cleanup code & add tests

scm-webapp/src/main/java/sonia/scm/security/ScmAtLeastOneSuccessfulStrategy.java

@@ -38,7 +38,7 @@ import java.util.Optional;
 
 public class ScmAtLeastOneSuccessfulStrategy extends AbstractAuthenticationStrategy {
 
-  private final ThreadLocal<List<Throwable>> threadLocal = new ThreadLocal<>();
+  final ThreadLocal<List<Throwable>> threadLocal = new ThreadLocal<>();
 
   @Override
   public AuthenticationInfo beforeAllAttempts(Collection<? extends Realm> realms, AuthenticationToken token) throws AuthenticationException {

scm-webapp/src/main/java/sonia/scm/security/TokenExpiredFilter.java

@@ -48,7 +48,7 @@ import java.io.IOException;
 @Priority(Filters.PRIORITY_PRE_AUTHENTICATION)
 @Singleton
 public class TokenExpiredFilter extends HttpFilter {
-  private static final String TOKEN_EXPIRED_ERROR_CODE = "DDS8D8unr1";
+  static final String TOKEN_EXPIRED_ERROR_CODE = "DDS8D8unr1";
   private static final Logger LOG = LoggerFactory.getLogger(TokenExpiredFilter.class);
 
   private final AccessTokenCookieIssuer accessTokenCookieIssuer;