Author: bimargulies
Date: Thu Dec 1 21:14:02 2011
New Revision: 1209241
URL: http://svn.apache.org/viewvc?rev=1209241&view=rev
Log:
CXF-3943: fill in the rest of the non-annotation simple tests.
Added:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
(contents, props changed)
- copied, changed from r1209212,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/BasicCrossOriginTest.java
Removed:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/BasicCrossOriginTest.java
Modified:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CorsServer.java
Modified:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java?rev=1209241&r1=1209240&r2=1209241&view=diff
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java
(original)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java
Thu Dec 1 21:14:02 2011
@@ -24,6 +24,7 @@ import java.util.Arrays;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import org.apache.cxf.jaxrs.cors.CrossOriginResourceSharingFilter;
@@ -47,6 +48,15 @@ public class ConfigServer {
}
return "ok";
}
+
+ @POST
+ @Path("/setAllowCredentials/{yn}")
+ @Produces("text/plain")
+ public String setAllowCredentials(@PathParam("yn") boolean yn) {
+ inputFilter.setAllowCredentials(yn);
+ return "ok";
+ }
+
public CrossOriginResourceSharingFilter getInputFilter() {
return inputFilter;
Modified:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CorsServer.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CorsServer.java?rev=1209241&r1=1209240&r2=1209241&view=diff
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CorsServer.java
(original)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CorsServer.java
Thu Dec 1 21:14:02 2011
@@ -19,10 +19,12 @@
package org.apache.cxf.systest.jaxrs.cors;
+import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.core.Response;
/**
*
@@ -36,5 +38,9 @@ public class CorsServer {
return echo;
}
-
+ @DELETE
+ @Path("/delete")
+ public Response deleteSomething() {
+ return Response.ok().build();
+ }
}
Copied:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
(from r1209212,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/BasicCrossOriginTest.java)
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java?p2=cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java&p1=cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/BasicCrossOriginTest.java&r1=1209212&r2=1209241&rev=1209241&view=diff
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/BasicCrossOriginTest.java
(original)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
Thu Dec 1 21:14:02 2011
@@ -34,6 +34,7 @@ import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
+import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
@@ -42,7 +43,18 @@ import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;
-public class BasicCrossOriginTest extends AbstractBusClientServerTestBase {
+/**
+ * Unit tests for simple CORS requests. Simple requests traffic only in
allowed origins,
+ * allowed credentials, and exposed headers.
+ *
+ * Note that it's not the server's job to detect invalid CORS requests. If a
client
+ * fails to preflight, it's just not our job. However, also note that all
'actual'
+ * requests are treated as simple requests. In other words, a DELETE gets the
same
+ * treatment as a simple request. The 'hey, this is complex' test happens on
the client,
+ * which thus decides to do a preflight.
+ *
+ */
+public class CrossOriginSimpleTest extends AbstractBusClientServerTestBase {
public static final String PORT = SpringServer.PORT;
private WebClient configClient;
@@ -58,23 +70,6 @@ public class BasicCrossOriginTest extend
configClient = WebClient.create("http://localhost:"; + PORT +
"/config", providers);
}
- @Test
- public void testSimpleGet() throws Exception {
- String origin = "http://localhost:"; + PORT;
- HttpClient httpclient = new DefaultHttpClient();
- HttpGet httpget = new HttpGet(origin + "/test/simpleGet/HelloThere");
- httpget.addHeader("Origin", origin);
- HttpResponse response = httpclient.execute(httpget);
- HttpEntity entity = response.getEntity();
- String e = IOUtils.toString(entity.getContent(), "utf-8");
-
- assertEquals("HelloThere", e);
- Header[] aaoHeaders =
response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_ORIGIN);
- assertNotNull(aaoHeaders);
- assertEquals(1, aaoHeaders.length);
- assertEquals("*", aaoHeaders[0].getValue());
- }
-
private List<String> headerValues(Header[] headers) {
List<String> values = new ArrayList<String>();
for (Header h : headers) {
@@ -87,13 +82,7 @@ public class BasicCrossOriginTest extend
private void assertAllOrigin(boolean allOrigins, String[] originList,
String[] requestOrigins,
boolean permitted) throws
ClientProtocolException, IOException {
- if (allOrigins) {
- originList = new String[0];
- }
- // tell filter what to do.
- String confResult =
configClient.accept("text/plain").replacePath("/setOriginList")
- .type("application/json").post(originList, String.class);
- assertEquals("ok", confResult);
+ connfigureAllowOrigins(allOrigins, originList);
HttpClient httpclient = new DefaultHttpClient();
HttpGet httpget = new HttpGet("http://localhost:"; + PORT +
"/test/simpleGet/HelloThere");
@@ -103,10 +92,16 @@ public class BasicCrossOriginTest extend
}
}
HttpResponse response = httpclient.execute(httpget);
+ assertEquals(200, response.getStatusLine().getStatusCode());
HttpEntity entity = response.getEntity();
String e = IOUtils.toString(entity.getContent(), "utf-8");
assertEquals("HelloThere", e); // ensure that we didn't bust the
operation itself.
+ assertOriginResponse(allOrigins, requestOrigins, permitted, response);
+ }
+
+ private void assertOriginResponse(boolean allOrigins, String[]
requestOrigins, boolean permitted,
+ HttpResponse response) {
Header[] aaoHeaders =
response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_ORIGIN);
if (permitted) {
assertNotNull(aaoHeaders);
@@ -126,6 +121,21 @@ public class BasicCrossOriginTest extend
}
}
+ private void connfigureAllowOrigins(boolean allOrigins, String[]
originList) {
+ if (allOrigins) {
+ originList = new String[0];
+ }
+ // tell filter what to do.
+ String confResult =
configClient.accept("text/plain").replacePath("/setOriginList")
+ .type("application/json").post(originList, String.class);
+ assertEquals("ok", confResult);
+ }
+
+ @Test
+ public void failNoOrigin() throws Exception {
+ assertAllOrigin(true, null, null, false);
+ }
+
@Test
public void allowStarPassOne() throws Exception {
// Allow *, pass origin
@@ -190,6 +200,59 @@ public class BasicCrossOriginTest extend
}, false);
}
+
+ @Test
+ public void testAllowCredentials() throws Exception {
+ String r = configClient.replacePath("/setAllowCredentials/true")
+ .accept("text/plain").post(null, String.class);
+ assertEquals("ok", r);
+
+ HttpClient httpclient = new DefaultHttpClient();
+ HttpGet httpget = new HttpGet("http://localhost:"; + PORT +
"/test/simpleGet/HelloThere");
+ httpget.addHeader("Origin", "http://localhost:"; + PORT);
+
+ HttpResponse response = httpclient.execute(httpget);
+ assertEquals(200, response.getStatusLine().getStatusCode());
+ Header[] aaoHeaders =
response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_CREDENTIALS);
+ assertEquals(1, aaoHeaders.length);
+ assertEquals("true", aaoHeaders[0].getValue());
+ }
+
+ @Test
+ public void testForbidCredentials() throws Exception {
+ String r = configClient.replacePath("/setAllowCredentials/false")
+ .accept("text/plain").post(null, String.class);
+ assertEquals("ok", r);
+
+ HttpClient httpclient = new DefaultHttpClient();
+ HttpGet httpget = new HttpGet("http://localhost:"; + PORT +
"/test/simpleGet/HelloThere");
+ httpget.addHeader("Origin", "http://localhost:"; + PORT);
+
+ HttpResponse response = httpclient.execute(httpget);
+ assertEquals(200, response.getStatusLine().getStatusCode());
+ Header[] aaoHeaders =
response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_CREDENTIALS);
+ assertEquals(1, aaoHeaders.length);
+ assertEquals("false", aaoHeaders[0].getValue());
+ }
+
+ @Test
+ public void testNonSimpleActualRequest() throws Exception {
+ connfigureAllowOrigins(true, null);
+ String r = configClient.replacePath("/setAllowCredentials/false")
+ .accept("text/plain").post(null, String.class);
+ assertEquals("ok", r);
+
+ HttpClient httpclient = new DefaultHttpClient();
+ HttpDelete httpdelete = new HttpDelete("http://localhost:"; + PORT +
"/test/delete");
+ httpdelete.addHeader("Origin", "http://localhost:"; + PORT);
+
+ HttpResponse response = httpclient.execute(httpdelete);
+ assertEquals(200, response.getStatusLine().getStatusCode());
+ Header[] aaoHeaders =
response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_CREDENTIALS);
+ assertEquals(1, aaoHeaders.length);
+ assertEquals("false", aaoHeaders[0].getValue());
+ assertOriginResponse(true, null, true, response);
+ }
@Ignore
public static class SpringServer extends AbstractSpringServer {
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
