Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 04:22:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish Tests

Browse Source 
Issue gh-16444
This commit is contained in:
Josh Cummings 2025-03-21 15:12:25 -06:00
parent 10ed5009e6
commit 7f22a3459f
1 changed files with 36 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java
View File

@ -18,7 +18,6 @@ package org.springframework.security.authentication;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections;
import java.util.List; import java.util.List;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
@ -47,7 +46,7 @@ import static org.mockito.Mockito.verifyNoMoreInteractions;
public class ProviderManagerTests { public class ProviderManagerTests {
@Test @Test
public void authenticationFailsWithUnsupportedToken() { void authenticationFailsWithUnsupportedToken() {
Authentication token = new AbstractAuthenticationToken(null) { Authentication token = new AbstractAuthenticationToken(null) {
@Override @Override
public Object getCredentials() { public Object getCredentials() {
@ -65,7 +64,7 @@ public class ProviderManagerTests {
} }
@Test @Test
public void credentialsAreClearedByDefault() { void credentialsAreClearedByDefault() {
UsernamePasswordAuthenticationToken token = UsernamePasswordAuthenticationToken.unauthenticated("Test", UsernamePasswordAuthenticationToken token = UsernamePasswordAuthenticationToken.unauthenticated("Test",
"Password"); "Password");
ProviderManager mgr = makeProviderManager(); ProviderManager mgr = makeProviderManager();
@ -78,8 +77,8 @@ public class ProviderManagerTests {
} }
@Test @Test
public void authenticationSucceedsWithSupportedTokenAndReturnsExpectedObject() { void authenticationSucceedsWithSupportedTokenAndReturnsExpectedObject() {
final Authentication a = mock(Authentication.class); Authentication a = mock(Authentication.class);
ProviderManager mgr = new ProviderManager(createProviderWhichReturns(a)); ProviderManager mgr = new ProviderManager(createProviderWhichReturns(a));
AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class); AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
mgr.setAuthenticationEventPublisher(publisher); mgr.setAuthenticationEventPublisher(publisher);
@ -89,8 +88,8 @@ public class ProviderManagerTests {
} }
@Test @Test
public void authenticationSucceedsWhenFirstProviderReturnsNullButSecondAuthenticates() { void authenticationSucceedsWhenFirstProviderReturnsNullButSecondAuthenticates() {
final Authentication a = mock(Authentication.class); Authentication a = mock(Authentication.class);
ProviderManager mgr = new ProviderManager( ProviderManager mgr = new ProviderManager(
Arrays.asList(createProviderWhichReturns(null), createProviderWhichReturns(a))); Arrays.asList(createProviderWhichReturns(null), createProviderWhichReturns(a)));
AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class); AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
@ -101,24 +100,24 @@ public class ProviderManagerTests {
} }
@Test @Test
public void testStartupFailsIfProvidersNotSetAsList() { void testStartupFailsIfProvidersNotSetAsList() {
assertThatIllegalArgumentException().isThrownBy(() -> new ProviderManager((List<AuthenticationProvider>) null)); assertThatIllegalArgumentException().isThrownBy(() -> new ProviderManager((List<AuthenticationProvider>) null));
} }
@Test @Test
public void testStartupFailsIfProvidersNotSetAsVarargs() { void testStartupFailsIfProvidersNotSetAsVarargs() {
assertThatIllegalArgumentException().isThrownBy(() -> new ProviderManager((AuthenticationProvider) null)); assertThatIllegalArgumentException().isThrownBy(() -> new ProviderManager((AuthenticationProvider) null));
} }
@Test @Test
public void testStartupFailsIfProvidersContainNullElement() { void testStartupFailsIfProvidersContainNullElement() {
assertThatIllegalArgumentException() assertThatIllegalArgumentException()
.isThrownBy(() -> new ProviderManager(Arrays.asList(mock(AuthenticationProvider.class), null))); .isThrownBy(() -> new ProviderManager(Arrays.asList(mock(AuthenticationProvider.class), null)));
} }
// gh-8689 // gh-8689
@Test @Test
public void constructorWhenUsingListOfThenNoException() { void constructorWhenUsingListOfThenNoException() {
List<AuthenticationProvider> providers = spy(ArrayList.class); List<AuthenticationProvider> providers = spy(ArrayList.class);
// List.of(null) in JDK 9 throws a NullPointerException // List.of(null) in JDK 9 throws a NullPointerException
given(providers.contains(eq(null))).willThrow(NullPointerException.class); given(providers.contains(eq(null))).willThrow(NullPointerException.class);
@ -127,7 +126,7 @@ public class ProviderManagerTests {
} }
@Test @Test
public void detailsAreNotSetOnAuthenticationTokenIfAlreadySetByProvider() { void detailsAreNotSetOnAuthenticationTokenIfAlreadySetByProvider() {
Object requestDetails = "(Request Details)"; Object requestDetails = "(Request Details)";
final Object resultDetails = "(Result Details)"; final Object resultDetails = "(Result Details)";
// A provider which sets the details object // A provider which sets the details object
@ -151,7 +150,7 @@ public class ProviderManagerTests {
} }
@Test @Test
public void detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider() { void detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider() {
Object details = new Object(); Object details = new Object();
ProviderManager authMgr = makeProviderManager(); ProviderManager authMgr = makeProviderManager();
TestingAuthenticationToken request = createAuthenticationToken(); TestingAuthenticationToken request = createAuthenticationToken();
@ -162,8 +161,8 @@ public class ProviderManagerTests {
} }
@Test @Test
public void authenticationExceptionIsIgnoredIfLaterProviderAuthenticates() { void authenticationExceptionIsIgnoredIfLaterProviderAuthenticates() {
final Authentication authReq = mock(Authentication.class); Authentication authReq = mock(Authentication.class);
ProviderManager mgr = new ProviderManager( ProviderManager mgr = new ProviderManager(
createProviderWhichThrows(new BadCredentialsException("", new Throwable())), createProviderWhichThrows(new BadCredentialsException("", new Throwable())),
createProviderWhichReturns(authReq)); createProviderWhichReturns(authReq));
@ -171,7 +170,7 @@ public class ProviderManagerTests {
} }
@Test @Test
public void authenticationExceptionIsRethrownIfNoLaterProviderAuthenticates() { void authenticationExceptionIsRethrownIfNoLaterProviderAuthenticates() {
ProviderManager mgr = new ProviderManager(Arrays ProviderManager mgr = new ProviderManager(Arrays
.asList(createProviderWhichThrows(new BadCredentialsException("")), createProviderWhichReturns(null))); .asList(createProviderWhichThrows(new BadCredentialsException("")), createProviderWhichReturns(null)));
assertThatExceptionOfType(BadCredentialsException.class) assertThatExceptionOfType(BadCredentialsException.class)
@ -180,7 +179,7 @@ public class ProviderManagerTests {
// SEC-546 // SEC-546
@Test @Test
public void accountStatusExceptionPreventsCallsToSubsequentProviders() { void accountStatusExceptionPreventsCallsToSubsequentProviders() {
AuthenticationProvider iThrowAccountStatusException = createProviderWhichThrows(new AccountStatusException("") { AuthenticationProvider iThrowAccountStatusException = createProviderWhichThrows(new AccountStatusException("") {
}); });
AuthenticationProvider otherProvider = mock(AuthenticationProvider.class); AuthenticationProvider otherProvider = mock(AuthenticationProvider.class);
@ -191,48 +190,47 @@ public class ProviderManagerTests {
} }
@Test @Test
public void parentAuthenticationIsUsedIfProvidersDontAuthenticate() { void parentAuthenticationIsUsedIfProvidersDontAuthenticate() {
AuthenticationManager parent = mock(AuthenticationManager.class); AuthenticationManager parent = mock(AuthenticationManager.class);
Authentication authReq = mock(Authentication.class); Authentication authReq = mock(Authentication.class);
given(parent.authenticate(authReq)).willReturn(authReq); given(parent.authenticate(authReq)).willReturn(authReq);
ProviderManager mgr = new ProviderManager(Collections.singletonList(mock(AuthenticationProvider.class)), ProviderManager mgr = new ProviderManager(List.of(mock(AuthenticationProvider.class)), parent);
parent);
assertThat(mgr.authenticate(authReq)).isSameAs(authReq); assertThat(mgr.authenticate(authReq)).isSameAs(authReq);
} }
@Test @Test
public void parentIsNotCalledIfAccountStatusExceptionIsThrown() { void parentIsNotCalledIfAccountStatusExceptionIsThrown() {
AuthenticationProvider iThrowAccountStatusException = createProviderWhichThrows( AuthenticationProvider iThrowAccountStatusException = createProviderWhichThrows(
new AccountStatusException("", new Throwable()) { new AccountStatusException("", new Throwable()) {
}); });
AuthenticationManager parent = mock(AuthenticationManager.class); AuthenticationManager parent = mock(AuthenticationManager.class);
ProviderManager mgr = new ProviderManager(Collections.singletonList(iThrowAccountStatusException), parent); ProviderManager mgr = new ProviderManager(List.of(iThrowAccountStatusException), parent);
assertThatExceptionOfType(AccountStatusException.class) assertThatExceptionOfType(AccountStatusException.class)
.isThrownBy(() -> mgr.authenticate(mock(Authentication.class))); .isThrownBy(() -> mgr.authenticate(mock(Authentication.class)));
verifyNoInteractions(parent); verifyNoInteractions(parent);
} }
@Test @Test
public void providerNotFoundFromParentIsIgnored() { void providerNotFoundFromParentIsIgnored() {
final Authentication authReq = mock(Authentication.class); final Authentication authReq = mock(Authentication.class);
AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class); AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
AuthenticationManager parent = mock(AuthenticationManager.class); AuthenticationManager parent = mock(AuthenticationManager.class);
given(parent.authenticate(authReq)).willThrow(new ProviderNotFoundException("")); given(parent.authenticate(authReq)).willThrow(new ProviderNotFoundException(""));
// Set a provider that throws an exception - this is the exception we expect to be // Set a provider that throws an exception - this is the exception we expect to be
// propagated // propagated
ProviderManager mgr = new ProviderManager( ProviderManager mgr = new ProviderManager(List.of(createProviderWhichThrows(new BadCredentialsException(""))),
Collections.singletonList(createProviderWhichThrows(new BadCredentialsException(""))), parent); parent);
mgr.setAuthenticationEventPublisher(publisher); mgr.setAuthenticationEventPublisher(publisher);
assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> mgr.authenticate(authReq)) assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> mgr.authenticate(authReq))
.satisfies((ex) -> verify(publisher).publishAuthenticationFailure(ex, authReq)); .satisfies((ex) -> verify(publisher).publishAuthenticationFailure(ex, authReq));
} }
@Test @Test
public void authenticationExceptionFromParentOverridesPreviousOnes() { void authenticationExceptionFromParentOverridesPreviousOnes() {
AuthenticationManager parent = mock(AuthenticationManager.class); AuthenticationManager parent = mock(AuthenticationManager.class);
ProviderManager mgr = new ProviderManager( ProviderManager mgr = new ProviderManager(List.of(createProviderWhichThrows(new BadCredentialsException(""))),
Collections.singletonList(createProviderWhichThrows(new BadCredentialsException(""))), parent); parent);
final Authentication authReq = mock(Authentication.class); Authentication authReq = mock(Authentication.class);
AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class); AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
mgr.setAuthenticationEventPublisher(publisher); mgr.setAuthenticationEventPublisher(publisher);
// Set a provider that throws an exception - this is the exception we expect to be // Set a provider that throws an exception - this is the exception we expect to be
@ -244,12 +242,11 @@ public class ProviderManagerTests {
} }
@Test @Test
public void statusExceptionIsPublished() { void statusExceptionIsPublished() {
AuthenticationManager parent = mock(AuthenticationManager.class); AuthenticationManager parent = mock(AuthenticationManager.class);
final LockedException expected = new LockedException(""); LockedException expected = new LockedException("");
ProviderManager mgr = new ProviderManager(Collections.singletonList(createProviderWhichThrows(expected)), ProviderManager mgr = new ProviderManager(List.of(createProviderWhichThrows(expected)), parent);
parent); Authentication authReq = mock(Authentication.class);
final Authentication authReq = mock(Authentication.class);
AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class); AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
mgr.setAuthenticationEventPublisher(publisher); mgr.setAuthenticationEventPublisher(publisher);
assertThatExceptionOfType(LockedException.class).isThrownBy(() -> mgr.authenticate(authReq)); assertThatExceptionOfType(LockedException.class).isThrownBy(() -> mgr.authenticate(authReq));
@ -258,7 +255,7 @@ public class ProviderManagerTests {
// SEC-2367 // SEC-2367
@Test @Test
public void providerThrowsInternalAuthenticationServiceException() { void providerThrowsInternalAuthenticationServiceException() {
InternalAuthenticationServiceException expected = new InternalAuthenticationServiceException("Expected"); InternalAuthenticationServiceException expected = new InternalAuthenticationServiceException("Expected");
ProviderManager mgr = new ProviderManager(Arrays.asList(createProviderWhichThrows(expected), ProviderManager mgr = new ProviderManager(Arrays.asList(createProviderWhichThrows(expected),
createProviderWhichThrows(new BadCredentialsException("Oops"))), null); createProviderWhichThrows(new BadCredentialsException("Oops"))), null);
@ -269,15 +266,15 @@ public class ProviderManagerTests {
// gh-6281 // gh-6281
@Test @Test
public void authenticateWhenFailsInParentAndPublishesThenChildDoesNotPublish() { void authenticateWhenFailsInParentAndPublishesThenChildDoesNotPublish() {
BadCredentialsException badCredentialsExParent = new BadCredentialsException("Bad Credentials in parent"); BadCredentialsException badCredentialsExParent = new BadCredentialsException("Bad Credentials in parent");
ProviderManager parentMgr = new ProviderManager(createProviderWhichThrows(badCredentialsExParent)); ProviderManager parentMgr = new ProviderManager(createProviderWhichThrows(badCredentialsExParent));
ProviderManager childMgr = new ProviderManager(Collections.singletonList( ProviderManager childMgr = new ProviderManager(
createProviderWhichThrows(new BadCredentialsException("Bad Credentials in child"))), parentMgr); List.of(createProviderWhichThrows(new BadCredentialsException("Bad Credentials in child"))), parentMgr);
AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class); AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
parentMgr.setAuthenticationEventPublisher(publisher); parentMgr.setAuthenticationEventPublisher(publisher);
childMgr.setAuthenticationEventPublisher(publisher); childMgr.setAuthenticationEventPublisher(publisher);
final Authentication authReq = mock(Authentication.class); Authentication authReq = mock(Authentication.class);
assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> childMgr.authenticate(authReq)) assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> childMgr.authenticate(authReq))
.isSameAs(badCredentialsExParent); .isSameAs(badCredentialsExParent);
verify(publisher).publishAuthenticationFailure(badCredentialsExParent, authReq); // Parent verify(publisher).publishAuthenticationFailure(badCredentialsExParent, authReq); // Parent