81
|
assertFalse(passwordResetTokenStore.isEligibleToken(nullToken));
|
82
|
Optional<PasswordResetRequest> resetRequest = passwordResetTokenStore.findResetRequest(nullToken);
|
83
|
assertTrue(!resetRequest.isPresent());
|
84
|
}
|
85
|
|
86
|
|
87
|
@Test
|
88
|
public void testTokenRemove() {
|
89
|
String token = passwordResetTokenStore.create(testUser).getToken();
|
90
|
assertTrue(passwordResetTokenStore.isEligibleToken(token));
|
91
|
Optional<PasswordResetRequest> resetRequest = passwordResetTokenStore.findResetRequest(token);
|
92
|
assertTrue(resetRequest.isPresent());
|
93
|
passwordResetTokenStore.remove(token);
|
94
|
resetRequest = passwordResetTokenStore.findResetRequest(token);
|
95
|
assertFalse("Expecing false since the token has been removed", resetRequest.isPresent());
|
96
|
}
|
97
|
|
98
|
|
99
|
@Override
|
100
|
public void createTestDataSet() throws FileNotFoundException {
|
101
|
// NO DATA NEEDED
|
102
|
}
|
103
|
|
104
|
|
105
|
|
106
|
}
|