Migrate X509ConfigurerTests groovy->java

Issue: gh-4939
2025-06-28 14:52:24 +00:00 · 2019-06-11 17:31:53 -04:00 · 2019-06-11 17:31:53 -04:00 · e6ace0891f
commit e6ace0891f
parent ac38232a9e
2 changed files with 133 additions and 60 deletions
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.groovy
@ -1,60 +0,0 @@
 /*
 * Copyright 2002-2013 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package org.springframework.security.config.annotation.web.configurers
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.AnyObjectPostProcessor
 import org.springframework.security.config.annotation.BaseSpringSpec
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter
 /**
 *
 * @author Rob Winch
 */
 class X509ConfigurerTests extends BaseSpringSpec {
 	def "x509 ObjectPostProcessor"() {
 		setup:
 			AnyObjectPostProcessor opp = Mock()
 			HttpSecurity http = new HttpSecurity(opp, authenticationBldr, [:])
 		when:
 			http
 				.x509()
 					.and()
 				.build()
 		then: "X509AuthenticationFilter is registered with LifecycleManager"
 			1 * opp.postProcess(_ as X509AuthenticationFilter) >> {X509AuthenticationFilter o -> o}
 	}
 	def "invoke x509 twice does not override"() {
 		setup:
 			AnyObjectPostProcessor opp = Mock()
 			HttpSecurity http = new HttpSecurity(opp, authenticationBldr, [:])
 		when:
 			http
 				.x509()
 					.subjectPrincipalRegex(".*")
 					.and()
 				.x509()
 		then:
 			http.getConfigurer(X509Configurer).x509PrincipalExtractor.subjectDnPattern.toString() == ".*"
 	}
 }
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.java
@ -0,0 +1,133 @@
 /*
 * Copyright 2002-2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package org.springframework.security.config.annotation.web.configurers;
 import org.junit.Rule;
 import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.test.SpringTestRule;
 import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter;
 import org.springframework.test.web.servlet.MockMvc;
 import java.io.InputStream;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.verify;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.x509;
 import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 /**
 * Tests for {@link X509Configurer}
 *
 * @author Rob Winch
 * @author Eleftheria Stein
 */
 public class X509ConfigurerTests {
 	@Rule
 	public final SpringTestRule spring = new SpringTestRule();
 	@Autowired
 	MockMvc mvc;
 	@Test
 	public void configureWhenRegisteringObjectPostProcessorThenInvokedOnX509AuthenticationFilter() {
 		this.spring.register(ObjectPostProcessorConfig.class).autowire();
 		verify(ObjectPostProcessorConfig.objectPostProcessor)
 				.postProcess(any(X509AuthenticationFilter.class));
 	}
 	@EnableWebSecurity
 	static class ObjectPostProcessorConfig extends WebSecurityConfigurerAdapter {
 		static ObjectPostProcessor<Object> objectPostProcessor = spy(ReflectingObjectPostProcessor.class);
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			// @formatter:off
 			http
 				.x509();
 			// @formatter:on
 		}
 		@Bean
 		static ObjectPostProcessor<Object> objectPostProcessor() {
 			return objectPostProcessor;
 		}
 	}
 	static class ReflectingObjectPostProcessor implements ObjectPostProcessor<Object> {
 		@Override
 		public <O> O postProcess(O object) {
 			return object;
 		}
 	}
 	@Test
 	public void x509WhenInvokedTwiceThenUsesOriginalSubjectPrincipalRegex() throws Exception {
 		this.spring.register(DuplicateDoesNotOverrideConfig.class).autowire();
 		X509Certificate certificate = loadCert("rodatexampledotcom.cer");
 		this.mvc.perform(get("/")
 				.with(x509(certificate)))
 				.andExpect(authenticated().withUsername("rod"));
 	}
 	@EnableWebSecurity
 	static class DuplicateDoesNotOverrideConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			// @formatter:off
 			http
 				.x509()
 					.subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)")
 					.and()
 				.x509();
 			// @formatter:on
 		}
 		@Override
 		protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 			// @formatter:off
 			auth
 				.inMemoryAuthentication()
 					.withUser("rod").password("password").roles("USER", "ADMIN");
 			// @formatter:on
 		}
 	}
 	private <T extends Certificate> T loadCert(String location) {
 		try (InputStream is = new ClassPathResource(location).getInputStream()) {
 			CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
 			return (T) certFactory.generateCertificate(is);
 		} catch (Exception e) {
 			throw new IllegalArgumentException(e);
 		}
 	}
 }