Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add test support for SecurityContextHolderFilter 

Issue gh-9635
This commit is contained in:
Rob Winch 2022-04-13 10:45:00 -05:00
parent 86c3ce7efc
commit 6e6d472da4
2 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
test/src/main/java/org/springframework/security/test/web/support/WebTestUtils.java
View File

@ -85,6 +85,10 @@ public abstract class WebTestUtils {
if (filter != null) {
ReflectionTestUtils.setField(filter, "repo", securityContextRepository);
}
SecurityContextHolderFilter holderFilter = findFilter(request, SecurityContextHolderFilter.class);
if (holderFilter != null) {
ReflectionTestUtils.setField(holderFilter, "securityContextRepository", securityContextRepository);
}
}
/**

30
test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java
View File

@ -24,6 +24,7 @@ import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.config.BeanIds;
@ -33,6 +34,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextHolderFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.security.web.csrf.CsrfFilter;
@ -43,6 +45,7 @@ import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
@ExtendWith(MockitoExtension.class)
public class WebTestUtilsTests {
@ -126,6 +129,19 @@ public class WebTestUtilsTests {
assertThat(WebTestUtils.getSecurityContextRepository(this.request)).isSameAs(this.contextRepo);
}
@Test
public void setSecurityContextRepositoryWhenSecurityContextHolderFilter() {
SecurityContextRepository expectedRepository = mock(SecurityContextRepository.class);
loadConfig(SecurityContextHolderFilterConfig.class);
// verify our configuration sets up to have SecurityContextHolderFilter and not
// SecurityContextPersistenceFilter
assertThat(WebTestUtils.findFilter(this.request, SecurityContextPersistenceFilter.class)).isNull();
assertThat(WebTestUtils.findFilter(this.request, SecurityContextHolderFilter.class)).isNotNull();
WebTestUtils.setSecurityContextRepository(this.request, expectedRepository);
assertThat(WebTestUtils.getSecurityContextRepository(this.request)).isSameAs(expectedRepository);
}
// gh-3343
@Test
public void findFilterNoMatchingFilters() {
@ -220,4 +236,18 @@ public class WebTestUtilsTests {
}
@EnableWebSecurity
static class SecurityContextHolderFilterConfig {
@Bean
DefaultSecurityFilterChain springSecurityFilter(HttpSecurity http) throws Exception {
// @formatter:off
http
.securityContext((securityContext) -> securityContext.requireExplicitSave(true));
// @formatter:on
return http.build();
}
}
}