iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
java-tutorials/spring-5-security/src/test/java/com/baeldung/manuallogout/ManualLogoutIntegrationTest.java

84 lines
3.7 KiB
Java
Raw Normal View History

BAEL 3970 - Manual logout with Spring Security (#9075) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports.
2020-04-15 07:26:52 +02:00
package com.baeldung.manuallogout;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.security.test.context.support.WithMockUser;
Bael 3970 (#9132) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports. * BAEL-3970 - Use PostMapping annotation. Remove unnecessary information for security configuration. * remove logout controllers * Add multiple entrypoints configurations. Create custom handlers for different logouts (basic, cookie clearing, clear-site-data). * Refactor configuration with lambda DSL.
2020-04-30 08:16:05 +02:00
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
BAEL 3970 - Manual logout with Spring Security (#9075) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports.
2020-04-15 07:26:52 +02:00
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpSession;
import static org.junit.Assert.assertNull;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
@RunWith(SpringRunner.class)
@WebMvcTest()
public class ManualLogoutIntegrationTest {
private static final String CLEAR_SITE_DATA_HEADER = "Clear-Site-Data";
public static final int EXPIRY = 60 * 10;
public static final String COOKIE_NAME = "customerName";
public static final String COOKIE_VALUE = "myName";
public static final String ATTRIBUTE_NAME = "att";
public static final String ATTRIBUTE_VALUE = "attvalue";
@Autowired
private MockMvc mockMvc;
@WithMockUser(value = "spring")
@Test
Bael 3970 (#9132) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports. * BAEL-3970 - Use PostMapping annotation. Remove unnecessary information for security configuration. * remove logout controllers * Add multiple entrypoints configurations. Create custom handlers for different logouts (basic, cookie clearing, clear-site-data). * Refactor configuration with lambda DSL.
2020-04-30 08:16:05 +02:00
public void givenLoggedUserWhenUserLogoutThenSessionClearedAndNecessaryCookieCleared() throws Exception {
MockHttpServletRequest requestStateAfterLogout = this.mockMvc.perform(post("/basic/basiclogout").secure(true).with(csrf()))
.andExpect(status().is3xxRedirection())
.andExpect(unauthenticated())
.andExpect(cookie().maxAge(AbstractRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY, 0))
.andReturn()
.getRequest();
HttpSession sessionStateAfterLogout = requestStateAfterLogout.getSession();
assertNull(sessionStateAfterLogout.getAttribute(ATTRIBUTE_NAME));
}
@WithMockUser(value = "spring")
@Test
public void givenLoggedUserWhenUserLogoutThenSessionClearedAndAllCookiesCleared() throws Exception {
BAEL 3970 - Manual logout with Spring Security (#9075) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports.
2020-04-15 07:26:52 +02:00
MockHttpSession session = new MockHttpSession();
session.setAttribute(ATTRIBUTE_NAME, ATTRIBUTE_VALUE);
Cookie randomCookie = new Cookie(COOKIE_NAME, COOKIE_VALUE);
randomCookie.setMaxAge(EXPIRY); // 10 minutes
Bael 3970 (#9132) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports. * BAEL-3970 - Use PostMapping annotation. Remove unnecessary information for security configuration. * remove logout controllers * Add multiple entrypoints configurations. Create custom handlers for different logouts (basic, cookie clearing, clear-site-data). * Refactor configuration with lambda DSL.
2020-04-30 08:16:05 +02:00
MockHttpServletRequest requestStateAfterLogout = this.mockMvc.perform(post("/cookies/cookielogout").secure(true).with(csrf()).session(session).cookie(randomCookie))
BAEL 3970 - Manual logout with Spring Security (#9075) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports.
2020-04-15 07:26:52 +02:00
.andExpect(status().is3xxRedirection())
.andExpect(unauthenticated())
.andExpect(cookie().maxAge(COOKIE_NAME, 0))
.andReturn()
.getRequest();
HttpSession sessionStateAfterLogout = requestStateAfterLogout.getSession();
assertNull(sessionStateAfterLogout.getAttribute(ATTRIBUTE_NAME));
}
@WithMockUser(value = "spring")
@Test
public void givenLoggedUserWhenUserLogoutThenClearDataSiteHeaderPresent() throws Exception {
Bael 3970 (#9132) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports. * BAEL-3970 - Use PostMapping annotation. Remove unnecessary information for security configuration. * remove logout controllers * Add multiple entrypoints configurations. Create custom handlers for different logouts (basic, cookie clearing, clear-site-data). * Refactor configuration with lambda DSL.
2020-04-30 08:16:05 +02:00
this.mockMvc.perform(post("/csd/csdlogout").secure(true).with(csrf()))
BAEL 3970 - Manual logout with Spring Security (#9075) * Manual logout with Spring Security - Basic manual logout - logout with Clear Data Site Header * Add missing annotation for controller. Change mapping URL value. * Add intergration tests for manual logouts. * BAEL-3970 - Add asserts on test. Fix tests names. Remove unused imports.
2020-04-15 07:26:52 +02:00
.andDo(print())
.andExpect(status().is3xxRedirection())
.andExpect(header().exists(CLEAR_SITE_DATA_HEADER))
.andReturn();
}
}
Reference in New Issue Copy Permalink