From e2674c3b27174e408264b84f50bf86a13e2d3824 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 9 Feb 2024 17:29:29 +0300 Subject: Use fetch credentials instead of hash parameter for authenticated requests --- src/test/java/com/juick/server/tests/ServerTests.java | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'src/test') diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java index e74e8c6f..0724eb4f 100644 --- a/src/test/java/com/juick/server/tests/ServerTests.java +++ b/src/test/java/com/juick/server/tests/ServerTests.java @@ -1754,8 +1754,7 @@ public class ServerTests { public void hashLoginShouldNotUseSession() throws Exception { String hash = userService.getHashByUID(ugnich.getUid()); MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash)).andExpect(status().isOk()) - .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))) - .andExpect(content().string(containsString(hash))).andReturn(); + .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))).andReturn(); Cookie rememberMeFromHash = hashLoginResult.getResponse().getCookie("juick-remember-me"); MvcResult formLoginResult = mockMvc .perform(post("/login").with(csrf()).param("username", ugnichName).param("password", @@ -1763,19 +1762,16 @@ public class ServerTests { .andExpect(status().is3xxRedirection()).andReturn(); Cookie rememberMeFromForm = formLoginResult.getResponse().getCookie("juick-remember-me"); mockMvc.perform(get("/?show=my").cookie(rememberMeFromForm)).andExpect(status().isOk()) - .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))) - .andExpect(content().string(containsString(hash))); + .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))); mockMvc.perform(get("/?show=my").cookie(rememberMeFromHash)).andExpect(status().isOk()) - .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))) - .andExpect(content().string(containsString(hash))); + .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))); } @Test public void apiRequestsShouldAuthorizeWithCookie() throws Exception { String hash = userService.getHashByUID(ugnich.getUid()); MvcResult hashLoginResult = mockMvc.perform(get("/?show=my&hash=" + hash)).andExpect(status().isOk()) - .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))) - .andExpect(content().string(containsString(hash))).andReturn(); + .andExpect(model().attribute("visitor", hasProperty("authHash", equalTo(hash)))).andReturn(); Cookie rememberMeFromHash = hashLoginResult.getResponse().getCookie("juick-remember-me"); mockMvc.perform(get("/api/me").cookie(rememberMeFromHash)) .andExpect(status().isOk()); -- cgit v1.2.3