java 与 Spring Security 的集成测试
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/30536710/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-11-02 17:17:30 来源:igfitidea点击:
Integration tests with spring security
提问by Daniela Morais
I need to send a get request to the API, but despite having placed the administrator annotation get error@WithMockUser(roles="ADMINISTRADOR").
How do I send a request?
API
我需要向 API 发送一个 get 请求,但尽管已经放置了管理员注释 get error@WithMockUser(roles="ADMINISTRADOR")。
如何发送请求?
应用程序接口
@RequestMapping(value = "/{id}", method = RequestMethod.GET)
@PostAuthorize("returnObject.instancia == principal.instancia.instancia")
public Validacao retrieve(@PathVariable("id") String id) {
return validacaoService.retrieve(id);
}
Test
测试
@Test
@WithMockUser(roles = "ADMINISTRADOR")
public void testCRetrieve() throws Exception {
this.mockMvc
.perform(get("/api/validacao/" + id).with(user("[email protected]")))
.andExpect(status().isOk())
.andReturn();
}
Log
日志
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext
Test Class
测试班
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes = {ValidacaoAPITest.TestConfiguration.class, WithSecurityConfig.class})
@WebAppConfiguration
public class ValidacaoAPITest {
@EnableWebMvc
@Configuration
public static class TestConfiguration {
Fongo fongo = new Fongo("new server 1");
DB db = fongo.getDB("oknok");
@Bean
ValidacaoAPI getValidacaoAPI() {
return new ValidacaoAPI();
}
@Bean
ActiveUser getActiveUser() {
ActiveUser mock = Mockito.mock(ActiveUser.class);
when(mock.getUser()).thenReturn(new User().setEmail("[email protected]"));
when(mock.getInstancia()).thenReturn(new Instancia().setInstancia("instancia"));
return mock;
}
@Bean
ValidacaoService getValidacaoService() {
return new ValidacaoService();
}
@Bean
MatchService getMatchService() {
return new MatchService();
}
@Bean
PlanilhaReader getPlanilhaReader() {
return new PlanilhaReader();
}
@Bean
AtributoReader getAtributoReader() {
return new AtributoReader();
}
@Bean
AtributoDAO getAtributoDAO() {
return new AtributoDAO();
}
@Bean
UploadService getUploadService() {
return new UploadService();
}
@Bean
ValidacaoResultadoDAO getValidacaoResultadoDAO() {
return new ValidacaoResultadoDAO(db);
}
@Bean
Mapper getMapper() {
return new Mapper(db);
}
@Bean
UploadDAO getUploadDAO() {
return new UploadDAO(db);
}
@Bean
MatchDAO getMatchDAO() {
return new MatchDAO(db);
}
@Bean
ValidacaoDAO getValidacaoDAO() {
return new ValidacaoDAO(db);
}
@Bean
UploadOriginalsDAO getUploadOriginalsDAO() {
return new UploadOriginalsDAO(db);
}
@Bean
AtributoValidator getAtributoValidator() {
return new AtributoValidator();
}
}
@Autowired
MatchService matchService;
@Autowired
private WebApplicationContext context;
private MockMvc mockMvc;
private static String id;
@Before
public void setup() {
mockMvc = MockMvcBuilders.webAppContextSetup(context).build();
}
@Test
public void testACreateValidation() throws Exception {
MvcResult result = this.mockMvc
.perform(post("/api/validacao"))
.andExpect(status().isOk())
.andExpect(jsonPath("$.id", notNullValue()))
.andReturn();
this.id = ((BasicDBObject) JSON.parse(result.getResponse().getContentAsString())).getString("id");
}
@Test
public void testBRetrieveAll() throws Exception {
MvcResult result = this.mockMvc
.perform(get("/api/validacao"))
.andExpect(status().isOk())
.andExpect(jsonPath("$.[0].id", notNullValue()))
.andReturn();
BasicDBList list = (BasicDBList) JSON.parse(result.getResponse().getContentAsString());
this.id = (String) ((BasicDBObject) JSON.parse(list.get(0).toString())).get("id");
}
//FIXME
@Test
@WithMockUser(roles = "ADMINISTRADOR")
public void testCRetrieve() throws Exception {
this.mockMvc
.perform(get("/api/validacao/" + id).with(user("[email protected]")))
.andExpect(status().isOk())
.andReturn();
}
}
回答by saljuama
In the Spring security Reference, section 10.1states that in order to be able to test the spring security features, you need to integrate the security filter chain in your MockMvc object, as shown in this example in the @Before setup method.
在 Spring security Reference 中,第 10.1 节指出,为了能够测试 spring 安全功能,您需要在 MockMvc 对象中集成安全过滤器链,如@Before 设置方法中的示例所示。
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration
@WebAppConfiguration
public class CsrfShowcaseTests {
@Autowired
private WebApplicationContext context;
private MockMvc mvc;
@Before
public void setup() {
mvc = MockMvcBuilders
.webAppContextSetup(context)
.apply(springSecurity())
.build();
}
...
}
