ADD: Verify, only act on POST (+CSRF)

[gigi.git] / tests / org / cacert / gigi / testUtils / TestEmailReciever.java

diff --git a/tests/org/cacert/gigi/testUtils/TestEmailReciever.java b/tests/org/cacert/gigi/testUtils/TestEmailReciever.java
index a68b1847e0c5cdf10881d86b2e543b20c570b074..50e3aace1f1cd3ebe77ff8e1df7b46cffaf00a8b 100644 (file)
--- a/tests/org/cacert/gigi/testUtils/TestEmailReciever.java
+++ b/tests/org/cacert/gigi/testUtils/TestEmailReciever.java
@@ -5,6 +5,8 @@ import java.io.DataOutputStream;
 import java.io.IOException;
 import java.net.Socket;
 import java.net.SocketAddress;
+import java.net.URL;
+import java.net.URLConnection;
 import java.util.concurrent.LinkedBlockingQueue;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Matcher;
@@ -61,6 +63,22 @@ public class TestEmailReciever extends EmailProvider implements Runnable {
             return m.group(0);
         }
 
+        public void verify() throws IOException {
+            String[] parts = extractLink().split("\\?");
+            URL u = new URL("https://" + ManagedTest.getServerName() + "/verify?" + parts[1]);
+
+            URLConnection csrfConn = u.openConnection();
+            String csrf = ManagedTest.getCSRF(csrfConn, 0);
+
+            u = new URL("https://" + ManagedTest.getServerName() + "/verify");
+            URLConnection uc = u.openConnection();
+            ManagedTest.cookie(uc, ManagedTest.stripCookie(csrfConn.getHeaderField("Set-Cookie")));
+            uc.setDoOutput(true);
+            uc.getOutputStream().write((parts[1] + "&csrf=" + csrf).getBytes());
+            uc.connect();
+            uc.getInputStream().close();
+        }
+
     }
 
     private Socket s;