diff --git a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java index b4647f3ded..bb162fe65b 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java @@ -557,7 +557,6 @@ public class AclImplTests { @Test public void hashCodeWithoutStackOverFlow() throws Exception { - // given Sid sid = new PrincipalSid("pSid"); ObjectIdentity oid = new ObjectIdentityImpl("type", 1); AclAuthorizationStrategy authStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("role")); @@ -570,7 +569,6 @@ public class AclImplTests { fieldAces.setAccessible(true); List aces = (List) fieldAces.get(acl); aces.add(ace); - // when - then none StackOverFlowError been raised ace.hashCode(); } diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java index bf913fcab9..04dba0b446 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java @@ -61,119 +61,76 @@ public class AclClassIdUtilsTests { @Test public void shouldReturnLongIfIdentifierIsLong() throws SQLException { - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER); } @Test public void shouldReturnLongIfIdentifierIsBigInteger() throws SQLException { - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(BIGINT_IDENTIFIER, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER); } @Test public void shouldReturnLongIfClassIdTypeIsNull() throws SQLException { - // given given(this.resultSet.getString("class_id_type")).willReturn(null); - - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER); } @Test public void shouldReturnLongIfNoClassIdTypeColumn() throws SQLException { - // given given(this.resultSet.getString("class_id_type")).willThrow(SQLException.class); - - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER); } @Test public void shouldReturnLongIfTypeClassNotFound() throws SQLException { - // given given(this.resultSet.getString("class_id_type")).willReturn("com.example.UnknownType"); - - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER); } @Test public void shouldReturnLongEvenIfCustomConversionServiceDoesNotSupportLongConversion() throws SQLException { - // given given(this.resultSet.getString("class_id_type")).willReturn("java.lang.Long"); given(this.conversionService.canConvert(String.class, Long.class)).willReturn(false); this.aclClassIdUtils.setConversionService(this.conversionService); - - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER); } @Test public void shouldReturnLongWhenLongClassIdType() throws SQLException { - // given given(this.resultSet.getString("class_id_type")).willReturn("java.lang.Long"); - - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER); } @Test public void shouldReturnUUIDWhenUUIDClassIdType() throws SQLException { - // given UUID identifier = UUID.randomUUID(); given(this.resultSet.getString("class_id_type")).willReturn("java.util.UUID"); - - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(identifier.toString(), this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(identifier); } @Test public void shouldReturnStringWhenStringClassIdType() throws SQLException { - // given String identifier = "MY_STRING_IDENTIFIER"; given(this.resultSet.getString("class_id_type")).willReturn("java.lang.String"); - - // when Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(identifier, this.resultSet); - - // then assertThat(newIdentifier).isEqualTo(identifier); } @Test(expected = IllegalArgumentException.class) public void shouldNotAcceptNullConversionServiceInConstruction() { - // when new AclClassIdUtils(null); } @Test(expected = IllegalArgumentException.class) public void shouldNotAcceptNullConversionServiceInSetter() { - // when this.aclClassIdUtils.setConversionService(null); } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java index 3a88e03e8f..0ed6cc1ca3 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java @@ -75,8 +75,6 @@ public class HeadersConfigurer> private List headerWriters = new ArrayList<>(); - // --- default header writers --- - private final ContentTypeOptionsConfig contentTypeOptions = new ContentTypeOptionsConfig(); private final XXssConfig xssProtection = new XXssConfig(); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java index 8351a52ce5..93342403c6 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java @@ -436,8 +436,6 @@ public class OAuth2ResourceServerConfigurerTests { .andExpect(content().string("test-subject")); } - // -- Method Security - @Test public void getWhenUsingMethodSecurityWithValidBearerTokenThenAcceptsRequest() throws Exception { @@ -494,8 +492,6 @@ public class OAuth2ResourceServerConfigurerTests { .andExpect(insufficientScopeHeader()); } - // -- Resource Server should not engage csrf - @Test public void postWhenUsingDefaultsWithValidBearerTokenAndNoCsrfTokenThenOk() throws Exception { @@ -527,8 +523,6 @@ public class OAuth2ResourceServerConfigurerTests { .andExpect(invalidTokenHeader("An error occurred while attempting to decode the Jwt")); } - // -- Resource Server should not create sessions - @Test public void requestWhenDefaultConfiguredThenSessionIsNotCreated() throws Exception { @@ -576,8 +570,6 @@ public class OAuth2ResourceServerConfigurerTests { assertThat(result.getRequest().getSession(false)).isNotNull(); } - // -- custom bearer token resolver - @Test public void requestWhenBearerTokenResolverAllowsRequestBodyThenEitherHeaderOrRequestBodyIsAccepted() throws Exception { @@ -693,8 +685,6 @@ public class OAuth2ResourceServerConfigurerTests { assertThat(oauth2.getBearerTokenResolver()).isInstanceOf(DefaultBearerTokenResolver.class); } - // -- custom jwt decoder - @Test public void requestWhenCustomJwtDecoderWiredOnDslThenUsed() throws Exception { @@ -820,8 +810,6 @@ public class OAuth2ResourceServerConfigurerTests { assertThatCode(() -> jwtConfigurer.getJwtDecoder()).isInstanceOf(NoUniqueBeanDefinitionException.class); } - // -- exception handling - @Test public void requestWhenRealmNameConfiguredThenUsesOnUnauthenticated() throws Exception { @@ -861,8 +849,6 @@ public class OAuth2ResourceServerConfigurerTests { assertThatCode(() -> configurer.accessDeniedHandler(null)).isInstanceOf(IllegalArgumentException.class); } - // -- token validator - @Test public void requestWhenCustomJwtValidatorFailsThenCorrespondingErrorMessage() throws Exception { @@ -904,8 +890,6 @@ public class OAuth2ResourceServerConfigurerTests { .andExpect(invalidTokenHeader("Jwt expired at")); } - // -- converter - @Test public void requestWhenJwtAuthenticationConverterConfiguredOnDslThenIsUsed() throws Exception { @@ -937,8 +921,6 @@ public class OAuth2ResourceServerConfigurerTests { this.mvc.perform(get("/requires-read-scope").with(bearerToken(JWT_TOKEN))).andExpect(status().isOk()); } - // -- single key - @Test public void requestWhenUsingPublicKeyAndValidTokenThenAuthenticates() throws Exception { @@ -991,8 +973,6 @@ public class OAuth2ResourceServerConfigurerTests { verifyBean(AuthenticationProvider.class).authenticate(any(Authentication.class)); } - // -- opaque - @Test public void getWhenIntrospectingThenOk() throws Exception { this.spring.register(RestOperationsConfig.class, OpaqueTokenConfig.class, BasicController.class).autowire(); @@ -1099,8 +1079,6 @@ public class OAuth2ResourceServerConfigurerTests { assertThat(opaqueToken.getIntrospector()).isNotNull(); } - // -- In combination with other authentication providers - @Test public void requestWhenBasicAndResourceServerEntryPointsThenMatchedByRequest() throws Exception { @@ -1171,8 +1149,6 @@ public class OAuth2ResourceServerConfigurerTests { .andExpect(status().isOk()).andExpect(content().string("basic-user")); } - // -- authentication manager - @Test public void getAuthenticationManagerWhenConfiguredAuthenticationManagerThenTakesPrecedence() { ApplicationContext context = mock(ApplicationContext.class); @@ -1190,8 +1166,6 @@ public class OAuth2ResourceServerConfigurerTests { verify(http, never()).authenticationProvider(any(AuthenticationProvider.class)); } - // -- authentication manager resolver - @Test public void getWhenMultipleIssuersThenUsesIssuerClaimToDifferentiate() throws Exception { this.spring.register(WebServerConfig.class, MultipleIssuersConfig.class, BasicController.class).autowire(); @@ -1226,8 +1200,6 @@ public class OAuth2ResourceServerConfigurerTests { .andExpect(invalidTokenHeader("Invalid issuer")); } - // -- Incorrect Configuration - @Test public void configuredWhenMissingJwtAuthenticationProviderThenWiringException() { diff --git a/config/src/test/java/org/springframework/security/config/http/HttpHeadersConfigTests.java b/config/src/test/java/org/springframework/security/config/http/HttpHeadersConfigTests.java index 4bc4ae8846..a0c2c7861a 100644 --- a/config/src/test/java/org/springframework/security/config/http/HttpHeadersConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/HttpHeadersConfigTests.java @@ -135,8 +135,6 @@ public class HttpHeadersConfigTests { this.mvc.perform(get("/").secure(true)).andExpect(status().isOk()).andExpect(includes(headers)); } - // -- defaults disabled - /** * gh-3986 */ @@ -480,8 +478,6 @@ public class HttpHeadersConfigTests { .andExpect(excludesDefaults()); } - // -- single-header disabled - @Test public void requestWhenCacheControlDisabledThenExcludesHeader() throws Exception { @@ -550,8 +546,6 @@ public class HttpHeadersConfigTests { .andExpect(excludes(xssProtection)); } - // --- disable error handling --- - @Test public void configureWhenHstsDisabledAndIncludeSubdomainsSpecifiedThenAutowireFails() { assertThatThrownBy( diff --git a/config/src/test/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests.java index 53b1dc8715..06195642b2 100644 --- a/config/src/test/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests.java @@ -335,8 +335,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .andExpect(status().isNotFound()); } - // -- Resource Server should not engage csrf - @Test public void postWhenValidBearerTokenAndNoCsrfTokenThenOk() throws Exception { @@ -371,8 +369,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .andExpect(invalidTokenHeader("An error occurred while attempting to decode the Jwt")); } - // -- Resource Server should not create sessions - @Test public void requestWhenJwtThenSessionIsNotCreated() throws Exception { @@ -421,8 +417,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { assertThat(result.getRequest().getSession(false)).isNotNull(); } - // -- custom bearer token resolver - @Test public void getWhenCustomBearerTokenResolverThenUses() throws Exception { this.spring.configLocations(xml("MockBearerTokenResolver"), xml("MockJwtDecoder"), xml("BearerTokenResolver")) @@ -502,8 +496,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { assertThat(oauth2.getBearerTokenResolver(mock(Element.class))).isInstanceOf(RootBeanDefinition.class); } - // -- custom jwt decoder - @Test public void requestWhenCustomJwtDecoderThenUsed() throws Exception { @@ -525,8 +517,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .isInstanceOf(BeanDefinitionParsingException.class); } - // -- exception handling - @Test public void requestWhenRealmNameConfiguredThenUsesOnUnauthenticated() throws Exception { @@ -553,8 +543,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, startsWith("Bearer realm=\"myRealm\""))); } - // -- token validator - @Test public void requestWhenCustomJwtValidatorFailsThenCorrespondingErrorMessage() throws Exception { @@ -593,8 +581,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .andExpect(invalidTokenHeader("Jwt expired at")); } - // -- converter - @Test public void requestWhenJwtAuthenticationConverterThenUsed() throws Exception { @@ -614,8 +600,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { verify(jwtAuthenticationConverter).convert(any(Jwt.class)); } - // -- single key - @Test public void requestWhenUsingPublicKeyAndValidTokenThenAuthenticates() throws Exception { @@ -645,8 +629,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .andExpect(invalidTokenHeader("algorithm")); } - // -- opaque - @Test public void getWhenIntrospectingThenOk() throws Exception { this.spring.configLocations(xml("OpaqueTokenRestOperations"), xml("OpaqueToken")).autowire(); @@ -688,8 +670,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .isInstanceOf(BeanDefinitionParsingException.class); } - // -- authentication manager resolver - @Test public void getWhenAuthenticationManagerResolverThenUses() throws Exception { this.spring.configLocations(xml("AuthenticationManagerResolver")).autowire(); @@ -738,12 +718,9 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { .andExpect(status().isUnauthorized()).andExpect(invalidTokenHeader("Invalid issuer")); } - // -- In combination with other authentication providers - @Test - public void requestWhenBasicAndResourceServerEntryPointsThenBearerTokenPresides() throws Exception { // different - // from - // DSL + public void requestWhenBasicAndResourceServerEntryPointsThenBearerTokenPresides() throws Exception { + // different from DSL this.spring.configLocations(xml("MockJwtDecoder"), xml("BasicAndResourceServer")).autowire(); @@ -762,9 +739,8 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { } @Test - public void requestWhenFormLoginAndResourceServerEntryPointsThenSessionCreatedByRequest() throws Exception { // different - // from - // DSL + public void requestWhenFormLoginAndResourceServerEntryPointsThenSessionCreatedByRequest() throws Exception { + // different from DSL this.spring.configLocations(xml("MockJwtDecoder"), xml("FormAndResourceServer")).autowire(); @@ -794,8 +770,6 @@ public class OAuth2ResourceServerBeanDefinitionParserTests { this.mvc.perform(get("/authenticated").with(httpBasic("user", "password"))).andExpect(status().isNotFound()); } - // -- Incorrect Configuration - @Test public void configuredWhenMissingJwtAuthenticationProviderThenWiringException() { assertThatCode(() -> this.spring.configLocations(xml("Jwtless")).autowire()) diff --git a/config/src/test/java/org/springframework/security/config/websocket/WebSocketMessageBrokerConfigTests.java b/config/src/test/java/org/springframework/security/config/websocket/WebSocketMessageBrokerConfigTests.java index 6374b34664..f52196797b 100644 --- a/config/src/test/java/org/springframework/security/config/websocket/WebSocketMessageBrokerConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/websocket/WebSocketMessageBrokerConfigTests.java @@ -242,8 +242,6 @@ public class WebSocketMessageBrokerConfigTests { assertThatThrownBy(send(message)).hasCauseInstanceOf(AccessDeniedException.class); } - // -- invalid intercept types -- // - @Test public void configureWhenUsingConnectMessageTypeThenAutowireFails() { ThrowingCallable bad = () -> this.spring.configLocations(xml("ConnectInterceptTypeConfig")).autowire(); diff --git a/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java b/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java index d54ad3faca..1c4f1a9d38 100644 --- a/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java +++ b/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java @@ -51,80 +51,63 @@ public class ExpressionBasedPreInvocationAdviceTests { @Test(expected = IllegalArgumentException.class) public void findFilterTargetNameProvidedButNotMatch() throws Exception { - // given PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "filterTargetDoesNotMatch", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingCollection", new Class[] { List.class }, new Object[] { new ArrayList<>() }); - // when - then this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); } @Test(expected = IllegalArgumentException.class) public void findFilterTargetNameProvidedArrayUnsupported() throws Exception { - // given PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "param", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingArray", new Class[] { String[].class }, new Object[] { new String[0] }); - // when - then this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); } @Test public void findFilterTargetNameProvided() throws Exception { - // given PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "param", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingCollection", new Class[] { List.class }, new Object[] { new ArrayList<>() }); - - // when boolean result = this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); - // then assertThat(result).isTrue(); } @Test(expected = IllegalArgumentException.class) public void findFilterTargetNameNotProvidedArrayUnsupported() throws Exception { - // given PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingArray", new Class[] { String[].class }, new Object[] { new String[0] }); - // when - then this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); } @Test public void findFilterTargetNameNotProvided() throws Exception { - // given PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingCollection", new Class[] { List.class }, new Object[] { new ArrayList<>() }); - // when boolean result = this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); - // then assertThat(result).isTrue(); } @Test(expected = IllegalArgumentException.class) public void findFilterTargetNameNotProvidedTypeNotSupported() throws Exception { - // given PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingString", new Class[] { String.class }, new Object[] { "param" }); - // when - then this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); } @Test(expected = IllegalArgumentException.class) public void findFilterTargetNameNotProvidedMethodAcceptMoreThenOneArgument() throws Exception { - // given PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingTwoArgs", new Class[] { String.class, List.class }, new Object[] { "param", new ArrayList<>() }); - // when - then this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); } diff --git a/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java b/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java index 486f9b35c3..177b04ae27 100644 --- a/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java +++ b/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java @@ -41,15 +41,11 @@ public abstract class AbstractDelegatingSecurityContextExecutorTests private DelegatingSecurityContextExecutor executor; - // --- constructor --- - @Test(expected = IllegalArgumentException.class) public void constructorNullDelegate() { new DelegatingSecurityContextExecutor(null); } - // --- execute --- - @Test public void execute() { this.executor = create(); diff --git a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java index 0d386424f6..4a98820b02 100644 --- a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java +++ b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java @@ -78,8 +78,6 @@ public class DelegatingSecurityContextCallableTests { SecurityContextHolder.clearContext(); } - // --- constructor --- - @Test(expected = IllegalArgumentException.class) public void constructorNullDelegate() { new DelegatingSecurityContextCallable<>(null); @@ -100,8 +98,6 @@ public class DelegatingSecurityContextCallableTests { new DelegatingSecurityContextCallable<>(this.delegate, null); } - // --- call --- - @Test public void call() throws Exception { this.callable = new DelegatingSecurityContextCallable<>(this.delegate, this.securityContext); @@ -126,8 +122,6 @@ public class DelegatingSecurityContextCallableTests { assertWrapped(this.callable.call()); } - // --- create --- - @Test(expected = IllegalArgumentException.class) public void createNullDelegate() { DelegatingSecurityContextCallable.create(null, this.securityContext); @@ -153,8 +147,6 @@ public class DelegatingSecurityContextCallableTests { assertWrapped(this.callable); } - // --- toString - // SEC-2682 @Test public void toStringDelegates() { diff --git a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java index 12365b4fc1..990c85ccb5 100644 --- a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java +++ b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java @@ -74,8 +74,6 @@ public class DelegatingSecurityContextRunnableTests { SecurityContextHolder.clearContext(); } - // --- constructor --- - @Test(expected = IllegalArgumentException.class) public void constructorNullDelegate() { new DelegatingSecurityContextRunnable(null); @@ -96,8 +94,6 @@ public class DelegatingSecurityContextRunnableTests { new DelegatingSecurityContextRunnable(this.delegate, null); } - // --- run --- - @Test public void call() throws Exception { this.runnable = new DelegatingSecurityContextRunnable(this.delegate, this.securityContext); @@ -123,8 +119,6 @@ public class DelegatingSecurityContextRunnableTests { assertWrapped(this.runnable); } - // --- create --- - @Test(expected = IllegalArgumentException.class) public void createNullDelegate() { DelegatingSecurityContextRunnable.create(null, this.securityContext); @@ -150,8 +144,6 @@ public class DelegatingSecurityContextRunnableTests { assertWrapped(this.runnable); } - // --- toString - // SEC-2682 @Test public void toStringDelegates() { diff --git a/crypto/src/main/java/org/springframework/security/crypto/encrypt/AesBytesEncryptor.java b/crypto/src/main/java/org/springframework/security/crypto/encrypt/AesBytesEncryptor.java index 85e5478814..52c913071d 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/encrypt/AesBytesEncryptor.java +++ b/crypto/src/main/java/org/springframework/security/crypto/encrypt/AesBytesEncryptor.java @@ -132,8 +132,6 @@ public final class AesBytesEncryptor implements BytesEncryptor { } } - // internal helpers - private byte[] iv(byte[] encrypted) { return this.ivGenerator != NULL_IV_GENERATOR ? EncodingUtils.subArray(encrypted, 0, this.ivGenerator.getKeyLength()) diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/StandardPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/password/StandardPasswordEncoder.java index bca1380bfd..1f36635d39 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/password/StandardPasswordEncoder.java +++ b/crypto/src/main/java/org/springframework/security/crypto/password/StandardPasswordEncoder.java @@ -83,8 +83,6 @@ public final class StandardPasswordEncoder implements PasswordEncoder { return MessageDigest.isEqual(digested, digest(rawPassword, salt)); } - // internal helpers - private StandardPasswordEncoder(String algorithm, CharSequence secret) { this.digester = new Digester(algorithm, DEFAULT_ITERATIONS); this.secret = Utf8.encode(secret); diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java index c80407f9af..dd2ee0b428 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java @@ -96,7 +96,6 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { // SEC-1915 @Test public void customSearchFilterIsUsedForSuccessfulAuthentication() throws Exception { - // given String customSearchFilter = "(&(objectClass=user)(sAMAccountName={0}))"; DirContext ctx = mock(DirContext.class); @@ -111,17 +110,14 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { "mydomain.eu", "ldap://192.168.1.200/"); customProvider.contextFactory = createContextFactoryReturning(ctx); - // when customProvider.setSearchFilter(customSearchFilter); Authentication result = customProvider.authenticate(this.joe); - // then assertThat(result.isAuthenticated()).isTrue(); } @Test public void defaultSearchFilter() throws Exception { - // given final String defaultSearchFilter = "(&(objectClass=user)(userPrincipalName={0}))"; DirContext ctx = mock(DirContext.class); @@ -136,10 +132,8 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { "mydomain.eu", "ldap://192.168.1.200/"); customProvider.contextFactory = createContextFactoryReturning(ctx); - // when Authentication result = customProvider.authenticate(this.joe); - // then assertThat(result.isAuthenticated()).isTrue(); verify(ctx).search(any(DistinguishedName.class), eq(defaultSearchFilter), any(Object[].class), any(SearchControls.class)); @@ -148,7 +142,6 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { // SEC-2897,SEC-2224 @Test public void bindPrincipalAndUsernameUsed() throws Exception { - // given final String defaultSearchFilter = "(&(objectClass=user)(userPrincipalName={0}))"; ArgumentCaptor captor = ArgumentCaptor.forClass(Object[].class); @@ -164,10 +157,8 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { "mydomain.eu", "ldap://192.168.1.200/"); customProvider.contextFactory = createContextFactoryReturning(ctx); - // when Authentication result = customProvider.authenticate(this.joe); - // then assertThat(captor.getValue()).containsExactly("joe@mydomain.eu", "joe"); assertThat(result.isAuthenticated()).isTrue(); } diff --git a/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java b/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java index b554ab2669..ce12e04584 100644 --- a/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java +++ b/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java @@ -491,16 +491,13 @@ public class NimbusJwtDecoderTests { @Test public void decodeWhenCacheThenStoreRetrievedJwkSetToCache() { - // given Cache cache = new ConcurrentMapCache("test-jwk-set-cache"); RestOperations restOperations = mock(RestOperations.class); given(restOperations.exchange(any(RequestEntity.class), eq(String.class))) .willReturn(new ResponseEntity<>(JWK_SET, HttpStatus.OK)); NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withJwkSetUri(JWK_SET_URI).restOperations(restOperations) .cache(cache).build(); - // when jwtDecoder.decode(SIGNED_JWT); - // then assertThat(cache.get(JWK_SET_URI, String.class)).isEqualTo(JWK_SET); ArgumentCaptor requestEntityCaptor = ArgumentCaptor.forClass(RequestEntity.class); verify(restOperations).exchange(requestEntityCaptor.capture(), eq(String.class)); @@ -511,15 +508,12 @@ public class NimbusJwtDecoderTests { @Test public void decodeWhenCacheThenRetrieveFromCache() { - // given RestOperations restOperations = mock(RestOperations.class); Cache cache = mock(Cache.class); given(cache.get(eq(JWK_SET_URI), any(Callable.class))).willReturn(JWK_SET); NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withJwkSetUri(JWK_SET_URI).cache(cache) .restOperations(restOperations).build(); - // when jwtDecoder.decode(SIGNED_JWT); - // then verify(cache).get(eq(JWK_SET_URI), any(Callable.class)); verifyNoMoreInteractions(cache); verifyNoInteractions(restOperations); @@ -527,14 +521,12 @@ public class NimbusJwtDecoderTests { @Test public void decodeWhenCacheIsConfiguredAndValueLoaderErrorsThenThrowsJwtException() { - // given Cache cache = new ConcurrentMapCache("test-jwk-set-cache"); RestOperations restOperations = mock(RestOperations.class); given(restOperations.exchange(any(RequestEntity.class), eq(String.class))) .willThrow(new RestClientException("Cannot retrieve JWK Set")); NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withJwkSetUri(JWK_SET_URI).restOperations(restOperations) .cache(cache).build(); - // then assertThatCode(() -> jwtDecoder.decode(SIGNED_JWT)).isInstanceOf(JwtException.class) .isNotInstanceOf(BadJwtException.class) .hasMessageContaining("An error occurred while attempting to decode the Jwt"); diff --git a/samples/boot/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java b/samples/boot/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java index fdf850a114..72bddcf9ac 100644 --- a/samples/boot/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java +++ b/samples/boot/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java @@ -58,8 +58,6 @@ public class HelloWebfluxMethodApplicationTests { .expectStatus().isUnauthorized(); } - // --- Basic Authentication --- - @Test public void messageWhenUserThenForbidden() { this.rest @@ -81,8 +79,6 @@ public class HelloWebfluxMethodApplicationTests { .expectBody(String.class).isEqualTo("Hello World!"); } - // --- WithMockUser --- - @Test @WithMockUser public void messageWhenWithMockUserThenForbidden() { @@ -104,8 +100,6 @@ public class HelloWebfluxMethodApplicationTests { .expectBody(String.class).isEqualTo("Hello World!"); } - // --- mutateWith mockUser --- - @Test public void messageWhenMutateWithMockUserThenForbidden() { this.rest diff --git a/samples/boot/oauth2resourceserver-jwe/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java b/samples/boot/oauth2resourceserver-jwe/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java index b10249a255..44c78dec23 100644 --- a/samples/boot/oauth2resourceserver-jwe/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java +++ b/samples/boot/oauth2resourceserver-jwe/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java @@ -60,8 +60,6 @@ public class OAuth2ResourceServerApplicationITests { .andExpect(content().string(containsString("Hello, subject!"))); } - // -- tests with scopes - @Test public void performWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception { diff --git a/samples/boot/oauth2resourceserver-multitenancy/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java b/samples/boot/oauth2resourceserver-multitenancy/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java index c50157dd92..a476a705f3 100644 --- a/samples/boot/oauth2resourceserver-multitenancy/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java +++ b/samples/boot/oauth2resourceserver-multitenancy/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java @@ -60,8 +60,6 @@ public class OAuth2ResourceServerApplicationITests { .andExpect(content().string(containsString("Hello, subject for tenant one!"))); } - // -- tests with scopes - @Test public void tenantOnePerformWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception { @@ -96,8 +94,6 @@ public class OAuth2ResourceServerApplicationITests { .andExpect(content().string(containsString("Hello, subject for tenant two!"))); } - // -- tests with scopes - @Test public void tenantTwoPerformWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception { diff --git a/samples/boot/oauth2resourceserver-opaque/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java b/samples/boot/oauth2resourceserver-opaque/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java index cbeeb8ebda..0be5e8ac3f 100644 --- a/samples/boot/oauth2resourceserver-opaque/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java +++ b/samples/boot/oauth2resourceserver-opaque/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java @@ -60,8 +60,6 @@ public class OAuth2ResourceServerApplicationITests { .andExpect(content().string(containsString("Hello, subject!"))); } - // -- tests with scopes - @Test public void performWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception { diff --git a/samples/boot/oauth2resourceserver-static/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java b/samples/boot/oauth2resourceserver-static/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java index a5d644662a..4cb8018d8d 100644 --- a/samples/boot/oauth2resourceserver-static/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java +++ b/samples/boot/oauth2resourceserver-static/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java @@ -60,8 +60,6 @@ public class OAuth2ResourceServerApplicationITests { .andExpect(content().string(containsString("Hello, subject!"))); } - // -- tests with scopes - @Test public void performWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception { diff --git a/samples/boot/oauth2resourceserver-webflux/src/integration-test/java/sample/ServerOAuth2ResourceServerApplicationITests.java b/samples/boot/oauth2resourceserver-webflux/src/integration-test/java/sample/ServerOAuth2ResourceServerApplicationITests.java index 13d09b16c1..763d28a71e 100644 --- a/samples/boot/oauth2resourceserver-webflux/src/integration-test/java/sample/ServerOAuth2ResourceServerApplicationITests.java +++ b/samples/boot/oauth2resourceserver-webflux/src/integration-test/java/sample/ServerOAuth2ResourceServerApplicationITests.java @@ -55,8 +55,6 @@ public class ServerOAuth2ResourceServerApplicationITests { .expectBody(String.class).isEqualTo("Hello, subject!"); } - // -- tests with scopes - @Test public void getWhenValidBearerTokenThenScopedRequestsAlsoWork() { diff --git a/samples/boot/oauth2resourceserver/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java b/samples/boot/oauth2resourceserver/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java index 6479417499..a61ef43a1d 100644 --- a/samples/boot/oauth2resourceserver/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java +++ b/samples/boot/oauth2resourceserver/src/integration-test/java/sample/OAuth2ResourceServerApplicationITests.java @@ -62,8 +62,6 @@ public class OAuth2ResourceServerApplicationITests { .andExpect(content().string(containsString("Hello, subject!"))); } - // -- tests with scopes - @Test public void performWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception { diff --git a/samples/xml/dms/src/test/java/sample/DmsIntegrationTests.java b/samples/xml/dms/src/test/java/sample/DmsIntegrationTests.java index bf28298f2e..4429d6c833 100644 --- a/samples/xml/dms/src/test/java/sample/DmsIntegrationTests.java +++ b/samples/xml/dms/src/test/java/sample/DmsIntegrationTests.java @@ -122,13 +122,9 @@ public class DmsIntegrationTests extends AbstractTransactionalJUnit4SpringContex // plus 10 files AbstractElement[] nonHomeElements = this.documentDao.findElements(nonHomeDir); - assertThat(nonHomeElements).hasSize(shouldBeFiltered ? 11 : 12); // cannot - // see - // the user's - // "confidential" - // sub-directory - // when - // filtering + assertThat(nonHomeElements).hasSize(shouldBeFiltered ? 11 : 12); + + // cannot see the user's "confidential" sub-directory when filtering // Attempt to read the other user's confidential directory from the returned // results diff --git a/web/src/test/java/org/springframework/security/web/firewall/DefaultRequestRejectedHandlerTests.java b/web/src/test/java/org/springframework/security/web/firewall/DefaultRequestRejectedHandlerTests.java index 3aafb0ebab..f401179f30 100644 --- a/web/src/test/java/org/springframework/security/web/firewall/DefaultRequestRejectedHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/firewall/DefaultRequestRejectedHandlerTests.java @@ -28,16 +28,12 @@ public class DefaultRequestRejectedHandlerTests { @Test public void defaultRequestRejectedHandlerRethrowsTheException() throws Exception { - // given: RequestRejectedException requestRejectedException = new RequestRejectedException("rejected"); DefaultRequestRejectedHandler sut = new DefaultRequestRejectedHandler(); - - // when: try { sut.handle(mock(HttpServletRequest.class), mock(HttpServletResponse.class), requestRejectedException); } catch (RequestRejectedException exception) { - // then: Assert.assertThat(exception.getMessage(), CoreMatchers.is("rejected")); return; } diff --git a/web/src/test/java/org/springframework/security/web/firewall/HttpStatusRequestRejectedHandlerTests.java b/web/src/test/java/org/springframework/security/web/firewall/HttpStatusRequestRejectedHandlerTests.java index a68fcd3c72..580d07d034 100644 --- a/web/src/test/java/org/springframework/security/web/firewall/HttpStatusRequestRejectedHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/firewall/HttpStatusRequestRejectedHandlerTests.java @@ -27,14 +27,9 @@ public class HttpStatusRequestRejectedHandlerTests { @Test public void httpStatusRequestRejectedHandlerUsesStatus400byDefault() throws Exception { - // given: HttpStatusRequestRejectedHandler sut = new HttpStatusRequestRejectedHandler(); HttpServletResponse response = mock(HttpServletResponse.class); - - // when: sut.handle(mock(HttpServletRequest.class), response, mock(RequestRejectedException.class)); - - // then: verify(response).sendError(400); } @@ -46,15 +41,9 @@ public class HttpStatusRequestRejectedHandlerTests { } private void httpStatusRequestRejectedHandlerCanBeConfiguredToUseStatusHelper(int status) throws Exception { - - // given: HttpStatusRequestRejectedHandler sut = new HttpStatusRequestRejectedHandler(status); HttpServletResponse response = mock(HttpServletResponse.class); - - // when: sut.handle(mock(HttpServletRequest.class), response, mock(RequestRejectedException.class)); - - // then: verify(response).sendError(status); } diff --git a/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java b/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java index c42e98034e..17bf759c9c 100644 --- a/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java +++ b/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java @@ -146,8 +146,6 @@ public class StrictHttpFirewallTests { } } - // --- ; --- - @Test(expected = RequestRejectedException.class) public void getFirewalledRequestWhenSemicolonInContextPathThenThrowsRequestRejectedException() { this.request.setContextPath(";/context"); @@ -334,8 +332,6 @@ public class StrictHttpFirewallTests { this.firewall.getFirewalledRequest(this.request); } - // --- encoded . --- - @Test(expected = RequestRejectedException.class) public void getFirewalledRequestWhenEncodedPeriodInThenThrowsRequestRejectedException() { this.request.setRequestURI("/%2E/"); @@ -394,8 +390,6 @@ public class StrictHttpFirewallTests { this.firewall.getFirewalledRequest(this.request); } - // --- from DefaultHttpFirewallTests --- - /** * On WebSphere 8.5 a URL like /context-root/a/b;%2f1/c can bypass a rule on /a/b/c * because the pathInfo is /a/b;/1/c which ends up being /a/b/1/c while Spring MVC diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java index 7a4325920d..2f7296860c 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java @@ -95,15 +95,10 @@ public class SwitchUserWebFilterTests { @Test public void switchUserWhenRequestNotMatchThenDoesNothing() { - // given MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/not/existing")); - WebFilterChain chain = mock(WebFilterChain.class); given(chain.filter(exchange)).willReturn(Mono.empty()); - - // when this.switchUserWebFilter.filter(exchange, chain).block(); - // then verifyNoInteractions(this.userDetailsService); verifyNoInteractions(this.successHandler); verifyNoInteractions(this.failureHandler); @@ -114,7 +109,6 @@ public class SwitchUserWebFilterTests { @Test public void switchUser() { - // given final String targetUsername = "TEST_USERNAME"; final UserDetails switchUserDetails = switchUserDetails(targetUsername, true); @@ -133,12 +127,10 @@ public class SwitchUserWebFilterTests { given(this.successHandler.onAuthenticationSuccess(any(WebFilterExchange.class), any(Authentication.class))) .willReturn(Mono.empty()); - // when this.switchUserWebFilter.filter(exchange, chain) .subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) .block(); - // then verifyNoInteractions(chain); verify(this.userDetailsService).findByUsername(targetUsername); @@ -165,7 +157,6 @@ public class SwitchUserWebFilterTests { @Test public void switchUserWhenUserAlreadySwitchedThenExitSwitchAndSwitchAgain() { - // given final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("origPrincipal", "origCredentials"); @@ -189,12 +180,10 @@ public class SwitchUserWebFilterTests { given(this.userDetailsService.findByUsername(targetUsername)) .willReturn(Mono.just(switchUserDetails(targetUsername, true))); - // when this.switchUserWebFilter.filter(exchange, chain) .subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) .block(); - // then final ArgumentCaptor authenticationCaptor = ArgumentCaptor.forClass(Authentication.class); verify(this.successHandler).onAuthenticationSuccess(any(WebFilterExchange.class), authenticationCaptor.capture()); @@ -210,7 +199,6 @@ public class SwitchUserWebFilterTests { @Test public void switchUserWhenUsernameIsMissingThenThrowException() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/login/impersonate")); @@ -220,7 +208,6 @@ public class SwitchUserWebFilterTests { this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("The userName can not be null."); - // when this.switchUserWebFilter.filter(exchange, chain) .subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) .block(); @@ -241,7 +228,6 @@ public class SwitchUserWebFilterTests { given(this.failureHandler.onAuthenticationFailure(any(WebFilterExchange.class), any(DisabledException.class))) .willReturn(Mono.empty()); - // when this.switchUserWebFilter.filter(exchange, chain) .subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) .block(); @@ -252,7 +238,6 @@ public class SwitchUserWebFilterTests { @Test public void switchUserWhenFailureHandlerNotDefinedThenReturnError() { - // given this.switchUserWebFilter = new SwitchUserWebFilter(this.userDetailsService, this.successHandler, null); final String targetUsername = "TEST_USERNAME"; @@ -267,7 +252,6 @@ public class SwitchUserWebFilterTests { this.exceptionRule.expect(DisabledException.class); - // when then this.switchUserWebFilter.filter(exchange, chain) .subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) .block(); @@ -276,7 +260,6 @@ public class SwitchUserWebFilterTests { @Test public void exitSwitchThenReturnToOriginalAuthentication() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/logout/impersonate")); @@ -296,12 +279,10 @@ public class SwitchUserWebFilterTests { given(this.successHandler.onAuthenticationSuccess(any(WebFilterExchange.class), any(Authentication.class))) .willReturn(Mono.empty()); - // when this.switchUserWebFilter.filter(exchange, chain) .subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) .block(); - // then final ArgumentCaptor securityContextCaptor = ArgumentCaptor.forClass(SecurityContext.class); verify(this.serverSecurityContextRepository).save(eq(exchange), securityContextCaptor.capture()); final SecurityContext savedSecurityContext = securityContextCaptor.getValue(); @@ -319,7 +300,6 @@ public class SwitchUserWebFilterTests { @Test public void exitSwitchWhenUserNotSwitchedThenThrowError() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/logout/impersonate")); @@ -332,7 +312,6 @@ public class SwitchUserWebFilterTests { this.exceptionRule.expect(AuthenticationCredentialsNotFoundException.class); this.exceptionRule.expectMessage("Could not find original Authentication object"); - // when then this.switchUserWebFilter.filter(exchange, chain) .subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) .block(); @@ -341,7 +320,6 @@ public class SwitchUserWebFilterTests { @Test public void exitSwitchWhenNoCurrentUserThenThrowError() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/logout/impersonate")); @@ -350,65 +328,49 @@ public class SwitchUserWebFilterTests { this.exceptionRule.expect(AuthenticationCredentialsNotFoundException.class); this.exceptionRule.expectMessage("No current user associated with this request"); - // when this.switchUserWebFilter.filter(exchange, chain).block(); - // then verifyNoInteractions(chain); } @Test public void constructorUserDetailsServiceRequired() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("userDetailsService must be specified"); - - // when this.switchUserWebFilter = new SwitchUserWebFilter(null, mock(ServerAuthenticationSuccessHandler.class), mock(ServerAuthenticationFailureHandler.class)); } @Test public void constructorServerAuthenticationSuccessHandlerRequired() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("successHandler must be specified"); - // when this.switchUserWebFilter = new SwitchUserWebFilter(mock(ReactiveUserDetailsService.class), null, mock(ServerAuthenticationFailureHandler.class)); } @Test public void constructorSuccessTargetUrlRequired() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("successTargetUrl must be specified"); - // when this.switchUserWebFilter = new SwitchUserWebFilter(mock(ReactiveUserDetailsService.class), null, "failure/target/url"); } @Test public void constructorFirstDefaultValues() { - // when this.switchUserWebFilter = new SwitchUserWebFilter(mock(ReactiveUserDetailsService.class), mock(ServerAuthenticationSuccessHandler.class), mock(ServerAuthenticationFailureHandler.class)); - - // then final Object securityContextRepository = ReflectionTestUtils.getField(this.switchUserWebFilter, "securityContextRepository"); assertThat(securityContextRepository).isInstanceOf(WebSessionServerSecurityContextRepository.class); - final Object userDetailsChecker = ReflectionTestUtils.getField(this.switchUserWebFilter, "userDetailsChecker"); assertThat(userDetailsChecker).isInstanceOf(AccountStatusUserDetailsChecker.class); } @Test public void constructorSecondDefaultValues() { - // when this.switchUserWebFilter = new SwitchUserWebFilter(mock(ReactiveUserDetailsService.class), "success/target/url", "failure/target/url"); - - // then final Object successHandler = ReflectionTestUtils.getField(this.switchUserWebFilter, "successHandler"); assertThat(successHandler).isInstanceOf(RedirectServerAuthenticationSuccessHandler.class); @@ -425,27 +387,20 @@ public class SwitchUserWebFilterTests { @Test public void setSecurityContextRepositoryWhenNullThenThrowException() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("securityContextRepository cannot be null"); - // when this.switchUserWebFilter.setSecurityContextRepository(null); - // then fail("Test should fail with exception"); } @Test public void setSecurityContextRepositoryWhenDefinedThenChangeDefaultValue() { - // given final Object oldSecurityContextRepository = ReflectionTestUtils.getField(this.switchUserWebFilter, "securityContextRepository"); assertThat(oldSecurityContextRepository).isSameAs(this.serverSecurityContextRepository); - final ServerSecurityContextRepository newSecurityContextRepository = mock( ServerSecurityContextRepository.class); - // when this.switchUserWebFilter.setSecurityContextRepository(newSecurityContextRepository); - // then final Object currentSecurityContextRepository = ReflectionTestUtils.getField(this.switchUserWebFilter, "securityContextRepository"); assertThat(currentSecurityContextRepository).isSameAs(newSecurityContextRepository); @@ -453,29 +408,22 @@ public class SwitchUserWebFilterTests { @Test public void setExitUserUrlWhenNullThenThrowException() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("exitUserUrl cannot be empty and must be a valid redirect URL"); - // when this.switchUserWebFilter.setExitUserUrl(null); - // then fail("Test should fail with exception"); } @Test public void setExitUserUrlWhenInvalidUrlThenThrowException() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("exitUserUrl cannot be empty and must be a valid redirect URL"); - // when this.switchUserWebFilter.setExitUserUrl("wrongUrl"); - // then fail("Test should fail with exception"); } @Test public void setExitUserUrlWhenDefinedThenChangeDefaultValue() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/logout/impersonate")); @@ -483,13 +431,8 @@ public class SwitchUserWebFilterTests { .getField(this.switchUserWebFilter, "exitUserMatcher"); assertThat(oldExitUserMatcher.matches(exchange).block().isMatch()).isTrue(); - - // when this.switchUserWebFilter.setExitUserUrl("/exit-url"); - - // then final MockServerWebExchange newExchange = MockServerWebExchange.from(MockServerHttpRequest.post("/exit-url")); - final ServerWebExchangeMatcher newExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils .getField(this.switchUserWebFilter, "exitUserMatcher"); @@ -498,18 +441,14 @@ public class SwitchUserWebFilterTests { @Test public void setExitUserMatcherWhenNullThenThrowException() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("exitUserMatcher cannot be null"); - // when this.switchUserWebFilter.setExitUserMatcher(null); - // then fail("Test should fail with exception"); } @Test public void setExitUserMatcherWhenDefinedThenChangeDefaultValue() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/logout/impersonate")); @@ -521,11 +460,8 @@ public class SwitchUserWebFilterTests { final ServerWebExchangeMatcher newExitUserMatcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, "/exit-url"); - // when this.switchUserWebFilter.setExitUserMatcher(newExitUserMatcher); - // then - final ServerWebExchangeMatcher currentExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils .getField(this.switchUserWebFilter, "exitUserMatcher"); @@ -534,29 +470,22 @@ public class SwitchUserWebFilterTests { @Test public void setSwitchUserUrlWhenNullThenThrowException() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("switchUserUrl cannot be empty and must be a valid redirect URL"); - // when this.switchUserWebFilter.setSwitchUserUrl(null); - // then fail("Test should fail with exception"); } @Test public void setSwitchUserUrlWhenInvalidThenThrowException() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("switchUserUrl cannot be empty and must be a valid redirect URL"); - // when this.switchUserWebFilter.setSwitchUserUrl("wrongUrl"); - // then fail("Test should fail with exception"); } @Test public void setSwitchUserUrlWhenDefinedThenChangeDefaultValue() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/login/impersonate")); @@ -565,32 +494,24 @@ public class SwitchUserWebFilterTests { assertThat(oldSwitchUserMatcher.matches(exchange).block().isMatch()).isTrue(); - // when this.switchUserWebFilter.setSwitchUserUrl("/switch-url"); - // then final MockServerWebExchange newExchange = MockServerWebExchange.from(MockServerHttpRequest.post("/switch-url")); - final ServerWebExchangeMatcher newSwitchUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils .getField(this.switchUserWebFilter, "switchUserMatcher"); - assertThat(newSwitchUserMatcher.matches(newExchange).block().isMatch()).isTrue(); } @Test public void setSwitchUserMatcherWhenNullThenThrowException() { - // given this.exceptionRule.expect(IllegalArgumentException.class); this.exceptionRule.expectMessage("switchUserMatcher cannot be null"); - // when this.switchUserWebFilter.setSwitchUserMatcher(null); - // then fail("Test should fail with exception"); } @Test public void setSwitchUserMatcherWhenDefinedThenChangeDefaultValue() { - // given final MockServerWebExchange exchange = MockServerWebExchange .from(MockServerHttpRequest.post("/login/impersonate")); @@ -602,14 +523,10 @@ public class SwitchUserWebFilterTests { final ServerWebExchangeMatcher newSwitchUserMatcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, "/switch-url"); - // when this.switchUserWebFilter.setSwitchUserMatcher(newSwitchUserMatcher); - // then - final ServerWebExchangeMatcher currentExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils .getField(this.switchUserWebFilter, "switchUserMatcher"); - assertThat(currentExitUserMatcher).isSameAs(newSwitchUserMatcher); } diff --git a/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java b/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java index d22541e9da..1f39a8b7f4 100644 --- a/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java +++ b/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java @@ -62,8 +62,6 @@ public class OnCommittedResponseWrapperTests { given(this.delegate.getOutputStream()).willReturn(this.out); } - // --- printwriter - @Test public void printWriterHashCode() throws Exception { int expected = this.writer.hashCode();