Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support URI vars in formLogin and logout MockMvc requests

Browse Source
This commit is contained in:
Drummond Dawson 2019-05-22 23:59:47 -04:00 committed by Eleftheria Stein-Kousathana
parent 8722a4b0d0
commit 4f82be7e68
3 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestBuilders.java
View File

@ -23,6 +23,7 @@ import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.RequestBuilder; import org.springframework.test.web.servlet.RequestBuilder;
import org.springframework.test.web.servlet.request.RequestPostProcessor; import org.springframework.test.web.servlet.request.RequestPostProcessor;
import org.springframework.web.util.UriComponentsBuilder;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
@ -71,6 +72,8 @@ public final class SecurityMockMvcRequestBuilders {
* Creates a logout request (including any necessary {@link CsrfToken}) to the * Creates a logout request (including any necessary {@link CsrfToken}) to the
* specified {@code logoutUrl} * specified {@code logoutUrl}
* *
* @param logoutUrl the logout request URL
*
* @return the LogoutRequestBuilder for additional customizations * @return the LogoutRequestBuilder for additional customizations
*/ */
public static LogoutRequestBuilder logout(String logoutUrl) { public static LogoutRequestBuilder logout(String logoutUrl) {
@ -106,6 +109,19 @@ public final class SecurityMockMvcRequestBuilders {
return this; return this;
} }
/**
* Specifies the logout URL to POST to.
*
* @param logoutUrl the logout URL to POST to.
* @param uriVars the URI variables
* @return the {@link LogoutRequestBuilder} for additional customizations
*/
public LogoutRequestBuilder logoutUrl(String logoutUrl, Object... uriVars) {
this.logoutUrl = UriComponentsBuilder.fromPath(logoutUrl)
.buildAndExpand(uriVars).encode().toString();
return this;
}
private LogoutRequestBuilder() { private LogoutRequestBuilder() {
} }
} }
@ -146,6 +162,19 @@ public final class SecurityMockMvcRequestBuilders {
return this; return this;
} }
/**
* Specifies the URL to POST to.
*
* @param loginProcessingUrl the URL to POST to
* @param uriVars the URI variables
* @return the {@link FormLoginRequestBuilder} for additional customizations
*/
public FormLoginRequestBuilder loginProcessingUrl(String loginProcessingUrl, Object... uriVars) {
this.loginProcessingUrl = UriComponentsBuilder.fromPath(loginProcessingUrl)
.buildAndExpand(uriVars).encode().toString();
return this;
}
/** /**
* The HTTP parameter to place the username. Default is "username". * The HTTP parameter to place the username. Default is "username".
* @param usernameParameter the HTTP parameter to place the username. Default is * @param usernameParameter the HTTP parameter to place the username. Default is

16
test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestBuildersFormLoginTests.java
View File

@ -66,6 +66,22 @@ public class SecurityMockMvcRequestBuildersFormLoginTests {
assertThat(request.getRequestURI()).isEqualTo("/login"); assertThat(request.getRequestURI()).isEqualTo("/login");
} }
@Test
public void customWithUriVars() {
MockHttpServletRequest request = formLogin().loginProcessingUrl("/uri-login/{var1}/{var2}", "val1", "val2")
.user("username", "admin").password("password", "secret").buildRequest(this.servletContext);
CsrfToken token = (CsrfToken) request
.getAttribute(CsrfRequestPostProcessor.TestCsrfTokenRepository.TOKEN_ATTR_NAME);
assertThat(request.getParameter("username")).isEqualTo("admin");
assertThat(request.getParameter("password")).isEqualTo("secret");
assertThat(request.getMethod()).isEqualTo("POST");
assertThat(request.getParameter(token.getParameterName()))
.isEqualTo(token.getToken());
assertThat(request.getRequestURI()).isEqualTo("/uri-login/val1/val2");
}
// gh-3920 // gh-3920
@Test @Test
public void usesAcceptMediaForContentNegotiation() { public void usesAcceptMediaForContentNegotiation() {

13
test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestBuildersFormLogoutTests.java
View File

@ -58,4 +58,17 @@ public class SecurityMockMvcRequestBuildersFormLogoutTests {
assertThat(request.getRequestURI()).isEqualTo("/admin/logout"); assertThat(request.getRequestURI()).isEqualTo("/admin/logout");
} }
@Test
public void customWithUriVars() {
MockHttpServletRequest request = logout().logoutUrl("/uri-logout/{var1}/{var2}", "val1", "val2").buildRequest(
servletContext);
CsrfToken token = (CsrfToken) request.getAttribute(CsrfRequestPostProcessor.TestCsrfTokenRepository.TOKEN_ATTR_NAME);
assertThat(request.getMethod()).isEqualTo("POST");
assertThat(request.getParameter(token.getParameterName())).isEqualTo(
token.getToken());
assertThat(request.getRequestURI()).isEqualTo("/uri-logout/val1/val2");
}
} }