src/test/java/com/googlesource/gerrit/plugins/saml/SamlWebFilterIT.java

package com.googlesource.gerrit.plugins.saml;

import static com.google.common.base.Strings.nullToEmpty;
import static com.google.common.truth.Truth.assertThat;
import static javax.servlet.http.HttpServletResponse.SC_OK;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;

import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.extensions.common.AccountDetailInfo;
import com.google.gerrit.extensions.restapi.RestApiException;
import com.google.gerrit.testing.ConfigSuite;
import com.google.gerrit.util.http.testutil.FakeHttpServletRequest;
import com.google.gerrit.util.http.testutil.FakeHttpServletResponse;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.eclipse.jgit.errors.ConfigInvalidException;
import org.eclipse.jgit.lib.Config;
import org.junit.Test;

public class SamlWebFilterIT extends AbstractDaemonTest {

  @ConfigSuite.Default
  public static Config setupSaml() throws ConfigInvalidException {
    Config cfg = new Config();
    cfg.fromText(
        ""
            + "[httpd]\n"
            + "    filterClass = com.googlesource.gerrit.plugins.saml.SamlWebFilter\n"
            + "[saml]\n"
            + "    keystorePath = etc/samlKeystore.jks\n"
            + "    metadataPath = http://localhost:8080/auth/realms/master/protocol/saml/descriptor\n"
            + "[auth]\n"
            + "    type = HTTP\n"
            + "    httpHeader = X-SAML-UserName\n"
            + "    httpEmailHeader = X-SAML-EmailHeader\n"
            + "    httpExternalIdHeader = X-SAML-ExternalId");
    return cfg;
  }

  @Test
  public void supportAccountNamesWithNonIso88591Characters() throws IOException, ServletException, RestApiException {
    SamlWebFilter samlWebFilter = server.getTestInjector().getInstance(SamlWebFilter.class);

    String samlDisplayName = nullToEmpty(user.displayName()) + " Saml Test 合覺那加情力心";

    HttpSession httpSession = mock(HttpSession.class);
    AuthenticatedUser authenticatedUser =
        new AuthenticatedUser(user.username(), samlDisplayName, user.email(), "externalId");
    doReturn(authenticatedUser).when(httpSession).getAttribute(SamlWebFilter.SESSION_ATTR_USER);

    FakeHttpServletRequest req = new FakeHttpServletRequestWithSession(httpSession);
    req.setPathInfo(SamlWebFilter.GERRIT_LOGIN);
    HttpServletResponse res = new FakeHttpServletResponse();

    samlWebFilter.doFilter(req, res, mock(FilterChain.class));

    assertThat(res.getStatus()).isEqualTo(SC_OK);

    AccountDetailInfo account = gApi.accounts().id(user.username()).detail();
    assertThat(account.name).isEqualTo(samlDisplayName);
  }

  private static class FakeHttpServletRequestWithSession extends FakeHttpServletRequest {
    HttpSession session;

    public FakeHttpServletRequestWithSession(HttpSession session) {
      super();
      this.session = session;
    }

    @Override
    public HttpSession getSession() {
      return session;
    }
  }
}