public virtual void ChangePassword() { // Given StartServer(true); // Document RESTRequestGenerator.ResponseEntity response = Gen.get().expectedStatus(200).withHeader(HttpHeaders.AUTHORIZATION, HTTP.basicAuthHeader("neo4j", "neo4j")).payload(QuotedJson("{'password':'******'}")).post(_server.baseUri().resolve("/user/neo4j/password").ToString()); // Then the new password should work assertEquals(200, HTTP.withBasicAuth("neo4j", "secret").GET(DataURL()).status()); // Then the old password should not be invalid assertEquals(401, HTTP.withBasicAuth("neo4j", "neo4j").POST(DataURL()).status()); }
public virtual void IncorrectAuthentication() { // Given StartServerWithConfiguredUser(); // Document RESTRequestGenerator.ResponseEntity response = Gen.get().expectedStatus(401).withHeader(HttpHeaders.AUTHORIZATION, HTTP.basicAuthHeader("neo4j", "incorrect")).expectedHeader("WWW-Authenticate", "Basic realm=\"Neo4j\"").post(DataURL()); // Then JsonNode data = JsonHelper.jsonNode(response.Entity()); JsonNode firstError = data.get("errors").get(0); assertThat(firstError.get("code").asText(), equalTo("Neo.ClientError.Security.Unauthorized")); assertThat(firstError.get("message").asText(), equalTo("Invalid username or password.")); }
public virtual void SuccessfulAuthentication() { // Given StartServerWithConfiguredUser(); // Document RESTRequestGenerator.ResponseEntity response = Gen.get().expectedStatus(200).withHeader(HttpHeaders.AUTHORIZATION, HTTP.basicAuthHeader("neo4j", "secret")).get(UserURL("neo4j")); // Then JsonNode data = JsonHelper.jsonNode(response.Entity()); assertThat(data.get("username").asText(), equalTo("neo4j")); assertThat(data.get("password_change_required").asBoolean(), equalTo(false)); assertThat(data.get("password_change").asText(), equalTo(PasswordURL("neo4j"))); }
public virtual void MissingAuthorization() { // Given StartServerWithConfiguredUser(); // Document RESTRequestGenerator.ResponseEntity response = Gen.get().expectedStatus(401).expectedHeader("WWW-Authenticate", "Basic realm=\"Neo4j\"").get(DataURL()); // Then JsonNode data = JsonHelper.jsonNode(response.Entity()); JsonNode firstError = data.get("errors").get(0); assertThat(firstError.get("code").asText(), equalTo("Neo.ClientError.Security.Unauthorized")); assertThat(firstError.get("message").asText(), equalTo("No authentication header supplied.")); }
public virtual void PasswordChangeRequired() { // Given StartServer(true); // Document RESTRequestGenerator.ResponseEntity response = Gen.get().expectedStatus(403).withHeader(HttpHeaders.AUTHORIZATION, HTTP.basicAuthHeader("neo4j", "neo4j")).get(DataURL()); // Then JsonNode data = JsonHelper.jsonNode(response.Entity()); JsonNode firstError = data.get("errors").get(0); assertThat(firstError.get("code").asText(), equalTo("Neo.ClientError.Security.Forbidden")); assertThat(firstError.get("message").asText(), equalTo("User is required to change their password.")); assertThat(data.get("password_change").asText(), equalTo(PasswordURL("neo4j"))); }