diff options
Diffstat (limited to 'id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa')
-rw-r--r-- | id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java | 73 |
1 files changed, 61 insertions, 12 deletions
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java index ad9e2c90e..7afad55aa 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java @@ -46,6 +46,7 @@ public class ParamValidatorUtilsTest { config = new DummyAuthConfig(); AuthConfigurationProviderFactory.setAuthConfig(config); config.setSlRequestTemplateUrls(new ArrayList<String>()); + config.setConfigRootDir("file://junit.com/"); } @@ -68,11 +69,11 @@ public class ParamValidatorUtilsTest { public void templateStrictWhitelistSecond() { HttpServletRequest req = getDummyHttpRequest("junit.com"); - String template = "file://aaaa.com/ccc"; + String template = "file:/aaaa.com/ccc"; List<String> oaSlTemplates = Arrays.asList( "http://aaaa.com/bbbb", "https://aaaa.com/bbbb", - "file://aaaa.com/bbbb"); + "file:/aaaa.com/bbbb"); Assert.assertFalse("Template should NOT be valid", ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, true)); @@ -95,14 +96,14 @@ public class ParamValidatorUtilsTest { } @Test - public void templateLaczWhitelistSecond() { + public void templateLazyWhitelistSecond() { HttpServletRequest req = getDummyHttpRequest("junit.com"); - String template = "file://aaaa.com/ccc"; + String template = "file:/aaaa.com/ccc"; List<String> oaSlTemplates = Arrays.asList( "http://aaaa.com/bbbb", "https://aaaa.com/bbbb", - "file://aaaa.com/bbbb"); + "file:/aaaa.com/bbbb"); Assert.assertFalse("Template should NOT be valid", ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); @@ -110,7 +111,7 @@ public class ParamValidatorUtilsTest { } @Test - public void templateLaczWhitelistThird() { + public void templateLazyWhitelistThird() { HttpServletRequest req = getDummyHttpRequest("junit.com"); String template = "https://aaaa.com/ccc"; @@ -125,7 +126,7 @@ public class ParamValidatorUtilsTest { } @Test - public void templateLaczWhitelistFour() { + public void templateLazyWhitelistFour() { HttpServletRequest req = getDummyHttpRequest("junit.com"); String template = "http://aaaa.com/ccc"; @@ -140,7 +141,7 @@ public class ParamValidatorUtilsTest { } @Test - public void templateLaczWhitelistFife() { + public void templateLazyWhitelistFife() { HttpServletRequest req = getDummyHttpRequest("junit.com"); String template = "http://junit.com/ccc"; @@ -155,7 +156,7 @@ public class ParamValidatorUtilsTest { } @Test - public void templateLaczWhitelistSix() { + public void templateLazyWhitelistSix() { HttpServletRequest req = getDummyHttpRequest("junit.com"); String template = "https://junit.com/ccc"; @@ -170,20 +171,68 @@ public class ParamValidatorUtilsTest { } @Test - public void templateLaczWhitelistSeven() { + public void templateLazyWhitelistSeven() { HttpServletRequest req = getDummyHttpRequest("junit.com"); - String template = "file://junit.com/ccc"; + String template = "file:/junit.com/ccc"; List<String> oaSlTemplates = Arrays.asList( "http://aaaa.com/bbbb", "https://aaaa.com/bbbb", - "file://aaaa.com/bbbb"); + "file:/aaaa.com/bbbb"); Assert.assertFalse("Template should Not be valid", ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); } + @Test + public void templateLazyWhitelistEight() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "file:/junit.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/ccc", + "ccc"); + + Assert.assertTrue("Template should be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLazyWhitelistNine() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "file:\\junit.com\\ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/ccc", + "ccc"); + + Assert.assertTrue("Template should be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLazyWhitelistTen() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "file:\\junit.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/ccc", + "ccc"); + + Assert.assertTrue("Template should be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + private HttpServletRequest getDummyHttpRequest(final String serverName) { return new HttpServletRequest() { |