Fix test failures related to response headers

These tests began failing on snapshots after changes in Spring Framework's `DispatcherServlet` to reset the response on an error. For now, we can have these tests operate with a 200 OK response. An issue was opened in the spring-framework issuer tracker to discuss this and address `CorsFilter` (and any other filter) that writes headers that would be cleared on an error. See spring-projects/spring-framework#31154
2023-09-01 12:42:21 -05:00 · 2023-09-01 12:42:21 -05:00 · ea1ec646b2
parent d87d0554ed
commit ea1ec646b2
3 changed files with 27 additions and 4 deletions
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerEagerHeadersTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerEagerHeadersTests.java
@ -31,6 +31,8 @@ import org.springframework.security.config.test.SpringTestContextExtension;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.header.HeaderWriterFilter;
 import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;

 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
@ -50,7 +52,7 @@ public class HeadersConfigurerEagerHeadersTests {

 	@Test
 	public void requestWhenHeadersEagerlyConfiguredThenHeadersAreWritten() throws Exception {
-		this.spring.register(HeadersAtTheBeginningOfRequestConfig.class).autowire();
+		this.spring.register(HeadersAtTheBeginningOfRequestConfig.class, HomeController.class).autowire();
 		this.mvc.perform(get("/").secure(true)).andExpect(header().string("X-Content-Type-Options", "nosniff"))
 				.andExpect(header().string("X-Frame-Options", "DENY"))
 				.andExpect(header().string("Strict-Transport-Security", "max-age=31536000 ; includeSubDomains"))
@ -82,4 +84,14 @@ public class HeadersConfigurerEagerHeadersTests {

 	}

+	@RestController
+	private static class HomeController {
+
+		@GetMapping("/")
+		String ok() {
+			return "ok";
+		}
+
+	}
+
 }
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java
@ -124,7 +124,7 @@ public class HttpBasicConfigurerTests {
 	// SEC-3019
 	@Test
 	public void httpBasicWhenRememberMeConfiguredThenSetsRememberMeCookie() throws Exception {
-		this.spring.register(BasicUsesRememberMeConfig.class).autowire();
+		this.spring.register(BasicUsesRememberMeConfig.class, Home.class).autowire();
 		MockHttpServletRequestBuilder rememberMeRequest = get("/").with(httpBasic("user", "password"))
 				.param("remember-me", "true");
 		this.mvc.perform(rememberMeRequest).andExpect(cookie().exists("remember-me"));
--- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt
+++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt
@ -31,7 +31,9 @@ import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.test.web.servlet.MockMvc
 import org.springframework.test.web.servlet.get
+import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.RequestMethod
+import org.springframework.web.bind.annotation.RestController
 import org.springframework.web.cors.CorsConfiguration
 import org.springframework.web.cors.CorsConfigurationSource
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource
@ -72,7 +74,7 @@ class CorsDslTests {

    @Test
    fun `CORS when CORS configuration source bean then responds with CORS header`() {
-        this.spring.register(CorsCrossOriginBeanConfig::class.java).autowire()
+        this.spring.register(CorsCrossOriginBeanConfig::class.java, HomeController::class.java).autowire()

        this.mockMvc.get("/")
        {
@ -149,7 +151,7 @@ class CorsDslTests {

    @Test
    fun `CORS when CORS configuration source dsl then responds with CORS header`() {
-        this.spring.register(CorsCrossOriginBeanConfig::class.java).autowire()
+        this.spring.register(CorsCrossOriginBeanConfig::class.java, HomeController::class.java).autowire()

        this.mockMvc.get("/")
        {
@ -180,4 +182,13 @@ class CorsDslTests {
            return http.build()
        }
    }
+
+    @RestController
+    private class HomeController {
+        @GetMapping("/")
+        fun ok(): String {
+            return "ok"
+        }
+    }
+
 }