274 Commits

Author SHA1 Message Date
Marcus Da Coregio
64e2a2ff8b Apply updated Code Style
Closes gh-13881
2023-09-29 11:44:32 -03:00
Josh Cummings
79f1cf799d
Merge branch '5.7.x' into 5.8.x
Closes gh-13252
2023-05-31 15:31:31 -06:00
Josh Cummings
bcc1cfc28a
Restore OAuth2AuthorizedClientRepository Test Instrumentation
Closes gh-13113
2023-05-31 15:30:03 -06:00
Marcus Da Coregio
744b74f4c9 Merge branch '5.7.x' into 5.8.x 2023-04-19 11:27:08 -03:00
Amal Krishna
8bec14009e Fix typo in SecurityMockMvcResultMatchers.java
Change the first parameter's name of the AuthenticatedMatcher.withAuthentication() method from assesrtAuthentication to assertAuthentication
2023-04-19 11:25:55 -03:00
Marcus Da Coregio
54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
Steve Riesenberg
440748ec65
Add test support for Xor CSRF tokens
Issue gh-4001
2022-10-12 15:02:15 -05:00
Steve Riesenberg
475b3bb6bb
Add deferred CsrfTokenRepository.loadDeferredToken
* Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken>
* Move RepositoryDeferredCsrfToken to top-level and make package-private
* Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse)
* Update CsrfFilter
* Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler

Issue gh-11892
Closes gh-11918
2022-10-03 17:10:54 -05:00
Steve Riesenberg
46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver
Closes gh-11896
2022-09-23 15:09:00 -05:00
Rob Winch
d94677f87e CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.

Closes gh-11892
2022-09-22 11:09:44 -05:00
aSemy
6e2e8c41b5
typo fitler -> filter 2022-09-12 10:43:41 -05:00
aSemy
e7880b1815
Javadoc typo 'sue' -> 'use' 2022-09-12 10:43:03 -05:00
mariusz
b478e5bc93 gh-6899: @WithMockUser as metaannotation 2022-09-08 09:44:32 -05:00
Josh Cummings
f86992a0af
Add SecurityContextHolderStrategy Test Support
Issue gh-11061
Issue gh-11444
2022-06-27 13:02:11 -06:00
Rob Winch
6e6d472da4 Add test support for SecurityContextHolderFilter
Issue gh-9635
2022-04-13 10:53:11 -05:00
Rob Winch
87ed31a99c Add SecurityContextHolderFilter
Closes gh-9635
2022-03-11 17:22:23 -06:00
Norbert Nowak
ac9c29b2a0 Add UsernamePasswordAuthenticationToken factory methods
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
2022-03-09 15:23:35 -07:00
giger85
4a3654a95b Replace StringUtils class completely
Issue gh-9925
Closes gh-10805
2022-02-07 13:47:52 +01:00
Rob Winch
0e8c03401b javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api
Issue gh-10501
2022-01-19 14:34:16 -06:00
Rob Winch
8f64bb6c8c javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
Issue gh-10501
2022-01-19 14:33:53 -06:00
Marcus Da Coregio
02b2fcc6f0 Restore ManagementConfigurationPlugin
Issue gh-9615
2021-10-05 11:23:29 -03:00
Marcus Da Coregio
d2e5f2ae0d Update Gradle to 7.2
Closes gh-9615
2021-10-04 15:19:40 -03:00
Marcus Hert da Coregio
ab098f171d Propagate TestSecurityContextHolder to SecurityContextHolder
Create SecurityMockMvcResultHandlers to define security related MockMvc ResultHandlers
Create a method to allow copying the SecurityContext from the TestSecurityContextHolder to SecurityContextHolder

Closes gh-9565
2021-09-17 16:39:53 -03:00
Dávid Kováč
3ff825576b Move and rename OAuth2IntrospectionClaimAccessor/Names
Introduced OAuth2TokenIntrospectionClaimAccessor and OAuth2TokenIntrospectionClaimNames
with copied implementation from OAuth2IntrospectionClaimAccessor/Names.
OAuth2IntrospectionClaimAccessor and OAuth2IntrospectionClaimNames are
now deprecated.

Also method getScopes() returning list of scopes was introduced
and getScope() is now deprecated.

Closes gh-9647
2021-08-12 16:51:33 -06:00
Rob Winch
f73f213f50 Remove DependencySetPlugin
Closes gh-10070
2021-07-12 15:31:38 -05:00
Rob Winch
c838d3a25c Use SpringExtension instead of rules 2021-07-09 14:35:10 -05:00
Rob Winch
e998d4ec8a Fix serialization due to mocking 2021-07-09 14:35:10 -05:00
Rob Winch
b6ff4d3674 Fix mockito UnnecessaryStubbingException 2021-07-09 14:35:10 -05:00
Rob Winch
3e93b024d6 openrewrite Junit Migration 2021-07-09 14:32:52 -05:00
Rob Winch
14240b2559 Remove Powermock
Powermock does not support JUnit5 yet, so we need to remove it
to support JUnit 5. Additionally, maintaining additional libraries
adds extra work for the team.

Mockito now supports final classes and static method mocking. This
commit replaces Powermock with mockito-inline.

Closes gh-6025
2021-07-08 12:35:32 -05:00
Christian Frommeyer
8de631d5c6 Replace StringUtils from oauth2-oidc-sdk
SecurityMockServerConfigurers.java previously used the StringUtils from
the optional oauth2-oidc-sdk dependency. Replacing this with the
StringUtils from the spring framework this should not force adding the
dependency in cases where it is not actually used.

Closes gh-9923
2021-06-16 12:18:28 -06:00
Rob Winch
60d3db5798 add management platform(project(":spring-security-dependencies"))
Closes gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch
1a76ee7442 Update Gradle configuration names
Closes gh-9540
2021-04-05 10:36:36 -05:00
Eleftheria Stein
4a492846f1 Revert "Lock dependencies for 2.5.0-M3"
This reverts commit f05cc6269c8f4c9531d512ed7939a37d94a815e4.
2021-03-15 23:18:45 +01:00
Eleftheria Stein
f05cc6269c Lock dependencies for 2.5.0-M3 2021-03-15 11:00:19 +01:00
Josh Cummings
c4be1c6a56
Revert "Lock Dependencies"
This reverts commit a85caa4098589b0080d75e428f0d262090b6a1f1.
2021-02-11 15:49:59 -07:00
Josh Cummings
a85caa4098
Lock Dependencies 2021-02-11 15:00:38 -07:00
Rob Winch
4515c86beb WithSecurityContextTestExecutionListener Respects @NestedTestConfiguration
Previously WithSecurityContextTestExecutionListener did not respect
@NestedTestConfiguration.

This commit switches to using TestContextAnnotationUtils to ensure that
@NestedTestConfiguration is respected.

Closes gh-9193
2020-11-06 15:11:50 -06:00
Joe Grandja
b95e1aa209 Revert "Lock dependencies for 5.5.0-M1"
This reverts commit 25a7482c8c5fb0ee6a08878020ea46d4f90383dc.
2020-11-03 19:53:28 -05:00
Rob Winch
87d8741730 WithSecurityContextTestExecutionListener Supports Nested Classes
WithSecurityContextTestExecutionListener now supports nested classes. If
the class is nested WithSecurityContext is not found, then the enclosing
class is looked at until there is no enclosing class.

Closes gh-9179
2020-11-03 17:36:37 -06:00
Rob Winch
25a7482c8c Lock dependencies for 5.5.0-M1 2020-10-30 17:52:03 -05:00
Josh Cummings
3e95f68873
Add jackson-datatype-jsr310 Dependency
Closes gh-9123
2020-10-12 17:41:16 -06:00
Phillip Webb
c502312719 Replace expected @Test attributes with AssertJ
Replace JUnit expected @Test attributes with AssertJ calls.
2020-09-22 16:13:51 -06:00
Joe Grandja
7b1f574769 Revert "Lock Dependency Versions for 5.4.0"
This reverts commit 3d0e459182868c94ea5967b1cd3a1a6b6ba24609.
2020-09-09 18:14:12 -04:00
Joe Grandja
3d0e459182 Lock Dependency Versions for 5.4.0 2020-09-09 13:45:03 -04:00
Phillip Webb
319d3364aa Migrate to assertThatExceptionOfType
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.

Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
a5aa6b3d7f Remove blank lines from all tests
Remove all blank lines from test code so that test methods are
visually grouped together. This generally helps to make the test
classes easer to scan, however, the "given" / "when" / "then"
blocks used by some tests are now not as easy to discern.

Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
ef951bae90 Polish spring-security-test main code
Manually polish `spring-security-test` following the formatting
and checkstyle fixes.

Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
834dcf5bcf Use consistent ternary expression style
Update all ternary expressions so that the condition is always in
parentheses and "not equals" is used in the test. This helps to bring
consistency across the codebase which makes ternary expression easier
to scan.

For example: `a = (a != null) ? a : b`

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
8d3f039f76 Reduce method visibility when possible
Reduce method visibility for package private classes when possible.

In the case of abstract classes that will eventually be made public,
the class has been made public and a package-private constructor has
been added.

Issue gh-8945
2020-08-24 17:33:08 -05:00