From d96b4a046342a5d886eeb967c05f8b7f95b6dfb1 Mon Sep 17 00:00:00 2001
From: Igor Bolic <igor.bolic@sixhours.io>
Date: Mon, 4 Jul 2022 11:56:21 +0200
Subject: [PATCH] Set the useTrailingSlashMatch to true for tests

The Spring MVC changed the default behavior for trailing slash match
with https://github.com/spring-projects/spring-framework/issues/28552.
This causes failures in Spring Security's tests.

Setting the `useTrailingSlashMatch` to `true` ensures that Spring
Security will work for users who have modified the default configuration.
Specifing the request mapper with trailing slash path ensures that the tests
are successful when default behavior is used.

Closes gh-11451
---
 .../config/annotation/web/builders/WebSecurityTests.java        | 1 +
 .../annotation/web/configurers/AuthorizeRequestsTests.java      | 1 +
 .../web/configurers/HttpSecurityRequestMatchersTests.java       | 1 +
 .../web/configurers/UrlAuthorizationConfigurerTests.java        | 1 +
 .../server/WebTestClientHtmlUnitDriverBuilderTests.java         | 2 +-
 .../config/annotation/web/AuthorizeHttpRequestsDslTests.kt      | 1 +
 .../security/config/annotation/web/AuthorizeRequestsDslTests.kt | 1 +
 .../security/config/web/server/ServerJwtDslTests.kt             | 2 +-
 .../config/http/InterceptUrlConfigTests-MvcMatchers.xml         | 2 +-
 .../http/InterceptUrlConfigTests-MvcMatchersServletPath.xml     | 2 +-
 ...ockMvcRequestPostProcessorsAuthenticationStatelessTests.java | 2 +-
 ...cRequestPostProcessorsTestSecurityContextStatelessTests.java | 2 +-
 12 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java
index 5f03a983e2..2d7e954f5a 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java
@@ -232,6 +232,7 @@ public class WebSecurityTests {
 		@Override
 		public void configurePathMatch(PathMatchConfigurer configurer) {
 			configurer.setUseSuffixPatternMatch(true);
+			configurer.setUseTrailingSlashMatch(true);
 		}
 
 	}
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java
index 35bc7bfb2d..ee183572e0 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java
@@ -662,6 +662,7 @@ public class AuthorizeRequestsTests {
 		@Override
 		public void configurePathMatch(PathMatchConfigurer configurer) {
 			configurer.setUseSuffixPatternMatch(true);
+			configurer.setUseTrailingSlashMatch(true);
 		}
 
 	}
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java
index dbaea51390..6e0c081489 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java
@@ -491,6 +491,7 @@ public class HttpSecurityRequestMatchersTests {
 		@Override
 		public void configurePathMatch(PathMatchConfigurer configurer) {
 			configurer.setUseSuffixPatternMatch(true);
+			configurer.setUseTrailingSlashMatch(true);
 		}
 
 	}
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java
index 1a08393033..38b39808bc 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java
@@ -262,6 +262,7 @@ public class UrlAuthorizationConfigurerTests {
 		@Override
 		public void configurePathMatch(PathMatchConfigurer configurer) {
 			configurer.setUseSuffixPatternMatch(true);
+			configurer.setUseTrailingSlashMatch(true);
 		}
 
 	}
diff --git a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilderTests.java b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilderTests.java
index 4658928c2c..7a0ee706f6 100644
--- a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilderTests.java
+++ b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilderTests.java
@@ -74,7 +74,7 @@ public class WebTestClientHtmlUnitDriverBuilderTests {
 	class HelloWorldController {
 
 		@ResponseBody
-		@GetMapping(produces = MediaType.TEXT_HTML_VALUE)
+		@GetMapping(path = "/", produces = MediaType.TEXT_HTML_VALUE)
 		String index() {
 			// @formatter:off
 			return "<html>\n"
diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeHttpRequestsDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeHttpRequestsDslTests.kt
index bb11e7d877..0e33b08fde 100644
--- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeHttpRequestsDslTests.kt
+++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeHttpRequestsDslTests.kt
@@ -188,6 +188,7 @@ class AuthorizeHttpRequestsDslTests {
     open class LegacyMvcMatchingConfig : WebMvcConfigurer {
         override fun configurePathMatch(configurer: PathMatchConfigurer) {
             configurer.setUseSuffixPatternMatch(true)
+            configurer.setUseTrailingSlashMatch(true)
         }
     }
 
diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt
index 4dcf5e9d81..bd12522791 100644
--- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt
+++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt
@@ -178,6 +178,7 @@ class AuthorizeRequestsDslTests {
     open class LegacyMvcMatchingConfig : WebMvcConfigurer {
         override fun configurePathMatch(configurer: PathMatchConfigurer) {
             configurer.setUseSuffixPatternMatch(true)
+            configurer.setUseTrailingSlashMatch(true)
         }
     }
 
diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt
index 5d19857e66..fb8f36c4ff 100644
--- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt
+++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt
@@ -278,7 +278,7 @@ class ServerJwtDslTests {
 
     @RestController
     internal class BaseController {
-        @GetMapping
+        @GetMapping("/")
         fun index() {
         }
     }
diff --git a/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchers.xml b/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchers.xml
index 9edc7c8efa..508c333283 100644
--- a/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchers.xml
+++ b/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchers.xml
@@ -33,7 +33,7 @@
 	</http>
 
 	<mvc:annotation-driven>
-		<mvc:path-matching suffix-pattern="true"/>
+		<mvc:path-matching suffix-pattern="true" trailing-slash="true"/>
 	</mvc:annotation-driven>
 
 	<b:bean name="path" class="org.springframework.security.config.http.InterceptUrlConfigTests.PathController"/>
diff --git a/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchersServletPath.xml b/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchersServletPath.xml
index c8a4cc42e9..1ecca89c6d 100644
--- a/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchersServletPath.xml
+++ b/config/src/test/resources/org/springframework/security/config/http/InterceptUrlConfigTests-MvcMatchersServletPath.xml
@@ -33,7 +33,7 @@
 	</http>
 
 	<mvc:annotation-driven>
-		<mvc:path-matching suffix-pattern="true"/>
+		<mvc:path-matching suffix-pattern="true" trailing-slash="true"/>
 	</mvc:annotation-driven>
 
 	<b:bean name="path" class="org.springframework.security.config.http.InterceptUrlConfigTests.PathController"/>
diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java
index af862ca10a..dcdf40277d 100644
--- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java
+++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java
@@ -95,7 +95,7 @@ public class SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests {
 		@RestController
 		static class Controller {
 
-			@RequestMapping
+			@RequestMapping("/")
 			String hello() {
 				return "Hello";
 			}
diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java
index beeab63205..98590e3619 100644
--- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java
+++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java
@@ -89,7 +89,7 @@ public class SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTes
 		@RestController
 		static class Controller {
 
-			@RequestMapping
+			@RequestMapping("/")
 			String hello() {
 				return "Hello";
 			}